天道酬勤

博观而约取,厚积而薄发!
  博客园  :: 首页  :: 新随笔  :: 联系 :: 订阅 订阅  :: 管理

大家好啊,又跟大家见面了,自从我发了3篇关于编写IM的文章后,反响很大,最近又在忙一些我自己的项目,还有家里的事情,

所以没来得及更新自己的BLOG,望大家见谅,这不,抽出时间,在大半夜为大家拉开中级篇的精彩帷幕。

 

      切入正题,记得上次我们将基础篇的时候我讲到了一个基于XML的网络协议,那个时候很多同仁开始纷纷讨论其利弊点,

呵呵 但是我要说的是,那毕竟是基础篇,那么好了,我今天来代价进入网络通讯的新境界 -- [字节数组]

 

说起字节数组,也许大家并不陌生? 什么? 没用过? 字节数组在C#中声明如下 //byte[]

呵呵 看起来眼熟了吧?字节数组不光光作用在IM通讯上,那么介绍具体用法之前,还是来说说 字节数组与 XML协议字符串协议的优缺点。

 

字符串协议容易拼接,容易拆分,但是有一个最大的弊端,那就是很容易产生数据错误,平常大家也许看不出来,但是重要关头也许就明白了,

我来举个例子, 比如:

//String name = "Kevin " + " Jee";

这句话肯定没问题,就算执行1万次也是这个结果,但是如果你把一个文件读出来,然后都转换成字符串,再转换成字节数组,那就不同了

他们之间会产生微妙的变化,这些变化会导致你拼接数据时候的严重错误。

 

呵呵,至于错误的产生,那是转换数据类型的问题了,有兴趣的朋友可以研究下……

现在呢,我来举个比较常见,也是很多人举出的问题,我们来分块在网络中传送一个大文件。

情况如下:

使用协议: UDP , 文件大小: 2M(别跟我说你一次就发过去)

那么好,我们来分块,首先把文件读入到MemoryStream中,然后按照固定大小每次读取,打入标示

由于上次我们使用的是XML自定义字符串协议,那么我们就要进行数据的必要类型转换还有拼接:

主要呢,就是将本次读出的byte[]转换成String然后呢,加上标示,再转换成byte[]然后发送,大家注意到我标示蓝色字的部分

这里用了类型转换,这就是问题!!!! 因为转换的时候 没准儿会因为编码的不同而转换错误,这就给我们后面的拼接工作,带来了致命的错误。

那么正确的应该怎么办呢?

呵呵 这里就比较麻烦了:

首先让我说个前置知识:大家都知道C# 中的int类型吧? 恩,对,是整形,那么都知道整形占4位吧?

恩,都知道啊,哈哈 很好,那你们知道如何吧一个不超出整形范围的数值转换成一个4位的字节数组吗?

  

比如 我要你把 104000 转换成 4位的字节数组, 你会转换吗?

  

呵呵 什么? 不会?

  

我这里给出前置知识的解决方法,请您记住:BitConverter.GetByte(Number : int) [重载方法很多的 呵呵];

  

  

好了,我们开始,如何用字节数组通信呢?

我们首先来定义下字节数组的通讯协议:

具体如下:

新通讯协议:  

 

BMSG(4) + 协议簇(4)+ 命令(4) + 空白(2) + 头大小(4) + 头(头大小) + 空白(2) + 会话长度(4 - [16/32]) +

会话ID(16) + 空白(2) + 服务器标示(4) + 协议包说明长度(x) + 协议包说明(x) + 空白(2) + 加密标示(4) + 回馈标示(4) + 结尾(1)

 

 

呵呵 我来解释下,括号中的数字,就是占位的多少,如果括号中的是x 则表示根据当前需求的数据得到长度。 很明确吧?

这个协议是定下来的,其中经常变化的地方只有2个地方。

头大小(4) + 头(头大小)

嗬嗬嗬嗬,这就够了,让我来说明下,要传送文件不是要读取分块信息吗?然后打入标示?

