使用SharpPcap獲取遊戲信息
前言:
在機器人程式中,就屬最陽春的固定動作無限循環的程式最好製作。
但是隨著遊戲的演進,不論是打怪或著是採集,越來越多的遊戲不能照著固定動作執行。
為了克服這個問題,也為了增加效率,更為了不被其他玩家以異樣眼光看待。
勢必要能夠因應遊戲的運行變化,而改變自己執行的動作。
這之中分為兩條,如何分析&如何操控,本文只討論如何分析的部分。
那如何知道遊戲現在的情況呢? 就要靠各種分析的方式去獲取了。
目前我知道的有:
- 圖片分析:靠著遊戲顯示的畫面顏色來判斷要做什麼事情,這是最直覺也最適合入門的方法。
- 記憶體分析:相信大家都知道FTP、GAME Master、Cheat engine這類遊戲修改大師,這類軟體可以修改單機遊戲的金錢、血量、經驗值等等。在線上遊戲因為這些數值都以伺服器端為準,因此光光修改客戶端的數據是沒有用的,但是拿來當作遊戲運行判斷的話(判斷血量是否小於50%),依然非常有用的!
- 封包分析:靠著解讀伺服器傳回的封包,可以獲取很多不會顯示在客戶端畫面上的資訊,隨著可辨識的封包增加,可以知道遊戲內各種大大小小所發生的事情。缺點是所花的分析時間與精力是垂直上漲的,而且當遊戲封包有所變化時甚至加密時,更會陷入泥沼之中。
此次介紹的是VB.net內封包分析的一種方法-使用SharpPcap來監聽封包,以日版的卡卡大亂鬥當作實例進行分析。
=======================================================
1.安裝WinPcap
2.下載SharpPcap
3.加入參考PacketDotNet.dll、SharpPcap.dll
4.監聽封包訊息:
Dim socketCount As Integer = 0
Sub start()
Dim deviceIndex As Integer = 0 '看你要監聽第幾張網卡的訊息
Dim devices As CaptureDeviceList = CaptureDeviceList.Instance
Dim device As ICaptureDevice = devices(deviceIndex)
AddHandler device.OnPacketArrival, AddressOf device_OnPacketArrival
Dim readTimeoutMilliseconds As Integer = 1000
device.Open(DeviceMode.Promiscuous, readTimeoutMilliseconds)
'日版卡卡的連線IP
device.Filter = "src 203.191.228.51 and ip and tcp"
device.Capture()
End Sub
Sub device_OnPacketArrival(ByVal sender As Object, ByVal e As CaptureEventArgs)
On Error GoTo err
socketCount += 1
Dim packet As PacketDotNet.Packet = PacketDotNet.Packet.ParsePacket(e.Packet)
Dim tcpPacket As PacketDotNet.TcpPacket = PacketDotNet.TcpPacket.GetEncapsulated(packet)
If tcpPacket IsNot Nothing Then
Dim ipPacket As PacketDotNet.IpPacket = tcpPacket.ParentPacket
Dim srcIp As System.Net.IPAddress = ipPacket.SourceAddress
Dim dstIp As System.Net.IPAddress = ipPacket.DestinationAddress
Dim srcPort As Integer = tcpPacket.SourcePort
Dim dstPort As Integer = tcpPacket.DestinationPort
If tcpPacket.DataOffset = 5 Then
'分析tcpPacket.Bytes的資料,印像是Index 20之後才是接收的Data? 這部分忘記了
End If
End If
err:
End Sub
5. 利用wireshark等現成封包監控軟體,先分析封包的現象
首先單獨接收拍賣場一筆資料的封包資料是:
0000 68 00 05 00 0e 00 02 00 00 00 01 00 00 00 01 00
0010 00 00 db 0f 01 00 fc 4f 01 00 32 86 0f 00 20 03
0020 00 00 c2 01 00 00 b5 d1 a6 d0 00 00 00 00 00 00
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 87 11 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 0022 = 競標價
1E = 一口價
26 = 賣主
46 = 剩餘時間
在跟一次接收兩筆資料相互比較:
0000 c0 00 05 00 0e 00 02 00 00 00 02 00 00 00 02 00
0010 00 00 c1 1b 01 00 53 54 01 00 61 ca 0f 00 14 00
0020 00 00 14 00 00 00 b5 4c ad 57 a7 59 b7 c0 b9 44
0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0040 00 00 00 00 00 00 c4 58 00 00 00 00 00 00 00 00
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0060 00 00 00 00 00 00 00 00 00 00 c1 0f 01 00 e6 53
0070 01 00 c9 7a 0f 00 1e 00 00 00 14 00 00 00 ab 43
0080 c0 73 a4 fd 00 00 00 00 00 00 00 00 00 00 00 00
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 95 38
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00c0 00 00Offset = 58
26 = 賣主1
7E = 賣主2
0A = 全部有幾張牌
12 = 第一張牌開頭
6A = 第二張牌開頭
C1 = 第二張牌結尾
c1 1b 01 00 53 54 01 三星恢復之牆
c1 0f 01 00 e6 53 01 三星巨魔狂爆戰士
6.知道封包內各Byte所存放的數值意義後,在OnPacketArrival事件內分析tcpPacket.Bytes解析出相對應的數值
7.配合元件顯示在介面上
