Diablo 2 hacking (packets, d2hackit etc.) guides
Packets Guide by EvilCheese
Packets Guide by After-Death
Diablo II Packet Lists & Info
Diablo II 1.10 Skills List
Battlenet Packetlist v1.11 Compilant
D2Hackit v2.00 API Reference
D2HackIt Modules |
Beginner's Guide to Packets by EvilCheese
Here's a little tutorial I wrote some time ago. I've dusted it off and updated
it a touch for 1.10. I dont know how useful it will be, but I'm sure someone
will get something from it.
It covers basic loading of modules, sniffing, packet sending etc... as well as
some simple theory.
Anyway... here it is:
D2Hackit / Packet sending FAQ/Tutorial for newbies (and oldies)
Written by EvilCheese for Blizzhackers
If you see it anywhere else then it's not where it should be.
1.1)What is D2Hackit?
1.3)Installing D2Hackit and modules.
1.4)Running D2Hackit and modules.
2.1)What are packets?
2.2)Why send packet?
2.3)How do I send packets?
2.4)What does the "receive" command do?
2.5)How do I find out which packet does what?
2.6)What's a BYTE / WORD / DWORD?
3)Using packets to do something.
3.2)Picking up an item from your inventory.
3.3)Selling an item using packets.
1.1) What is D2Hackit?
D2Hackit is a program that loads itself "into" the D2 game. It ties into several
of the core game functions, allowing module coders access to those functions to
perform actions such as sending packets, as though it was the game itself that
was carrying out those actions.
Although it has several very useful functions, D2Hackit is not an end in itself,
but merely a means to an end. The real functionality and usefulness of it lies
in the Modules which we use with it.
These can be as simple as packet senders/sniffers, or as complicated as a
1.2) Essential Files.
For the purposes of the tutorial sections, you will need the following files:
Be careful, and make sure you only download these files from trusted sites. Scan
them thoroughly with up-to-date virus scanning software, and check your system
after running, to make sure you havent inadvertantly installed a keylogger on
1.3) Installing D2hackit and modules.
Installation of D2Hackit is extremely simple. Just extract all the files from
the zip to any directory on your hard drive. It doesnt matter in the slightest
where you put it, so long as you know where it is.
Installing modules is exactly the same. Extract any modules you wish to use into
the same directory as D2Hackit. There will normally be a .d2h file, and perhaps
an .ini file and a .txt file also. Make sure these are all in the same directory
1.4) Running D2Hackit and modules.
Once you have D2Hackit installed, and any modules you wish to load, you then
need to get them working. This is done in the following way:
-Join/Create a game.
-Alt-tab to desktop.
-Find your D2Hackit directory.
-Go back to D2.
You should see some text telling you that D2Hackit has loaded successfully. Now
to load our modules. I'm going to assume that we're loading the modules for the
tutorials, but the process is identical for any others too:
-Press enter to get a chat box.
-Type .load <modulename> (eg .load sniffer .load bind .load block)
You should see a message saying the module is loaded, and perhaps a brief
mention of the author.
If you want to get help or see a list of commands available in a module, type:
to see all of the basic D2Hackit commands, or:
For a list of all commands in a specific module.
For help on a specific command, use:
.<modulename> <command> help
.pickit toggle help
.sniffer hide help
.bind set help
2.1) What are packets?
To understand what packets are, and how they relate to D2, you first need a
little background on how D2 works when playing on closed bnet.
D2 runs as two different pieces, a server program and a client program. The
server program is what actually runs the "game"... it's where everything
The client program acts as a "window" into that game, allowing you to see what's
going on, and to interact with the game.
When you play on closed bnet, the server is run on Blizzard's machines, and only
the client is run on your personal computer.
Packets are pieces of information and instructions sent to and from your machine
allowing you to see and interact with the game. Almost every action you do (Walking,
Attacking, Picking up items) involves a packet being sent to the server, and
everything you see happening (other people attacking, other people dropping
items) involves a packet being sent from the server to you so that you can see
Diablo 2 packets typically consist of a single byte (2 numbers) identifier (such
as 13) and then several pieces of data, usually organised into DWORDS (groups of
4 bytes, or 8 numbers).
2.2) Why send packets?
There are many reasons why you would want to send packets.
At the basic level, packet sending can be used to perform basic tasks within the
game. You can pick up items, drop them, interact with NPCs etc just using
At a more advanced level, packet sending can be used to perform actions at the
wrong times, or in a way which you would not be able to do using the standard
game client. This is useful for discovering loopholes, and exploits, which can
then be turned into hacks.
2.3) How do I send packets?
Very handily, D2Hackit has a built in command which allows you to send any
packet you like to the game server.
This command is .send, and is used like this:
Where xx represents the packet you wish to send, and varies in length according
to the packet type.
Please note that all packets are in Hexadecimal (base-16) notation, and
therefore must be an even number of letters/numbers in length. For more
information on using hex, search Google.com, there are many tutorials available
on how to use it.
Information on different packets and their uses can be found on the Blizzhackers
forums in a permanently stickied thread called "packet list" and several of the
more common packets will be covered later in this tutorial.
2.4) What does the "receive" command do?
Packets are sent both ways whilst you are playing D2. Some of them are sent from
you to the server, but some are also sent from the server to you.
You may be curious to find out what happens when you receive a particular packet,
and to find this out, the receive command is used. It fools D2 into thinking
that the packet came from the server.
