- Joined
- Feb 10, 2010
- Messages
- 3
- Reaction score
- 14
Yo people i don't really know how packets work but i think my knowledge is sufficient to help lessen the confusion of people who know totally nothing.
For people who know something, feel free to correct my mistakes. You can help to make this a better guide :.
I'll be oversimplifying lots of things so don't be angry.
Packets?
Basically, everytime you do something in MapleStory that affect your surroundings or your character, you localhost will TELL the server what you have done.
For example, if you pressed LEFT on your keyboard, your character moves to the left.
Since your position on the map has changed, your localhost will TELL the server your new position.
Then, the server will TELL other localhost to adjust your character's position on their users' screen.
But how does the localhost talk to the server and vice-versa? They do it by sending PACKETS to one another!!!
A packet is just a bunch of bytes. Here's how one looks like after being processed by Snow sniffer, a packet sniffer made by Snow.
30 00 BE 98 06 00 01 00
Every byte is separated by a space. The blue part is the packet header, and takes up two bytes. Why is it called the header? Because the bytes are at the front.
What's the packet header for?
As mentioned before, everytime you do something to affect your character and your surroundings, you'll send a packet. Likewise, when other players do something to affect you, they'll send a packet to the server, and the server sends a packet to you.
Here's a list of things you do which will trigger your localhost to send a packet to the server:
Speak in general chat.
Add a buddy.
Kill a monster.
And a lot more...
Since there's so many things, to prevent the server from confusing itself, the events which triggered the packets are distinguished by the packet header.
Look at your recvops. 'recv' because the server 'received' the packet from your localhost.
You'll see the packet headers. You can't see anything like "30 00", but you'll see something like "0x30".
Basically, it's just another way of defining the packet header. You just "flip" it around.
Right before of the packet header, you'll see it's name. E.g. TAKE_DAMAGE = 0x27
It's just a name given by the source creator, so he won't confuse himself when there's so many events.
If you know how to edit things correctly inside the SRC folder, you can even replace TAKE_DAMAGE with OUCH_IM_HIT.
Then what about the rest of the bytes behind the header?
That's the content. Most packets are useless without it.
For example, if you whacked a monster using your sword, you'll send a packet. While using snow sniffer, you'll detect a packet to the server.
You may think "whacking a monster sends a packet...maybe the content contains the damage I dealed to it, so the server can reduce it's hp?".
Assume the packet is 30 00 BE 98 06 00 01 00.
The content takes up six bytes. Let's remove the header and only look at the content.
BE 98 06 00 01 00
Can you think of the number of COMBINATIONS OF NUMBERS AND CHARACTERS AND USELESS BYTES this bunch of bytes can represent?
I can't actually :$:, but let's just list a few.
Legend: SHORT is red, INT is blue, BYTE is pink
BE 98 06 00 01 00
BE 98 06 00 01 00
BE 98 06 00 01 00
AND ALOT MORE!!!
Each combination is actually a PACKET STRUCTURE. Only one is valid though.
(If you have some sense, you'll know there's only three possible valid packet structures, following my way of thought.)
Oh no! So what should we do? Which packet structure is the correct one?
Whack the monster again, so we can compare the packets! When the damage changes, the bytes change too! Then we can do PACKET STRUCTURE GUESSING.
Assume the second packet you sniffed is 30 00 BE 10 74 01 06 00.
So now you have the packet structure for "dealing damage to a monster".
Its "HEADER then BYTE(useless) then INT(damage dealed to monster) then BYTE(useless)".
You can then put it in your recvops with a name you like E.g HIT_MONSTER = 0x30, and code a mechanism which reduces the hp of the mob upon receiving the packet.
But seriously, do we need to do this? No if it's already coded by nice people (assuming it's correct).
So just take the header and plonk it into your recvops. Find a name which suit the event best and replace the header with yours.
CLOSE_RANGE_ATTACK looks good.
However, when the game version change, existing packet structures may change, and new packets are introduced to cater to new events (e.g. vicious hammer from v62 to v75) so you may need to do it yourself.
BACK TO REALITY
If you think packet guessing is simple since the above example looks so, check out the number of packets you'll send and receive after whacking a monster and the number of bytes they contain. CLOSE_RANGE_ATTACK packet does not contain only 1 damage.
You may like to look into MaplePacketCreator.java to see how packets are created by the server.
Hope you'll now appreciate the efforts of source creators and "game version upgraders". Have fun sniffing packets!
CLARIFICATION
Actually, you can directly convert the packet into numbers and strings, so the damaging monster example demonstrated above takes a pretty "senseless" approach to guessing the packet, since you already know your damage. BUT i'm just demonstrating the usage of comparison, so don't follow blindly.
Here's a tool i made to help you convert. I haven't tested it, but i think it works.
You'll need .net framework 3.5. Not sure if it works on x64.
I'll test it later and post some ss.
For people who know something, feel free to correct my mistakes. You can help to make this a better guide :.
I'll be oversimplifying lots of things so don't be angry.
Packets?
Basically, everytime you do something in MapleStory that affect your surroundings or your character, you localhost will TELL the server what you have done.
For example, if you pressed LEFT on your keyboard, your character moves to the left.