打入完标示后的数据(byte[])这里就叫做了头,

而头大小呢? 自然就是这个字节数组的大小了,

至于整个协议的产生,也没必要每次都自己写,我这里给出我的ProtocolFactory的第二个版本~

  

 

Code
 /// <summary>
        
///     创建协议
        
/// </summary>
        
/// <param name="TYPE" type="string">
        
///     <para>
        
///         类别
        
///     </para>
        
/// </param>
        
/// <param name="COMMAND" type="string">
        
///     <para>
        
///         命令类型
        
///     </para>
        
/// </param>
        
/// <param name="PROTOCOL" type="string">
        
///     <para>
        
///         命令协议簇
        
///     </para>
        
/// </param>
        
/// <param name="PackageBody" type="string">
        
///     <para>
        
///         主体数据
        
///     </para>
        
/// </param>
        
/// <param name="ack" type="ProtocolFactory.ProtocolFactory.ACK">
        
///     <para>
        
///         回馈标示
        
///     </para>
        
/// </param>
        
/// <param name="encrypt" type="ProtocolFactory.ProtocolFactory.ENCRYPT">
        
///     <para>
        
///         加密标示
        
///     </para>
        
/// </param>
       
/// <param name="DIC_USERINFO">
        
///     <para>
        
///         自身基础会话码
        
///     </para> 
       
/// </param>
        
/// <returns>
        
///     返回完整协议
        
/// </returns>
        public static byte[] GetProtocol(String TYPE, int COMMAND, int PROTOCOL,
byte[] PackageBody, ACK ack, ENCRYPT encrypt, String SessionCode)
        {
            
byte[] f1 = Encoding.Default.GetBytes("BMSG");
            
byte[] f2 = BitConverter.GetBytes(PROTOCOL);
            
byte[] f3 = BitConverter.GetBytes(COMMAND);
            
byte[] f4 = new byte[2];
            
byte[] f5 = BitConverter.GetBytes(PackageBody.Length);
            
byte[] f6 = PackageBody;
            
byte[] f7 = new byte[2];
            
byte[] f8 = SessionCode == "" ? BitConverter.GetBytes(16) :
              BitConverter.GetBytes(SessionCode.Length);
            
byte[] f9 = SessionCode == "" ? Encoding.Default.GetBytes
(
"0000000000000000") : Encoding.Default.GetBytes(SessionCode);
            
byte[] f10 = new byte[2];
            
byte[] f11 = BitConverter.GetBytes(0);
            
byte[] f12 = BitConverter.GetBytes(Encoding.Default.GetBytes(TYPE).Length);
            
byte[] f13 = Encoding.Default.GetBytes(TYPE);
            
byte[] f14 = new byte[2];
            
byte[] f15 = BitConverter.GetBytes((int)encrypt);
            
byte[] f16 = BitConverter.GetBytes((int)ack);
            
byte[] f17 = Encoding.Default.GetBytes("");

            
byte[] Total = new byte[f1.Length + f2.Length + f3.Length + f4.Length +
 f5.Length
+ f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length + f13.Length + f14.Length +
f15.Length 
+ f16.Length + f17.Length];
            Array.Copy(f1, 
0, Total, 0, f1.Length);
            Array.Copy(f2, 
0, Total, f1.Length, f2.Length);
            Array.Copy(f3, 
0, Total, f1.Length + f2.Length, f3.Length);
            Array.Copy(f4, 
0, Total, f1.Length + f2.Length + f3.Length, f4.Length);
            Array.Copy(f5, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length,
f5.Length);
            Array.Copy(f6, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length, f6.Length);
            Array.Copy(f7, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
+ f5.Length + f6.Length, f7.Length);
            Array.Copy(f8, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length, f8.Length);
            Array.Copy(f9, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length, f9.Length);
            Array.Copy(f10, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length, f10.Length);
            Array.Copy(f11, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length, f11.Length);
            Array.Copy(f12, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length, f12.Length);
            Array.Copy(f13, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length, f13.Length);
            Array.Copy(f14, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length + f13.Length, f14.Length);
            Array.Copy(f15, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length + f13.Length + f14.Length,
 f15.Length);
            Array.Copy(f16, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
 
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length + f13.Length + f14.Length
 
+ f15.Length, f16.Length);
            Array.Copy(f17, 
0, Total, f1.Length + f2.Length + f3.Length + f4.Length
+ f5.Length + f6.Length + f7.Length + f8.Length + f9.Length
             
