7,540
社区成员
发帖
与我相关
我的任务
分享关于BattleLAN(跨网关联网工具)的原理和编程实现
首先来介绍这款工具BattleLan(跨网关联机工具,利用的是TCP/IP连接),它能连接一个校园网内不在同一LAN的工具,我们用来连机打WAR3游戏的。
比如 A:172.18.78.61 MASK:255.255.255.0 Agateway:172.18.78.1
B: 172.18.84.34 MASK:255.255.255.0 Bgateway:172.18.84.1
B(WAR3主机),A -》启动BATTLELAN-》填写IP:172.18.84.34-》启动WAR3-》进入主机
上面是UDP包,BL搜索主机的UDP包
上面是TCP包 6112是WAR3的进程端口。
可以看到 172.18.84.24的TCP连接。
推测可能是通过转发广播报文的方式进行连接的。
1,如果是 编程如何实现(关键是转发技术,我们几个同学想写个类似的)。还望大虾们不吝发点资料给小弟。 小弟邮箱:19792488@qq.com
2,如果不是通过转发报文,那大虾们能给小弟讲讲到底是什么原理吗?我想大虾们不会见死不救吧?不要让偶误入迷途呀~~~
在这不胜感激了!
比如 A:172.18.78.61 MASK:255.255.255.0 Agateway:172.18.78.1
B: 172.18.84.34 MASK:255.255.255.0 Bgateway:172.18.84.1
B(WAR3主机),A -》启动BATTLELAN-》填写IP:172.18.84.34-》启动WAR3-》进入主机
上面是UDP包,BL搜索主机的UDP包
上面是TCP包 6112是WAR3的进程端口。
可以看到 172.18.84.24的TCP连接。
推测可能是通过转发广播报文的方式进行连接的。
1,如果是 编程如何实现(关键是转发技术,我们几个同学想写个类似的)。还望大虾们不吝发点资料给小弟。 小弟邮箱:19792488@qq.com
2,如果不是通过转发报文,那大虾们能给小弟讲讲到底是什么原理吗?我想大虾们不会见死不救吧?不要让偶误入迷途呀~~~
在这不胜感激了!
...全文
请发表友善的回复…
发表回复
xxgamexx 2008-05-13
- 打赏
- 举报
恩~ 你说的有道理
看看软件作者写的:(有个CRC验证)
ttol9th July 2002, 14:54
----------------------------------------------
:: Lancraft 1.01 - PUBLIC
:: written by ttol
----------------------------------------------
:: Warcraft III v1.0 and 1.01
----------------------------------------------
-----------
:: Summary
-----------
We've managed to bypass the protections
embedded inside Warcraft III so that you can
now play across the internet. It works on
all versions up to July 07, 2002.
The benefits of our program:
o Simple usage
o No interaction and communication between
battle.net's authentication servers
o Simple usage
o Created by your proven team (ttol and Coolest)
o One person can host, everyone else joins..
- clans can now have clan servers!
o At a LAN with an internet connection, the LAN
people can battle it out with internet people.
Just give the IP to them and send them Lancraft
to battle it out...LAN vs Internet!
----------
:: To use
----------
One person has to host the game. Get that person's
IP address. Insert it into Lancast.
Start up Warcraft III, go to options and set
game port to anything other than the server's port
(6112 in 99.9% of the cases). I use 6110.
Go to LAN and that person's game will show up.
Enjoy.
**************
NOTE: If you're the server, please set your GAME PORT
under Options->Gameplay to 6112.
If you're connecting, set GAME PORT to 6110.
It's VERY IMPORTANT!
**************
----------
:: Details
----------
We basically emulated the LAN function to work
over the internet. It was a hard hack to write
because Blizzard Entertainment implemented a few
protections.
One of them was the port protection.
They wouldn't allow us to take control over the UDP
LAN port. If we did take it, Warcraft III would refuse
to go into LAN mode. We bypassed it by faking the
"Lan tag".
When you start a LAN server, it broadcasts a
packet that contains a "lan tag". It contains
a CRC check. It's like a keep-alive but with
a CRC. If the check fails, one of the side effects
is that the number of players jumps to a very large
semi-random number. The tag is based on the
number of open spots available and the crc.
So, we had to somehow circumvent the crc.
We made a fake CRC with 1/2 people in the server
until the server sends the full data with the name
of the server and other information. We decoded that
and re-encoded the CRC with the correct info.
