I'm writing a small application to track some additional statistics not provided within Starcraft 2 (e.g. current daily point increase/decrease, distribution of matches such as those won in the first 5 minutes, etc…). The problem is that there is some information that isn't available on the battle.net webpage. Ideally, I'd parse all of the information directly from this website, but things like length the game ran and opponents aren't provided on the web version.
So, I've been looking into capturing packets on a client machine to see if there is a way I can extract this data as a user is playing sc2. I'm not entirely sure this is going to work, because as I've seen thus far, the packets are either encrypted, or simply not readable.
I just wanted to see if others had thoughts on how I might go about this. Also, the software is going to be GPL licensed, so if you're interested in helping out, let me know.
~Scott
Best Answer
I also agree this is a poor approach, but since you piqued my curiosity, I went and installed wireshark.
Here is an average SC2 packet:
I remember that the original Starcraft had the option of using the IPX protocol as an alternative to TCP, so I guess I shouldn't be surprised that they rolled their own protocal for Starcraft 2. What's more the average packet size in my sample was 60bytes, which with overhead means you're getting 24 bytes of data. Without a good insight in to how they do sequencing, any sort of parallel data being transmitted on that connection is going to be hard to reassemble.
At this point they don't even need encryption, their chopping scheme for transmitting smaller packets will act as obfuscation.
Since efficient network transfer of data is a bit of a hobby of mine, I decided to dig deeper.
I take back my original assessment, you can definitely identify the sequence pretty easily. What's more It looks like you can break apart the messages fairly easily. The concern then becomes extracting information from the 4-8 Bytes of data in the messages.
So let's look at that data.
Fascinating. Apparently SC2 is transmitting the same codes you find in a replay over the BattleNet. So breaking apart a replay is the same as using a packet capture. Your only real decision should then become: Do you need the data in real time? If you don't then using replays will be easier than disassembling the data from tshark.