+ f10.Length + f11.Length + f12.Length + f13.Length + f14.Length
 
+ f15.Length + f16.Length, f17.Length);

            
return Total;
        }

 

呵呵,有兴趣的朋友,可以看下……

好了,到这里 ,也许您有点开窍了吧?呵呵,知识吗,就要慢慢的领悟,这才有意思。

  

用我的这个命令工厂产生出来的完整byte[]可以再用TEA加密算法加密,那就更好了,哈哈

好了,在本次文章的最后,我来献上最有收藏价值的 Yahoo Messager Protocol(早期版本,按字节分析文档)

  

   文章如下:

 

Yahoo Messenger Protocol

(UNOFFICIAL DOCUMENTATION)

  

 DISCLAIMER

*************************************************************************************************

The following document is just my interpretation of the yahoo protocol.it is based on a lot of assumptions all of which might not be right. The new yahoo protocol is really right up there when it comes to security unlike the previous versions .Also i do not expect people to stop using the original yahoo messenger and use a simple clone which just about sends and receives messages.Yahoo has added a whole range of features to it's messenger like IM Environments,voice chat and webcam support which are pretty cool and pretty tough to replicate(maybe i'llgive it a shot when i got loads of free time!!!).And finally i expect people who might use this protocol info to not harm anybody by making booters and bombers,that's really an awful waste of technology besides serving no purpose. And last but not the least ,thank yahoo for providing a nice tool for instant communication

*************************************************************************************************

The basic purpose of writing this document is that people should know what's actually happening when they use the yahoo messenger and help them in making their own client.There is hardly any if not any documentation available on the internet concerning the YMSG ptotocol .


The first step involved in any messenger application is logging into the messenger server and then retrieving the friends list..The yahoo messenger connects to the yahoo server(cs.yahoo.com) on port 5050.Let us first look at logging into the yahoo server

We will connect to the yahoo messenger server scs.yahoo.com on port 5050

As always the most difficult part to figure out in any messenger protocol is the login encryption.

Now let us start logging into the yahoo messenger server .We send the following data to the messenger server to start the login process

This is the data sent when viewed through a port monitor

 

代码
0x0000 00 20 18 8F C8 16 00 50-BA 89 95 6B 08 00 45 00 .
.È..Pº‰•k..E.
0x0010 00 4A F7 6A 40 00 80 06-BA 99 C0 A8 01
C1 D8
88 .J÷j@.€.º™À¨.Á؈0x0020 AD B7 07 0D 13 BA 7F
DC
-96 ED DA E7 49 68 50 18 ­·...ºÜ–íÚçIhP.0x0030 44 5C F8 02
00 00 59 4D-53 47 00 0B 00 00 00 0E D\ø...YMSG......0x0040
00 57 00 00 00 00 6D 61-93 13 31 C0 80 73 75 6E
.W....ma“.1À€sun0x0050
64 61 6D 61 6D 61 C0
80- damama


 

 

Let us look at what exactly is being sent

  • YMSG- is the yahoo standard header for all messenger command/messages
  • This is followed by 2 bytes of data - 00 0B. -this indicates the version number of the protocol
  • This is followed by 2 bytes of data -  00 00 
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)                
  • The next bytes  of data is 00
  • This is followed by the charecter "W" this signifies that the command being sent is a challenge command
  • Next is a 4 byte are  -00 00 00 00 
  • The next 4 bytes is what i call the initial 4 bytes bluff identifier. These 4 bytes identify a particular user and it  changes every time you log in. Initially you  could send any four bytes including 00 00 00 00 and you would still be able to log in .
  • This is followed by one byte of data signifying that the data being sent is for logging into the server .This byte has an ASCII equivalent of  "0"
  • This is followed by 1 byte of data - 31 whose ascii equivalent is "1"
  • This is followed by 2 bytes of data which is the standard argument separator.- C0 80
  • Finally this is followed by the yahoo user id and the standard argument separator.
  • The server in response sends a challenge string to verify the password.The response of the server looks like this

This is the data received  when viewed through a port monitor

 