The lan tag is:
F7 32 10 00 01 00 00 00 01 00 00 00 02 00 00 00 .2..............
A sample info request from client:
F7 2F 10 00 33 52 41 57 00 00 00 00 00 00 00 00
Response:
F7 30 6D 00 33 52 41 57 00 00 00 00 01 00 00 00 .0m.3RAW........
49 E1 7F 09 43 6F 6F 6C 65 73 74 27 73 20 47 61 I...Coolest's Ga
6D 65 00 00 01 03 49 07 01 01 A1 01 D1 49 01 A7 me....I......I..
8D 2D 6D 4D 8B 61 71 73 5D 29 33 29 AD 43 6F 6F .-mM.aqs])3).Coo
75 79 43 61 BB 79 2F 77 33 6D 01 43 37 6F 6F 6D uyCa.y/w3m.C7oom
65 73 75 01 01 01 00 0C 00 00 00 09 00 00 00 01 esu.............
00 00 00 02 00 00 00 55 00 00 00 E0 17 .......U.....
Then we -21 from the end of the packet (that's the
correct CRC), and we copy that and add to
F7 32 10 00 01 00 00 00 01 00 00 00 0C 00 00 00
and BOOM, it works.
-------------------
:: Acknowledgements
-------------------
o Blizzard Entertainment (www.blizzard.com) for making such a
beautiful game.
o ttol (that's me!) for...being the ladie's man and
perfecting the beautiful graphical user interface and etc
and such and so on and so forth
o Coolest for the network coding
看看软件作者写的:(有个CRC验证)
ttol9th July 2002, 14:54
----------------------------------------------
:: Lancraft 1.01 - PUBLIC
:: written by ttol
----------------------------------------------
:: Warcraft III v1.0 and 1.01
----------------------------------------------
-----------
:: Summary
-----------
We've managed to bypass the protections
embedded inside Warcraft III so that you can
now play across the internet. It works on
all versions up to July 07, 2002.
The benefits of our program:
o Simple usage
o No interaction and communication between
battle.net's authentication servers
o Simple usage
o Created by your proven team (ttol and Coolest)
o One person can host, everyone else joins..
- clans can now have clan servers!
o At a LAN with an internet connection, the LAN
people can battle it out with internet people.
Just give the IP to them and send them Lancraft
to battle it out...LAN vs Internet!
----------
:: To use
----------
One person has to host the game. Get that person's
IP address. Insert it into Lancast.
Start up Warcraft III, go to options and set
game port to anything other than the server's port
(6112 in 99.9% of the cases). I use 6110.
Go to LAN and that person's game will show up.
Enjoy.
**************
NOTE: If you're the server, please set your GAME PORT
under Options->Gameplay to 6112.
If you're connecting, set GAME PORT to 6110.
It's VERY IMPORTANT!
**************
----------
:: Details
----------
We basically emulated the LAN function to work
over the internet. It was a hard hack to write
because Blizzard Entertainment implemented a few
protections.
One of them was the port protection.
They wouldn't allow us to take control over the UDP
LAN port. If we did take it, Warcraft III would refuse
to go into LAN mode. We bypassed it by faking the
"Lan tag".
When you start a LAN server, it broadcasts a
packet that contains a "lan tag". It contains
a CRC check. It's like a keep-alive but with
a CRC. If the check fails, one of the side effects
is that the number of players jumps to a very large
semi-random number. The tag is based on the
number of open spots available and the crc.
So, we had to somehow circumvent the crc.
We made a fake CRC with 1/2 people in the server
until the server sends the full data with the name
of the server and other information. We decoded that
and re-encoded the CRC with the correct info.
The lan tag is:
F7 32 10 00 01 00 00 00 01 00 00 00 02 00 00 00 .2..............
A sample info request from client:
F7 2F 10 00 33 52 41 57 00 00 00 00 00 00 00 00
Response:
F7 30 6D 00 33 52 41 57 00 00 00 00 01 00 00 00 .0m.3RAW........
49 E1 7F 09 43 6F 6F 6C 65 73 74 27 73 20 47 61 I...Coolest's Ga
6D 65 00 00 01 03 49 07 01 01 A1 01 D1 49 01 A7 me....I......I..
