If you want to help us maintaining this wiki, check out our discord server: https://discord.gg/3u69jMa 

Difference between revisions of "Gamespy in Republic Commando"

From SWRC Wiki
Jump to navigation Jump to search
Line 536: Line 536:
0x00
0x00
0x00
0x00
</source>
==Master Server <-> Client==
The communication between Client and Master Server starts with UDP but then gets shifted to TCP with encryption/algorithm.
Master Server is listening on port 27900 with UDP and Client sends request:
<source lang="cpp" line">
0x09    <message type : 9 = client starting query>
0x00    -- <Next 4 bytes are random ID generated by client, but it doesnt get used for now, so its left blank>
0x00    --
0x00    --
0x00    --
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <end of packet indicator>
</source>
From there, Master Server knows Client will start a TCP connection now to query server list. Master Server needs to listen on port 28910 now:
<source lang="cpp" line">
0x00    <?? unknown>
0xa2    <?? unknown>
0x00    <?? unknown>
0x01    <?? unknown>
0x03    <?? unknown>
0x00    -- <Next 4 bytes are random ID generated by client, but it doesnt get used for now, so its left blank>
0x00    --
0x00    --
0x00    --
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <null seperator>
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <null seperator>
0x70    -- <Next 8 bytes are the validation key created by client. It gets used to encrypt the message from Master Server>
0x57    --
0x63    --
0x38    --
0x5b    --
0x56    --
0x7b    --
0x5d    --
0x00    <null seperator>
0x5c    \    <backslash as seperator>
0x68    h    <hostname>
0x6f    o
0x73    s
0x74    t
0x6e    n
0x61    a
0x6d    m
0x65    e
0x5c    \    <backslash as seperator>
0x68    h    <hostport>
0x6f    o
0x73    s
0x74    t
0x70    p
0x6f    o
0x72    r
0x74    t
0x5c    \    <backslash as seperator>
0x6e    n    <numplayers>
0x75    u
0x6d    m
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x5c    \    <backslash as seperator>
0x6d    m    <maxplayers>
0x61    a
0x78    x
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x5c    \    <backslash as seperator>
0x6d    m    <mapname>
0x61    a
0x70    p
0x6e    n
0x61    a
0x6d    m
0x65    e
0x5c    \    <backslash as seperator>
0x67    g    <gametype>
0x61    a
0x6d    m
0x65    e
0x74    t
0x79    y
0x70    p
0x65    e
0x5c    \    <backslash as seperator>
0x66    f    <fraglimit>
0x72    r
0x61    a
0x67    g
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x5c    \    <backslash as seperator>
0x74    t    <timelimit>
0x69    i
0x6d    m
0x65    e
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x5c    \    <backslash as seperator>
0x6e    n    <numteams>
0x75    u
0x6d    m
0x74    t
0x65    e
0x61    a
0x6d    m
0x73    s
0x5c    \    <backslash as seperator>
0x64    d    <dedicatedserver>
0x65    e
0x64    d
0x69    i
0x63    c
0x61    a
0x74    t
0x65    e
0x64    d
0x73    s
0x65    e
0x72    r
0x76    v
0x65    e
0x72    r
0x5c    \    <backslash as seperator>
0x66    f    <friendlyfire>
0x72    r
0x69    i
0x65    e
0x6e    n
0x64    d
0x6c    l
0x79    y
0x66    f
0x69    i
0x72    r
0x65    e
</source>
</source>

Revision as of 19:16, 25 February 2020

Gamespy protocol analysis in Star Wars Republic Commando

Author: -ffs-PLASMA aka. HW_KILLER_PR

Note: This documentation is incomplete and some information/aspects may be interpreted/understood wrong! Visit: https://333networks.com/


Gamespy Gamename: swrcommando

Gamespy Gamekey: y2s8Fh

Gamespy Version: 3 (EnctypeX)


Master Server <-> Game Server

The communication between Master and Game Server uses UDP protocol only and no encryption/algorithm.


