PROGRAMMERS: Analyzing yahoo packets...
- zappa_engine
- Moderator
- Posts: 117
- Joined: 09 Oct 2007 23:28
- Contact:
PROGRAMMERS: Analyzing yahoo packets...
NOTE: This post is for programmers, tinkerers.
So I noticed a post on the Chessy forum about the Yahoo Packet Analyzer and had a solution based on something else already included within YtoICS code.
About YPA though, I was testing the YPA program and logged into the chess game rooms and noticed it would capture some packets but not all. What I saw and was familiar with was the Create Room code, 2 other misc codes, and I tried to find more familiar packet codes by joining a game in progress. Unfortunately, it didn't really capture any more packets like game_in_progress (0x30) or moves or game_status packets so some functionally is missing. I'm guessing those are table opcodes it doesn't capture but it'll display the room op codes. Actually when I think about it more, it doesn't capture all room updates either because seat updates happen often and I didn't see any of those. So its packet capturing abilities are not fully realized... Maybe I don't know how to use the program though.
Now, within STUCI, there is a subroutine called op_debug. There is also a table listing opcodes and the functions that are called by them. If an opcode is received without a function to point to, it will give you a warning within the ICS interface. In these warnings it gives you an opcode number too. You can add this opcode and point it to the subroutine op_debug in the code. Next time, the warning won't be displayed but instead you'll get the parameters that were passed by the opcode so you can analyze it. The op_debug subroutine output is hard to read though. I suggest adding one line to the debug code so it'll display unprintable data in a format you can read now.
Where the code in op_debug says:
$d->Purity(1);
Add a line that also says:
$d->Useqq(1);
It'll output unreadable characters with \ and their code or normal perl code \n \t \r etcetc.
There, now if you want to analyze some of the unimplemented opcodes, just change the routine they point to from op_unimplemented to op_debug.
Ummm, I think that's it. So have fun with it...
So I noticed a post on the Chessy forum about the Yahoo Packet Analyzer and had a solution based on something else already included within YtoICS code.
About YPA though, I was testing the YPA program and logged into the chess game rooms and noticed it would capture some packets but not all. What I saw and was familiar with was the Create Room code, 2 other misc codes, and I tried to find more familiar packet codes by joining a game in progress. Unfortunately, it didn't really capture any more packets like game_in_progress (0x30) or moves or game_status packets so some functionally is missing. I'm guessing those are table opcodes it doesn't capture but it'll display the room op codes. Actually when I think about it more, it doesn't capture all room updates either because seat updates happen often and I didn't see any of those. So its packet capturing abilities are not fully realized... Maybe I don't know how to use the program though.
Now, within STUCI, there is a subroutine called op_debug. There is also a table listing opcodes and the functions that are called by them. If an opcode is received without a function to point to, it will give you a warning within the ICS interface. In these warnings it gives you an opcode number too. You can add this opcode and point it to the subroutine op_debug in the code. Next time, the warning won't be displayed but instead you'll get the parameters that were passed by the opcode so you can analyze it. The op_debug subroutine output is hard to read though. I suggest adding one line to the debug code so it'll display unprintable data in a format you can read now.
Where the code in op_debug says:
$d->Purity(1);
Add a line that also says:
$d->Useqq(1);
It'll output unreadable characters with \ and their code or normal perl code \n \t \r etcetc.
There, now if you want to analyze some of the unimplemented opcodes, just change the routine they point to from op_unimplemented to op_debug.
Ummm, I think that's it. So have fun with it...
http://www.youtube.com/watch?v=gNASSON_JMU
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
- matematiko
- Co-Admin
- Posts: 1511
- Joined: 17 Oct 2007 13:32
- Location: Texas USA
Re: Analyzing yahoo packets...
Thanks a lot zappa....I'll give it a try.
Using engines to cheat:
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- zappa_engine
- Moderator
- Posts: 117
- Joined: 09 Oct 2007 23:28
- Contact:
Re: Analyzing yahoo packets...
Did I miss any opcodes? These are how Yahoo describes thier own opcodes.
You do not have the required permissions to view the files attached to this post.
http://www.youtube.com/watch?v=gNASSON_JMU
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
- matematiko
- Co-Admin
- Posts: 1511
- Joined: 17 Oct 2007 13:32
- Location: Texas USA
Re: Analyzing yahoo packets...
The Yahoo Chess Protocol was well documented by Chris Howie. I do not even remember how I got this file but it seems it was not included in YtoICS distributions. In case you don't have it I am uploding it here. I have discovered few more opcodes and I have talked about them in this forum.
I hope this file is helpful to you and YtoICS Reborn team.
I hope this file is helpful to you and YtoICS Reborn team.
You do not have the required permissions to view the files attached to this post.
Using engines to cheat:
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- zappa_engine
- Moderator
- Posts: 117
- Joined: 09 Oct 2007 23:28
- Contact:
Re: Analyzing yahoo packets...
The info I posted is direct source code from Yahoo's flash player as well. But notice it has some missing opcodes not mentioned in JAVA implementation. Also noting that there are two protocols and things might be a little different.
http://www.youtube.com/watch?v=gNASSON_JMU
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
- matematiko
- Co-Admin
- Posts: 1511
- Joined: 17 Oct 2007 13:32
- Location: Texas USA
Re: Analyzing yahoo packets...
They are the same...just different description and different numeric system....Chris used an hexadecimal representation while the one showed are in decimal.....Yahoo Game Owner programmer used the corresponding ascii symbol and so on.zappa_engine wrote:The info I posted is direct source code from Yahoo's flash player as well. But notice it has some missing opcodes not mentioned in JAVA implementation. Also noting that there are two protocols and things might be a little different.
What do you mean by "Yahoo's Flash PLayer" ?
Using engines to cheat:
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- zappa_engine
- Moderator
- Posts: 117
- Joined: 09 Oct 2007 23:28
- Contact:
Re: Analyzing yahoo packets...
Link to Yahoo's flash player: http://games.yahoo.com/launchGame/ch&pr ... playgame=1matematiko wrote:zappa_engine wrote: What do you mean by "Yahoo's Flash PLayer" ?
http://www.youtube.com/watch?v=gNASSON_JMU
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
Concerning STUCI and why it's never really done... here's a metaphor: Instead of being a construction worker, I'd rather be an architect.
Losing too many games because of a slow PC? No problem, nUCI it!
- spadehelp2010
- New Member
- Posts: 2
- Joined: 18 Jul 2010 13:22
Re: PROGRAMMERS: Analyzing yahoo packets...
Hi All,
I was interesting in creating a card counter for yahoo spades. I reviewed this post (and part 2) and found them very helpful. I tried to download the zip file so I can get some ideas on how things work but it's invalid. So if someone can provide the zip or point me in the right direction as to how to decipher the packets that would be helpful. I know how to use a decompiler (Mocha), IDA PRO (for exe files), wireshark, and can understand most programming languages, (java, javascript, perl, c,c++, etc). So any help that would make my life much easier would be appreciated.
THanks,
I was interesting in creating a card counter for yahoo spades. I reviewed this post (and part 2) and found them very helpful. I tried to download the zip file so I can get some ideas on how things work but it's invalid. So if someone can provide the zip or point me in the right direction as to how to decipher the packets that would be helpful. I know how to use a decompiler (Mocha), IDA PRO (for exe files), wireshark, and can understand most programming languages, (java, javascript, perl, c,c++, etc). So any help that would make my life much easier would be appreciated.
THanks,
-
- Advanced Member
- Posts: 119
- Joined: 13 Feb 2010 15:22
- Location: Mother Earth
Re: PROGRAMMERS: Analyzing yahoo packets...
http://uploading.com/files/9a25m18a/Wireshark%2B%
since i can not upload my 700 mb file the above one should suffice ..
i hope u will master it with different protocols and filters .
for me this topic is locked
since i can not upload my 700 mb file the above one should suffice ..
i hope u will master it with different protocols and filters .
for me this topic is locked
What we think or what we know or what we believe is, in the end, of little consequence. The only consequence is what we do."
John Ruskin
John Ruskin
- matematiko
- Co-Admin
- Posts: 1511
- Joined: 17 Oct 2007 13:32
- Location: Texas USA
Re: PROGRAMMERS: Analyzing yahoo packets...
The author of YtoICS, made a nice document explaining how the java clients connect with Yahoo game servers, it also explains the handshake process, the encryption and decryption and also it explains most of the Room opcodes and Table opcodes. This document was made for Chess but most of the opcodes are valid for other games, of course there are other opcodes used in other games but not in chess.
Since I could not find the document in sourceforget.net, I uploaded to mediafire, I do not claim any credit. All in that document is the work of Chris Howie.
Click here to Download The Yahoo! Chess Protocol
Regards,
Since I could not find the document in sourceforget.net, I uploaded to mediafire, I do not claim any credit. All in that document is the work of Chris Howie.
Click here to Download The Yahoo! Chess Protocol
Regards,
Using engines to cheat:
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- spadehelp2010
- New Member
- Posts: 2
- Joined: 18 Jul 2010 13:22
Re: PROGRAMMERS: Analyzing yahoo packets...
Thank you so much guys for the info. Thanks for going through the trouble of uploading it via other sources. The wireshark pdf will come in handy when I am really trying to dissect the packets. Matematikos obviously the document you provided will save me a lot of frustration and give me momentum to keep trying (I know you didn't write it but you provided it). I have started to write some java code to encrypt and decrypt the messages. and I have a few questions: let me know if I should move it to a pm.
I know this is a lot, so whenever you get around to looking at it. I will appreciate it. Thank you.
1. Big Endian. So basically the MSB (byte) is read first. If my (symmetric) key is 64:a6:42:b4:65:ff:05:48 and the MSB is 48 and my LSB is 64 then 65:ff:05:48 (1711211848) will be used for client to server and 64:a6:42:b4 (1688617652) for server to client communication?
