5th Gen GTS Research

[Weby]

Okay, I'm afraid nothing works, except logging in into the GTS server.

The INFO.ASP of my server returns the good values now, but i always have the "disconnected" error "13274".

You can try by yourself, server is 178.32.110.176.

HGSS/dppt works well, but not B/W.

You can see your PID and the pokemon you are waiting on the page http://178.32.110.176/infobw.php

The .pkm used is here : http://178.32.110.176/syachi2ds/web/pkm/chikorita.pkm (right click + save)

Can somebody tell me what's wrong ?

Thank in advance.

PS : thanks Willaien, I found the problem. I stripped the trailing "=", but saw we must not.

[Weby]

Just to say, I talked about the urlsafe base64 encoder problem on my last line, my script wont work for now :j

[willaien]

  Weby said:

Okay, I'm afraid nothing works, except logging in into the GTS server.

The INFO.ASP of my server returns the good values now, but i always have the "disconnected" error "13274".

You can try by yourself, server is 178.32.110.176.

HGSS/dppt works well, but not B/W.

You can see your PID and the pokemon you are waiting on the page http://178.32.110.176/infobw.php

The .pkm used is here : http://178.32.110.176/syachi2ds/web/pkm/chikorita.pkm (right click + save)

Can somebody tell me what's wrong ?

Thank in advance.

PS : thanks Willaien, I found the problem. I stripped the trailing "=", but saw we must not.

Doesn't look like you're actually sending data whenever someone requests result.asp...

I did a query and just got back \x05 \x00 and the hash. Is this intentional?

[Weby]

Oops, yes, I did not tell you back.

Everything works now, I don't know what happened, I entirely rewrote the encoder and it works fine now. Maybe did I forget something, but I don't know what.

Thank you anyway for everything.

[xfr]

Some fact about the word filter of the GTS.

When you try to deposit a pokémon from the GTS, it must go through a word checker built into the game. If the game thinks you are using an insulting nickname or trainer name, it will remove the nickname and change the trainer name to Shiro* or Kuro* depending on whether you are playing white or black. This change is made before However, it doesn't seem to be always possible, and in some cases the GTS will reject the pokémon without even trying to send it on the server. The error code for filtered pokémon is 13267, which is different from the error code you get when the GTS server rejects the pokémon (13266).

I have discovered this because a Pokécheck user complained about not being able to deposit any feebas. It turns out the german name for feebas is Barschwa, and possibly because it contains "arsch" it gets rejected. Hence it is totally impossible to deposit any unnicknamed german feebas, even on the official GTS.

[Weby]

Interesting, thank you.

I do have a little question.

Is there a way to know which game corresponds to a PID or friend code ?

4g or 5g, that's easy, but want to know if a connected game is diamond, pearl, black, ...

I'm making a "rainbow table" right now, there are a few recordings but not big enough to get interesting values...

[xfr]

It is impossible to determine the version played only from the PID, it is generated in exactly the same way across a generation.

The only way to determine the version is from the GTS metadata when a pokemon is deposited or when a search is made. You also can record language, geonet location, trainer class and some more stuff which isn't yet figured out.

[Weby]

Okay, I gonna use that. I did know about it but that's not the way I was searching for... Thanks anyway.

[bukki]

Has anyone succeeded in returning a valid response to search.asp that won't crash the game with a light blue screen error?

I've tried returning the same struct (as stated here http://projectpokemon.org/wiki/GTS_protocol) like result.asp but it seems like it's pickier when searching? So it actually works to retrieve a Pokemon from the GTS but searching won't.

Any hints on this?

[formlesstree4]

  Quote

Searching

Searching is done through /pokemondpds/worldexchange/search.asp. The sent data is either 15 or 16 bytes long.

The server responds with a full 292-byte Pokémon struct for each result. If there are n results, the response will be 292 * n bytes long. If there are no results, the server will give an empty response (0 bytes).

So it didn't work with that? Try just sending zero bytes and see what happens.

[bukki]

  formlesstree4 said:

So it didn't work with that? Try just sending zero bytes and see what happens.

I DO know that it doesn't explode with returning \x01\x00 but I actually want to return a valid response including a Pokemon.

