basic PcapParser

Novaria.PcapParser/Novaria.PcapParser.csproj

@@ -0,0 +1,16 @@
+<Project Sdk="Microsoft.NET.Sdk">
+
+  <PropertyGroup>
+    <OutputType>Exe</OutputType>
+    <TargetFramework>net8.0</TargetFramework>
+    <ImplicitUsings>enable</ImplicitUsings>
+    <Nullable>enable</Nullable>
+  </PropertyGroup>
+
+  <ItemGroup>
+	  <PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
+	  <ProjectReference Include="..\Novaria.Common\Novaria.Common.csproj" />
+	  <ProjectReference Include="..\Novaria.SDKServer\Novaria.SDKServer.csproj" />
+  </ItemGroup>
+
+</Project>

Novaria.PcapParser/PcapParser.cs

@@ -0,0 +1,113 @@
+using Novaria.Common.Core;
+using Novaria.Common.Crypto;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+using Newtonsoft.Json;
+using Novaria.Common.Util;
+using Novaria.SDKServer.Controllers.Api.ProtocolHandlers;
+using Google.Protobuf;
+
+namespace Novaria.PcapParser
+{
+    public class PcapParser
+    {
+        public int totalPacketsCount = 0;
+        public List<NovaPacket> packets = new List<NovaPacket>();
+
+        private readonly string rootPath = "E:\\documents\\Decompiling\\Extracted\\NOVA\\Novaria\\Novaria.PcapParser\\";
+
+        public PcapParser(string pcapFileName)
+        {
+            string pcapJsonFile = File.ReadAllText(rootPath + pcapFileName);
+            var data = System.Text.Json.JsonSerializer.Deserialize<List<PcapPacket>>(pcapJsonFile);
+
+            foreach (PcapPacket packet in data)
+            {
+                totalPacketsCount++;
+                byte[] payload = ConvertStringToByteArray(packet.payload);
+
+                if (packet.type == "KEY")
+                {
+                    AeadTool.key3 = payload;
+                    Console.WriteLine("got key!");
+                    Utils.PrintByteArray(AeadTool.key3);
+                    continue;
+                }
+
+                if (AeadTool.key3 == null) // skip first 2 packets (ike req and resp)
+                {
+                    continue;
+                }
+
+                // parse packet and add to packet list here
+                Packet parsedPacket = null;
+
+                try
+                {
+
+                    if (packet.type == "REQUEST")
+                    {
+                        parsedPacket = HttpNetworkManager.Instance.ParseRequest(payload);
+                    } else
+                    {
+                        parsedPacket = HttpNetworkManager.Instance.ParseResponse(payload);
+                    }
+                } catch (Exception e)
+                {
+                    Console.WriteLine($"something went wrong while parsing {packet.type} packet");
+                    continue;
+                }
+
+                NetMsgId msgid = (NetMsgId)parsedPacket.msgId;
+                Type requestType = ProtocolHandlerFactory.GetRequestPacketTypeByProtocol(msgid);
+
+                if (requestType == null)
+                {
+                    Console.WriteLine("invalid imessage type");
+                    continue;
+                }
+
+                IMessage decodedPayload = HttpNetworkManager.Instance.DecodePacket(requestType, parsedPacket);
+
+                Console.WriteLine($"Got Type: {packet.type}, MsgId: {(short)msgid}");
+
+                packets.Add(new NovaPacket()
+                {
+                    Method = packet.type,
+                    Packet = Convert.ChangeType(decodedPayload, requestType),
+                    MsgId = msgid,
+                    ClassType = ProtocolHandlerFactory.NetMsgIdToNameMappings[(short)msgid]
+                });
+            }
+        }
+
+        public void SavePackets(string saveFileName)
+        {
+            Console.WriteLine($"Got {packets.Count} packet(s) out a total of {totalPacketsCount}");
+            File.WriteAllText(rootPath + saveFileName, JsonConvert.SerializeObject(packets, Formatting.Indented));
+        }
+
+        public static byte[] ConvertStringToByteArray(string input)
+        {
+            return input.Trim('[', ']').Split(',').Select(byte.Parse).ToArray();
+        }
+    }
+
+    public class PcapPacket
+    {
+        public string payload { get; set; }
+        public string type { get; set; }
+    }
+
+    public class NovaPacket
+    {
+        public string Method { get; set; }
+        public object Packet { get; set; }
+        public string ClassType { get; set; }
+        public NetMsgId MsgId { get; set; }
+    }
+}

