Winny’s Protocol (handshake)

Posted on August 10, 2008. Filed under: P2P, Winny |

For those who are interested, here’s the protocol details about Winny.
I will first talk about the handshaking which is the beginning of all connections, the handshake begins with 6 bytes of data which contains the RC4 key used for decryption of upcoming data, the 6 bytes has the format:

—- —- —- —- —- —-
| x | | x | | a | | b | | c | | d |
—- —- —- —- —- —-

where xs are dummy and abcd 4 bytes are the encryption key.

After the encryption key, data packets are formatted as commands and has a common format:
—-—-—-—-—-
| length of cmd | | pay load |
—-—-—-—-—-
The length has 4 bytes in little endian and describes the number of bytes in payload.

Payload has the following format”
— ———————————-——–——–——
| code | | additional data associated with the code |
—————————————
The code is of course the command code which is of 1 byte, length of data depends on the code.

During handshaking, the commands sent would be:
| key | | 97 | | 00 | | 01 | | 02 | | 03 |

key is the key packet described as above
97 is command 97 which means “Low version”
00 is Protocol Header
01 is Speed
02 is Connection Type
03 is Node Details

Command formats as follows:
97 = Low Version
| 97 |

00 = Protocol Header
| 00 | | minor version (4 bytes LE int) | | major version string |
where the information part of minor version and major version is encrypted using RC4 with key:
[ 0x39, 0x38, 0x37, 0x38, 0x39, 0x61, 0x73, 0x6a ]

01 = Speed
| 01 | | speed (4 bytes LE float, i.e. IEEE 754) |

02 = Connection Type
| 02 | | link type (1 byte) | | is port 0 (1 byte) | | is bad port 0 (1 byte) | | is bbs link (1 byte) |
link type = {Search = 0, Transfer = 1, BBS Search = 2|, others are boolean values

03 = Node Details
| 03 | | ipv4 address (4 bytes BE int) | | port (4 bytes LE int) | | DDNS name length (1 byte) |
| cluster word 1 length (1 byte) | | cluster word 2 length (1 byte) | | cluster word 3 length (1 byte) |
| DDNS | | cluster word 1 | | cluster word 2 | | cluster word 3 |

Advertisements

Make a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

One Response to “Winny’s Protocol (handshake)”

RSS Feed for … Comments RSS Feed

Very interesting site ! Good work ! Congratulations :),


Where's The Comment Form?

Liked it here?
Why not try sites on the blogroll...

%d bloggers like this: