ok i took a even bigger reading getting almost 100 packets since it's so big i just saved the file file in a generic .cap format that windows NetMon or wire shark can open and read. destination 255.255.255.255 seem to be only sent when looking for games while destination 0.0.0.1 are sent when attempting connection. heres the link for the DL!
Packet.cap also one things to note is each packet sent has a checksum and a identification hex code that are different each time so im thinking it's the "key" for de-encrypting the code. i'd hope that the relation could be found between them. onces that's done it should be easy to script/write a program to intercept the packets on port 3074 (the only one the 360 uses for connection) and "spoof" the proper reply in under 30ms. if it can be done it'd be a major step in the right direction, true?
oh and the "frame xx" area is from wireshark, it stamps the capture or arrival time for that packet and some header data.
This post has been edited by neo8222: Jan 20 2010, 08:51 PM