8D 2D 6D 4D 8B 61 71 73 5D 29 33 29 AD 43 6F 6F .-mM.aqs])3).Coo
75 79 43 61 BB 79 2F 77 33 6D 01 43 37 6F 6F 6D uyCa.y/w3m.C7oom
65 73 75 01 01 01 00 0C 00 00 00 09 00 00 00 01 esu.............
00 00 00 02 00 00 00 55 00 00 00 E0 17 .......U.....
Then we -21 from the end of the packet (that's the
correct CRC), and we copy that and add to
F7 32 10 00 01 00 00 00 01 00 00 00 0C 00 00 00
and BOOM, it works.
-------------------
:: Acknowledgements
-------------------
o Blizzard Entertainment (www.blizzard.com) for making such a
beautiful game.
o ttol (that's me!) for...being the ladie's man and
perfecting the beautiful graphical user interface and etc
and such and so on and so forth
o Coolest for the network coding
MANSOBOY 2008-05-12
- 打赏
- 举报
你所说的的问题是出在。。你用什么端口发包给主机,主机就把信息返回到你发包的端口!!
而游戏只监听6112(可设置).所以包是到达了本地计算机,但游戏进程根本就没有收到任何信息。收到信息的是你用来发包那个软件而已!!!
主机A 本地 B
软件 SENDER , WAR3
B(软件SENDER 虚拟WAR3的UDP包发送,发送时的端口为2016 )---> A(端口 6112)
B (SENDER 监听2016)<----
|<--------------A (端口 6112发送返回包)
B (WAR3 监听 6112)
而游戏只监听6112(可设置).所以包是到达了本地计算机,但游戏进程根本就没有收到任何信息。收到信息的是你用来发包那个软件而已!!!
主机A 本地 B
软件 SENDER , WAR3
B(软件SENDER 虚拟WAR3的UDP包发送,发送时的端口为2016 )---> A(端口 6112)
B (SENDER 监听2016)<----
|<--------------A (端口 6112发送返回包)
B (WAR3 监听 6112)
MANSOBOY 2008-05-12
- 打赏
- 举报
建立在VPN下的服务。。。
应该对VPN主机要求挺高!!
还是P2P的好!!
应该对VPN主机要求挺高!!
还是P2P的好!!
xxgamexx 2008-05-12
- 打赏
- 举报
继续补充:
下面是我今天实验的结果
用lancraft工具 从6110发送目标IP 6112(WAR3进程端口)的抓包情况
能正常看到主机发送的包和返回的包
UDP发送的包
[2008-5-12 17:54:08:046]
00000000 F7 2F 10 00 50 58 33 57 14 00 00 00 04 00 00 00 ./..PX3W ........
00000010 F7 2F 10 00 50 58 33 57 14 00 00 00 05 00 00 00 ./..PX3W ........
00000020 F7 2F 10 00 50 58 33 57 14 00 00 00 06 00 00 00 ./..PX3W ........
00000030 F7 2F 10 00 50 58 33 57 14 00 00 00 07 00 00 00 ./..PX3W ........
00000040 F7 2F 10 00 50 58 33 57 14 00 00 00 08 00 00 00 ./..PX3W ........
00000050 F7 2F 10 00 50 58 33 57 14 00 00 00 09 00 00 00 ./..PX3W ........
00000060 F7 2F 10 00 50 58 33 57 14 00 00 00 00 00 00 00 ./..PX3W ........
UDP返回的包
[2008-5-12 17:54:11:046]
00000000 F7 30 7C 00 50 58 33 57 14 00 00 00 01 00 00 00 .0 ¦.PX3W ........
00000010 C2 75 5E 00 E5 BD 93 E5 9C B0 E5 B1 80 E5 9F 9F .u^..... ........
00000020 E7 BD 91 E5 86 85 E7 9A 84 E6 B8 B8 E6 88 8F 20 ........ .......
00000030 28 73 61 00 00 01 03 49 07 01 01 69 01 E9 69 01 (sa....I ...i..i.
00000040 9D 65 63 A7 4D 8B 61 71 73 5D 29 35 29 45 55 75 .ec.M.aq s])5)EUu
00000050 73 75 6D 65 53 6F 6F 63 6B 2F 77 33 79 3D 01 73 sumeSooc k/w3y=.s
00000060 61 61 61 01 01 00 04 00 00 00 09 00 00 00 01 00 aaa..... ........
00000070 00 00 04 00 00 00 6B 08 00 00 E0 17 ......k. ....
