Diablo 2 hacking (packets, d2hackit etc.) guides
Packets Guide by EvilCheese
Packets Guide by After-Death
Diablo II Packet Lists & Info
Diablo II 1.10 Skills List
Battlenet Packetlist v1.11 Compilant
D2Hackit v2.00 API Reference
D2HackIt Modules |
Packet Guide by After-Death
Intro: What is a packet?
A packet is a 'piece' of data sent from your client (your instance of diablo2) to the battle.net server. The server then takes this packet, processes whatever actions are sent in the packet of data and often sends some packets back to you. The packets which come back to you are RECEIVED packets.
The key thing to understand here is that sent packets can cause things you may wish to exploit. Receiving packets yourself manually, using D2hackit like this for example..
.receive 9c 12 0a 56 98 .. .. ..
Does not represent anything happening at the server, and is known as a clientside effect. For example. If you sniff the received packet next time an item drops to the floor, and receive it again, you'll see an item drop to the floor. But it will not really be there.
How is a Packet Made Up?
All packets have an identifying first byte. Here are some examples:
17 0a 0f e5 48 - Drop item to ground
19 0a 0f e5 48 - Pick item up from inventory to cursor
60 - Switch Weapons
This first byte identifies the packet. A 17 packet will always try to drop an item to the ground. A packet with the first byte 19 will always try to pick the item up from your inventory to your cursor. Of course, this only works if the item is in your inventory, and if there is nothing on your cursor.
Packets are then made up of bytes, words, and doublewords (dwords for short.) Here is what they look like:
00 = one byte
00 00 = a word
00 00 00 00 = a dword (or 4 bytes!)
Lets look at the 33 packet as it is often seen to be the most confusing to an unskilled packeteer. This packet sells an item to an NPC.
Here is the format of the packet.
33[XX XX XX XX][YY YY YY YY][ZZ ZZ ZZ ZZ][aa aa aa aa]
The 33 packet contains the first byte 33, then 4 dwords as shown above.
The first dword, [XX XX XX XX] is the ID of the NPC we want to sell the item to. Next we have the item ID, [YY YY YY YY], the second dword. The third dword represents where we are selling an item from. ([ZZ ZZ ZZ ZZ]) The final dword is the value in gold that the item will sell for. In reality we dont need to calculate it as the server does it anyway. So enter any number, 01 01 01 01 is easy to type.
Now you have seen the structure of a packet, with its parts identified. All these packet structures can be seen in the d2hackers packet list:
url to be appeneded
That's great, but how do I find the values for these 'ID's ?!?!
The next section covers common packet questions, and common sniffing tasks.
The simplest way to find an item is using the 19 packet. Place an item in your inventory. Set your sniffer to display 19 packets.
If you are using snifferxp or snuff with d2hackit, type the following:
.snifferxp show s 19
.snuff show s 19
Now click on the item. Your sniffer will display a line like this:
19[XX XX XX XX]
XX XX XX XX is the ID of the item!
Say your sniffer showed this: 190abd2f7e - the item ID is 0abd2f7e We can test this in some other packets now. According to the packet list, the 17 packet to drop an item from cursor to the ground is like this: 17[DWORD Item ID]
So if we type the following, with the aforementioned item on our cursor, it should fall to the ground:
Try it !
There are a couple of important received packets. Not because they affect the server in any way, but they allow you to beat some GUI restrictions.
The most important one (before people truly understood all of the packets, and for convenience) is the oneside packet.
Receive this packet in trade and it will seem like you are not in the trade. You are, but the graphic for the trade window has gone! You can run around. But you wont be able to send certain packets, such as 13 and many packets will cause battle.net to drop you from the game. For example if you send the 17 packet to drop an item to the ground in trade, or go onesided and drop it manually by clicking, you will still be disconnected from the game for trying to dupe.
OK, now you know something. Lets try some old patched methods. You need d2hackit and snifferxp or snuff. Snuff is better and easier to use, so try with it.
This method is the old potmatrix dupe, try it in single player since it's patched in realms. Originally posted @ BH by Comi.
PotMatrix Dupe Example
Sells a belt item repeatedly without losing the item. Only worked for belt items, it was never possible to equip an item such as a ring to your belt and dupe it. Used to get lots of full rejuve potions, and to spawn gold for gambling.
Requires: 1 Person, D2Hackit + Modules(Snuff/Sniffer)
Can Dupe: Any belt item (scroll, potion)
Packets To Sniff: 13,19/24
1. Sniff the id (19 ZZ ZZ ZZ ZZ) of the item you want to dupe by lifting to cursor from inventory, or sniff the 24 ZZ ZZ ZZ ZZ packet by lifting item directly from belt.
2. Place the item in any belt slot.
3. Go into trade with an NPC, find the NPC's ID: (13 01 00 00 00 XX XX XX XX),
4. Send this packet:
33[XX XX XX XX][ZZ ZZ ZZ ZZ][02 00 00 00][01 00 00 00]
XX = Gheed ID
ZZ = Worn Item ID
5. The item will sell to the npc and will not leave your body.
6. Buy the item back(if you have enough money).
7. Repeat as many times as you want.
I'll make it a little clearer.
- use d2 in windowed mode
- first load snuff with ".load snuff"
- since you need to see packets 13 and 19/24 type ".snuff show s 13 19 24"
The rest you should figure out by yourself. If everything goes fine, the potion should be sold at npc and you should still have it in your belt buffer.
Diablo 2 Newsletter
Questions, ideas, problems, wishes?
Be informed whenever something new comes up
(or any important problems are fixed.).
You can unsubscribe from this newsletter at any time.
09 Mar 2009, 11:26
05 Aug 2007, 00:48
05 Aug 2007, 00:46