Packet Sniffing and Handling

Results 1 to 9 of 9
  1. #1
    Hardcore Member Ashime is offline
    MemberRank
    Oct 2013 Join Date
    USALocation
    127Posts

    Packet Sniffing and Handling

    I'm trying to build a S.U.N (Soul of the Ultimate Nation) Online server, but I'm running into an issue with packet sniffing or figuring out how to tell how the client is requesting information from the server. I'm currently working in Java, I have the server socket setup, and the client is connecting. I'm at the stage of the development where I need to handle packet request and do packet sending to the client to make a server.

    What can you recommend to me? Should I build my own packet sniffer? Should I use a third party program? If I use a third party program, what should I look for while using the program? If I build my own, what kind of tips can you give me?

    I am still learning and have never done anything in packeting or networking like this before. I have tried Wireshark (mostly read pcap files) and RawCap (to do loopback on 127.0.0.1 for Windows OS). For now, I'm looking up more information about the output that Wireshark gives and how to make my own packet sniffer in Java.

    - - - Updated - - -

    Just to clarify I found some code on an older S.U.N server source code and this is what is list:

    enum eCL_AUTH
    {
    // CL_AUTH_S2C_READY = 0,
    CL_AUTH_C2S_ASK_VERIFY = 1,
    CL_AUTH_S2C_ANS_VERIFY = 2,
    CL_AUTH_C2S_ASK_AUTH = 3,
    //CL_AUTH_S2S_ASK_AUTH = 4,
    //CL_AUTH_S2S_ANS_AUTH = 5,
    CL_AUTH_S2C_ANS_AUTH = 6,
    CL_AUTH_C2S_ASK_SVRLIST = 7,
    //CL_AUTH_S2S_ASK_SVRLIST = 8,
    //CL_AUTH_S2S_ANS_SVRLIST = 9,
    CL_AUTH_S2C_ANS_SVRLIST = 10,
    CL_AUTH_C2S_ASK_SVRSELECT = 11,
    //CL_AUTH_S2S_ASK_SVRSELECT = 12,
    //CL_AUTH_S2S_ANS_SVRSELECT = 13,
    CL_AUTH_S2C_ANS_SVRSELECT = 14,
    CL_AUTH_S2C_SERVER_NAME_LIST = 29,

    I'm trying to figure out how they came up with these numbers. Did they use a packet sniffer to find those numbers or did they create them and manipulate the client to use those accordingly? Thank you!
    Last edited by Ashime; 15-07-17 at 09:28 PM.


  2. #2
    Registered azdarf is offline
    MemberRank
    Jul 2017 Join Date
    BrazilLocation
    12Posts

    Re: Packet Sniffing and Handling

    Emulating servers is my specialty, contact me privately, I'll try to help.
    Do not be hasty, I'm working on many other projects, but it will be an honor to have a walking companion

  3. #3
    ◝(⁰▿⁰)◜Smile◝ (⁰▿⁰)◜ Taiga is offline
    ModeratorRank
    May 2007 Join Date
    InternetLocation
    2,564Posts

    Re: Packet Sniffing and Handling

    If you have other projects available make sure you look at them and re-use any useful packet structures from them.

    Wireshark is a good beginning point but you should build your own specialised logging tools for the game you are working on. I usually use MapleShark as a base because it already has nice build-in functions. I also recommend 010 editor for editing binary files, it is not free but it is worth the price.


    Moderator & Developer
    I CAN NOT HELP YOU WITH YOUR SERVER, USE THE CORRECT HELP SECTION INSTEAD.
    I AM ONLY TAIGA ON RAGEZONE!


    DO NOT PM ME FOR GAME RELATED QUESTIONS, THESE MESSAGES WILL BE IGNORED!



  4. #4
    Hardcore Member Ashime is offline
    MemberRank
    Oct 2013 Join Date
    USALocation
    127Posts

    Re: Packet Sniffing and Handling

    @Taiga
    I have come to find out that Wireshark is not as beneficial as I like, so creating my own packet encryption and decryption using what is provided from older source is what I will have to do. I'm currently working towards logging incoming packets and eventually using the known cryption methods for the game to figure out the packet structure. Thank you for your input and I will look at what you suggested.

