Welcome to Open Carnage

A resource for gamers and technology enthusiasts, with unique means of rewarding content creation and support. Have a wander to see why we're worth the time!

Sign in to follow this  
Followers 0
danielpz

How get the list of all servers of Halo CE?

Hello everyone, this is my first post, I'm Web Developer and I'm developing a desktop app to get the list of all servers of Halo CE (with Electron JS), but I dont know how get that list, investigating I get this domains:

s1.master.hosthpc.com
s1.ms01.hosthpc.com

I think that they are the master server, and investigating more (with WireShark XD) I found a way to connect to that master server (s1.ms01.hosthpc.com) with Node JS

var net = require('net');

var client = new net.Socket();
client.connect(28910, '54.210.5.59', function() {
console.log('Connected');
//client.write(':V');
});


client.on('data', function(data) {
console.log('Received: ' + data);
client.destroy(); // kill client after server's response
});

client.on('close', function() {
console.log('Connection closed');
});

But I just recieve 'Connect' but no more, any list of nothing :'C

the goal is do this https://image.ibb.co/dnpTjo/servers.jpg (that is the halo online brownser servers) but outside the game, and doit for Halo CE,

can someone help me please?

Share this post


Link to post
Share on other sites

Members of Open Carnage never see off-site ads.

I've personally found some amount of success by performing a kind of replay attack on the server. Basically just record the packets the game client sends to the server, strip the payload and send it back. Haven't done it with HCE yet so I don't know if that will work so easily.


Kavawuvi: one of these days these glutes are gonna squawk all over you

Share this post


Link to post
Share on other sites
3 hours ago, Sunstriker7 said:

just record the packets the game client sends to the server

 

many thanks for your answer, but, ¿what is that packets?

Share this post


Link to post
Share on other sites

So yeah its a bit more complicated then just trying to connect to it, especially some slight changes happened when the original got re-engineered by BTCC to save the online listing.

 

What I would recommend is start reading into Luigi Auriemma research papers on Gamespy in general here.

 

I have been working on it myself, which I have gotten a successful connection. But been working on the returned queried information since it looks like it changed a bit.

 

This is a packet listing which connects, but returns nothing.

 

BorkedConnection.jpg

 

This is a successful connection and query.

 

Success.jpg

 

 

WaeV likes this

Have an apple! apple.pngskull.png

Share this post


Link to post
Share on other sites

Posted (edited)

5 hours ago, Java said:

So yeah its a bit more complicated then just trying to connect to it, especially some slight changes happened when the original got re-engineered by BTCC to save the online listing.

 

What I would recommend is start reading into Luigi Auriemma research papers on Gamespy in general here.

 

I have been working on it myself, which I have gotten a successful connection. But been working on the returned queried information since it looks like it changed a bit.

 

This is a packet listing which connects, but returns nothing.

 

- IMG -

 

This is a successful connection and query.

- IMG -

 

 

thank you very much for your answer, I use WireShark too to get the IP and the port, but, I dont recieve anything  :/ , I'm so good developing website (CSS, HTML, JS), and I dont know much about networks, ¿can you help me in that? please please , is for the APP of I'm developing for relieve this great game (Halo CE)

Edited by danielpz

Share this post


Link to post
Share on other sites

Posted (edited)

So basically some key things to know with the Gamespy stuff with the current setup

 

gamename: halor (Retail Release)(PC) or halom (Multiplayer Extension)(CE) {this is needed to grab the particular listing for what game}

msgamename: halor or halom {either or works for making the query}

msgamekey: e4Rd9J {needed for the xor}

 

Some additional things can be used if you study Luigi Auriemma work. But these are required with the XOR Ciper to pull it out successfully.

 

But I will help when I can danielpz

 

Edited by Java
Derp

Have an apple! apple.pngskull.png

Share this post


Link to post
Share on other sites

Code for a Lua Script to Decrypt XOR Traffic in Wireshark.

 

Also could be useful else were if needed.

 

 


-- Wireshark LUA script to handle Gamespy Packets
trivial_proto = Proto("gamespy","Gamespy Protocol")

-- XOR Cipher:
local tab = {  -- tab[i][j] = xor(i-1, j-1)
  {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, },
  {1, 0, 3, 2, 5, 4, 7, 6, 9, 8, 11, 10, 13, 12, 15, 14, },
  {2, 3, 0, 1, 6, 7, 4, 5, 10, 11, 8, 9, 14, 15, 12, 13, },
  {3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12, },
  {4, 5, 6, 7, 0, 1, 2, 3, 12, 13, 14, 15, 8, 9, 10, 11, },
  {5, 4, 7, 6, 1, 0, 3, 2, 13, 12, 15, 14, 9, 8, 11, 10, },
  {6, 7, 4, 5, 2, 3, 0, 1, 14, 15, 12, 13, 10, 11, 8, 9, },
  {7, 6, 5, 4, 3, 2, 1, 0, 15, 14, 13, 12, 11, 10, 9, 8, },
  {8, 9, 10, 11, 12, 13, 14, 15, 0, 1, 2, 3, 4, 5, 6, 7, },
  {9, 8, 11, 10, 13, 12, 15, 14, 1, 0, 3, 2, 5, 4, 7, 6, },
  {10, 11, 8, 9, 14, 15, 12, 13, 2, 3, 0, 1, 6, 7, 4, 5, },
  {11, 10, 9, 8, 15, 14, 13, 12, 3, 2, 1, 0, 7, 6, 5, 4, },
  {12, 13, 14, 15, 8, 9, 10, 11, 4, 5, 6, 7, 0, 1, 2, 3, },
  {13, 12, 15, 14, 9, 8, 11, 10, 5, 4, 7, 6, 1, 0, 3, 2, },
  {14, 15, 12, 13, 10, 11, 8, 9, 6, 7, 4, 5, 2, 3, 0, 1, },
  {15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0, },
}

function bxor (a,b)
  local res, c = 0, 1
  while a > 0 and b > 0 do
    local a2, b2 = a % 16, b % 16
    res = res + tab[a2+1][b2+1]*c
    a = (a-a2)/16
    b = (b-b2)/16
    c = c*16
  end
  res = res + a*c + b*c
  return res
end

-- Apply the "gamespy xor" to the packet
function trivial_proto.dissector(buffer,pinfo,tree)
    pinfo.cols.protocol = "Gamespy"
    
    -- Symmetric cipher used to encrypt/decrypt
    cipher = {103, 97, 109, 101, 115, 112, 121}
    index = 1
    
    decoded = ""
    size = buffer:len()
    
    -- Apply XOR cipher and save the decoded string
    for i=0,size-1 do
        thebyte = bxor(buffer(i,1):uint(), cipher[index])
        decoded = decoded .. string.char(thebyte)
        
        index = index + 1
        if index == 8 then
            index = 1
        end
    end
    
    -- Make wireshark display our results
    local subtree = tree:add(trivial_proto,buffer(),"Gamspy Protocol")
    subtree:add(buffer(0,size), "Decoded: " .. decoded)
end

-- load the udp.port table
udp_table = DissectorTable.get("udp.port")

-- register our protocol to handle udp port 7777
-- more and likely need to add the specific port
-- to decrypt the traffic from/to
-- Example: Halo PC/CE 2302

udp_table:add(29910,trivial_proto)
udp_table:add(2302,trivial_proto)

 

Copy file attached into your Wireshark install folder.

Make additions/edits for ports needed to decrypt {udp_table:add(port,trivial_proto)}

Add dofile("gamespy.lua") to your init.lua that resides in your Wireshark install folder.

Should be good to go

 

gamespy.lua


Have an apple! apple.pngskull.png

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now
Sign in to follow this  
Followers 0
  • Recently Browsing   0 members

    No registered users viewing this page.