代码
0x0000 00 50 BA 89 95 6B 00 20-18 8F C8 16 08 00 45 00
.Pº‰•k. .È...E.
0x0010 00 9C 13 BC 40 00 2F 06-EE F6 D8 88
AD B7 C0 A8 .œ.¼@.
/.îö؈­·À¨0x0020 01 C1 13 BA 07 0D DA
E7
-49 68 7F DC 97 0F 50 18 .Á.º..ÚçIhÜ—.P.0x0030 FF FF 3E
30 00 00 59 4D-53 47 00 00 00 00 00 60
ÿÿ
>0..YMSG.....`0x0040 00 57 00 00 00 01 6D 67-EE 27 31 C0
80 73 75 6E .W....mgî'1À€sun0x0050 64 61 6D 61 6D 61 C0
80-39 34 C0 80 67 7C 69 2F damama94g|i/0x0060 70 5E
68 26 7A 2D 64 2B-32 25 76 25 78 26 6A 7C p^h&z-
d
+2%v%x&j|0x0070 65 2B 28 6D 5E 6B 2D 69-25 68 2A 28 73
2B
38 25 e+(m^k-i%h*(s+8%0x0080 61 2F 75 2F 78 2A 28
62-2D 34 2A 69 25 68 5E 67 a/u/x*(b-4*i%h^g0x0090 5E 6A
7C 6D 5E 6E 2D
72-2A 66 2B 70 2B 6A 29 29 ^j|m^n-
r
*f+p+j))0x00A0 29 C0 80 31 33 C0 80 31-C0 80
)À€13À€1À€


 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 1 byte of data - 00 00. -this indicates that the data has been sent by the server
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • This is followed by the charecter "W" this signifies that the command being sent is a challenge command
  • Next is a 4 byte are  -00 00 00 01 
  • The next 4 bytes are the most important part of this response these 4 bytes also signify the session id .All future messages/command being sent to the server require this session id
  • This is followed by 1 byte of data - 31 whose ascii equivalent is "1"
  • This is followed by 2 bytes of data which is the standard argument separator.- C0 80
  • This is followed by the yahoo user id and the standard argument separator.
  • Next are two bytes having ascii equivalent "9" and "4", "94" signifies that what follows is a 24 charecter challenge string
  • Finally the challenge string followed by the standard argument seperator
  • This is followed by 2 bytes of data - 31 and 33 whose ascii equivalent is "1" & 3"
  • This is followed by 2 bytes of data which is the standard argument separator.- C0 80

  

After this has been done it's time to actually log in as invisible and then become online and be able to send and receive messages. This is what is sent

  

This would log you in invisible mode.

  

  

This is the data being sent  when viewed through a port monitor

  

代码
0x0000 00 20 18 8F C8 16 00 50-BA 89 95 6B 08 00 45 00 .
.È..Pº‰•k..E.
0x0010 01 F2 F7 6B 40 00 80 06-B8 F0 C0 A8
01 C1 D8 88 .ò÷k@.€.¸ðÀ¨.Á؈0x0020 AD B7 07 0D 13 BA
7F DC
-97 0F DA E7 49 DC 50 18 ­·...ºÜ—.ÚçIÜP.0x0030 43
E8
76 10 00 00 59 4D-53 47 00 0B 00 00 01 B6
Cèv...YMSG.....¶
0x0040 00 54 5A 55 AA 55 6D 61-93 13 36
C0
80 58 3D 37 .TZUªUma“.6À€X=70x0050 65 2C 48 3D 6A
65 2C 48-3D 6A 37 3B 6D 3D 43 6A e,H=je,H=j7;
m
=Cj0x0060 2C 48 3D 43 63 2C 45 3D-33 33 3B 51 3D 6D 6C
3B ,H
=Cc,E=33;Q=ml;0x0070 48 3D 33 37 3B 46 3D 67-67
3B
77 3D 46 35 3B C0 H=37;F=gg;w=F5;À0x0080 80 39 36
C0
80 4E 3D 61-68 2C 6D 3D 46 31 2C 6D
€96À€N
=ah,m=F1,m0x0090 3D 33 41 2C 51 3D 41 32-3B 54
3D
41 6C 2C 5A 3D =3A,Q=A2;T=Al,Z=0x00A0 45 70 2C 68
3D
68 65 2C-53 3D 30 6F 3B 72 3D 31 Ep,h=he,S=0o;
r
=10x00B0 42 2C 43 3D 68 32 3B C0-80 30 C0 80 73 75 6E
64 B,C=h2;À€0À€sund0x00C0 61 6D 61 6D 61 C0 80 32-C0
80 31 C0 80 31 C0 80 amama2110x00D0 73 75 6E
64 61 6D 61 6D-61 C0 80 39 38 C0 80 69 sundamama