The use of the function is exactly the same as the send command, and is:
Where xx is the packet you wish to receive, and can vary in length. Again, the
packet is in Hex, and the usual rules apply.
2.5) How do I find out what packet does what?
There are many different ways to do this.
The simplest way is to look in a packet list, such as the one on Blizzhackers,
which lists most common packets and what they do.
If you want more detailed information, then you may need to sniff packets.
For sniffing packets, we use a sniffer module. Most people use either Sniffer or
SnifferXP, it's a matter of personal choice, either functions well, but for this
tutorial I am assuming you are using the basic Sniffer module.
To sniff packets with sniffer, there are two ways to go about it. You can either
sniff for specific packets, or sniff for all packets.
To sniff for a specific packet, use the following method:
-Ensure D2hackit and sniffer module are loaded.
-Type ".sniffer show s xx" to show all packets sent with the ID xx
-Type ".sniffer show r xx" to show all packets received with the ID xx
When the packets are sent or received, you will see them shown at the top left
of the screen.
Sometimes you will want to find a packet for an action, but wont know the ID.
For this you can sniff all packets. To do this:
-Ensure sniffer/D2HAckit are loaded.
-Type ".sniffer load show-all"
All packets sent and received will now appear.
To disable it, type ".sniffer load default".
2.6) What's a BYTE/WORD/DWORD?
All of these refer to hexadecimal numbers of a specific length. The precise
meaning of WORD and DWORD varies from platform to platform and processor to
processor, but for the purposes of D2 hacking and available packet lists, the
meanings are as follows:
BYTE = 8 bit binary number = 2 digit hex number
WORD = 16 bit binary number = 4 digit hex number
eg 2F 09
DWORD = 32 bit binary number = 8 digit hex number
XX XX XX XX
eg AB 2E FD 04
3) Using packets to do something.
Okay, so now you know what packets are, how to send them, receive them, and see
them, so what can we actually do with them?
The examples I will give here are only basic ideas to show you how to go about
using packets, and are in no way the be-all and end-all of packet techniques,
but they will give you a place to start, so you can explore more fully on your
3.1) Getting IDs.
Everything in the Diablo-2 world has a unique id number. This is so the server
can keep track of all the items, monsters, NPCs and players.
Most packet actions will require one or more IDs to function correctly. This may
be an NPC ID, a player ID, an item ID, or one of many others.
Getting an ID is usually just a case of sniffing an interaction packet and
looking in the right place.
To find an NPC ID:
-Sniff sent 13 packets (.sniffer show s 13)
-Click on an NPC.
You should get a packet that looks like this:
xxxxxxxx is the interaction type.
yyyyyyyy is the ID of the thing you're interacting with.
You can use this to get the IDs of other things too, like your stash, quest
objectives, waypoints etc.
To find an Item ID:
-Put the item into your inventory.
-Sniff sent 19 packets (.sniffer show s 19)
-Pick up the item from your inventory.
You should get a packet like this:
xxxxxxxx is the ID of the item.
3.2) Picking up an item from your inventory.
This may sound like a simple task, but it will give us a little practice at
using both the sniffer module, the bind module, and the send function in
We are now going to make it so that we can lift an item out of our inventory
onto the pointer just by pressing a key.
-First make sure D2hackit, Sniffer, and bind are loaded.
-Sniff the ID of the item (as described above)
-Put the item back in your inv.
-Send the packet again. ( 19[Item ID] )
This should lift the item out of your inventory and place it on the cursor. But
wouldnt it be great if we could do that just by pressing a key? Here's how:
-Put the item back into your inv again.
-Enter the command ".bind keycode" and then hit a key, this will give you a
2-digit number which is the keycode for that key, we will call that "xx" from
-Enter the command ".bind set xx xx send 19yyyyyyyy" where xx is the keycode (yes,
enter it twice) and yyyyyyy is the item code.
-Now, close your inventory and hit the key you just bound.
This should lift the item from your inventory without the screen being open at
You can bind any commands you like to any key you like using this method.
It's handy for sending packets in situations where typing is not allowed (imbue
screen for example)
3.3) Selling an item with packets.
Now we've sussed out how to pick up an item from our inventory, let's see if we
can tackle something a little more tricky. This time we will sell an item to an
NPC using packets.
For this we will need both an NPC ID and an Item ID, so follow the steps above
to find those.
For this exercise, we are going to be using the "Sell item" packet. This has the
33[NPC ID][Item ID][DWORD][Cost]
-Get your NPC ID and Item ID ready, then get into the tradescreen with your
-Make sure the item you are selling is in your inventory.
-Use the command ".send 33xxxxxxxxyyyyyyyy00000000zzzzzzzz" Where is x is the
NPC ID, y is the item ID, and z is the cost (use any value you like, it wont
make a difference).
Bingo, item is gone from your inv, and is sold to the NPC, using packets.
This is only the first draft of this document. I will be adding more and more
information and examples to it as I have the inspiration and time. If you would
like to see a topic covered, or have a question that you think should be in
here, then please feel to reply on this thread, email me, or send me a private
message. All suggestions and feedback are welcome.
Diablo 2 Newsletter
Questions, ideas, problems, wishes?
Be informed whenever something new comes up
(or any important problems are fixed.).
You can unsubscribe from this newsletter at any time.