游戏狂人
 
- 贡献度
- 161
- 金元
- 8487
- 积分
- 1493
- 精华
- 0
- 注册时间
- 2009-3-5
|
耐心等待,弟兄们,破解既要来了
===========================
initial connection:
send to ip1.pc.iw4.iwnet.infinityward.com (UDP/1500, source port 28960)
base packet:
proto 0x05, SEND, type 0x14
common packet data:
like usual, byte 0x00 '00'.
packet:
0x00: qword (8 bytes) - XUID*
0x08: dword - unknown, int 0
0x0c: dword - unknown, int 1
0x10: dword - unknown, int 2
0x14: dword - unknown, int 3
0x18: dword - unknown, int 4
0x1c: dword - unknown, int 5
0x20: end of packet
response to this packet:
base packet:
there is none, first 4 bytes are FF FF FF FF
packet:
0x00: char[8] - literally: "ipdetect"
0x08: unknown bytes - 00 00 00 01 00 14 1B
0x0e: dword - user IP address
0x12: word - 28960, the port this packet was sent to and the previous originated
0x14: dword - unknown, differs per IP
0x18: word - unknown, differs per IP
0x1a: word - 320, possibly a buffer size or so?
after this, UDP/1500 is only sent by client, but fail captures do not show any responses.
LSP request 1:
send to match1.pc.iw4.iwnet.infinityward.com or similar (UDP/3005, source port random)
base packet:
proto: 0x0E, SEND
packet:
0x00: qword (8 bytes) - XUID*
0x08: char[var] - Gamertag (SteamCommunity name) - null terminated
+0x00: char[72] - Game build information
+0x00: dword - unknown (0xB601)
0x04: dword - unknown (0)
0x08: dword - unknown (0)
0x09: byte - unknown, might be wrong offsets above
0x0a: byte[4] - player internal IP (c0.a8.b2.7b for example)
0x0e: byte[4] - external IP as returned by IP server
0x10: word - internal connection port (28960)
0x12: word - external connection port (28960)
0x14: dword[6] - unknown (all 0)
0x2c: word - unknown (9B 00)
0x2e: word - unknown (04 7B)
0x30: word - unknown (01 00)
0x32: word - unknown (00 7F)
0x33: byte - unknown (41)
response to this packet:
base packet:
proto: 0x0E, RECEIVE, type: 0x00
packet:
0x00: qword (8 bytes) - XUID*
0x08: word - unknown (5)
0x0a: word - unknown (150)
0x0c: word - unknown (300)
0x0e: word - unknown (4)
0x10: dword - entry count
0x14: LSPREntry1[entryCount]
+0x00: byte[5] - 00 00 00 00 00 
LSPREntry1:
0x00: dword - unknown value, varying per entry, but seemingly constant
(too odd values for IP addresses
0x04: dword - constant 0x800000
LSP request 2 (on party start)
send to match1.pc.iw4.iwnet.infinityward.com or similar (UDP/3005, source port random)
base packet:
proto: 0x0E, SEND
packet:
0x00: qword (8 bytes) - XUID*
0x08: char[var] - Gamertag (SteamCommunity name) - null terminated
+0x00: char[72] - Game build information
+0x00: dword - unknown, varying, seems like some sort of timeofday timestamp?
reply:
base packet:
proto: 0x0E, FAIL, type: 0x00
(authentication fail, likely due to SteamID not being usable)
base send packet format:
0x00: byte - protocol (0x05 for 1500, 0x0E for 3005)
0x01: byte - packet status (possibly - 0x01: success, 0x02: fail, 0x03: send, 0x04: random out-of-band data)
0x02: byte - packet type (0E 02 00 is sent on 'connection drop', others differ)
some packets might have this as data!
proto 0x05 data (common):
0x00 - byte - unknown (00 on first attempt, 01 on any later)
0x01 - byte - unknown (00?)
0x02 - byte - packet ID (incrementing)
0x03 - byte - unknown, 00?
proto 0x05 packet 0x17 seems to be periodical stat transmission, are almost all equal. not related to IWnet at all
since happens even after proto 0E, status 02, type 00
* XUID (Xbox UID) is another remain from XBL, corresponds with uint64 SteamID.
(see http://deadcode.info/svn/filedetails.ph ... CSteamID.h for
info about int64 SteamID)
to get string SteamID for regular IDs, take lower 32 bits and divide by 2. (we'll name this {2}).
then, take those same bits and do modulo 2 (tag {1})
string SteamID = STEAM_0:{1}:{2}
===================== |
|
发表于 2010-2-25 21:18
收藏