 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 2 bytes of data - 00 0B. -this indicates the version number of the protocol
  • This is followed by 2 bytes of data -  00 00
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • This is followed by the charecter "T" this signifies that the command being sent is a login command
  • Next is a 4 byte are  -5A 55 AA 55  
  • The next 4 bytes are the session identifier
  • Next byte has an ascii equivalent of "6"
  • This is followed by the standard argument separator.
  • This is followed by first of the 2 ,50 charcter string authentication response
  • This is followed by the standard argument separator.
  • Next 2 bytes have an ascii equivalent of "9" & "6"
  • Next is the 2nd 50 charecter authentication response
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "0"
  • This is followed by the standard argument separator.
  • Finally followed by the yahoo user id(name) and the standard argument separator.
  • Next byte has an ascii equivalent of "2"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "1"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "1"
  • This is followed by the standard argument separator.
  • Finally followed by the yahoo user id(name) and the standard argument separator. Much more data is passed alon with this, but since a lot of those data has to do with earlier sessions we shall not consider them.The yahoo servers would process our request regardless of this.
  • On succesfully sending this the yahoo server sends us the friend's list and other details like cookie and stuff

 

代码
0x0000 00 50 BA 89 95 6B 00 20-18 8F C8 16 08 00 45 00
.Pº‰•k. .È...E.
0x0010 03 1C 17 FA 40 00 2F 06-E8 38 D8
88 AD B7 C0 A8 ...ú@./.è8؈­·À¨0x0020 01 C1 13 BA 07 0D
DA E7
-49 DC 7F DC 98 D9 50 18 .Á.º..ÚçIÜܘÙP.0x0030 FF
FF 6A
19 00 00 59 4D-53 47 00 00 00 00 02 E0
ÿÿj...YMSG.....à0x0040
00 55 00 00 00 00 6D 67-EE 27 38 37
C0
80 46 72 .U....mgî'87À€Fr0x0050 69 65 6E 64 73 3A 62
6D-61 6E 69 75 73 2C 6B 5F iends:bmanius,k_0x0060 76 5F
70 72 61 62 68 75-2C 70 75 6E 73 61 5F 32
v_prabhu,punsa_20x0070
30 30 30 2C 74 65 73 74-34 79 64
65 6D 6F 0A 6A 000,test4ydemo.j0x0080 61 62 62 65 72 5F
79 74-3A 6B 5F 76 5F 70 72 61 abber_yt:k_v_pra0x0090 62
68 75 2C 73 75 64 69-62 6F 79 2C 74 65 73 74
bhu,sudiboy,test0x00A0
34 79 64 65 6D 6F 2C 76-65 6E 6B
79 5F 64 75 64 4ydemo,venky_dud0x00B0 65 0A 74 65 73
74 31 3A-64 65 65 70 61 6B 37 38 e.test1:deepak780x00C0
2C
73 75 64 69 62 6F 79-0A 74 65 73 74 34 3A 6B
,sudiboy.test4:k0x00D0 5F
76 5F 70 72 61 62 68-75 0A 74 65
73 74 35 3A _v_prabhu.test5:0x00E0 6B 5F 76 5F 70 72 61
