Network protocol (Worms Armageddon)
From Worms Knowledge Base
Contents
General
- Sizes and offsets are in bytes
- All offsets are from the start of the packet's data
- Word size = 2 bytes
- DWord size = 4 bytes
- Everything is LSB on the wire
Message header
Offset | Size | Value |
---|---|---|
00 | Byte | 1 for frontend messages, 2 for ingame (compression ?) |
01 | Byte | (??) |
02 | Word | Message size (max is 0x1414, if larger, the header(s) is(are) sent again) |
04 | Word | Command |
Length: 6
Packet Commands List
Hex | Dec | Description |
---|---|---|
0x00 | 00 | #Chat Message |
0x01 | 01 | ??????? |
0x02 | 02 | ??????? |
0x03 | 03 | ??????? |
0x04 | 04 | Login from client (completeme) |
0x05 | 05 | Another login from client (completeme) |
0x06 | 06 | Client sends password (completeme) |
0x07 | 07 | Password Required (no data) |
0x08 | 08 | Sucessfully joined (or password ok) need to figure out what the data means (version of the host ??) |
0x09 | 09 | Wrong password (no data) |
0x0A | 10 | Error joining (nickname already used, or missing, or flag missing/incorrect) < need to figure out exact symptoms |
0x0B | 11 | #Player list |
0x0D | 13 | #Custom Scheme data |
0x0E | 14 | ?????? |
0x0F | 15 | #Ready signal |
0x10 | 16 | #Remove Team |
0x11 | 17 | #Changing Scheme data Round Time |
0x12 | 18 | #Changing Scheme data Turn Time |
0x13 | 19 | #Changing Scheme data Victories needed |
0x14 | 20 | #Changing Scheme data Worm Selection |
0x15 | 21 | #Changing Scheme data Worms HP |
0x16 | 22 | #Change Team |
0x17 | 23 | #Change Team |
0x18 | 24 | #Change Team |
0x19 | 25 | ????????? |
0x1A | 26 | #Add Team |
0x1B | 27 | You have been Kicked (no data) |
0x1C | 28 | #Starting Game |
0x1D | 29 | #Changing Scheme data Worm Placment |
0x1E | 30 | ????????? |
0x1F | 31 | #Default Scheme data |
0x20 | 32 | Default Maps (like ArtClass) just a String with the map name, 40 bytes long |
0x22 | 34 | This packet is sent from server when version = 0, very weird. |
0x23 | 35 | The client sends this after the 0x22 , can't get it to work. |
0x27 | 39 | Gameid incorrect (or no more place ?) |
0x2B | 43 | #Map |
Chat Message
Command: | 0x0000 |
---|---|
Direction: | Both |
Size: | Variable |
Just a String, 00 Terminated.
Type:FromNick:ToNick:Text
Differents Types
Normal Message : GLB
Private Message : PRV
System Message : SYS
Notes :
- ToNick is often set to "ALL" to be sent to everyone (doesn't work for whispers)
- When X types /me Text, it sends this : SYS:X:ALL:X Text
- For systems messages, FromNick can be null, since it's not shown
Join
Joining consists of several steps:
Step 1
Command: | 0x0004 |
---|---|
Direction: | From client |
Size: | 128 |
- Nick at 06, null terminated, ends (last place the null could be) at 22.
- Gameid (ascii) at 23, null string for IP games.
- Version at 64, composed of 30 24 F4 (hex)
NB : these 3 parameters are sufficient to enter a game. Everything else can be 0 and it's ok. Figure out what follows.
Step 2
Command: | 0x0008 |
---|---|
Direction: | To client |
Size: | 6 |
Acknowledgement. Empty message. Figure out error messages. (different commands?)
Step 3
Command: | 0x0005 |
---|---|
Direction: | From client |
Size: | 114 |
- Nick at 06, null terminated.
- Flag (+1) at 72 (if 13 is France, then to put French flag, you have to put 13+1 = 0x0E)
Figure out what follows.
Step 4
Server sends:
- Player list, see below.
- Team list (when not empty), see below.
- Map data, see below. (Map is not sent when we rejoin?)
- A message with command 0x001f? What is it?
Figure out how the scheme is sent here when it's not the default Intermediate
Player list
Command: | 0x000b |
---|---|
Direction: | To client |
Size: | 1176 |
This looks like it's sending a raw array of player structures. Each player structure is 120 bytes in size.
Names are limited to 17 characters, and are padded with 0 bytes. (If a name is exactly 17 characters, there will NOT be a null-terminator) Figure out what the rest is.