Since your position on the map has changed, your localhost will TELL the server your new position.
Then, the server will TELL other localhost to adjust your character's position on their users' screen.
But how does the localhost talk to the server and vice-versa? They do it by sending PACKETS to one another!!!
A packet is just a bunch of bytes. Here's how one looks like after being processed by Snow sniffer, a packet sniffer made by Snow.
30 00 BE 98 06 00 01 00
Every byte is separated by a space. The blue part is the packet header, and takes up two bytes. Why is it called the header? Because the bytes are at the front.
What's the packet header for?
As mentioned before, everytime you do something to affect your character and your surroundings, you'll send a packet. Likewise, when other players do something to affect you, they'll send a packet to the server, and the server sends a packet to you.
Here's a list of things you do which will trigger your localhost to send a packet to the server:
Speak in general chat.
Add a buddy.
Kill a monster.
And a lot more...
Since there's so many things, to prevent the server from confusing itself, the events which triggered the packets are distinguished by the packet header.
Look at your recvops. 'recv' because the server 'received' the packet from your localhost.
You'll see the packet headers. You can't see anything like "30 00", but you'll see something like "0x30".
Basically, it's just another way of defining the packet header. You just "flip" it around.
Right before of the packet header, you'll see it's name. E.g. TAKE_DAMAGE = 0x27
It's just a name given by the source creator, so he won't confuse himself when there's so many events.
If you know how to edit things correctly inside the SRC folder, you can even replace TAKE_DAMAGE with OUCH_IM_HIT.
Then what about the rest of the bytes behind the header?
That's the content. Most packets are useless without it.
Before continuing, you'll need to know this:
A bunch of bytes can represent nearly anything. It can be a number, a character (e.g A or B or C), or many characters (a STRING such as "Hello i am fine."), or a COMBINATION OF NUMBERS AND CHARACTERS AND USELESS BYTES.
A number can be called a double, short, long or whatever.
You only need to know SHORT and INT for now.
A short can go up to 32767, while an int can have a maximum value of 2,147,483,647.
Since an int is larger, it can hog 4 bytes, while a short can only take 2 bytes.
A STRING can take up a random number of bytes, depending on how many characters it contains.
For example, if you whacked a monster using your sword, you'll send a packet. While using snow sniffer, you'll detect a packet to the server.
You may think "whacking a monster sends a packet...maybe the content contains the damage I dealed to it, so the server can reduce it's hp?".
Assume the packet is 30 00 BE 98 06 00 01 00.
The content takes up six bytes. Let's remove the header and only look at the content.
BE 98 06 00 01 00
Can you think of the number of COMBINATIONS OF NUMBERS AND CHARACTERS AND USELESS BYTES this bunch of bytes can represent?
I can't actually :$:, but let's just list a few.
Legend: SHORT is red, INT is blue, BYTE is pink
BE 98 06 00 01 00
BE 98 06 00 01 00
BE 98 06 00 01 00
AND ALOT MORE!!!
Each combination is actually a PACKET STRUCTURE. Only one is valid though.
(If you have some sense, you'll know there's only three possible valid packet structures, following my way of thought.)
Oh no! So what should we do? Which packet structure is the correct one?
Whack the monster again, so we can compare the packets! When the damage changes, the bytes change too! Then we can do PACKET STRUCTURE GUESSING.
Assume the second packet you sniffed is 30 00 BE 10 74 01 06 00.
You have two packets from the same event, so spot the difference in content.
BE 98 06 00 01 00
BE 10 74 01 06 00
Oh 4 bytes changed when the damage changed! It's a change in INT!
So now you have the packet structure for "dealing damage to a monster".
Its "HEADER then BYTE(useless) then INT(damage dealed to monster) then BYTE(useless)".
You can then put it in your recvops with a name you like E.g HIT_MONSTER = 0x30, and code a mechanism which reduces the hp of the mob upon receiving the packet.
But seriously, do we need to do this? No if it's already coded by nice people (assuming it's correct).
So just take the header and plonk it into your recvops. Find a name which suit the event best and replace the header with yours.
CLOSE_RANGE_ATTACK looks good.
However, when the game version change, existing packet structures may change, and new packets are introduced to cater to new events (e.g. vicious hammer from v62 to v75) so you may need to do it yourself.
BACK TO REALITY
If you think packet guessing is simple since the above example looks so, check out the number of packets you'll send and receive after whacking a monster and the number of bytes they contain. CLOSE_RANGE_ATTACK packet does not contain only 1 damage.
You may like to look into MaplePacketCreator.java to see how packets are created by the server.
Hope you'll now appreciate the efforts of source creators and "game version upgraders". Have fun sniffing packets!
CLARIFICATION
Actually, you can directly convert the packet into numbers and strings, so the damaging monster example demonstrated above takes a pretty "senseless" approach to guessing the packet, since you already know your damage. BUT i'm just demonstrating the usage of comparison, so don't follow blindly.
Here's a tool i made to help you convert. I haven't tested it, but i think it works.
You'll need .net framework 3.5. Not sure if it works on x64.
I'll test it later and post some ss.
You must be registered to see links
Last edited: