frontpage hit counter
BnetDocs - guest


Available Topics:

Navigation:
News
Search BnetDocs
Credits

Logon:
Username
Password:
Register
Lost Password?

Documents:
Logon Sequences
Battle.net Flags
Battle.net's file transfer protocol (Version 1)
Battle.net's file transfer protocol (Version 2)
BNLS Checksum Algorithm
Clan Message Codes
Diablo II Game Server Accept Sequence
Diablo II Realm Server Logon Procedure
Game Statstrings
Icons.bni
NLS/SRP Protocol
Notational Conventions
Platform & Product IDs
Protocol Headers
Sizes & Types
User Statstrings
Warcraft III Profile Requests

Consts for all messages: [pas cpp vb]

Battle.net Messages:
[C>0x00] SID_NULL
[S>0x00] SID_NULL
[C>0x02] SID_STOPADV
[S>0x04] SID_SERVERLIST (Defunct)
[C>0x05] SID_CLIENTID
[S>0x05] SID_CLIENTID
[C>0x06] SID_STARTVERSIONING
[S>0x06] SID_STARTVERSIONING
[C>0x07] SID_REPORTVERSION
[S>0x07] SID_REPORTVERSION
[C>0x08] SID_STARTADVEX
[S>0x08] SID_STARTADVEX
[C>0x09] SID_GETADVLISTEX
[S>0x09] SID_GETADVLISTEX
[C>0x0A] SID_ENTERCHAT
[S>0x0A] SID_ENTERCHAT
[C>0x0B] SID_GETCHANNELLIST
[S>0x0B] SID_GETCHANNELLIST
[C>0x0C] SID_JOINCHANNEL
[C>0x0E] SID_CHATCOMMAND
[S>0x0F] SID_CHATEVENT
[C>0x10] SID_LEAVECHAT
[C>0x12] SID_LOCALEINFO
[S>0x13] SID_FLOODDETECTED
[C>0x14] SID_UDPPINGRESPONSE
[C>0x15] SID_CHECKAD
[S>0x15] SID_CHECKAD
[C>0x16] SID_CLICKAD
[C>0x18] SID_REGISTRY (Defunct)
[S>0x18] SID_REGISTRY (Defunct)
[S>0x19] SID_MESSAGEBOX
[C>0x1A] SID_STARTADVEX2 (Defunct)
[C>0x1B] SID_GAMEDATAADDRESS (Defunct)
[C>0x1C] SID_STARTADVEX3
[S>0x1C] SID_STARTADVEX3
[S>0x1D] SID_LOGONCHALLENGEEX
[C>0x1E] SID_CLIENTID2
[C>0x1F] SID_LEAVEGAME
[C>0x21] SID_DISPLAYAD
[C>0x22] SID_NOTIFYJOIN
[C>0x25] SID_PING
[S>0x25] SID_PING
[C>0x26] SID_READUSERDATA
[S>0x26] SID_READUSERDATA
[C>0x27] SID_WRITEUSERDATA
[S>0x28] SID_LOGONCHALLENGE
[C>0x29] SID_LOGONRESPONSE
[S>0x29] SID_LOGONRESPONSE
[C>0x2A] SID_CREATEACCOUNT
[S>0x2A] SID_CREATEACCOUNT
[C>0x2B] SID_SYSTEMINFO (Defunct)
[C>0x2C] SID_GAMERESULT
[C>0x2D] SID_GETICONDATA
[S>0x2D] SID_GETICONDATA
[C>0x2E] SID_GETLADDERDATA
[S>0x2E] SID_GETLADDERDATA
[C>0x2F] SID_FINDLADDERUSER
[S>0x2F] SID_FINDLADDERUSER
[C>0x30] SID_CDKEY
[S>0x30] SID_CDKEY
[C>0x31] SID_CHANGEPASSWORD
[S>0x31] SID_CHANGEPASSWORD
[C>0x32] SID_CHECKDATAFILE
[S>0x32] SID_CHECKDATAFILE
[C>0x33] SID_GETFILETIME
[S>0x33] SID_GETFILETIME
[C>0x34] SID_QUERYREALMS
[S>0x34] SID_QUERYREALMS
[C>0x35] SID_PROFILE
[S>0x35] SID_PROFILE
[C>0x36] SID_CDKEY2
[S>0x36] SID_CDKEY2
[C>0x3A] SID_LOGONRESPONSE2
[S>0x3A] SID_LOGONRESPONSE2
[C>0x3C] SID_CHECKDATAFILE2
[S>0x3C] SID_CHECKDATAFILE2
[C>0x3D] SID_CREATEACCOUNT2
[S>0x3D] SID_CREATEACCOUNT2
[C>0x3E] SID_LOGONREALMEX
[S>0x3E] SID_LOGONREALMEX
[S>0x3F] SID_STARTVERSIONING2
[C>0x40] SID_QUERYREALMS2
[S>0x40] SID_QUERYREALMS2
[C>0x41] SID_QUERYADURL
[S>0x41] SID_QUERYADURL
[C>0x44] SID_WARCRAFTGENERAL
[S>0x44] SID_WARCRAFTGENERAL
[C>0x45] SID_NETGAMEPORT
[C>0x46] SID_NEWS_INFO
[S>0x46] SID_NEWS_INFO
[S>0x4A] SID_OPTIONALWORK
[C>0x4B] SID_EXTRAWORK
[S>0x4C] SID_REQUIREDWORK
[C>0x50] SID_AUTH_INFO
[S>0x50] SID_AUTH_INFO
[C>0x51] SID_AUTH_CHECK
[S>0x51] SID_AUTH_CHECK
[C>0x52] SID_AUTH_ACCOUNTCREATE
[S>0x52] SID_AUTH_ACCOUNTCREATE
[C>0x53] SID_AUTH_ACCOUNTLOGON
[S>0x53] SID_AUTH_ACCOUNTLOGON
[C>0x54] SID_AUTH_ACCOUNTLOGONPROOF
[S>0x54] SID_AUTH_ACCOUNTLOGONPROOF
[C>0x55] SID_AUTH_ACCOUNTCHANGE
[S>0x55] SID_AUTH_ACCOUNTCHANGE
[C>0x56] SID_AUTH_ACCOUNTCHANGEPROOF
[S>0x56] SID_AUTH_ACCOUNTCHANGEPROOF
[C>0x57] SID_AUTH_ACCOUNTUPGRADE
[S>0x57] SID_AUTH_ACCOUNTUPGRADE
[S>0x58] SID_AUTH_ACCOUNTUPGRADEPROOF
[C>0x59] SID_SETEMAIL
[S>0x59] SID_SETEMAIL
[C>0x5A] SID_RESETPASSWORD
[C>0x5B] SID_CHANGEEMAIL
[C>0x5C] SID_SWITCHPRODUCT
[C>0x60] SID_GAMEPLAYERSEARCH
[S>0x60] SID_GAMEPLAYERSEARCH
[C>0x65] SID_FRIENDSLIST
[S>0x65] SID_FRIENDSLIST
[C>0x66] SID_FRIENDSUPDATE
[S>0x66] SID_FRIENDSUPDATE
[S>0x67] SID_FRIENDSADD
[S>0x68] SID_FRIENDSREMOVE
[S>0x69] SID_FRIENDSPOSITION
[C>0x70] SID_CLANFINDCANDIDATES
[S>0x70] SID_CLANFINDCANDIDATES
[C>0x71] SID_CLANINVITEMULTIPLE
[S>0x71] SID_CLANINVITEMULTIPLE
[C>0x72] SID_CLANCREATIONINVITATION
[S>0x72] SID_CLANCREATIONINVITATION
[C>0x73] SID_CLANDISBAND
[S>0x73] SID_CLANDISBAND
[C>0x74] SID_CLANMAKECHIEFTAIN
[S>0x74] SID_CLANMAKECHIEFTAIN
[S>0x75] SID_CLANINFO
[S>0x76] SID_CLANQUITNOTIFY
[C>0x77] SID_CLANINVITATION
[S>0x77] SID_CLANINVITATION
[C>0x78] SID_CLANREMOVEMEMBER
[S>0x78] SID_CLANREMOVEMEMBER
[C>0x79] SID_CLANINVITATIONRESPONSE
[S>0x79] SID_CLANINVITATIONRESPONSE
[C>0x7A] SID_CLANRANKCHANGE
[S>0x7A] SID_CLANRANKCHANGE
[C>0x7B] SID_CLANSETMOTD
[C>0x7C] SID_CLANMOTD
[S>0x7C] SID_CLANMOTD
[C>0x7D] SID_CLANMEMBERLIST
[S>0x7D] SID_CLANMEMBERLIST
[S>0x7E] SID_CLANMEMBERREMOVED
[S>0x7F] SID_CLANMEMBERSTATUSCHANGE
[S>0x81] SID_CLANMEMBERRANKCHANGE
[C>0x82] SID_CLANMEMBERINFORMATION
[S>0x82] SID_CLANMEMBERINFORMATION

View consts: [pas cpp vb]


Battle.net/Starcraft UDP Messages:
[C>0x03] PKT_CLIENTREQ
[S>0x05] PKT_SERVERPING
[C>0x07] PKT_KEEPALIVE
[C>0x08] PKT_CONNTEST
[C>0x09] PKT_CONNTEST2

View consts: [pas cpp vb]


Realm Messages:
The official Blizzard names for MCP packets are unknown. These have been invented for convenience.

[C>0x01] MCP_STARTUP
[S>0x01] MCP_STARTUP
[C>0x02] MCP_CHARCREATE
[S>0x02] MCP_CHARCREATE
[C>0x03] MCP_CREATEGAME
[S>0x03] MCP_CREATEGAME
[C>0x04] MCP_JOINGAME
[S>0x04] MCP_JOINGAME
[C>0x05] MCP_GAMELIST
[S>0x05] MCP_GAMELIST
[C>0x06] MCP_GAMEINFO
[S>0x06] MCP_GAMEINFO
[C>0x07] MCP_CHARLOGON
[S>0x07] MCP_CHARLOGON
[C>0x0A] MCP_CHARDELETE
[S>0x0A] MCP_CHARDELETE
[C>0x11] MCP_REQUESTLADDERDATA
[S>0x11] MCP_REQUESTLADDERDATA
[C>0x12] MCP_MOTD
[S>0x12] MCP_MOTD
[C>0x13] MCP_CANCELGAMECREATE
[S>0x14] MCP_CREATEQUEUE
[C>0x17] MCP_CHARLIST
[S>0x17] MCP_CHARLIST
[C>0x18] MCP_CHARUPGRADE
[S>0x18] MCP_CHARUPGRADE
[C>0x19] MCP_CHARLIST2
[S>0x19] MCP_CHARLIST2

View consts: [pas cpp vb]


