2019-05-19 13:19:50 +00:00
|
|
|
# clientbot
|
|
|
|
|
2020-11-28 16:58:27 +00:00
|
|
|
Emulate Client (Python Script)
|
|
|
|
|
|
|
|
# spykhanat.py
|
|
|
|
|
|
|
|
Convert pcap (capture network) on yaml file to see communication between server and client.
|
|
|
|
|
|
|
|
## Usage
|
|
|
|
|
2021-01-11 20:27:59 +00:00
|
|
|
### Install library
|
|
|
|
|
|
|
|
```
|
|
|
|
# Si python3 est par defaut
|
|
|
|
pip install pypcapfile
|
2020-11-28 16:58:27 +00:00
|
|
|
|
2021-01-11 20:27:59 +00:00
|
|
|
# Sinon
|
|
|
|
pip3 install pypcapfile
|
|
|
|
```
|
2020-11-28 16:58:27 +00:00
|
|
|
|
2021-01-11 20:27:59 +00:00
|
|
|
### Launch network capture
|
|
|
|
|
|
|
|
Commande:
|
|
|
|
```
|
|
|
|
sudo tcpdump -i [networkd card] -w [Pcap output]
|
|
|
|
```
|
|
|
|
Exemple:
|
|
|
|
```
|
|
|
|
sudo tcpdump -i eth0 -w capture-2020-11-28-17-37-57.pcap
|
|
|
|
```
|
2020-11-28 16:58:27 +00:00
|
|
|
|
|
|
|
### Extract information
|
2021-01-11 20:27:59 +00:00
|
|
|
|
|
|
|
Commande:
|
|
|
|
```
|
2020-12-01 23:16:51 +00:00
|
|
|
python3 spykhanat.py -m [localization msg.xml] --yaml [Yaml Output file] -w [localisation database.xml] -p [Pcap input] --filter-host-service='[Ip address: Port server khaganat]' --csv='[file output CSV {comma separator} - extract only normal message]'
|
2021-01-11 20:27:59 +00:00
|
|
|
```
|
2020-11-28 16:58:27 +00:00
|
|
|
|
2021-01-11 20:27:59 +00:00
|
|
|
Exemple:
|
|
|
|
```
|
|
|
|
python3 spykhanat.py -m ~/khanat/khanat-opennel-code/code/ryzom/common/data_common/msg.xml --yaml capture-2020-11-28-17-37-57.yml -w ~/khanat/khanat-opennel-code/code/ryzom/common/data_common/database.xml -p capture-2020-11-28-17-37-57.pcap --filter-host-service='127.0.0.1:47851' --csv capture-2020-11-28-17-37-57.csv
|
|
|
|
```
|
2020-11-28 16:58:27 +00:00
|
|
|
|
|
|
|
### Analyze result
|
|
|
|
|
|
|
|
you can see the result in yaml output
|
|
|
|
|
|
|
|
Field:
|
|
|
|
* packet : raw data
|
|
|
|
* block_Client : data sent by client
|
|
|
|
* block_Server : data sent by server
|
|
|
|
* state : message docoded or partially decoded)
|
|
|
|
* impulse : impulse message
|
|
|
|
* impulseserver : message impulse server decoded
|
|
|
|
* Message : Message analyzed (one line by block)
|
|
|
|
|
|
|
|
|
|
|
|
Detail message format (ex.: <0:31> (Sint32) CurrentSendNumber => 42 : 00000000000000000000000000101010)
|
|
|
|
<Position data> (Type) [Function] => Value : [Value in binary] [(optional) value real]
|
|
|
|
* position data : Begin:End
|
|
|
|
* Format data (Signed/Unsigned Integer, String, Number of bit)
|
|
|
|
* Function (type of value, function in khaganat)
|
|
|
|
* Value : value in integer
|
2021-01-11 20:27:59 +00:00
|
|
|
* Value in est par defaut binary
|
2020-11-28 16:58:27 +00:00
|
|
|
* Value convert for khaganat (sometimes is keyword)
|