wos_player_lookup.py that returns actual player data from PCAP capturesf1 03 = alliance, f1 04 = kingdom, 04 1f = name, 04 7c = PIDc37aba497f0fc9e6357a4b0d32b45e2f and leaked GitLab token glpat-ni86rqoefyhoTkMsNYiRUsing the new wos_player_lookup.py tool, we can now extract real player data from PCAP captures. Below is the verified output for player "Pano":
✓ Power value EXACTLY matches in-game leaderboard screenshot
# Search for a specific player by ID
python3 wos_player_lookup.py --pcap capture.pcap --pid 288979040
# List all players found in capture
python3 wos_player_lookup.py --pcap capture.pcap --list
# Get JSON output
python3 wos_player_lookup.py --pcap capture.pcap --pid 288979040 --json
# Live server connection (requires session token)
python3 wos_player_lookup.py --token "YOUR_TOKEN" --pid 77754601
Cross-referencing the live power leaderboard screenshot with PCAP binary data confirms our extraction methodology:
| Rank | Player | Alliance | Power (Screenshot) | Power (PCAP LE4) | Match |
|---|---|---|---|---|---|
| 1 | VISHENAEBA | IRS | 973,248,215 | 973,248,215 | EXACT |
| 2 | BandiMadman | IRS | 858,363,844 | 858,363,844 | EXACT |
| 4 | Pano | POL | 762,043,293 | 762,043,293 | EXACT |
| 8 | Pio | IRS | 713,174,620 | 713,174,620 | EXACT |
The player profile in sproto type 0x5502 messages follows this binary layout in the packed stream:
[04 1f] [Player Name] - 04=field tag, 1f=string marker
[04 04 1f] [Power LE4] - 04 04=field tags, 1f=value marker, 4-byte LE power
[f1 04] [Kingdom LE4] - f1 04=kingdom tag, LE4 kingdom composite ID
[f1 03] [Alliance Abbr] - f1 03=alliance tag, 2-5 uppercase ASCII
[0d f8] [Alliance Full] - full alliance name with sproto packing
[71 02] [Language] - 2-char language code
[04 7c] [Player ID LE4] - 04 7c=PID tag, 4-byte LE player ID
[20 fc] [Avatar Path] - avatar URL path on CDN
Hex dump of Pano's profile in the raw sproto S->C stream:
58842: 11 0b 04 1f 50 61 6e 6f - "Pano" (04 1f prefix)
58850: 04 1f 1f 18 4e 04 04 1f
58858: 9d db 6b 2d - Power: 762,043,293 (LE4)
58862: 28 01 03 f1 04 ed 64 a0 77 - Kingdom: 2,007,000,301
58871: f1 03 50 4f 4c - "POL" alliance
58876: 0d f8 50 6f 6c 73 6b ff 00 61 48 75 73 61 72 69 61 - "PolskaHusaria"
58889: 71 02 70 6c - "pl" language
58893: 04 7c 60 78 39 11 - Player ID: 288,979,040 (LE4)
58899: 20 fc 32 30 32 36... - Avatar: /2026/04/15/lVMJMM_1776289540.png
The extraction algorithm uses validated sproto tag patterns:
f1 03 [ALLIANCE] in the raw S->C stream1f [LE4 power] within 60 bytes04 1f [NAME] within 60 bytesf1 04 [LE4 kingdom]04 7c [LE4 pid] or direct LE4 search| Service | Domain | Port | Protocol | Purpose |
|---|---|---|---|---|
| Game Server | gof-login-formal-ga.centurygame.com | 30101 | sproto/TCP | Core game state, POWER data |
| Chat Server | rtm-intl-frontgate.ilivedata.com | 13321 | FPNN/TCP | Chat, VIP/Kingdom/Alliance |
| Login API | gof-login-formal-ga.centurygame.com | 443 | HTTPS | Session creation |
| GM API | gof-gm-api-formal-ga.centurygame.com | 443 | HTTPS | Gift code redemption |
| Passport | passport-apa.centurygame.com | 443 | HTTPS | Account auth |
| Giftcode API | wos-giftcode-api.centurygame.com | 443 | HTTPS | Player info (limited) |
