Wireshark & Chatlogs

Hey.

At work we've been using Wireshark (ex ethereal) for debugging some problems with network protocols we were having. If you don't have experience with this kind of stuff you can skip this thread.

I was wondering if it could be possible to create capture filter and some kind of custom decoding to dump text from GW so it would create chat logs? (I would love if ANet would add that option to the game client so I wouldn't be getting this crazy idea)

My idea so far:
- Create filter to only capture packets on specific port (I doubt I could filter them to IP as it changes)
- Remove all but packet raw data
- Remove all 0-length packets
- ?? filter out non text/chat packets. No idea how to do that. A way to sort them by All/Team/Trade would be even better.
- Convert raw data to readable text. Raw data of text packets(excluding header/footer?) is probably just binary dump of Unicode stings I guess. If it is it shouldn't be a problem.
- Dump text to file(s).

Did anyone actually try to make something like this? Is this even legal?

I'm not sure if this is the right forum to post this, so if its not I would ask a mod to move it.

I do believe it's in their EULA that packet sniffing is a violation. If I recall correctly they encrypt their packets also, so you'd have to reverse engineer their code to decrypt the packets to get the chat logs.

This is one of the reasons why I posted. I've read the EULA but I don't really think this goes under reverse engineering the program as it doesn't ever touch it or any of the files actually (nor the memory it uses)

Yeah, that might be a problem...

The gwlp people sniff their packets all the time and have figured out how to decrypt them. A-net doesn't seem too angry at them, so I guess you'd be OK if you did it.