DarkBlizz

I have the exact same problem here :/

At the end of the replay.info there are 5 chunks of 40 bytes, and then a varying length chunk until the name of the map.
I can't find any logical way to compute the length of this chunk.

Currently, I'm just doing a trial/error to guess the bytes that may describe the length of the chunk.

Here are some dumps, I stressed the bytes that should store the length, one way or another...:


10 0E 02 06 08 01    64 02 06 15    80 24 2F 3F A6 AF 00                                  00 00 00 00
20 0C 02 06 08 03 01 64 02 06 15 01 80 24 2C 06 8F B4 00                                  00 00 00 00
10 0E 02 06 08 03 02 64 02 06 15 01 80 24 95 B6 1B A2 00                                  00 00 00 00
20 0C 02 06 08 01    64 02 06 15 01 81 24 A6 BF E3 22 00                                  00 00 00 00
20 2C 00 06 08 01    64 02 06 14 01 80 24 02 05 8F 00 C0 04 82 13 49 00 C0 04 94 B7 9E 32 00 00 00 00
20 2C 00 06 08 03 01 64 02 06 14 03 80 24 02 05 0F    C0 04 82 13 09    C0 84 0E FB 69 19 00 00 00 00
               ^^ ^^          ^^ ^^                   ^^          ^  ^^

By the way, it would be interesting to share our parsers. The only source of information that I have is http://code.google.com/p/vgce/source/browse/trunk/docs/Blizzard/Starcraft%20II/replays.txt (which is often false) and nibbits.com to download replays

I'm working on a C++ library to handle SC2 replays.
Currently got <almost> all the "replayinfo" reversed, and only messages from "messageevents".

I'll try to provide a public SVN soon so that people can join & participate.

Apparently, Battlenet is going to be down for 10 minutes, and there will be a client patch:
http://forums.battle.net/thread.html?topicId=23240933862&sid=5010

Hope the protocol won't be updated :/

This is just the UI.. this does not give any clue to the progress of the crack.
Unlocking a button doesn't mean that something will happen when you'll click on it.

If you want to find out how close we are to play, better follow MADCATX's thread about emulating BN2.

From what I see they just reversed the SC2 map format, and are able to display the position of resources.
Useless for the crack, but still a very good job, way to go!

Thank you very much Xzotica ^^ Very kind of you !

A changing message stream from session to session indicates either:
- A context-dependent message sent from the client (i.e. sending local timestamp or something similar)
- A session-dependent message sent accordingly to a received message from the server (most likely).


As the 2nd case is the most likely, either cryptanalyze the previous received message against the newly sent one (should be linear).
Or in case of a hash-like formula (non linear), you should quickly recognize the hash signature in any disassembler.


Btw, why do you bother emulating a bnet server while a client patch skipping the remote call & hard coded map list would be enough ?


(ps: sorry, i'm not native english speaker :/)