I
I
Ivan ANTIKLAN2016-12-18 20:55:57
Programming
Ivan ANTIKLAN, 2016-12-18 20:55:57

How will client-server application protocols be reversed?

Hello!
Can someone write or give a link where to see a completely disassembled example with an explanation of all the details on the reverse of some kind of client-server application protocol. And then a lot of theory has already been studied, but in practice there is zero sense.

Answer the question

In order to leave comments, you need to log in

2 answer(s)
A
Artem Voronov, 2016-12-18
@newross

there is no single correct solution. Conventionally, protocols can be divided into 3 groups:
- json\soap\xml. Everything is already described there, you don’t even need to turn on the brain;
- text protocols without structure description. You will have to think a little, but the whole text is in front of your eyes, it is quite easy to identify patterns. You write down what you configured on the client, you look at how the request and the server response have changed. At the extreme, you decompile the client and look at the parsing of the protocol :)
- binary protocols. This is really hardcore. If you fail to decompile the client code, you can hang for a long time. It will be necessary to make assumptions about the structure of the data, to conduct a huge number of experiments. And if for simple protocols this is still realistic, then for complex protocols it is easier to pay one of the developers to merge the structure. For example, we reversed the truck scale protocol. There was no client program, they asked for several hundred thousand rubles for it, more than the cost of the scales. But within a couple of days, they picked up the structure and successfully deciphered the protocol, integrated the scales into the system. But with the navigation equipment protocol, this did not work - the protocol is too complicated, there are a lot of variables. It turned out to be cheaper to buy other devices with an open protocol.

T
theg4sh, 2017-01-09
@theg4sh

In addition to Artem Voronov 's answer , it's worth adding that in addition to clear data, there is also streaming traffic encryption. The most common example is https, where the data is encrypted. There are also a bunch of "engines" for streaming symmetric traffic encryption. In this case, it is not bad to be or become an advanced mathematician.
The easiest option for an example is to run the tcpdump utility on the Internet access interface for https:
and open some https://goo.gl
in the browser . Otherwise, in order to understand what is being sent, you need to understand how the data structure is formed during transmission.
Therefore, write your client-server programs, preferably on these sites, and see what the traffic looks like.
It is also worth learning about how data is stored in memory, for example that the bytes of a word will be in reverse order, that usually strings are transmitted with the preceding word from the number of bytes in the string.
For example, disassemble a precompiled program:

int main(int argc, char** argv)
{
  static int var = 0xcc00ffee;
  return 0;
}

Reading: https://www.reddit.com/r/ReverseEngineering/commen...

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question