Novaria.PcapParser/Program.cs

@@ -0,0 +1,24 @@
+using Novaria.Common.Core;
+using Novaria.Common.Crypto;
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using System.Text;
+using System.Text.Json;
+using System.Threading.Tasks;
+
+
+namespace Novaria.PcapParser
+{
+    public class Program
+    {
+        public static void Main(string[] args)
+        {
+            PcapParser pcapParser = new PcapParser("first_instant_join.json");
+
+            pcapParser.SavePackets("parsed_packets.json");
+        }
+    }
+
+
+}

Novaria.PcapParser/create_acc_packets.json

@@ -0,0 +1,38 @@
+[
+	{
+		"payload": "[48,68,51,114,105,114,79,86,81,51,111,116,1,212,47,77,138,229,231,247,219,34,94,54,13,212,135,123,183,67,116,201,57,224,220,219,85,107,211,209,230,140,186,243,152,124,68,61,214,201,223,137,140,52,15,128,249,221,188,130,210,25,24,37,22,70,161,82,118,186,87,50,223,120,106,255,8,121,49,250,72,221,14,182,77,64,207,139,244,49,77,3,77,32,89,110,151,158,192,224,4,230,213,152,81,195,153,126,221,146,212,113,72,20,152,94,22,159,189,38,187,60,16,234,162,58,234,100,104]",
+		"type": "REQUEST"
+	},
+	{
+		"payload": "[234,105,6,108,133,147,14,252,55,174,255,147,254,38,68,50,97,160,50,26,107,23,134,5,230,68,52,59,56,21,61,117,33,172,200,49,41,38,83,22,184,3,194,42,1,203,4,206,86,111,143,83,35,255,112,8,255,8,30,108,118,49,89,27,103,151,125,102,19,46,202,203,6,97,38,132,46,172,144,251,87,94,80,8,27,59,13,60,200,154,69,142,52,171,198,47,134,227,73,76,139,112,176,236,81,117,145,140,57,222,161,20,132,253,71,98,43,185,201,181,200,31,67,94,45,106,147,66,16,5,88,218,62,191,88,120,206,38,52,248,113,200,122,156,169,68,161,56,111,8,209,252,90,48,128,35,134,172,141,180,207,217,216,78,242,34,1,127,108,179,247,107,3,191,156,35,64,67,43,21,129,89,228,214,67,168,163,130,221,44,169,231,216,132,134,41,73,16,181,39,37,56,99,80,21,235,31,244,166,120,212,25,45,68,82,188,37,209,123,190,3,95,196,93,200,249,146,163,15,38,48,12,73,141,237,225,46,216,144,228,105,28,246,234,130,174,141]",
+		"type": "RESPONSE"
+	},
+	{
+		"payload": "[15,99,202,137,121,158,2,191,157,94,57,173,68,73,3,44,75,32,176,54,162,131,83,249,14,167,11,143,99,73,157,204]",
+		"type": "KEY"
+	},
+	{
+		"payload": "[55,84,113,83,50,107,67,120,101,118,55,78,30,38,152,228,254,159,214,239,145,191,21,106,21,195,188,19,174,0,87,227,74,91,165,75,28,16,107,81,192,177,101,204,116,55,244,147,33,168,203,115,225,197,41,148,152,232,143,159,50,203,113,208,44,212,83,60,20,10,112,254,104,123,134,109,160,72,40,206,71,217,162,28,215,160,127,183,97,125,120,185,232,21,141,27,121,149,29,61,96,33,93,117,92,219,43,163,157,201,225,91,147,169,181,124,240,169,150,214,14,90,233,117,199,101,57,200,88]",
+		"type": "REQUEST"
+	},
+	{