62-68 75 0A 76 65 6E 6B 79 k_v_prabhu.venky0x00F0 5F 64
75 64 65 3A 76 65-6E 6B 79 5F 64 75 64 65
_dude:venky_dude0x0100 0A C0
80 38 38 C0 80 C0-80 38 39
C0
80 73 75 6E .8889sun0x0110 64 61 6D 61 6D
61 C0 80-35 39 C0 80 59 09 76 3D
damama59Y.v
=0x0120 31 26 6E 3D 44 65 6F 75-43 65
71 73 62 71 67 31 1&n=fxxxxxqsbqg10x0130 32 26 6C 3D
44 6B 64 33-20 63 30 63 30 2F 6F 26 2&l=ixxxxx0c0/o&
0x0140 70 3D 6D 31 61 30 61 76-32 30 31 33 30 30 30 30
p
=m1a0av201300000x0150 30 30 26 72 3D 37 6C 26-6C 67
3D
75 73 26 69 6E 00&r=7l&lg=us&in0x0160 74 6C 3D 75 73
3B
20 65-78 70 69 72 65 73 3D 54 tl=us; expires=T0x0170
68 75 2C 20 31 35 20 41-70 72 20 32 30 31 30 20 hu, 15 Apr
2010 0x0180 32 30 3A 30 30 3A 30 30-20 47 4D 54 3B 20 70
61 20:00:00 GMT; pa0x0190 74 68 3D 2F 3B 20 64 6F-6D
61 69 6E 3D 2E 79 61 th=/; domain=.ya0x01A0 68 6F 6F 2E
63 6F 6D C0-80 35 39 C0 80 54 09 7A
hoo.com59T.z0x01B0 3D
45 59 23 63 2F 47 52-65 52 64
97 41 46 41 47 =jY8c/xxxxx/AFAG0x01C0 55 2F 73 4A 52 57
30 79-4E 6A 51 78 42 6B 34 79 U/sJRWxxxxxxBk4y0x01D0
54 7A 56 4F 4E 54 59 78-4E 41 2D 2D 26 61 3D 51
TzVONTYxNA
--&a=Q0x01E0 41 45 26 73 6B 3D 44 41-41 6A
51 36 2F 58 67 6D AE&sk=DAAjQ6/Xgm0x01F0 31 75 4B 4A
26 64 3D 63-32 77 42 54 56 52 4E 4D
1uKJ
&d=c2wBTVRNM0x0200 6B 46 55 61 7A 46 50 52-45 6B
31 54 57 70 46 4D kFUazFPREk1TWpFM0x0210 6B 31 33 54
53 30 55 59-47 46 52 51 55 55 42 64
k13LxxxxxxRQUUBd0x0220
47 6C 77 41 55 78 49 53-54 5A
56 51 67 46 36 65 GlwAUxISTZVQgF6e0x0230 67 46 71 57
54 68 6A 4C-30 46 6E 56 30 45 2D 3B
gFqWThjL0FnV0E
-;0x0240 20 65 78 70 69 72 65 73-3D 54 68
75 2C 20 31 35 expires=Thu, 150x0250 20 41 70 72 20 32
30 31-30 20 32 30 3A 30 30 3A Apr 2010 20:00:0x0260 30
30 20 47 4D 54 3B 20-70 61 74 68 3D 2F 3B 20 00 GMT;
path
=/; 0x0270 64 6F 6D 61 69 6E 3D 2E-79 61 68 6F 6F 2E
63 6F domain=.yahoo.co0x0280 6D C0 80 35 39 C0 80
43-09 6D 67 3D 31 C0 80 31 m59C.mg=110x0290 35
33 C0 80 31 C0 80 39-30 C0 80 31 C0 80 33 C0
53À€1À€90À€1À€3À0x02A0
80 73 75 6E 64 61 6D 61-6D 61 C0
80 31 30 30 C0 €sundamamaÀ€The cookie can be grabbed
from
this data which is received by us and can be used
forvarious yahoo http functions.After
this we change our status
as being online and availableThis is what we sendYMSG .w
U
~*When viewed through a port monitor this is what shows
up0000:
20 53 52 43 00 00 44 45 53 54 00 00 08 00 45 00
SRC..DEST....E.
0010: 00 3C CF 04 40 00 80 06 BA 25 CB 5E EA
D9 D8
88 .<..@....%.^....0020: E2 D0 04 8B 00 50 00 71 FE 1B

82 BE 3D 8B 50 18 .....P.q....=.P.0030: 21 80 A3 50 00 00 59
4D
53 47 00 0B 00 00 00 00 !..P..YMSG......0040: 00 04 00 00
00 0C 00 00 00 00 ..........




