No description
Find a file
2021-01-11 21:27:59 +01:00
tools update output on spykhanat, adding visual property 2020-12-02 01:03:45 +01:00
.gitignore update spykhanat.py (it can generate yaml file with detail message decoded) 2020-04-11 23:52:41 +02:00
client.py update spykhanat.py (it can generate yaml file with detail message decoded) 2020-04-11 23:52:41 +02:00
LICENSE Ajout de LICENSE 2019-05-19 15:22:39 +02:00
README.md update README 2021-01-11 21:27:59 +01:00
spykhanat.py update output on spykhanat, adding visual property 2020-12-02 01:03:45 +01:00

clientbot

Emulate Client (Python Script)

spykhanat.py

Convert pcap (capture network) on yaml file to see communication between server and client.

Usage

Install library

# Si python3 est par defaut
pip install pypcapfile

# Sinon
pip3 install pypcapfile

Launch network capture

Commande:

sudo tcpdump  -i [networkd card] -w [Pcap output]

Exemple:

sudo tcpdump -i eth0 -w capture-2020-11-28-17-37-57.pcap

Extract information

Commande:

python3 spykhanat.py -m [localization msg.xml] --yaml [Yaml Output file]  -w [localisation database.xml] -p [Pcap input] --filter-host-service='[Ip address: Port server khaganat]' --csv='[file output CSV {comma separator} - extract only normal message]'

Exemple:

python3 spykhanat.py -m ~/khanat/khanat-opennel-code/code/ryzom/common/data_common/msg.xml --yaml capture-2020-11-28-17-37-57.yml  -w ~/khanat/khanat-opennel-code/code/ryzom/common/data_common/database.xml -p capture-2020-11-28-17-37-57.pcap --filter-host-service='127.0.0.1:47851' --csv capture-2020-11-28-17-37-57.csv

Analyze result

you can see the result in yaml output

Field:

  • packet : raw data
  • block_Client : data sent by client
  • block_Server : data sent by server
  • state : message docoded or partially decoded)
  • impulse : impulse message
  • impulseserver : message impulse server decoded
  • Message : Message analyzed (one line by block)

Detail message format (ex.: <0:31> (Sint32) CurrentSendNumber => 42 : 00000000000000000000000000101010) (Type) [Function] => Value : [Value in binary] [(optional) value real]

  • position data : Begin:End
  • Format data (Signed/Unsigned Integer, String, Number of bit)
  • Function (type of value, function in khaganat)
  • Value : value in integer
  • Value in est par defaut binary
  • Value convert for khaganat (sometimes is keyword)