English 中文(简体)
Reverse-engineering of communication protocols
原标题:

Just curious - what are some automatic or even semi-automatic techniques for reverse-engineering of communication protocols?

I am particularly interested in the case when one s sniffing traffic and trying to understand the protocol.

I could find a number of papers on scholar, but in my experience this is a completely manual process most of the times.

If anyone has experience in the field and feels like sharing it would be much appreciated.

最佳回答
  • Obtain some measure of control over a communication link and sniff the data. Then exercise the range of operations of the associated application to feel out how the protocol relates so you can gather general observations.

  • Google for the protocol. Maybe it is published. Maybe someone has already figured it out, or someone has carelessly leaked details about it.

  • Write a test program which replaces one end of the protocol: try eliciting responses from the other side by trial and error.

  • Often a protocol is a descendant of—or at least related in many ways to—another one. By seeing the specifics and having familiarity with many protocols, one can often make good educated guesses about its features and abilities.

问题回答

暂无回答




相关问题
Create binary data using Ruby?

i was palying with the ruby sockets, so i ended up trying to put an IP packet togather, then i took an ip packet and try to make a new one just like it. now my problem is: if the packet is: 45 00 00 ...

How to associate a URL to an application using Cocoa

From the command prompt it s possible to run for example "open http://www.example.com" and have that homepage displayed in the default browser. Similarly you can run "open callto:xyz123" to open up ...

in protocol with regard to sequence

How is this implemented at a python level? I ve got an object that pretends to be a dict for the most part (in retrospect I should have just subclassed dict, but I d rather not refactor the codebase, ...

Can anyone guess what protocol these packets belong to?

We see these packets being injected in an FTP-DTP channel during a downlink file transfer on Telstra s NEXTG mobile network. We are not sure if these are network level packets, a problem with our 3G ...

How to release attribute which is protocol?

I have working for iPhone development for a while. First time, I so surprised with memory-management in objective-c :). but now I got it a little bit. The question is, sometime, I use protocol as an ...

Reverse-engineering of communication protocols

Just curious - what are some automatic or even semi-automatic techniques for reverse-engineering of communication protocols? I am particularly interested in the case when one s sniffing traffic and ...

The most efficient DHT

What is the most efficient DHT? I am looking for name and/or some kind of implementation or related work, but I am not looking for the one that is most used. Efficient in terms of CPU execution ...

热门标签