Welcome!

Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!

Join Today!

Packet Sniffing and Handling

Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
I'm trying to build a S.U.N (Soul of the Ultimate Nation) Online server, but I'm running into an issue with packet sniffing or figuring out how to tell how the client is requesting information from the server. I'm currently working in Java, I have the server socket setup, and the client is connecting. I'm at the stage of the development where I need to handle packet request and do packet sending to the client to make a server.

What can you recommend to me? Should I build my own packet sniffer? Should I use a third party program? If I use a third party program, what should I look for while using the program? If I build my own, what kind of tips can you give me?

I am still learning and have never done anything in packeting or networking like this before. I have tried Wireshark (mostly read pcap files) and RawCap (to do loopback on 127.0.0.1 for Windows OS). For now, I'm looking up more information about the output that Wireshark gives and how to make my own packet sniffer in Java.



Just to clarify I found some code on an older S.U.N server source code and this is what is list:

enum eCL_AUTH
{
// CL_AUTH_S2C_READY = 0,
CL_AUTH_C2S_ASK_VERIFY = 1,
CL_AUTH_S2C_ANS_VERIFY = 2,
CL_AUTH_C2S_ASK_AUTH = 3,
//CL_AUTH_S2S_ASK_AUTH = 4,
//CL_AUTH_S2S_ANS_AUTH = 5,
CL_AUTH_S2C_ANS_AUTH = 6,
CL_AUTH_C2S_ASK_SVRLIST = 7,
//CL_AUTH_S2S_ASK_SVRLIST = 8,
//CL_AUTH_S2S_ANS_SVRLIST = 9,
CL_AUTH_S2C_ANS_SVRLIST = 10,
CL_AUTH_C2S_ASK_SVRSELECT = 11,
//CL_AUTH_S2S_ASK_SVRSELECT = 12,
//CL_AUTH_S2S_ANS_SVRSELECT = 13,
CL_AUTH_S2C_ANS_SVRSELECT = 14,
CL_AUTH_S2C_SERVER_NAME_LIST = 29,

I'm trying to figure out how they came up with these numbers. Did they use a packet sniffer to find those numbers or did they create them and manipulate the client to use those accordingly? Thank you!
 
Last edited:
Newbie Spellweaver
Joined
Jul 1, 2017
Messages
15
Reaction score
17
Emulating servers is my specialty, contact me privately, I'll try to help.
Do not be hasty, I'm working on many other projects, but it will be an honor to have a walking companion
 
Upvote 0
◝(⁰▿⁰)◜Smile◝ (⁰▿⁰)◜
Developer
Joined
May 29, 2007
Messages
2,167
Reaction score
898
If you have other projects available make sure you look at them and re-use any useful packet structures from them.

Wireshark is a good beginning point but you should build your own specialised logging tools for the game you are working on. I usually use MapleShark as a base because it already has nice build-in functions. I also recommend 010 editor for editing binary files, it is not free but it is worth the price.
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
@Taiga
I have come to find out that Wireshark is not as beneficial as I like, so creating my own packet encryption and decryption using what is provided from older source is what I will have to do. I'm currently working towards logging incoming packets and eventually using the known cryption methods for the game to figure out the packet structure. Thank you for your input and I will look at what you suggested.
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
I have made myself a personal packet sniffer for mostly learning purposes. I did some reading and found some information about TCP packets storing the data in what is considered a payload. I got my packet sniffer to dump the payload inside a text file with a bunch of other information. Due to my payload being in decimal format I'm having to figure that out. Can anyone tell me whether I'm heading in the right direction or no? This is my first time doing anything networking or packet related. Thank you!
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
Hello, everyone.
I would like some advise on the best way to handle the issue I am experiencing. I am currently working in Java (only language I know besides C) and I've come to realize that Java itself does not directly handle the packets (from my knowledge) without using third party libraries. I am trying to get the client to stabilize to allow a user (myself for now) to login.

Here is what I have noticed:
1) The client performs the 3-Way Handshake with the server, then sends an [RST, ACK].
2) The client performs the 3-Way Handshake again with the server and then waits for a response.
3) The server is suppose to send a packet with a three and some message, for an example: "3 This is a test server for sun".
4) The client sends back the user's IP attached to the three, for an example: "3 127.0.0.1".

From here, I haven't figured out how to get the client from not sending another [RST, ACK], and I've tried sending packets with a three in it.

My question is: what is a recommended way to filter the packets in Java so I know when the client is done sending the first [RST, ACK] packet?

The problem I am getting is that the program I have built doesn't read the stream, or the payload even when the client passes back the user's IP. All I get is null exception while trying to read. I've dug around some source code for Aion to get a feel of how others have done it, but the source is a mess to dig through. The old C++ source code for SUN Online is a bit hard to follow. I did generally understand how they were doing the packets though.
 
Upvote 0
Newbie Spellweaver
Joined
Nov 20, 2007
Messages
31
Reaction score
9
When making your own packet sniffer, you basicly want to write a proxy server. You do this by creating two sockets in java. One socket will listen for your game connection and the other one will establish the connection to the game server.
A roundtrip of a packet would look like this:
Game => Java Server Socket => Java Client Socket => GameServer => Java Client Socket => Java Server Socket => Game
Inside this setup your server socket reads the data from your client, and sends it via a client socket to the server.
the server responds on your client socket, this time you read that data and send it via your server socket to the game client.

because whenever you read the data from one side you have access to it for analytical purposes you can print it in textfiles and make slowly sense of it.
 
Upvote 0
Joined
Jun 10, 2009
Messages
658
Reaction score
140
When making your own packet sniffer, you basicly want to write a proxy server. You do this by creating two sockets in java. One socket will listen for your game connection and the other one will establish the connection to the game server.
A roundtrip of a packet would look like this:
Game => Java Server Socket => Java Client Socket => GameServer => Java Client Socket => Java Server Socket => Game
Inside this setup your server socket reads the data from your client, and sends it via a client socket to the server.
the server responds on your client socket, this time you read that data and send it via your server socket to the game client.

because whenever you read the data from one side you have access to it for analytical purposes you can print it in textfiles and make slowly sense of it.

Wouldn't it be easier just to use Wireshark and capture packets?
 
Upvote 0
Junior Spellweaver
Joined
Oct 20, 2013
Messages
193
Reaction score
56
@cyberinferno

I was learning how to do a packet sniffer, but yes, Wireshark is much easier. It ultimately comes down to what you need a custom packet sniffer for. My packet sniffer became useless because the retail client was able to pick up on it and not allow the game to launch.
 
Upvote 0
Junior Spellweaver
Joined
Jan 13, 2007
Messages
102
Reaction score
19
@cyberinferno

I was learning how to do a packet sniffer, but yes, Wireshark is much easier. It ultimately comes down to what you need a custom packet sniffer for. My packet sniffer became useless because the retail client was able to pick up on it and not allow the game to launch.
yeah same thing happened to me, any ideas on how to capture the packets? Because with wireshark it gives me wrong Packets not as they are with this injected DLL
 
Upvote 0
Back
Top