When the game server boots up for first time, it sends out 2 UDP packets to let Master Server know. Master Server doesn't need to respond:

0x09     <message type : 9 = some sort of info message?>
0x00     <no use>
0x00     <no use>
0x00     <no use>
0x00     <no use>
0x73     s    <gamespy gamename>
0x77     w
0x72     r
0x63     c
0x6f     o
0x6d     m
0x6d     m
0x61     a
0x6e     n
0x64     d
0x6f     o
0x00     <null terminator>


Once Game Server is booted up and ready to accept connections, it sends all relevant game info to Master Server:

0x03    <message type : 3 = query master server>
0xd6    -- <Next 4 bytes are random ID generated by client>
0x0c    --
0x82    --
0xe0    --
0x6c    l    <localip0>
0x6f    o
0x63    c
0x61    a
0x6c    l
0x69    i
0x70    p
0x30    0
0x00    <null seperator>
0x31    1    <First local IP>
0x39    9
0x32    2
0x2e    .
0x31    1
0x36    6
0x38    8
0x2e    .
0x31    1
0x38    8
0x38    8
0x2e    .
0x33    3
0x00    <null seperator>
0x6c    l    <localip1>
0x6f    o
0x63    c
0x61    a
0x6c    l
0x69    i
0x70    p
0x31    1
0x00    <null seperator>
0x31    1    <Second local IP>
0x39    9
0x32    2
0x2e    .
0x31    1
0x36    6
0x38    8
0x2e    .
0x32    2
0x30    0
0x33    3
0x2e    .
0x31    1
0x00    <null seperator>
0x6c    l    <localip2>
0x6f    o
0x63    c
0x61    a
0x6c    l
0x69    i
0x70    p
0x32    2
0x00    <null seperator>
0x31    1    <Third local IP>
0x39    9
0x32    2
0x2e    .
0x31    1
0x36    6
0x38    8
0x2e    .
0x31    1
0x37    7
0x34    4
0x2e    .
0x31    1
0x00    <null seperator>
0x6c    l    <localport>
0x6f    o
0x63    c
0x61    a
0x6c    l
0x70    p
0x6f    o
0x72    r
0x74    t
0x00    <null seperator>
0x31    1    <query port of the game server, default 11138, every server instance increases number by 1>
0x31    1
0x31    1
0x33    3
0x38    8
0x00    <null seperator>
0x6e    n    <NAT Negotiation>
0x61    a
0x74    t
0x6e    n
0x65    e
0x67    g
0x00    <null seperator>
0x30    0    <0 = disabled>
0x00    <null seperator>
0x73    s    <statechanged indicates when server wants to update information or is performing a special task : 3 = ready to accept connections | 2 = server closed>
0x74    t
0x61    a
0x74    t
0x65    e
0x63    c
0x68    h
0x61    a
0x6e    n
0x67    g
0x65    e
0x64    d
0x00    <null seperator>
0x33    3    <Needs more investigation as to what kind of states exist>
0x00    <null seperator>
0x67    g    <gamespy gamename>
0x61    a
0x6d    m
0x65    e
0x6e    n
0x61    a
0x6d    m
0x65    e
0x00    <null seperator>
0x73    s    <swrcommando>
0x77    r
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <null seperator>
0x68    h    <server name displayed in browser>
0x6f    o
0x73    s
0x74    t
0x6e    n
0x61    a
0x6d    m
0x65    e
0x00    <null seperator>
0x74    t    <server name: test test>
0x65    e
0x73    s
0x74    t
0x20    <space>
0x74    t
0x65    e
0x73    s
0x74    t
0x00    <null seperator>
0x67    g    <game version, republic commando only uses 2226>
0x61    a
0x6d    m
0x65    e
0x76    v
0x65    e
0x72    r
0x00    <null seperator>
0x32    2
0x32    2
0x32    2
0x36    6
0x00    <null seperator>
0x68    h    <hostport (connect port) of the game server>
0x6f    o
0x73    s
0x74    t
0x70    p
0x6f    o
0x72    r
0x74    t
0x00    <null seperator>
0x37    7    <default: 7777>
0x37    7
0x37    7
0x37    7
0x00    <null seperator>
0x6d    m    <mapname of server>
0x61    a
0x70    p
0x6e    n
0x61    a
0x6d    m
0x65    e
0x00    <null seperator>
0x4b    K    <english name: canyon>
0x41    A
0x4d    M
0x50    P
0x46    F
0x53    S
0x43    C
0x48    H
0x49    I
0x46    F
0x46    F
0x00    <null seperator>
0x67    g    <gametype of server>
0x61    a
0x6d    m
0x65    e
0x74    t
0x79    y
0x70    p
0x65    e
0x00    <null seperator>
0x44    D    <DM - deathmatch>
0x4d    M
0x00    <null seperator>
0x6e    n    <amount of players on the server currently>
0x75    u
0x6d    m
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x00    <null seperator>
0x30    0    <player ammount>
0x00    <null seperator>
0x6d    m    <max players capacity>
0x61    a
0x78    x
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x00    <null seperator>
0x38    8    <set to 8 maxplayers>
0x00    <null seperator>
0x67    g    <state of current gamemode>
0x61    a
0x6d    m
0x65    e
0x6d    m
0x6f    o
0x64    d
0x65    e
0x00    <null seperator>
0x6f    o    <set to openplaying, but there are no other states, atleast they dont get used>
0x70    p
0x65    e
0x6e    n
0x70    p
0x6c    l
0x61    a
0x79    y
0x69    i
0x6e    n
0x67    g
0x00    <null seperator>
0x6e    n    <number of teams>
0x75    u
0x6d    m
0x74    t
0x65    e
0x61    a
0x6d    m
0x73    s
0x00    <null seperator>
0x30    0    <set to 0 cuz DM, does it even get used by the game?>
0x00    <null seperator>
0x66    f    <also known as goalscore>
0x72    r
0x61    a
0x67    g
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x00    <null seperator>
0x31    1    <set to 10>
0x30    0
0x00    <null seperator>
0x74    t    <timelimit in minutes>
0x69    i
0x6d    m
0x65    e
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x00    <null seperator>
0x36    6    <60 minutes>
0x30    0
0x00    <null seperator>
0x64    d    <set whether server is in dedicated mode or not>
0x65    e
0x64    d
0x69    i
0x63    c
0x61    a
0x74    t
0x65    e
0x64    d
0x73    s
0x65    e
0x72    r
0x76    v
0x65    e
0x72    r
0x00    <null seperator>
0x31    1    <0 = off | 1 = on>
0x00    <null seperator>
0x66    f    <friendlyfire %>
0x72    r
0x69    i
0x65    e
0x6e    n
0x64    d
0x6c    l
0x79    y
0x66    f
0x69    i
0x72    r
0x65    e
0x00    <null seperator>
0x30    0    <0 %>
0x00    <null seperator>
0x00    <null seperator>
0x00    <null seperator>
0x00    <null seperator>
0x70    p    <player_ : array for player names/ids>
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x5f    _
0x00    <null seperator>
0x73    s    <score_ : array for player scores>
0x63    c
0x6f    o
0x72    r
0x65    e
0x5f    _
0x00    <null seperator>
0x64    d    <deaths_ : array for player deaths>
0x65    e
0x61    a
0x74    t
0x68    h
0x73    s
0x5f    _
0x00    <null seperator>
0x70    p    <ping_ : array for player pings>
0x69    i
0x6e    n
0x67    g
0x5f    _
0x00    <null seperator>
0x74    t    <team_ : array for player pings>
0x65    e
0x61    a
0x6d    m
0x5f    _
0x00    <null seperator>
0x00    <null seperator>
0x00    <null seperator>
0x00    <null seperator>
0x74    t    <team_t : array for player team (trandoshan team), does it get used?>
0x65    e
0x61    a
0x6d    m
0x5f    _
0x74    t
0x00    <null seperator>
0x73    s    <score_t : array for player score (trandoshan team, does it get used?)>
0x63    c
0x6f    o
0x72    r
0x65    e
0x5f    _
0x74    t
0x00    <null seperator>
0x00    <end of packet indicator>


