Even with TCP_NODELAY you cannot expect send() calls to match recv() calls one to one since TCP is a stream-based protocol. But having reverse engineered a lot of the code, I can say the problem isn't even that in this case. Before the data even makes it to send(), the bytes get concatenated into a stream. The function GameServerConnection::MoveAndGetEvents() is called by the game thread. It samples the current position and rotation and enqueues an action to be executed by the ServerConnection thread. That action starts by appending a move packet to the stream containing the sampled position/rotation and then flushing the WriteStream which does the socket send() and then empties the buffer to prepare for next time. But any data in the stream from before that action, from a jump or item pick up or item use, will also be part of the same send() call. Incidentally, after appending the move packet and doing the flush, it processes any new event packets from the server and takes appropriate action. The 0x0000 packet ID that he mentions in the video is what terminates MoveAndGetEvents; once the infinite loop sees that packet ID, it breaks. I'm guessing he gets to this later in the series (I haven't watched beyond this video yet), but here's the move packet format: float x; float y; float z; float pitch; float yaw; float roll; int8 fwd; int8 strafe; The only non-obvious fields should be fwd and strafe, which encode the current movement button states. It's a float encoded as an int8 by multiplying by 127 and quantizing. So +1.0/0.0/-1.0 correspond to forward/nothing/backward for fwd and left/nothing/right for strafe. The button states control movement for players on the server as you'd expect; that happens on the UE4 side via the member variables m_forwardMovementFraction and m_strafeMovementFraction, not in GameLogic.dll, so it's presumably just normal UE4 physics. In an earlier video he tried to cancel out gravity by setting the actor velocity. The reason that didn't work is that the actor velocity isn't replicated from the client to the server, unlike the position. You can directly manipulate your position, but you can only indirectly manipulate your velocity through fwd/strafe and jump.

Yup, for those interested in learning more this is known as TCP multiplexing and it typically follows Nagle's algorithm

checkout my video "ey! Look for patterns" video: kzbin.info/www/bejne/gKHEomOHoMqjnaM

It wouldn't surprise me, but what I think he might have meant is that you learn to pay attention to when the bytes are within the range of printable ascii characters.

As someone else said, ascii can be pretty easily identified by looking for characters in the common range [I personally know the general ranges to look for numbers, capitals, lowercase, periods, and space] and when something is largely out of that range (0xFF, 0x01, or 0x00 if you know it isnt null terminated) it can be easily labeled 'not ascii'

It's not that difficult honestly once you looked at it for a moment. the letters are all sequential starting at 0x41 (A) and 0x61 (a). So after knowing that 0x41/0x61 = A/a you can convert Hex to ascii in your head just by counting. What's 0x6A? Let's count: 0x61 = a, 0x62 = b, 0x63 = c, 0x64 = d, 0x65 = e, 0x66 = f, 0x67 = g, 0x68 = h, 0x69 = i, 0x6A = j

Btw "6d 76" = "mv" (prob move)

well... eventually I noticed that too. But that is a few episodes away :D

the *i might be a hint to the length of the name string

mv and jp was seen from the third episode as well, unfortunately he missed it

A jednak coś jest

Matrix 89 tylko oszukuje !

need tips , still looking to do the same.

There's maybe a check, as the server knows which slot are you using, but worth a try

knowing how graphics libraries are working, i suppose your guess is wrong by 2 things 1. this game does not support all 3-axis rotation or that was be 'space-like' game 2. view matrix is pointed to some spot in x,y,z, like in opengl: createfovprespective(fov, x, y, z, t_x, t_y, t_z, u_x, u_y, u_z); i really do not remember right name x, y, z - spot of 'camera' in world (we already know) t_x, t_y, t_z - target spot where camera is looking u_x, u_y, u_z, - a direction vector which is pointing at the top direction of a camera, often that is (0, 1, 0) and a const 3D vector so i think that data is really containing target position EDIT: i didn't saw you're edited xd

Most games encode 3D angles as quaternions tho

Coding IS fun tho

Came to say this

that sounds cool! What language are they speaking?

It's not just one selector line. They are multiple and can be "created" by holding down and left clicking at the different positions in the file. (Sublime Text is the used editor.)

Select lines and press shitf+ctr+L

Would that be possible

Maybe, but I am pretty sure devs took care of this. After all, they knew what their "playerbase" would be

Definitely possible if the developers used strcpy or memcpy instead of strncpy or memcpy_s

Overflow makes no sense If you specify a smaller length, the server will just interpret part of the string as packet data and reads invalid packet ids. The player will just get kicked

Fabio Silva They could also be coded as a quaternion (x,y,z,w), each of these values consisting of two bytes

That's is true! But as he said, the way I find it most simple to implement, would be with Roll, Pitch and Yaw

There is probably no roll in an FPS... But yes, I agree otherwise, probably a horizontal direction and angle to the horizon (~= Yaw & Pitch)

Not by the player, but it might use the same logic if there are items that roll over the X axis. I didn't notice if it there was any value that changed from 0. But if there is one that is fixed at 0, probably a good chance it is Roll. Also I have an idea, when you join the game is there an initial packet? Because if there is the location might be zeroed out and then you can see with move according with the looking around.

the trick is to never play CTFs with pants on!

It's too short for that, but there aren't many possibilities: - If it encodes 2 values (roll & pitch), then it must be 2x2 bytes, which can not be floats, maybe shorts? - If it only encodes one value, then it may be a float, maybe horisontal rotation

Fuchsfalke It could be four one-byte values. Rotations in 3D space can be represented with quaternions (x,y,z,w) as well.

4 one-byte values? I don't think so, and we also know that this game uses some custom game logic and networking, so I don't think it's sending 4 dimensional values.

Sasszem That's true, dividing 360° into 256 parts would not be pleasant

One-byte float quaternions? Good luck with precision lol P.s. maybe fixed points be better

i have an question, can i make an anti-aim with this?

​@@weeeeeeeeeeeewAre you asking about wireshark or the video in general? Wireshark is just a debugging tool, for network traffic. In the video he didn't use a tool he wrote just his own program, but as I stated a tool like wireshark can have some nice advantages. But to develop an anti-aim hack/cheat there are several possibilities. One beeing as shown in the video to reverse engineer the network protocol, which might be the most promising attack vector. So after reverse engineering the protocol you can implement your own proxy to create an anti-aim. He kind of started with the process in his video, however developing the proxy isn't the hard part or much work. It is the protocol analyzing.

Sublime, and that is a feature in a few editors. In sublime you can just CMD + CLICK to select multiple cursors, or use CMD+D to search and select for the same word. And if you highlight multiple lines, with CMD+SHIFT+L I get a cursor in each line

Is the CMD just CTRL on windows?

J3ker PlayZ looks like sublime

Orio Prisco no one shall know his secrets

Incognito mode doesent do shit

Your request was conveyed...