Ed2k protocol
Contents
ed2k protocol
The amule client uses the ed2k protocol to connect to the server. This page is based on the document of emule-project.net called: "The eMule/eDonkey protocol specification" by Yoram Kulbak and Danny Bickson and intents to update all messages that have changed in order that anyone can understand ed2k protocol, be able to implement it and to understand actual source codes like amule.
This page pretends to be an explanation on how to connect to the ed2k servers, perform searchs, file sharing, etc. Note: It is created by a newbie and WILL have errors, so I hope that people can help me to complete this article.
First of all. ALL MESSAGES ARE ENCODED IN LITTLE ENDIAN (the opposite of natural order).
Messages
All messages have a 6 bytes header with:
- protocol (1 byte: 0xE3 indicates edonkey while 0xC5 indicates emule)
- size (4 bytes: The message size not including this header)
- type (1 byte:A unique message ID that indicates which message are you transmiting: i.e.: Login: 0x01).
Tag messages
"Tags are TLV-like (Type, Length, Value) structures which are used for appending optional data to eMule messages".
The structure is the following (as described on the protocol specification):
Each tag can have 4 fields (not all of them are mandatory).
- type (1 byte)
- name:
*variable length string *1 byte
- value
*4 byte Integer *4 byte floating point number *variable length String.
- special (1 byte)
Login message
In order to connect to the network, you must have an IP address and port of an emule server. For example, if you have a emule server runing at localhost, the host will be: localhost and the port that you have configured.
After connecting, you must sent the first message to the server, this message is composed by (as the howto says):
HEADER
protocol 1 byte (default value for EMULE: 0xE3). [Red] size 4 bytes (the size of the message not including this header) [Green] type 1 byte (OP_LOGINREQUEST: 0x01) [Blue]
userhash 16 bytes generated randomly (it is said that positions 6th and 15th are not randomly generated, and their values are 14 and 111 respectively). [purple] clientID 4 bytes (the fist time are 0x00 because the clientID is assigned by server). [white] TCPport 2 bytes (default: 4662: 0x36 0x12) [yellow] TagCount 4 bytes (default: 4: 0x04 0x00 0x00 0x00). CAUTION: In spite of having the name TAG is NOT a tag message. [White]
This is a screenshot which uses netcat on the port 46621 and hexdump to examine the login message. All fields underlined on different colors are identified, the rest are messages tags that are explained below.
Tag explanation according to the image (thanks skolnick):
The tags are not underlined in the image
Type of tag (1 byte) 0x02 = String tag name's size (2 bytes) 0x01 0x00 = tag name's size is 1 byte tag name (1 byte) 0x01 = tag name is client nickname tag's size (2 bytes) 0x14 0x00 = size is 20 bytes tag contents (20 bytes) http://www.amule.org Type of tag (1 byte) 0x03 = DWORD tag name's size (2 bytes) 0x01 0x00 = tag name's size is 1 byte tag name (1 byte) 0x11 = tag name is protocol version tag contents (4 bytes) 0x3c 0x00 0x00 0x00 = prot. version 60 Type of tag (1 byte) 0x03 = DWORD tag name's size (2 bytes) 0x01 0x00 = tag name's size is 1 byte tag name (1 byte) 0x20 = tag name is compresion tag contents (4 bytes) 0x1d 0x00 0x00 0x00 = compression status Type of tag (1 byte) 0x03 = DWORD tag name's size (2 bytes) 0x01 0x00 = tag name's size is 1 byte tag name (1 byte) 0xfb = tag name is ??? tag contents (4 bytes) 0x80 0x05 0x04 0x03 = tag data
How to do tests
If you are runing linux and your own donkey server
tcpdump -i lo -X
can be really usefull (lo is the loopback interface). If you want to perform translations from binary to hexadecimal
hexdump -C
is usefull too.
For example, I use netcat with hexdump to "emulate" a server:
nc -l -p PORT|hexdump -C
This allows me to see byte per byte all the login message (for example).
If you want to run your own edonkey server to perform some test and not to be banned from some official servers you can download it from:
External links
- Protocol specification (emule at sf.net)
- The eDonkey 2000 protocol
- eDonkey server