 

 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 2 bytes of data - 00 0B. -this indicates the version number of the protocol
  • This is followed by 2 bytes of data -  00 00  
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • The next bytes  of data is 04 - this signifies the user is changing his status to being available
  • Next is a 4 byte are  -00 00 00 0C
  • Final 4 bytes are  -00 00 00 00  

On sending this the server responds by sending us the details of any fried who is online at that moment

  • .
Sending a MessageTo send a message the following data is sent to the serverYMSG     
D .ZUªV~*—1À€sunxxxxxÀ€5À€venkxxxxeÀ€14À€hiÀ€97À€0À€63À€;0À€64À€0À€1002À€1À€When viewed through a port monitor

 

代码
0000: 20 53 52 43 00 00 44 45 53 54 00 00 08 00 45 00
SRC..DEST....E.
0010: 00 80 F7 04 40 00 80 06 91 E1 CB 5E EA
D9 D8
88 ....@......^....0020: E2 D0 04 8B 00 50 00 71 FE 2F 82
BE 3F EA
50 18 .....P.q./..?.P.0030: 21 80 54 8F 00 00 59 4D 53
47 00 0B 00 00 00 44 !.T...YMSG.....D0040: 00 06 5A 55 AA 56 7E
2A 0A
97 31 C0 80 73 75 6E ..ZU.V.*..1..sun0050: 64 xx xx 61
xx xx C0
80 35 C0 80 76 65 6E 6B 79 dxxxx..5..venky0060: xx
xx xx
64 65 C0 80 31 34 C0 80 68 69 C0 80 39
xxxxe..
14..hi..90070: 37 C0 80 30 C0 80 36 33 C0 80 3B 30 C0
80 36 34 7..0..63..;0..640080: C0 80 30 C0 80 31 30 30 32 C0
80 31 C0 80 ..0..1002..1.. Let us look at what is being sent


 

 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 2 byte of data - 00 0B. -this indicates the version number of the protocol
  • This is followed by 2 bytes of data -  00 00  
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • The next bytes  of data is 06 - this signifies that the command is a user message
  • Next is a 4 byte are standard for all messages/commands being sent to the messenger server.The 4 bytes are  5A 55 AA 56
  • The next 4 bytes  are the user identifier for the current session.
  • This is followed by one byte of data signifying that the data is a Private Message(PM) being sent to a user.This byte has an ASCII equivalent of  "1"  
  • This is followed by 2 bytes of data which is the standard argument separator.- C0 80
  • This is followed by the yahoo user id and the standard argument separator.
  • Followed by one byte which which has an ASCII equivalent of  "5" and whch signifies that the next data is the user id to whom the message is to be sent
  • Followed by the standard argument separator.
  • This is followed by the id of the user to whom the message is being sent and the standard argument separator.
  • Followed by again one byte which has an ASCII equivalent of  "14" and signifies that the data following it is the actual user message and the standard argument separator.
  • Next 2 bytes have an ascii equivalent of "6" & "3"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of ";"
  • Next byte has an ascii equivalent of "0"
  • This is followed by the standard argument separator.
  • Next 2 bytes have an ascii equivalent of "6" & "4"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "0"
  • Next 2 bytes have an ascii equivalent of "1" & "0"
  • Next 2 bytes have an ascii equivalent of "0" & "2"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "1"
  • Finally followed by the standard argument separator.

  

  

RECEIVING A MESSAGE

  

 YMSG A . .~* —5À€sundaxxxxÀ€4À€venkyxxxxÀ€14À€hi thereÀ€63À€;0À€64À€0À€97À€0À€

  

  

代码
0000: 44 45 53 54 00 00 20 53 52 43 00 00 08 00 45 00 DEST..
SRC....E.
0010: 00 7D 9C 0F 40 00 32 06 3A DA D8 88 E2 D0 CB
5E .}..@.
2.:......^0020: EA D9 00 50 04 8B 82 BE 3F 95 00 71 FE
2F
50 18 ...P....?..q./P.0030: FF FF 73 60 00 00 59 4D 53 47 00
00 00 00 00 41 ..s`..YMSG.....A0040: 00 06 00 00 00 01 7E 2A 0A
97 35 C0 80 73 75 6E .......*..5..sun0050: xx xx xx xx xx 61 C0
80 34 C0 80 76 65 6E 6B 79 dxxxxx..4..venky0060: xx xx xx xx
xx xx xx
31 34 C0 80 68 69 20 74 68 xxxxe..14..hi th0070: 65
72 65 C0 80 36 33 C0 80 3B 30 C0 80 36 34 C0
ere..
63..;0..64.0080: 80 30 C0 80 39 37 C0 80 30 C0
80 .0..97..0..