D2GS Messages:
[C>0x01] D2GS_WALKTOLOCATION
[C>0x02] D2GS_WALKTOUNIT
[C>0x03] D2GS_RUNTOLOCATION
[C>0x04] D2GS_RUNTOUNIT
[C>0x05] D2GS_LEFTSKILLLOC
[C>0x06] D2GS_LEFTSKILLOBJ
[C>0x08] D2GS_REPEATLEFTSKILLLOC
[C>0x09] D2GS_REPEATLEFTSKILLOBJ
[C>0x0C] D2GS_RIGHTSKILLLOC
[C>0x0D] D2GS_RIGHTSKILLOBJ
[C>0x0F] D2GS_REPEATRIGHTSKILLLOC
[C>0x10] D2GS_REPEATRIGHTSKILLOBJ
[S>0x10] D2GS_CHARTOOBJ
[C>0x13] D2GS_INTERACTWITHOBJECT
[C>0x14] D2GS_CHARMESSAGE
[C>0x15] D2GS_CHATCOMMAND
[C>0x16] D2GS_PICKUPGROUNDITEM
[C>0x17] D2GS_DROPITEM
[C>0x18] D2GS_ITEMTOINVENTORY
[C>0x19] D2GS_PICKUPITEM
[S>0x19] D2GS_SMALLGOLDPICKUP
[C>0x1A] D2GS_ITEMTOBODY
[C>0x1B] D2GS_REMOVEBODYITEM
[C>0x1D] D2GS_SWITCHBODYITEM
[S>0x1D] D2GS_SETBYTEATTR
[S>0x1E] D2GS_SETWORDATTR
[C>0x1F] D2GS_SWITCHINVENTORYITEM
[S>0x1F] D2GS_SETDWORDATTR
[C>0x20] D2GS_USEITEM
[C>0x21] D2GS_STACKITEM
[C>0x22] D2GS_REMOVESTACKITEM (Defunct)
[C>0x23] D2GS_ITEMTOBELT
[C>0x24] D2GS_REMOVEBELTITEM
[C>0x25] D2GS_SWITCHBELTITEM
[C>0x26] D2GS_USEBELTITEM
[C>0x27] D2GS_0x27
[C>0x28] D2GS_INSERTSOCKETITEM
[C>0x29] D2GS_SCROLLTOTOME
[C>0x2A] D2GS_ITEMTOCUBE
[C>0x2D] D2GS_UNSELECTOBJ (Defunct)
[C>0x2F] D2GS_NPCHEAL
[C>0x30] D2GS_NPCCANCEL
[C>0x32] D2GS_NPCBUY
[C>0x33] D2GS_NPCSELL
[C>0x38] D2GS_NPCTRADE
[C>0x3F] D2GS_CHARACTERPHRASE
[C>0x49] D2GS_WAYPOINT
[C>0x4F] D2GS_TRADE
[C>0x50] D2GS_DROPGOLD
[S>0x51] D2GS_WORLDOBJECT
[S>0x5C] D2GS_(COMP)STARTGAME
[C>0x5E] D2GS_PARTY
[C>0x61] D2GS_POTIONTOMERCENARY
[C>0x68] D2GS_GAMELOGON
[C>0x6A] D2GS_ENTERGAMEENVIRONMENT
[C>0x6D] D2GS_PING
[S>0x77] D2GS_TRADEACTION
[S>0x7A] D2GS_LOGONRESPONSE
[S>0xAF] D2GS_STARTLOGON

View consts: [pas cpp vb]


Botnet Messages:
[C>0x00] PACKET_IDLE
[S>0x00] PACKET_IDLE
[C>0x01] PACKET_LOGON
[S>0x01] PACKET_LOGON
[C>0x02] PACKET_STATSUPDATE
[S>0x02] PACKET_STATSUPDATE
[C>0x03] PACKET_DATABASE
[S>0x03] PACKET_DATABASE
[C>0x04] PACKET_MESSAGE
[S>0x04] PACKET_MESSAGE
[C>0x05] PACKET_CYCLE
[S>0x05] PACKET_CYCLE
[C>0x06] PACKET_USERINFO
[S>0x06] PACKET_USERINFO
[C>0x07] PACKET_BROADCASTMESSAGE
[S>0x07] PACKET_USERLOGGINGOFF
[C>0x08] PACKET_COMMAND
[C>0x09] PACKET_CHANGEDBPASSWORD
[S>0x0A] PACKET_BOTNETVERSION
[C>0x0B] PACKET_BOTNETCHAT
[S>0x0B] PACKET_BOTNETCHAT
[C>0x0D] PACKET_ACCOUNT
[S>0x0D] PACKET_ACCOUNT
[C>0x10] PACKET_CHATDROPOPTIONS
[S>0x10] PACKET_CHATDROPOPTIONS

View consts: [pas cpp vb]


BNLS Messages:
This reference is only here for convinience, and may not be complete or up to date. The original and updated documentation can be found here.

