Reverse engeneering - how it works?

[Acronis]

Reverse engeneering - how it works?

One thing I've never quite understood is how is stuff like packets reverse engineered? For example when OSI makes a packet change, how do people manage to find out what the change is, and what the new modification is for? For example, the field they added to the item packet a while back for grid location.

Also for non network stuff, such as how to read the map files, how do people manage to reverse engineer stuff like that?


I'd like to learn how to do this, think it would be useful for all sort of online games.


Edit: I actually meant to post this in programming/other, probably fits better there.

 

[delete123]

I attach to this question.

 

[brodock]

I have a very small understanding on this area but i think people play a try and catch game while trying to figure out what the hell that specifically packet means.

I think there is no methodology or "magic way" of doing thous things.

But i can be wrong.

 

[Khaz]

I don't know how the RunUO team did it in the beginning, but in analyzing other Internet-enabled applications, one way I've used is to turn on a packet sniffer and review the data that is sent and received on each action.
For instance, if I wanted to see what was involved in poisoning a target, I'd look at the packets going through the UO client pipe when a poison request was sent to the EA servers.

 

[Tartaros]

I'd say the worst part in case of UO was breaking the cypher, which was done long time before RunUO was born

After that it's "just" trial/error with a sniffer and an EA account