You are not logged in.
#76 06 Nov 2006 6:51 am
- BobbyCZ
- New Member
- Registered: Nov 2006
- Posts: 2
Re: bf2142 stat query protocol
I just finished these two bytesTubar :
Hi again, so here are class source-code and one example (same as on web) for coding and decoding auth key.
http://bf2142.bfstats.info/files/ea_support.zip
Now just one last think, what are these last two bytes
Here's source code for AUTH (you must use it with Tubar's code sample):
Code:
<html><body> <?php require_once("ea_support.php"); $bfcoding = &new ea_stats(); $pid = 81260470; // your PID $code = dwh(dechex(time())).dwh(dechex(100)).dwh(dechex($pid))."0000"; $code.= CalcCRC($code); $result = $bfcoding->DefEncryptBlock($bfcoding->hex2str($code)); $auth = $bfcoding->getBase64Encode($result); echo " <b>CODE:</b> $code <br/>"; echo " <b>AUTH:</b> $auth <br/>"; function dwh($h) { $s = substr("0000000".$h, -8); return substr($s,6,2).substr($s,4,2).substr($s,2,2).substr($s,0,2); } function XOR32 ($a, $b) { $a1 = $a & 0x7FFF0000; $a2 = $a & 0x0000FFFF; $a3 = $a & 0x80000000; $b1 = $b & 0x7FFF0000; $b2 = $b & 0x0000FFFF; $b3 = $b & 0x80000000; $c = ($a3 != $b3) ? 0x80000000 : 0; return (($a1 ^ $b1) |($a2 ^ $b2)) + $c; } function SHR32 ($x, $bits) { if ($bits==0) return $x; if ($bits==32) return 0; $y = ($x & 0x7FFFFFFF) >> $bits; if (0x80000000 & $x) { $y |= (1<<(31-$bits)); } return $y; } function SHL32 ($x, $bits) { if ($bits==0) return $x; if ($bits==32) return 0; $mask = (1<<(32-$bits)) - 1; return (($x & $mask) << $bits) & 0xFFFFFFFF; } function SAL32 ($x, $bits) { $s = str_pad(decbin ($x),32,"0",STR_PAD_LEFT); return bindec(substr($s,$bits).substr($s,0,$bits)); } function SAR32 ($x, $bits) { $s = str_pad(decbin ($x),32,"0",STR_PAD_LEFT); $r = 32-$bits; return bindec(substr($s,$r,$bits).substr($s,0,$r)); } function AND_FF ($x) { return str_pad(decbin ($x & 255),32,"0",STR_PAD_LEFT); } function CalcCRC($h) { $eax = 0; for($esi=0; $esi<14; $esi++) { $ecx = $eax; $ecx = SAR32($ecx,8); $ecx&= 255; $eax = SHL32($eax,8); $ecx|= $eax; $eax = hexdec(substr($h,$esi*2,2)); $eax = XOR32($eax,$ecx); $ecx = ($eax&255); $ecx = SHR32($ecx,4); $eax = XOR32($eax,$ecx); $ecx = $eax; $ecx = SHL32($ecx,12); $eax = XOR32($eax,$ecx); $ecx = $eax; $ecx&= 255; $ecx = SHL32($ecx,5); $eax = XOR32($eax,$ecx); } $eax&= 65535; $hex = substr("0000".strtoupper(dechex($eax)), -4); return substr($hex,2,2).substr($hex,0,2); } ?> </body></html>
It work's fine
Offline
#77 06 Nov 2006 9:17 am
Re: bf2142 stat query protocol
Nice work!
I put up your sample at: http://www.sanity-free.org/bf2142auth/
the crc ccitt code we were using used 0xffff instead of 0x0000 as its initial value, so we were getting false negitives on that.
Offline
#78 06 Nov 2006 10:07 am
- Butcher
- Moderator
- From: Norway
- Registered: Jul 2006
- Posts: 308
Re: bf2142 stat query protocol
Aha! Know I understand what you are doing, you are making a stat checker! Wow, took me ages to figure that out.
Offline
#79 06 Nov 2006 10:35 am
Re: bf2142 stat query protocol
so is that the final piece to the puzzle? Can we start using the code to make stat sites?
I might translate the php into asp when everything is finalized. when i do i'll post it here as well. I may even do it in asp.net since i have never used asp.net before.