[C>0x00] BNLS_NULL
[C>0x01] BNLS_CDKEY
[S>0x01] BNLS_CDKEY
[C>0x02] BNLS_LOGONCHALLENGE
[S>0x02] BNLS_LOGONCHALLENGE
[C>0x03] BNLS_LOGONPROOF
[S>0x03] BNLS_LOGONPROOF
[C>0x04] BNLS_CREATEACCOUNT
[S>0x04] BNLS_CREATEACCOUNT
[S>0x05] BNLS_CHANGECHALLENGE
[C>0x05] BNLS_CHANGECHALLENGE
[C>0x06] BNLS_CHANGEPROOF
[S>0x06] BNLS_CHANGEPROOF
[C>0x07] BNLS_UPGRADECHALLENGE
[S>0x07] BNLS_UPGRADECHALLENGE
[C>0x08] BNLS_UPGRADEPROOF
[S>0x08] BNLS_UPGRADEPROOF
[C>0x09] BNLS_VERSIONCHECK
[S>0x09] BNLS_VERSIONCHECK
[C>0x0A] BNLS_CONFIRMLOGON
[S>0x0A] BNLS_CONFIRMLOGON
[C>0x0B] BNLS_HASHDATA
[S>0x0B] BNLS_HASHDATA
[C>0x0C] BNLS_CDKEY_EX
[S>0x0C] BNLS_CDKEY_EX
[C>0x0D] BNLS_CHOOSENLSREVISION
[S>0x0D] BNLS_CHOOSENLSREVISION
[C>0x0E] BNLS_AUTHORIZE
[S>0x0E] BNLS_AUTHORIZE
[C>0x0F] BNLS_AUTHORIZEPROOF
[S>0x0F] BNLS_AUTHORIZEPROOF
[C>0x10] BNLS_REQUESTVERSIONBYTE
[S>0x10] BNLS_REQUESTVERSIONBYTE
[C>0x11] BNLS_VERIFYSERVER
[S>0x11] BNLS_VERIFYSERVER
[C>0x12] BNLS_RESERVESERVERSLOTS
[S>0x12] BNLS_RESERVESERVERSLOTS
[C>0x13] BNLS_SERVERLOGONCHALLENGE
[S>0x13] BNLS_SERVERLOGONCHALLENGE
[C>0x14] BNLS_SERVERLOGONPROOF
[S>0x14] BNLS_SERVERLOGONPROOF
[C>0x18] BNLS_VERSIONCHECKEX
[S>0x18] BNLS_VERSIONCHECKEX
[C>0x1A] BNLS_VERSIONCHECKEX2
[S>0x1A] BNLS_VERSIONCHECKEX2

View consts: [pas cpp vb]


Other Resources:
The Battle.net Bot Development Website
Valhalla Legends

NLS/SRP Protocol


The New Logon System is based on SRP, the Secure Remote Password protocol, which was designed to obviate the need to send a password, or its cryptographic equivalent, across a network. This page exists to provide a basic introduction to this protocol. For detailed explanations and information, see RFC 2945.

In this document, % indicates modulo division, * is multiplication, - is subtraction, and + is addition.

The Server Key (B)
The server key, referred to in the SRP specification as 'B', is a public key generated by the server. A new key is generated for each session. The server sends this key to the client in SID_AUTH_ACCOUNTLOGON.

The Client Key (A)
The client key, referred to in the SRP specification as 'A', is a 256-bit public key generated by the client. A new key is generated for each session. It is generated thus:

A = ga % N

This value is sent to the server along with the client's username in SID_AUTH_ACCOUNTLOGON

The Generator (g)
This value is a constant used generate public keys. Its value is 47 (0x2F).

The Random Value (a)
A random value generated by the client, such that 0 <= a <= N.