Master Server acknowledges the information and sends response back to Game Server:

0xfe    <?? unknown>
0xfd    <?? unknown>
0x01    <message type 1 = information exchange?>
0xd6    -- <Next 4 bytes are random ID generated by client>
0x0c    --
0x82    --
0xe0    --
0x66    <?? unknown>
0x72    <?? unknown>
0x41    <?? unknown>
0x51    <?? unknown>
0x42    <?? unknown>
0x63    <?? unknown>
0x38    <?? unknown>
0x57    <?? unknown>
0x73    <?? unknown>
0x61    <?? unknown>
0x31    <?? unknown>
0x78    <?? unknown>
0x56    <?? unknown>
0x50    <?? unknown>
0x66    <?? unknown>
0x76    <?? unknown>
0x4a    <?? unknown>
0x63    <?? unknown>
0x72    <?? unknown>
0x67    <?? unknown>
0x00    <end of packet indicator>


Game Server acknowledge Master Server response and send ack/response back:

0x01    <message type : 1 = information exchange?>
0xd6    -- <Next 4 bytes are random ID generated by client>
0x0c    --
0x82    --
0xe0    --
0x70    <?? unknown>
0x70    <?? unknown>
0x34    <?? unknown>
0x68    <?? unknown>
0x45    <?? unknown>
0x46    <?? unknown>
0x34    <?? unknown>
0x65    <?? unknown>
0x77    <?? unknown>
0x42    <?? unknown>
0x6a    <?? unknown>
0x4e    <?? unknown>
0x6c    <?? unknown>
0x75    <?? unknown>
0x79    <?? unknown>
0x4b    <?? unknown>
0x46    <?? unknown>
0x74    <?? unknown>
0x6c    <?? unknown>
0x35    <?? unknown>
0x6a    <?? unknown>
0x33    <?? unknown>
0x32    <?? unknown>
0x6a    <?? unknown>
0x4b    <?? unknown>
0x43    <?? unknown>
0x6f    <?? unknown>
0x41    <?? unknown>
0x00    <end of packet indicator>


Finally, Game Server sends a heartbeat to Master Server every 5 seconds or so:

0x08    <message type : 8 = heartbeat>
0xd6    -- <Next 4 bytes are random ID generated by client>
0x0c    --
0x82    --
0xe0    --


Master Server sends heartbeat back to Game Server:

0xfe    <?? unknown>
0xfd    <?? unknown>
0x08    <message type : 8 = heartbeat>
0xd6    -- <Next 4 bytes are random ID generated by client>
0x0c    --
0x82    --
0xe0    --
0x00    <11x null at the end of heartbeat packet>
0x00
0x00
0x00
0x00
0x00
0x00
0x00
0x00
0x00
0x00


Master Server <-> Client

The communication between Client and Master Server starts with UDP but then gets shifted to TCP with encryption/algorithm.


Master Server is listening on port 27900 with UDP and Client sends request:

0x09    <message type : 9 = client starting query>
0x00    -- <Next 4 bytes are random ID generated by client, but it doesnt get used for now, so its left blank>
0x00    --
0x00    --
0x00    --
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <end of packet indicator>


From there, Master Server knows Client will start a TCP connection now to query server list. Master Server needs to listen on port 28910 now:

0x00    <?? unknown>
0xa2    <?? unknown>
0x00    <?? unknown>
0x01    <?? unknown>
0x03    <?? unknown>
0x00    -- <Next 4 bytes are random ID generated by client, but it doesnt get used for now, so its left blank>
0x00    --
0x00    --
0x00    --
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <null seperator>
0x73    s    <gamespy gamename>
0x77    w
0x72    r
0x63    c
0x6f    o
0x6d    m
0x6d    m
0x61    a
0x6e    n
0x64    d
0x6f    o
0x00    <null seperator>
0x70    -- <Next 8 bytes are the validation key created by client. It gets used to encrypt the message from Master Server>
0x57    --
0x63    --
0x38    --
0x5b    --
0x56    --
0x7b    --
0x5d    --
0x00    <null seperator>
0x5c    \    <backslash as seperator>
0x68    h    <hostname>
0x6f    o
0x73    s
0x74    t
0x6e    n
0x61    a
0x6d    m
0x65    e
0x5c    \    <backslash as seperator>
0x68    h    <hostport>
0x6f    o
0x73    s
0x74    t
0x70    p
0x6f    o
0x72    r
0x74    t
0x5c    \    <backslash as seperator>
0x6e    n    <numplayers>
0x75    u
0x6d    m
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x5c    \    <backslash as seperator>
0x6d    m    <maxplayers>
0x61    a
0x78    x
0x70    p
0x6c    l
0x61    a
0x79    y
0x65    e
0x72    r
0x73    s
0x5c    \    <backslash as seperator>
0x6d    m    <mapname>
0x61    a
0x70    p
0x6e    n
0x61    a
0x6d    m
0x65    e
0x5c    \    <backslash as seperator>
0x67    g    <gametype>
0x61    a
0x6d    m
0x65    e
0x74    t
0x79    y
0x70    p
0x65    e
0x5c    \    <backslash as seperator>
0x66    f    <fraglimit>
0x72    r
0x61    a
0x67    g
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x5c    \    <backslash as seperator>
0x74    t    <timelimit>
0x69    i
0x6d    m
0x65    e
0x6c    l
0x69    i
0x6d    m
0x69    i
0x74    t
0x5c    \    <backslash as seperator>
0x6e    n    <numteams>
0x75    u
0x6d    m
0x74    t
0x65    e
0x61    a
0x6d    m
0x73    s
0x5c    \    <backslash as seperator>
0x64    d    <dedicatedserver>
0x65    e
0x64    d
0x69    i
0x63    c
0x61    a
0x74    t
0x65    e
0x64    d
0x73    s
0x65    e
0x72    r
0x76    v
0x65    e
0x72    r
0x5c    \    <backslash as seperator>
0x66    f    <friendlyfire>
0x72    r
0x69    i
0x65    e
0x6e    n
0x64    d
0x6c    l
0x79    y
0x66    f
0x69    i
0x72    r
0x65    e