......`. ....
[color=#FF00FF]我发送同样的包给目的主机 主机同样能返回主机一些信息 跟上面正常显示的信息一样,但是问题是 在WAR3游戏里面就是看不到主机。。。(估计还得返回给6112端口),那如何使6110发出的返回包给WAR3进程的6112端口呢?[/color]
下面是我今天实验的结果
用lancraft工具 从6110发送目标IP 6112(WAR3进程端口)的抓包情况
能正常看到主机发送的包和返回的包
UDP发送的包
[2008-5-12 17:54:08:046]
00000000 F7 2F 10 00 50 58 33 57 14 00 00 00 04 00 00 00 ./..PX3W ........
00000010 F7 2F 10 00 50 58 33 57 14 00 00 00 05 00 00 00 ./..PX3W ........
00000020 F7 2F 10 00 50 58 33 57 14 00 00 00 06 00 00 00 ./..PX3W ........
00000030 F7 2F 10 00 50 58 33 57 14 00 00 00 07 00 00 00 ./..PX3W ........
00000040 F7 2F 10 00 50 58 33 57 14 00 00 00 08 00 00 00 ./..PX3W ........
00000050 F7 2F 10 00 50 58 33 57 14 00 00 00 09 00 00 00 ./..PX3W ........
00000060 F7 2F 10 00 50 58 33 57 14 00 00 00 00 00 00 00 ./..PX3W ........
UDP返回的包
[2008-5-12 17:54:11:046]
00000000 F7 30 7C 00 50 58 33 57 14 00 00 00 01 00 00 00 .0 ¦.PX3W ........
00000010 C2 75 5E 00 E5 BD 93 E5 9C B0 E5 B1 80 E5 9F 9F .u^..... ........
00000020 E7 BD 91 E5 86 85 E7 9A 84 E6 B8 B8 E6 88 8F 20 ........ .......
00000030 28 73 61 00 00 01 03 49 07 01 01 69 01 E9 69 01 (sa....I ...i..i.
00000040 9D 65 63 A7 4D 8B 61 71 73 5D 29 35 29 45 55 75 .ec.M.aq s])5)EUu
00000050 73 75 6D 65 53 6F 6F 63 6B 2F 77 33 79 3D 01 73 sumeSooc k/w3y=.s
00000060 61 61 61 01 01 00 04 00 00 00 09 00 00 00 01 00 aaa..... ........
00000070 00 00 04 00 00 00 6B 08 00 00 E0 17 ......k. ....
......`. ....
[color=#FF00FF]我发送同样的包给目的主机 主机同样能返回主机一些信息 跟上面正常显示的信息一样,但是问题是 在WAR3游戏里面就是看不到主机。。。(估计还得返回给6112端口),那如何使6110发出的返回包给WAR3进程的6112端口呢?[/color]
xxgamexx 2008-05-11
- 打赏
- 举报
补充:
通过反复抓包发现BL并不即时发送广播,按照SL的说法是利用WINHOOK监视WSOCK32.DLL,估计使用到SEND方法时BL再发送UDP到指定的目的IP。网关通过某种转发机制把这个包传达到目的地址,目的地址做出反映,使主机被认为是本地子网的机器。
现在关键想弄明白的是 如何构造这个UDP包,目的主机返回的内容是什么,源主机如何处理并把目的主机(另一子网的一台机器,如上面的172.18.84.34)当作本地子网机器
通过反复抓包发现BL并不即时发送广播,按照SL的说法是利用WINHOOK监视WSOCK32.DLL,估计使用到SEND方法时BL再发送UDP到指定的目的IP。网关通过某种转发机制把这个包传达到目的地址,目的地址做出反映,使主机被认为是本地子网的机器。
现在关键想弄明白的是 如何构造这个UDP包,目的主机返回的内容是什么,源主机如何处理并把目的主机(另一子网的一台机器,如上面的172.18.84.34)当作本地子网机器
xxgamexx 2008-05-11
- 打赏
- 举报
补充:
只要发送端开启BL(BattleLAN),能够进行飞鸽传输和各类游戏联网
只要发送端开启BL(BattleLAN),能够进行飞鸽传输和各类游戏联网
懒牛科技 2008-05-11
- 打赏
- 举报
up 顺便学习
xxgamexx 2008-05-11
- 打赏
- 举报
定向广播?VPN? 期待中