2. Multiply the key by 83. Is there any logic to this number or may it be different in my case. Should I loop through my function from 1 to 100 and see which values make sent?
3. XOR the current character with the key value. just doesn't make logical sense when I look at the numbers. I am XORing a very big number with a small number.
I get strange results. So if this is the ciphertext "fc:48:58:df:2e:c8:dd:35:9a:31:59:8c". I get the following results:
Number of tokens: 12
ciphertext[0] =fc
decimal = 252
xor = 296662692
plaintext[0] =11aeb6a4
ciphertext[1] =48
decimal = 72
xor = -1146806592
plaintext[1] =bba51ec0
ciphertext[2] =58
decimal = 88
xor = -695671232
plaintext[2] =d688e640
ciphertext[3] =df
decimal = 223
xor = -1906140905
plaintext[3] =8e629917
ciphertext[4] =2e
decimal = 46
xor = 704109558
plaintext[4] =29f7dbf6
ciphertext[5] =c8
decimal = 200
xor = -1688451136
plaintext[5] =9b5c47c0
ciphertext[6] =dd
decimal = 221
xor = 1592461125
plaintext[6] =5eeb0745
ciphertext[7] =35
decimal = 53
xor = -969705859
plaintext[7] =c633767d
ciphertext[8] =9a
decimal = 154
xor = 1118788034
plaintext[8] =42af59c2
ciphertext[9] =31
decimal = 49
xor = -1629882439
plaintext[9] =9ed9f7b9
ciphertext[10] =59
decimal = 89
xor = -2136260287
plaintext[10] =80ab4141
ciphertext[11] =8c
decimal = 140
xor = -1215948220
plaintext[11] =b7861a44
I know this is a lot, so whenever you get around to looking at it. I will appreciate it. Thank you.
1. Big Endian. So basically the MSB (byte) is read first. If my (symmetric) key is 64:a6:42:b4:65:ff:05:48 and the MSB is 48 and my LSB is 64 then 65:ff:05:48 (1711211848) will be used for client to server and 64:a6:42:b4 (1688617652) for server to client communication?
2. Multiply the key by 83. Is there any logic to this number or may it be different in my case. Should I loop through my function from 1 to 100 and see which values make sent?
3. XOR the current character with the key value. just doesn't make logical sense when I look at the numbers. I am XORing a very big number with a small number.
I get strange results. So if this is the ciphertext "fc:48:58:df:2e:c8:dd:35:9a:31:59:8c". I get the following results:
Number of tokens: 12
ciphertext[0] =fc
decimal = 252
xor = 296662692
plaintext[0] =11aeb6a4
ciphertext[1] =48
decimal = 72
xor = -1146806592
plaintext[1] =bba51ec0
ciphertext[2] =58
decimal = 88
xor = -695671232
plaintext[2] =d688e640
ciphertext[3] =df
decimal = 223
xor = -1906140905
plaintext[3] =8e629917
ciphertext[4] =2e
decimal = 46
xor = 704109558
plaintext[4] =29f7dbf6
ciphertext[5] =c8
decimal = 200
xor = -1688451136
plaintext[5] =9b5c47c0
ciphertext[6] =dd
decimal = 221
xor = 1592461125
plaintext[6] =5eeb0745
ciphertext[7] =35
decimal = 53
xor = -969705859
plaintext[7] =c633767d
ciphertext[8] =9a
decimal = 154
xor = 1118788034
plaintext[8] =42af59c2
ciphertext[9] =31
decimal = 49
xor = -1629882439
plaintext[9] =9ed9f7b9
ciphertext[10] =59
decimal = 89
xor = -2136260287
plaintext[10] =80ab4141
ciphertext[11] =8c
decimal = 140
xor = -1215948220
plaintext[11] =b7861a44
- matematiko
- Co-Admin
- Posts: 1511
- Joined: 17 Oct 2007 13:32
- Location: Texas USA
Re: PROGRAMMERS: Analyzing yahoo packets...
Hello,
It will make more sense if you were looking at the code.
Please download YtoICS latest version and try to correlate what you read in the protocol document and what you see in the code...it will make things lots easier. Of course this version does not work any more because does not implement a way ti display the CAPTCHA letters and because few other things Yahoo has change since.
YtoICS 0.0.4 was the latest version and it can be found here:
http://sourceforge.net/projects/ytoics/ ... p/download
Regards ,
It will make more sense if you were looking at the code.
Please download YtoICS latest version and try to correlate what you read in the protocol document and what you see in the code...it will make things lots easier. Of course this version does not work any more because does not implement a way ti display the CAPTCHA letters and because few other things Yahoo has change since.
YtoICS 0.0.4 was the latest version and it can be found here:
http://sourceforge.net/projects/ytoics/ ... p/download
Regards ,
Using engines to cheat:
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.
- It is not ethical,
- It is useless, nothing is gained (how can one be proud of a score earn with dishonesty?)
- You will be baned, sooner or later,
- It gives us (the true chess engine players) a bad reputation.