The Modulus (N)
N is a large (256-bit) unsigned integer. All SRP calculations are done modulo N. Its value is:

Decimal: 112624315653284427036559548610503669920632123929604336254260115573677366691719
Hex: 0xF8FF1A8B619918032186B68CA092B5557E976C78C73212D91216F6658523C787

Or, in C:

unsigned char N[] = 0x87, 0xc7, 0x23, 0x85, 0x65, 0xf6, 0x16, 0x12, 0xd9, 0x12, 0x32, 0xc7, 0x78, 0x6c, 0x97, 0x7e, 0x55, 0xb5, 0x92, 0xa0, 0x8c, 0xb6, 0x86, 0x21, 0x03, 0x18, 0x99, 0x61, 0x8b, 0x1a, 0xff, 0xf8

The Salt (s)
The salt is a 256-bit random value generated by the client when an account is created. After creation, it is never changed. It is sent to the server in SID_AUTH_ACCOUNTCREATE, and recieved from the server during logons in SID_AUTH_ACCOUNTLOGON.

The Verifier (v)
The verifier is a 256-bit value calculated by the client when an account is created. After creation, it is never changed. It is sent to the server in SID_AUTH_ACCOUNTCREATE. It is generated thus:

v = gx % N

Username & Password Hash (x)
x is a value generated by the client based on the username, password, and salt value. In this formula, a comma (,) indicates concatenation:

SHA1(s, SHA1(Username, ":", Password))

Username and password are converted to UPPER CASE before hashing.

u
Todo: Explain me.
This value is the first four bytes of SHA1(B). This differs slightly from standard SRP, in which this value is generated by the server and sent to the client along with the server key (B).

The Secret (S) (I need a better name)
S is where the magic of NLS happens. Both the client and the server calculate S, using different formulae, and end up with the same result.

Client: S = ((N + B - v) % N)(a + u * x) % N
Server: S = (A * (vu % N))b % N

If the Server and Client agree on the value of S, the logon succeeds, otherwise, it fails.

Password Proof (K)
This value is generated by the client and the server as proof that they actually know the value of S. This is another value which differs from standard SRP, which justs sends SHA1(S). Blizzard's version calculates K as follows:

Place the even bytes of S into one buffer, and the odd bytes into another.
Create a SHA-1 hash of each buffer
Create K by combining the even bytes of the first buffer, and the odd bytes of the second.

Client Password Proof (M1)
This value is sent to Battle.net to prove that you know your own password. Again, this differs from standard SRP. In this formula, commas (,) indicate concatenation:

M1 = SHA1(SHA1(g) xor SHA1(N), SHA1(Username), s, A, B, K)

Username and password are converted to UPPER CASE prior to hashing. This value is sent to the server in SID_AUTH_ACCOUNTLOGONPROOF

Server Password Proof (M2)
M2 = SHA1(A, M[1], K)

Most of the information on this page has come from iago's notes. For more, see his page on the topic.

#18



User Comments:

None




For detailed questions and discussion, visit the Battle.Net Bot Development Forum.

Battle.Net©® 1996 - 2002 Blizzard Entertainment. All rights reserved. Battle.net and Blizzard Entertainment are trademarks or registered trademarks of Blizzard Entertainment in the U.S. and/or other countries. Blizzard Entertainment©® is a trademark or registered trademark of Blizzard Entertainment in the U.S. and/or other countries. All rights reserved. StarCraft©® 1998 Blizzard Entertainment. All rights reserved. StarCraft and Blizzard Entertainment are trademarks or registered trademarks of Blizzard Entertainment in the U.S. and/or other countries. StarCraft©®: Brood War©® 1998 Blizzard Entertainment. All rights reserved. StarCraft, Brood War and Blizzard Entertainment are trademarks or registered trademarks of Blizzard Entertainment in the U.S. and/or other countries.

The following applies to material & trademarks not owned by Blizzard Entertainment: All material on this website is protected by copyright, and may not be reproduced without the explicit permission of the copyright owner. The copyright owner reserves all rights with respect to the acts protected by copyright. Any dispute pertaining to copyright shall be resolved according to the laws of the United Kingdom. For more information, contact the copyright owner.

Ads