+		"payload": "[177,224,84,39,26,81,63,208,43,252,36,8,25,224,26,135,254,138,71,72,128,233,205,85,57,3,242,11,60,117,227,12,157,248,159,254,98,230,34,172,203,73,46,229,101,15,102,8,4,36,11,157,3,217,199,76,103,168,115,153,195,134,50,116,1,95,7,17,157,186,198,133,138,153,243,186,52,125,153,49,29,50,249,176,66,17,201,99,116,129,135,202,231,116,0,45,89,254,164,244,225,169,84,206,180,109,68,157,218,90,45,212,227,56,32,103,9,126,2,44,45,45,107,117,61,197,36,189,45,0,56,231,139,142,50,57,242,253,6,247,50,167,243,128,230,162,13,179,45,178,242,125,230,163,42,15,141,130,59,85,242,122,169,16,47,183,25]",
+		"type": "RESPONSE"
+	},
+	{
+		"payload": "[48,119,117,68,111,49,68,66,106,75,116,114,91,225,125,73,184,207,122,96,27,197,111,163,164,73,17,37,147,157,140,228,25,249,255,151,190,8,7,86]",
+		"type": "REQUEST"
+	},
+	{
+		"payload": "[26,117,88,205,112,210,116,201,188,169,103,181,180,64,174,24,237,2,111,128,87,122,191,252,66,76,196,198,86,225]",
+		"type": "RESPONSE"
+	},
+	{
+		"payload": "[86,77,110,121,71,118,104,86,49,52,74,71,158,142,158,71,65,202,28,55,58,2,128,34,227,146,248,132,104,77,46,188,46,144,224,145,248,59,187,34,19,223,186,251,172,110,4,249,42]",
+		"type": "REQUEST"
+	},
+	{
+		"payload": "[21,187,90,44,19,248,238,231,113,133,23,55,95,246,9,127,88,103,26,99,207,11,69,135,119,163,146,201,197,183,191,142,70,20,3,14,119,84,173,237,15,69,79,148,128,104,82,31,127,126,14,127,18,166,106,140,183,8,27,148,102,177,27,151,70,107,199,175,216,52,197,138,127,168,190,254,224,2,211,124,214,58,23,76,88,252,120,4,211,108,218,175,45,203,229,185,48,32,49,43,49,30,251,28,176,182,7,93,147,26,10,194,220,161,137,139,211,137,93,190,57,181,175,138,91,238,237,141,127,244,249,230,239,187,52,67,3,38,187,199,219,210,227,8,155,55,15,134,173,141,103,8,12,129,231,148,74,76,248,135,38,203,160,15,201,97,107,227,214,67,63,251,116,50,25,184,199,218,135,192,244,161,127,123,162,44,237,68,67,85,250,134,138,103,161,233,214,90,81,93,229,77,46,194,222,207,94,120,131,171,211,12,146,44,10,135,141,4,148,100,168,97,0,253,63,4,114,7,160,236,232,77,103,147,68,26,42,77,190,215,98,129,176,192,121,205,210,217,3,61,235,198,137,185,64,53,99,142,242,67,74,227,113,169,85,67,192,254,2,3,210,232,121,88,84,34,43,129,8,203,147,203,101,55,54,248,0,90,177,232,226,166,171,235,152,154,185,248,41,124,215,120,123,205,70,220,226,160,199,133,242,3,178,203,163,66,136,154,219,245,9,85,215,59,245,56,6,241,65,65,147,20,61,37,83,146,16,225,253,188,160,198,27,253,17,91,100,104,43,56,211,224,149,112,151,199,4,217,128,49,77,244,28,207,169,212,168,209,49,87,124,173,113,113,230,145,196,167,209,24,252,84,127,143,246,86,91,127,26,183,23,18,73,210,201,94,106,160,226,116,86,155,78,194,88,250,47,177,198,12,151,255,45,254,86,64,247,205,240,223,35,48,187,108,100,163,175,111,162,111,48,105,79,14,127,177,239,46,204,115,132,198,196,197,154,224,20,154,222,121,119,175,211,43,200,171,202,17,156,134,218,144,165,102,185,23,152,77,227,212,87,210,145,177,247,70,124,255,194,75,248,121,26,65,113,243,23,88,47,9,225,131,111,109,95,40,173,75,32,220,227,33,14,0,241,140,223,62,98,60,10,13,9,72,38,56,110,184,56,167,69,201,36,54,144,132,195,44,167,30,102,142,26,170,211,44,9,94,100,84,90,67,150,172,106,65,142,186,70,36,80,131,199,128,224,117,33,82,145,26,119,145,85,105,51,2,132,241,155,243,169,9,5,247,236,214,46,73,228,67,196,166,27,43,208,179,210,171,103,125,179,234,24,163,193,229,218,198,13,129,236,236,239,156,121,67,26,181,65,117,251,170,4,37,194,97,50,153,14,114,52,193,4,144,118,31,224,35,85,167,86,10,24,86,19,207,204,38,128,151,28,173,87,85,185,91,254,113,9,224,250,252,139,157,41,46,48,159,168,219,81,229,40,100,132,146,195,248,160,130,70,44,159,14,221,75,90,104,14,0,134,61,225,221,59,108,124,225,146,39,197,240,18,159,178,104,249,39,68,2,243,147,22,93,228,187,12,226,252,208,106,7,251,66,9,202,94,232,106,34,165,104,89,219,61,63,102,107,129,2,57,130,169,32,191,46,244,199,45,60,89,231,252,173,181,62,205,61,7,94,54,223,167,196,104,77,9,107,169,248,95,235,21,224,97,184,99,240,155,101,83,15,14,169,82,153,13,16,73,174,126,38,204,49,248,3,112,94,174,105,129,61,106,146,63,160,121,149,68,150,116,96,8,134,143,156,74,213,226,162,54,16,109,126,123,188,162,81,46,162,129,11,19,78,104,228,229,146,49,208,98,166,237,49,90,127,57,105,87,126,59,183,136,116,82,218,38,217,50,245,136,105,25,80,133,83,129,87,224,174,44,46,255,241,197,50,9,218,193,163,229,173,157,199,66,14,237,49,125,75,191,24,7,83,237,8,138,175,133,50,11,70,101,141,231,17,175,94,36,160,197,126,28,202,45,73,247,22,149,201,61,51,118,240,15,129,198,145,135,205,157,64,137,60,216,45,162,71,248,3,163,43,142,188,240,123,52,49,138,124,147,149,176,124,67,12,97,78,58,89,7,218,197,243,139,201,208,183,9,34,56,13,43,133,101,147,117,77,111,3,226,239,102,207,44,224,199,231,78,162,55,167,123,218,70,1,185,225,173,35,224,43,9,214,187,254,241,56,109,244,175,220,124,102,123,45,133,31,191,11,21,110,21,75,14,52,240,38,186,118,126,38,181,222,119,150,217,63,206,18,251,211,70,220,163,17,222,123,84,25,156,61,103,151,38,198,52,93,235,145,212,43,241,206,175,84,43,142,60,182,159,53,228,51,220,180,63,194,45,142,121,26,184,74,197,180,219,103,82,159,206,106,51,241,237,138,129,51,67,103,166,44,96,120,252,189,62,207,237,28,114,65,235,110,140,195,210,53,35,2,219,6,239,39,71,178,11,238,6,160,249,129,5,33,12,18,118,218,167,89,72,89,45,218,49,156,107,135,174,207,254,238,189,120,27,140,96,136,222,30,60,244,205,171,26,104,145,165,98,53,169,112,188,80,80,68,181,206,7,45,242,55,205,164,138,18,99,59,182,206,203,57,229,172,153,118,93,116,136,42,35,155,109,85,51,218,226,220,173,134,253,147,55,60,145,158,151,86,96,135,43,222,227,8,138,60,12,100,113,104,130,121,51,25,251,194,193,92,192,253,38,6,241,40,8,252,130,94,189,49,71,242,248,15,206,70,179,192,87,173,16,0,14,141,150,62,116,182,101,235,247,237,41,114,91,34,177,72,8,150,165,193,253,219,92,42,235,87,106,120,20,243,139,74,146,187,14,46,221,155,97,129,166,233,55,67,232,81,167,233,35,206,15,159,184,120,150,102,158,83,130,206,155,10,27,100,151,95,90,161,209,255,201,227,182,183,249,228,207,177,41,53,64,224,22,126,24,68,60,148,90,10,108,207,154,32,200,25,201,154,118,224,14,236,23,196,151,101,204,138,198,200,136,215,154,15,101,49,92,102,23,6,236,249,185,185,128,120,237]",
+		"type": "RESPONSE"
+	}
+]