Considering there can be 7 players, the total length should be 840 bytes. Array starts at 06, 08 or 0b?
Depending, that leaves 330, 328 or 324 trailing bytes. Figure out what follows (or what is before the array).
Team list
Command: | 0x000c |
---|---|
Direction: | To client |
Size: | ?? |
TODO
Custom Scheme data
Command: | 0x000d (13dec) |
---|---|
Direction: | To client |
Size: | 308 |
I saw two messages for a single scheme change? Word at 06 is 0x0000 for the first, 0x0007 for the second. Otherwise identical.
DWord at 08 is always 0xffffffff? Byte at 0xd always 0x00?
(Atleast for version 1 scheme:) Scheme starts at 0e. No SCHM header. No version number? 79 bytes after, probably 76 extra for scheme version 2. Remaining 3 are 0x0046ec?
//edit by Robi//
Updating the Scheme :
53 63 FF FF FF FF 00 [ .WSC file starting at offset 5 ] FF FF FF
Still not sure about the weird FFs and 5363 ... any help ?
The size seems to be always 308, so it is always v2 Scheme, if you put a v1 scheme, it is convertised to v2 (padded with 0's) That's why the version isn't in the packet.
The packet is sent twice because we often double click to set a scheme, where one click is enough to send the scheme once.
//end of edit//
Default Scheme data
Command: | 0x001f (31dec) |
---|---|
Direction: | To client |
Size: | 12 |
Offset | Size | Value |
---|---|---|
00 | Word | (??) |
02 | DWord | An identifier for the scheme. |
Identifier | Scheme |
---|---|
1 | Beginner |
2 | Intermediate |
3 | Pro |
6 | Artillery |
7 | Classic |
8 | Armageddon |
9 | The Darkside |
11 | Retro |
13 | Strategic |
14 | Sudden Sinking |
15 | Tournament |
16 | Blast Zone |
17 | The Full Wormage |
If you put 0 as Scheme Identifier, it will crash the game. Any other number that doesn't appear in the list will put Intermediate.
Changing Scheme data
Command: | Depends |
---|---|
Direction: | To client |
Size: | 12 |
Offset | Size | Value |
---|---|---|
00 | Word | Always 0x3E (62dec) ? |
02 | DWord | Value |
Command | Description |
---|---|
0x11 (17dec) | Round Time (Positive = Minutes, Negative = Seconds) |
0x12 (18dec) | Turn Time (FFFFFFFF = Infinite) |
0x13 (19dec) | Victories needed |
0x14 (20dec) | Worm Selection (0 = Disabled ; 1 = Enabled) |
0x15 (21dec) | Worms HP |
0x1D (29dec) | Worm Placment (0 = Disabled ; 1 = Enabled) |
Ready signal
Command: | 0x000f |
---|---|
Direction: | Both ways |
Size: | 16 |
Word at 06 always 0x736e?
DWord at 08 is on/off? DWord at 0b is player number?
Starting Game
Command: | 0x001c |
---|---|
Direction: | To client |
Size: | 20 |
Assembly that constructs this packet : File:Http://img521.imageshack.us/img521/3048/reverse01zd7.png
Offset | Size | Value |
---|---|---|
06 | Word | Unknown for instance |
08 | DWord | HKEY_CURRENT_USER\Software\Team17SoftwareLTD\WormsArmageddon\Data\LogicSeed |
0C | DWord | "GSAW" |
10 | DWord | Version of the Game (4C for the normal 3.6.28.0) |
Map
Command: | 0x002b |
---|---|
Direction: | To client |
Size: | 64 |
Offset | Size | Value |
---|---|---|
06 | Byte | (??) |
07 | Byte | Always 01 ? |
08 | DWord | File Lenght |
0C | DWord | Data Offset |
10 | DWord | Data Lenght |
14 | Data Lenght | Data |
Note : A DWord is put at the beginning of the File to tell what type of Map is sent.
1 = .BIT Monochrome map (.bit, .lev)
2 = .LEV Monochrome map (.bit, .lev)
3 = .PNG Colour map
Exemple of a multi-packeted BIT-file (135434(0x34DE)bytes file):
<01 48 1414 2B00> <A2 01 [E2 34 00 00] [00 00 00 00] [00 14 00 00]> [ 01 00 00 00 { .BIT file DATA } ]
<01 48 1414 2B00> <A2 01 [E2 34 00 00] [00 14 00 00] [00 14 00 00]> [ { .BIT file DATA } ]
<01 9C F60C 2B00> <A5 01 [E2 34 00 00] [00 28 00 00] [E2 0C 00 00]> [ { .BIT file DATA } ]