  5. #5
    Hardcore Member Ashime is offline
    MemberRank
    Oct 2013 Join Date
    USALocation
    127Posts

    Re: Packet Sniffing and Handling

    I have made myself a personal packet sniffer for mostly learning purposes. I did some reading and found some information about TCP packets storing the data in what is considered a payload. I got my packet sniffer to dump the payload inside a text file with a bunch of other information. Due to my payload being in decimal format I'm having to figure that out. Can anyone tell me whether I'm heading in the right direction or no? This is my first time doing anything networking or packet related. Thank you!

  6. #6
    Hardcore Member Ashime is offline
    MemberRank
    Oct 2013 Join Date
    USALocation
    127Posts

    Re: Packet Sniffing and Handling

    Hello, everyone.
    I would like some advise on the best way to handle the issue I am experiencing. I am currently working in Java (only language I know besides C) and I've come to realize that Java itself does not directly handle the packets (from my knowledge) without using third party libraries. I am trying to get the client to stabilize to allow a user (myself for now) to login.

    Here is what I have noticed:
    1) The client performs the 3-Way Handshake with the server, then sends an [RST, ACK].
    2) The client performs the 3-Way Handshake again with the server and then waits for a response.
    3) The server is suppose to send a packet with a three and some message, for an example: "3 This is a test server for sun".
    4) The client sends back the user's IP attached to the three, for an example: "3 127.0.0.1".

    From here, I haven't figured out how to get the client from not sending another [RST, ACK], and I've tried sending packets with a three in it.

    My question is: what is a recommended way to filter the packets in Java so I know when the client is done sending the first [RST, ACK] packet?

    The problem I am getting is that the program I have built doesn't read the stream, or the payload even when the client passes back the user's IP. All I get is null exception while trying to read. I've dug around some source code for Aion to get a feel of how others have done it, but the source is a mess to dig through. The old C++ source code for SUN Online is a bit hard to follow. I did generally understand how they were doing the packets though.

  7. #7
    Member Nothilvien is online now
    MemberRank
    Nov 2007 Join Date
    41Posts

    Re: Packet Sniffing and Handling

    When making your own packet sniffer, you basicly want to write a proxy server. You do this by creating two sockets in java. One socket will listen for your game connection and the other one will establish the connection to the game server.
    A roundtrip of a packet would look like this:
    Game => Java Server Socket => Java Client Socket => GameServer => Java Client Socket => Java Server Socket => Game
    Inside this setup your server socket reads the data from your client, and sends it via a client socket to the server.
    the server responds on your client socket, this time you read that data and send it via your server socket to the game client.

    because whenever you read the data from one side you have access to it for analytical purposes you can print it in textfiles and make slowly sense of it.

  8. #8
    Programmer cyberinferno is offline
    True MemberRank
    Jun 2009 Join Date
    BangaloreLocation
    533Posts

    Re: Packet Sniffing and Handling

    Quote Originally Posted by Nothilvien View Post
    When making your own packet sniffer, you basicly want to write a proxy server. You do this by creating two sockets in java. One socket will listen for your game connection and the other one will establish the connection to the game server.
    A roundtrip of a packet would look like this:
    Game => Java Server Socket => Java Client Socket => GameServer => Java Client Socket => Java Server Socket => Game
    Inside this setup your server socket reads the data from your client, and sends it via a client socket to the server.
    the server responds on your client socket, this time you read that data and send it via your server socket to the game client.

    because whenever you read the data from one side you have access to it for analytical purposes you can print it in textfiles and make slowly sense of it.
    Wouldn't it be easier just to use Wireshark and capture packets?

  9. #9
    Hardcore Member Ashime is offline
    MemberRank
    Oct 2013 Join Date
    USALocation
    127Posts

    Re: Packet Sniffing and Handling

    @cyberinferno

    I was learning how to do a packet sniffer, but yes, Wireshark is much easier. It ultimately comes down to what you need a custom packet sniffer for. My packet sniffer became useless because the retail client was able to pick up on it and not allow the game to launch.



Advertisement