[codename_B]

Ok so, I've gotten as far as needing to know about the format of the request - I'm not sure if I'm base64-ing it right either, but anyway, you guys can fill me in on that

Here's what I've got so far

I've got a hunch I'm not doing the actual request bytes correctly, but then again hex isn't my strong point.

Salt: HZEdGCzcGGLvguqUEKQN
Request: http://gamestats2.gs.nintendowifi.net/syachi2ds/web/worldexchange/search.asp?pid=12345
Response: Cnrr0y1Qu1zmtSwStUTTOHyl7mStgHBb
Request-bytes: 010000010A000700
Request: http://gamestats2.gs.nintendowifi.net/syachi2ds/web/worldexchange/search.asp?pid=12345&hash=baf062d3f3949481c65d12b1054ef275c4ccfec0&data=MzkzMDAwMDAwMTAwMDAwMTBBMDAwNzAw
error: validation

[xfr]

There is a slight error on the wiki page for searching. When returning results the server reply must start with \x01\x00.

[codename_B]

Have you got any captured queries from gen5 btw? I'm in need of some so I can see what format the bytes need to be in and decode the base64 etc. I'm working on a web-based GTS searching script

[codename_B]

Ok, i've finally managed to capture a query!

[codename_B]

Little update:

data=LbhD8XQLnBYHAAAAAQADAAAABw==

decoded=2d b8 43 f1 74 0b 9c 16 07 00 00 00 01 00 03 00 00 00 07

The pid is these bytes here: 2d b8 43 f1 74 0b 9c 16 07 00 00 00 01 00 03 00 00 00 07

as opposed to what is said in the OP

[codename_B]

data=LbhAPnQLnBYHAAAAiQIDW2QABw==

decoded=2db8403e740b9c16070000008902035b640007

where 2db8403e740b9c16070000008902035b640007 these bytes represent the id of the requested pokemon

[codename_B]

data=LbhAPnQLnBYHAAAAiQIDW2QABw==

decoded=2db8403e740b9c16070000008902035b640007

where 2db8403e740b9c16070000008902035b640007 these bytes represent the level-ranges of the requested pokemon

[codename_B]

Ok, I'm currently at a loss as to the first 4 bytes, someone feel free to enlighten me ;D

[codename_B]

Bump

[codename_B]

Just starting from scratch and thinking about things backwards here, don't mind me.

5th Gen GTS Research (Searching)

Pid: 326390047

Query: LbhDTB9RdBMHAAAA9QEDAAAABw==

Decoded: 2d b8 43 4c 1f 51 74 13 07 00 00 00 f5 01 03 00 00 00 07

Reversed: 07 00 00 00 03 01 f5 00 00 00 07 13 74 51 1f 4c 43 b8 2d

(read in reverse order)

results (max 0x07): 0x07

location?: 0x00

level range to: 0x00

level range from: 0x00

gender: 0x03

species: 0x01 0xf5

data-length: 0x00 0x00 0x00 0x07 (always 8)

pid: 0x13 0x74 0x51 0x1f

unknown: 0x4c 0x43 0xb8 0x2d

[codename_B]

A little work on result.asp?data=WHATEVER

data length is 444 bytes

0x00-0x03 checksum

0x04-0x07 pid

0x08-0x09 data-length (minus headers)

0x0A game version

0x0B always "0x02"

The rest is unknown, but a lot of it can be blank. Here are some pastes of some data captures (if you feel like having a go at deciphering it yourself) with excess padding (the rest of the 444 bytes) stripped off.

  Quote

2d b8 4c a1 1f 51 74 13 b0 01 00 00 14 02 dc 14 90 d5 bc 1d 43 00 65 00 6f 00 6c 00 ff ff 00 00 00 00 ff ff 00 00 00 00 e0 e7 51 3d bd 96

2d b8 4f 74 1f 51 74 13 64 00 00 00 14 02 dc 14 90 d5 bc 1d 43 00 65 00 6f 00 6c 00 ff ff 00 00 00 00 ff ff 00 00 00 00 e0 e7 51 3d bd 96

2d b8 4e f3 b3 1f 22 17 b0 01 00 00 14 02 dc 20 df df 53 a8 4a 00 44 00 4f 00 4c 00 43 00 45 00 ff ff ff ff 00 00 00 00 00 24 1e 2e 01 9c