Offline
#80 06 Nov 2006 10:48 am
Re: bf2142 stat query protocol
Butcher, you crack me up dude!
the crc is crc-ccitt but uses 0x0000 as an intial value (the crctool code uses the standard 0xFFFF).
yep, it works to pull most stats, but we still have to nail down the ptoken parameter (for getplayerinfo), but from what I've been told that its made up of "email/nickname/countrycode/and a few other fiddly bits." I'm assuming this is the result of the client challenge that the game does when you start up. the ptoken value isnt a direct base64->ascii conversion, so I'd assume that they're using the same encryption / decryption algorithm. Tubar's code will need a slight modification to run the encryption process in a loop 16 bytes at a time (I'm not sure about the padding mode thats used).
Offline
#81 06 Nov 2006 11:59 am
Re: bf2142 stat query protocol
Does this mean it doesn't change with time? So we could scrape them manually through packets and just store the ptoken?MadHatter :
yep, it works to pull most stats, but we still have to nail down the ptoken parameter (for getplayerinfo), but from what I've been told that its made up of "email/nickname/countrycode/and a few other fiddly bits."
Offline
#82 06 Nov 2006 12:39 pm
Re: bf2142 stat query protocol
according to my understanding the only time the underlying payload will change is if the player updates their info on EA (like their email address or something). They use that to pull your info from EA that in turn gets used to pull your player info.
I haven't looked at ptoken much before this (was trying to figure auth out first), so all I know is what I've been told. I don't know if we'll have to authenticate w/ EA to get this data or if we just have to get it from the users who want to pull their stats...
Offline
#83 06 Nov 2006 1:43 pm
Re: bf2142 stat query protocol
I just looked back at my packets on the previous page and didn't see any ptoken in the query strings for getplayerinfo.aspx. Does it only get sent once? if so maybe it is some sort of auth to say that this client is coming from this user, etc.
Offline
#84 06 Nov 2006 1:56 pm
Re: bf2142 stat query protocol
you didnt have anything like:
&pToken=2fn3pt3nMR[A8SPyUKQhVZnQJ2]kSugbJMWAM9EW[dauTp3XY7vpedOQnTY]U6m[O5mlaEJpAoqt]LbEY6zQow__
in your query for getplayerinfo? I'm pretty sure its sent w/ every request, but my second query (that I posted here) got cut off, so I cant say for sure.
if you just generate the auth token, then call the getplayerinfo page w/ that token, it doesnt return any results, so I'm assuming you do need it.
Offline
#85 06 Nov 2006 2:07 pm
Re: bf2142 stat query protocol
with the packet info, i just did 2 splits on the data to get the full querystring:
.split(" GET ") and then .split(" HTTP/1.1 ") which gave me the page name and the query string i believe. then i disected it on ? left of that is the page name, right of it is the query string. After that split on & and it gives you all the parameters, and then split again on each paramater on = to get the key,value pairings. I then printed out the page name and the key/value pairings to a file and copied and pasted the contents of the file to the forum.
I'll double check again tonight to see what the packets are showing. I don't think i started capturing packets till after i was in game so that might be why i missed the ptoken request.
Offline
#87 06 Nov 2006 2:44 pm
Re: bf2142 stat query protocol
Code:
Page: getbackendinfo.aspx AuthCode: =PIVf6vafsNvOMhEfhbDtag__ Page: getplayerinfo.aspx AuthCode: =x6Vv[yUFxhiaithT5V57CA__ mode: base pToken: emyAq9F[uV96IhLwmtjCl3z]rNJTuotcSVZBP8kkCoOAJ9hC3X3GnscKIN5muvgYqeTyYQTSq7CxLZZRYM1iPg__ Page: getplayerinfo.aspx AuthCode: =Xx9P4vIdKvCiMK8SN5s0EA__ mode: ovr
might be the mode: base that requires the ptoken, as you can see it was only needed for that.
I'm guessing base is designed to limit the strain on the stats server so it doesn't have to do multiple queries to get that info.
Offline
#88 06 Nov 2006 2:57 pm
Re: bf2142 stat query protocol
Were you hammering the server for stats or something? Can you make the thread private? think EA is stealing our PID's from the site and banning us? I still have access to the stats, but I always mess around with stats while I have BF2142 open so it would be very hard for ea to track which is coming from ingame and which from outside.
