Newbie Spellweaver
- Joined
- Nov 29, 2007
- Messages
- 10
- Reaction score
- 1
Hello everyone,
Well, not much to say this time except I'm feeling nice today, so I've decided to share something with the community. If you don't know how, or what this is, just close this post and move on.
Here is C# code for decrypting packets, you can build a wireshark dissector plugin or a separate tool as I have for packet logging. I encourage people to try and write their own packet loggers, but when I'm satisfied with my own I may release it to the public in the hopes of people contributing what they are able to figure out in the packets.
As mentioned in a previous post, this part of the project I'm working on is the longest and most tedious. A little help from the community could go a long way. Note that the code is somewhat incomplete, I was going to calculate the CRC check but left it out for now. Without further adeui, here is the code.
Stay tuned for a release of the packet logger soon.
Well, not much to say this time except I'm feeling nice today, so I've decided to share something with the community. If you don't know how, or what this is, just close this post and move on.
Here is C# code for decrypting packets, you can build a wireshark dissector plugin or a separate tool as I have for packet logging. I encourage people to try and write their own packet loggers, but when I'm satisfied with my own I may release it to the public in the hopes of people contributing what they are able to figure out in the packets.
As mentioned in a previous post, this part of the project I'm working on is the longest and most tedious. A little help from the community could go a long way. Note that the code is somewhat incomplete, I was going to calculate the CRC check but left it out for now. Without further adeui, here is the code.
Code:
private bool Decrypt(byte[] buf)
{
Int32 length = BitConverter.ToInt32(buf, 0);
UInt16 CRC = BitConverter.ToUInt16(buf, 4);
UInt16 flags = BitConverter.ToUInt16(buf, 6);
UInt32 seed = BitConverter.ToUInt32(buf, 8);
if ((flags & 0x8001) == 0x8001)
{
byte state = Convert.ToByte((((seed >> 0x10) + (seed & 0xFF)) & 0xFF) & 0xFF);
byte carry = Convert.ToByte(((seed >> 0x04) + (length - 8)) & 0xFF);
Buffer.BlockCopy(BitConverter.GetBytes(Convert.ToInt32(length - 8)), 0, buf, 0, 4);
for (Int32 index = 4; index < length - 8; ++index)
{
byte b = buf[index + 8];
buf[index] = Convert.ToByte(carry ^ b ^ state);
state = Convert.ToByte(b ^ 0xED);
carry += Convert.ToByte(((index / 2) * index) & 0xFF);
}
}
return true;
}
Stay tuned for a release of the packet logger soon.