 

 

Let us look at what has been received

  • YMSG- is the yahoo standard header for all messenger command/messages
  • This is followed by 1 byte of data - 00. -signifying that this is a server response
  • This is followed by 3 bytes of data -  00 00 00 
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • The next bytes  of data is 06 - this signifies that the command is a user message
  • Next is a 4 byte are  00 00 00 01
  • The next 4 bytes  is the session id
  • This is followed by one byte of data signifying that the data is a Private Message(PM) being sent to a user.This byte has an ASCII equivalent of  "5"  
  • This is followed by 2 bytes of data which is the standard argument separator.- C0 80
  • This is followed by the yahoo user id and the standard argument separator.
  • Followed by one byte which which has an ASCII equivalent of  "4" and whch signifies that the next data is the user id who has sent the message
  • Followed by the standard argument separator.
  • This is followed by the id of the user to whom the message is being sent and the standard argument separator.
  • Followed by again one byte which has an ASCII equivalent of  "14" and signifies that the data following it is the actual user message and the standard argument separator.
  • Next 2 bytes have an ascii equivalent of "6" & "3"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of ";"
  • Next byte has an ascii equivalent of "0"
  • This is followed by the standard argument separator.
  • Next 2 bytes have an ascii equivalent of "6" & "4"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "0"
  • Next 2 bytes have an ascii equivalent of "9" & "7"
  • This is followed by the standard argument separator.
  • Next byte has an ascii equivalent of "0"
  • Finally followed by the standard argument separator.

  

USER COMES ONLINE

 

  

代码
0x0030 FF FF D2 AA 00 00 59 4D-53 47 00 00 00 00 00 31
ÿÿÒª..YMSG.....1
0x0040 00 04 00 00 00 01 B5 67-52 29 37 C0
80 73 75 6E ......µgR)7À€sue0x0050 64 61 6D 61 6D 61 C0
80-31 30 C0 80 30 C0 80 31 dddddd10010x0060 31 C0
80 37 35 36 42 36-36 41 39 C0 80 31 37 C0
1À€756B66A9À€17À0x0070
80 30 C0 80 31 33 C0 80-31 C0
80
€0À€13À€1À€let us see what
is being sent


 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 1 byte of data - 00. -signifying that this is a server response
  • This is followed by 3 bytes of data -  00 00 00 
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • The next bytes  of data is 04 - specifying user status as being online
  • Next is a 4 byte are  00 00 00 01
  • The next 4 bytes  is the session id
  • Also in this message is present the id of the user who has gone offline
 

 USER GOES OFFLINE

  

代码
0x0030 FF FF CD C6 00 00 59 4D-53 47 00 00 00 00 00 31
ÿÿÍÆ..YMSG.....1
0x0040 00 02 00 00 00 01 B5 67-52 29 37 C0
80 73 75 6E ......µgR)7À€sun0x0050 64 61 6D 61 6D 61 C0
80-31 30 C0 80 30 C0 80 31 damama10010x0060 31
C0
80 45 32 36 31 46-45 44 37 C0 80 31 37 C0
1À€E261FED7À€17À0x0070
80 30 C0 80 31 33 C0 80-30 C0
80 €0À€13À€0À€


 

 

YMSG- is the yahoo standard header for all messenger command/messages

  • This is followed by 1 byte of data - 00. -signifying that this is a server response
  • This is followed by 3 bytes of data -  00 00 00 
  • Next 2 bytes specify is the length of the  message information-i.e total lengthof the string -length of the header(20 bytes)
  • The next bytes  of data is 00
  • The next bytes  of data is 02 - specifying user status as being offline
  • Next is a 4 byte are  00 00 00 01
  • The next 4 bytes  is the session id
  • Also in this message is present the id of the user who has gone offline