Offline
#89 06 Nov 2006 3:44 pm
- AmbassadorKosh
- Experienced Member
- From: Ukraine, Kiev
- Registered: Nov 2006
- Posts: 18
- Website
Re: bf2142 stat query protocol
I have that problem too!
advice:
try to send "not-faled" queries on servers of EA...
Offline
#90 06 Nov 2006 3:52 pm
- ldd_bozo
- New Member
- Registered: Nov 2006
- Posts: 1
Re: bf2142 stat query protocol
I had the same problem acouple of days ago.. I had to submit a trouble ticket to EA. The response was "I had queried the Stats server to many times with bad requests and my I.P. addy was auto-blocked by server" This was a true statement.. LOL.. I could not see my rank, awards, leaderboard... etc.. I had to unplug my cable overnite... When I turned it back on... WAALAAAA new I.P and access to stats again.. It had nothing to do with pids or nicks... just bad auth codes.. And I can pull up your stats.... Get New I.P. and your fixed..
Last edited by ldd_bozo (06 Nov 2006 3:59 pm)
Offline
#92 06 Nov 2006 4:20 pm
- AmbassadorKosh
- Experienced Member
- From: Ukraine, Kiev
- Registered: Nov 2006
- Posts: 18
- Website
Re: bf2142 stat query protocol
can You post here server-answer?
_http://bf2142web.gamespy.com/getawardsinfo.aspx?auth=btdi9RkteGwJyjoc][8ufQ__
Offline
#93 06 Nov 2006 5:13 pm
- AmbassadorKosh
- Experienced Member
- From: Ukraine, Kiev
- Registered: Nov 2006
- Posts: 18
- Website
Re: bf2142 stat query protocol
ok...
I collected almost all of possible formats of queries
from a client
$auth alike "bujSJGnGoVeLfoRr2GnC1w__"
$pid alike "xxxxxxxx" where x = regEX("\d")
Code:
/getbackendinfo.aspx?auth=$auth
Code:
/getunlocksinfo.aspx?&auth=$auth
NOTE: if set pid=xxxxxxxx AND xxxxxxxx != pid in decoded($auth) server returns "Invalid Params"
Code:
/getawardsinfo.aspx?pid=$pid&$auth
NOTE: if set pid=xxxxxxxx server returns awardinfo for player for pid=xxxxxxxx, not for pid in decoded($auth)
Code:
/getplayerprogress.aspx?mode=point&scale=game&auth=$auth /getplayerprogress.aspx?mode=score&scale=game&auth=$auth /getplayerprogress.aspx?mode=ttp&scale=game&auth=$auth /getplayerprogress.aspx?mode=kills&scale=game&auth=$auth /getplayerprogress.aspx?mode=spm&scale=game&auth=$auth /getplayerprogress.aspx?mode=role&scale=game&auth=$auth /getplayerprogress.aspx?mode=flag&scale=game&auth=$auth /getplayerprogress.aspx?mode=waccu&scale=game&auth=$auth /getplayerprogress.aspx?mode=wl&scale=game&auth=$auth /getplayerprogress.aspx?mode=twsc&scale=game&auth=$auth /getplayerprogress.aspx?mode=sup&scale=game&auth=$auth
Code:
/getplayerinfo.aspx?auth=$auth&mode=base&pToken=6HfBWOH3fTfXBw7XwHqgR8wlSt[2Go9OIqqpRutiQJXI5qEOntSyeBxXtOm9Rbl6EY5RsFTjWiOCu1KyDDbRAg__ /getplayerinfo.aspx?auth=$auth&mode=ovr /getplayerinfo.aspx?auth=$auth&mode=ply /getplayerinfo.aspx?auth=$auth&mode=titan /getplayerinfo.aspx?auth=$auth&mode=wrk /getplayerinfo.aspx?auth=$auth&mode=com /getplayerinfo.aspx?auth=$auth&mode=wep /getplayerinfo.aspx?auth=$auth&mode=veh /getplayerinfo.aspx?auth=$auth&mode=map
NOTE: pToken used only where mode=base
some filters for getleaderboard:
Code:
/getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=0&ccFilter=UA /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=0&ccFilter=UA&dogTagFilter=1 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=0&dogTagFilter=1
Code:
/getleaderboard.aspx?auth=$auth&pos=1&after=17&type=overallscore /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=combatscore /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=risingstar /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=commanderscore /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=teamworkscore /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=efficiency /getleaderboard.aspx?auth=$auth&pos=1&after=16&type=supremecommander
list of weapons (not all 43, because some weapon_types can not put to death.):
Code:
/getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=0 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=1 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=2 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=3 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=4 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=5 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=6 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=7 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=8 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=9 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=10 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=11 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=12 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=13 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=14 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=15 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=16 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=17 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=18 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=19 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=20 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=21 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=22 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=23 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=24 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=25 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=26 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=weapon&id=27
list of vehicles (not all 14 too, but other reasons)
Code:
/getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=0 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=1 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=2 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=4 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=5 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=6 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=10 /getleaderboard.aspx?auth=$auth&pos=1&after=17&type=vehicle&id=11
player search by name
Code:
/playersearch.aspx?nick=fff&auth=$auth /playersearch.aspx?nick=%2aAmbassador%2a&auth=$auth /playersearch.aspx?nick=%2aAmbassador%2a&auth=$auth
NOTE: '%2a' => '*'
selectunlock.aspx
Code:
/selectunlock.aspx?uid=211&auth=$auth
Last edited by AmbassadorKosh (06 Nov 2006 10:36 pm)
Offline
#94 06 Nov 2006 6:49 pm
- AmbassadorKosh
- Experienced Member
- From: Ukraine, Kiev
- Registered: Nov 2006
- Posts: 18
- Website
Re: bf2142 stat query protocol
I develop privat ranking stats for bf2142
but I think my works will be useful here.
NOTE: for work I put on the web-server my scripts and added new record in to the file "hosts":
Code:
195.140.177.252 stella2.prod.gamespy.com
changed Tubar's "ea_support class" -> hxxp://stella2.prod.gamespy.com/sample.php
and my scripts for "stats-server emu":
hxxp://stella2.prod.gamespy.com/getawardsinfo.aspx - done
hxxp://stella2.prod.gamespy.com/getbackendinfo.aspx - done (both server/client)
hxxp://stella2.prod.gamespy.com/getleaderboard.aspx
hxxp://stella2.prod.gamespy.com/getplayerinfo.aspx
hxxp://stella2.prod.gamespy.com/getplayerprogress.aspx
hxxp://stella2.prod.gamespy.com/getunlocksinfo.aspx - done
hxxp://stella2.prod.gamespy.com/playersearch.aspx - done (included support '*')
hxxp://stella2.prod.gamespy.com/selectunlock.aspx
Last edited by AmbassadorKosh (06 Nov 2006 10:37 pm)
Offline
#95 07 Nov 2006 12:53 am
- JeKyll
- Member
- Registered: Nov 2006
- Posts: 7
Re: bf2142 stat query protocol
I can't get that file down, cause our proxyserver runs webwasher and that domain is blocked... can somebody post that file on another webspace or send it to me?Tubar :
Hi again, so here are class source-code and one example (same as on web) for coding and decoding auth key.
http://bf2142.bfstats.info/files/ea_support.zip
thanx guys
JeKyll
PS: n1 work to all crax
Offline
#96 07 Nov 2006 12:58 am
#97 07 Nov 2006 1:05 am
- JeKyll
- Member
- Registered: Nov 2006
- Posts: 7
Re: bf2142 stat query protocol
Thanks very much!MadHatter :
here you go: http://sanity-free.org/binary/ea_support.zip
Offline
#98 07 Nov 2006 1:10 am
- AmbassadorKosh
- Experienced Member
- From: Ukraine, Kiev
- Registered: Nov 2006
- Posts: 18
- Website
Re: bf2142 stat query protocol
anybody see official scripts:
snapshot.py
medals.py
medal_data.py
Offline
#99 07 Nov 2006 1:12 am
- JeKyll
- Member
- Registered: Nov 2006
- Posts: 7
Re: bf2142 stat query protocol
what i still don't understand:
does the auth-key change after every request?
i couldn't read it out all the posts, sry...
Last edited by JeKyll (07 Nov 2006 1:13 am)
Offline
#100 07 Nov 2006 1:19 am
Re: bf2142 stat query protocol
the auth key is based on a timestamp, so every time you generate the auth token, it will be different.
BobbyCZ's post shows exactly how to generate the auth token using Tubar's encryption library and your PID.
Offline