| Avatar CDN | gof-formal-avatar.akamaized.net | 443 | HTTPS | Player avatars |
| Platform Config | platform-config-prod.centurygame.com | 443 | HTTPS | Server list, config |
1. App Launch
-> platform-config-prod.centurygame.com (server list)
-> passport-apa.centurygame.com (authenticate)
-> gof-login-formal-ga.centurygame.com (session token)
2. Game Session
-> TCP :30101 (sproto - ALL game data INCLUDING POWER)
-> TCP :13321 (FPNN chat - VIP, alliance, kingdom)
3. Background
-> logagent-rum.centurygame.com (analytics)
-> gof-formal-avatar.akamaized.net (avatars)
Chat messages contain JSON payloads with player metadata - the easiest way to get VIP, kingdom, and alliance info:
{
"nickName": "Mr. Lonely",
"vip": 9,
"show_vip": 1,
"kid": 2007,
"abbr": "ONE",
"uid": 78773088,
"rank": 3,
"torank": 1,
"point": {"x": 770, "y": 698}
}
| Field | Type | Example | Description |
|---|---|---|---|
| nickName | string | "Mr. Lonely" | Display name |
| vip | int | 9 | VIP level |
| show_vip | 0/1 | 1 | VIP badge visibility |
| kid | int | 2007 | Kingdom ID |
| abbr | string | "ONE" | Alliance abbreviation |
| uid | int | 78773088 | Player UID |
| rank / torank | int | 3 / 1 | Alliance rank change |
| point | object | {"x":770,"y":698} | City coordinates |
| Field | Protocol | Encoding | Example | Difficulty |
|---|---|---|---|---|
| Player Power | sproto TCP:30101 | LE4 uint32 | 762,043,293 | Medium (PCAP) |
| VIP Level | FPNN TCP:13321 | JSON int | 9 | Easy (chat) |
| Kingdom ID | Both | JSON int / LE4 | 2007 | Easy |
| Alliance | Both | String / JSON | "POL" | Easy |
| Player ID | Both | LE4 / JSON int | 288,979,040 | Easy |
| Name | Both | String / JSON | "Pano" | Easy |
| Language | sproto TCP:30101 | 2-char ASCII | "pl" | Medium |
| Avatar | sproto TCP:30101 | String | "/2026/04/15/..." | Medium |
| Coordinates | FPNN TCP:13321 | JSON object | {"x":770,"y":698} | Easy |
glpat-ni86rqoefyhoTkMsNYiR embedded in APK config, could access private repositories.python3 wos_player_lookup.py --pcap capture.pcap --pid PLAYER_IDpython3 wos_player_lookup.py --token TOKEN --pid PLAYER_IDListen to chat messages for vip, kid, abbr fields. Power is NOT available via chat.
| Credential | Value | Source |
|---|---|---|
| App Key | c37aba497f0fc9e6357a4b0d32b45e2f | CGSettings in APK |
| Signing Salt | tB87#kPtkxqOS2 | Previous investigation (encrypted in current APK) |
| GitLab Token | glpat-ni86rqoefyhoTkMsNYiR | CGSettings in APK (LEAKED) |
| Game Code | gom | CGSettings |
| Client Version | Unity-gof-2.7.27 hashcode:913973874 | FPNN auth packet |
| Build Number | 20121 | CGSettings |
| File | Description |
|---|---|
wos_player_lookup.py | V4 Player Data Lookup tool - returns ACTUAL data from PCAP/server/API |
wos_player_data.py | V3 Player Data Extractor (older version) |
wos_get_player_power_v2.py | V2 Player Power script (older version) |
wos-investigation/PCAPdroid_new_capture.pcap | Network capture (663 KB) |
wos-investigation/leaderboard_screenshot.jpg | Power leaderboard screenshot |
wos-investigation/extracted/ | Extracted APK files |
sproto_decode() and luaL_loadbuffer() to extract schemasglpat-ni86rqoefyhoTkMsNYiR may access source code with protocol schemas