Code:
# BNET Protocol Parser by daCoder (2014)
import binascii
#Insert your hexstream from wireshark here
login1 = ""
login2 = ""
login3 = ""
login4 = ""
def byte_to_binary(n):
return ''.join(str((n & (1 << i)) and 1) for i in (range(8)))
def hex_to_binary(h):
return ''.join(byte_to_binary(ord(b)) for b in binascii.unhexlify(h))
def get_right_order(bin, pointer, size):
lastbytes = (pointer + size) % 8
if pointer+size-lastbytes <= pointer:
b = bin[pointer:pointer+size]
else:
b = bin[pointer+size-lastbytes:pointer+size]
size = size - lastbytes
while (pointer+size-8 >= pointer):
b = b + bin[pointer+size-8:pointer+size]
size = size - 8
b = b + bin[pointer:pointer+size]
return b[::-1]
def bin_to_hex(bin, pointer, size):
return hex(int(get_right_order(bin,pointer,size),2))
def bin_to_char(bin,pointer, size):
b = int(get_right_order(bin,pointer,size),2)
return binascii.unhexlify('%x' % b)
def bin_to_dec(bin, pointer, size):
b = get_right_order(bin,pointer,size)
return int(b,2)
def Authentication_InformationRequest(login1_bin):
# First packet to battlenet on port 1119
print "------------------------------"
# Header Information for the packets
packetid = bin_to_hex(login1_bin, 0, 6)
haschannel = bin_to_dec(login1_bin, 6, 1)
p = 7
if (haschannel > 0):
channelid = bin_to_dec(login1_bin,p,4)
p = p + 4
print "Channel:", channelid
# The main part begins here
program = bin_to_char(login1_bin,p,32)
p = p + 32
platform = bin_to_char(login1_bin,p,32)
p = p + 32
locale = bin_to_char(login1_bin,p,32)
p = p + 32
componentCount = bin_to_dec(login1_bin,p,6)
p = p + 6
print "PacketID:", packetid
print program, platform, locale
print componentCount, "Components:"
for c in range(componentCount):
program = bin_to_char(login1_bin,p,32)
p = p + 32
platform = bin_to_char(login1_bin,p,32)
p = p + 32
build = bin_to_hex(login1_bin,p,32)
p = p + 32
print "\t", c, program, platform, build
hasAccountName = bin_to_dec(login1_bin,p,1)
p = p + 1
if (hasAccountName):
len = bin_to_dec(login1_bin,p,9) + 3
len = len * 8 # get size as bits
p = p + 9
p = p + 5 #empty bits?
accountname = bin_to_char(login1_bin,p,len)
p = p + len
print "Account:", accountname
def Authentication_ProofRequest(login1_bin):
print "------------------------------"
# Header Information for the packets
packetid = bin_to_hex(login1_bin, 0, 6)
haschannel = bin_to_dec(login1_bin, 6, 1)
p = 7
if (haschannel > 0):
channelid = bin_to_dec(login1_bin,p,4)
p = p + 4
print "Channel:", channelid
print "PacketID:", packetid
moduleCount = bin_to_dec(login1_bin,p,3)
p = p + 3
print moduleCount, "Modules"
print "\tn\tauth\tlocale\tmoduleid\tblobsize"
for c in range(moduleCount):
p = p + (8 - p % 8) # align bits
auth = bin_to_char(login1_bin,p,32)
p = p + 32
locale = bin_to_char(login1_bin,p,32)
p = p + 32
moduleid = bin_to_hex(login1_bin,p,32*8)
p = p + 32*8
blobsize = bin_to_dec(login1_bin,p,10) * 8
p = p + 10
moduleData = bin_to_hex(login1_bin,p, blobsize)
p = p + blobsize
print "\t", c, auth, locale, moduleid,blobsize
print "\tdata:", moduleData
def Authentication_ProofResponse(login1_bin):
print "------------------------------"
# Header Information for the packets
packetid = bin_to_hex(login1_bin, 0, 6)
haschannel = bin_to_dec(login1_bin, 6, 1)
p = 7
if (haschannel > 0):
channelid = bin_to_dec(login1_bin,p,4)
p = p + 4
print "Channel:", channelid
print "PacketID:", packetid
moduleCount = bin_to_dec(login1_bin,p,3)
p = p + 3
print moduleCount, "Modules"
for c in range(moduleCount):
blobsize = bin_to_dec(login1_bin,p,10) * 8
p = p + 10
moduleData = bin_to_hex(login1_bin,p, blobsize)
p = p + blobsize
print "\t", c, "- size:", blobsize
print "\tdata:", moduleData
def Authentication_Complete(login1_bin):
print "------------------------------"
# Header Information for the packets
packetid = bin_to_hex(login1_bin, 0, 6)
haschannel = bin_to_dec(login1_bin, 6, 1)
p = 7
if (haschannel > 0):
channelid = bin_to_dec(login1_bin,p,4)
p = p + 4
print "Channel:", channelid
print "PacketID:", packetid
success = bin_to_dec(login1_bin,p,1)
p = p + 1
if (success):
print "Success"
moduleCount = bin_to_dec(login1_bin,p,3)
p = p + 3
print moduleCount, "Modules"
print "\tn\tauth\tlocale\tmoduleid\tblobsize"
for c in range(moduleCount):
p = p + (8 - p % 8) # align bits
auth = bin_to_char(login1_bin,p,32)
p = p + 32
locale = bin_to_char(login1_bin,p,32)
p = p + 32
moduleid = bin_to_hex(login1_bin,p,32*8)
p = p + 32*8
blobsize = bin_to_dec(login1_bin,p,10) * 8
p = p + 10
moduleData = bin_to_hex(login1_bin,p, blobsize)
p = p + blobsize
print "\t", c, auth, locale, moduleid,blobsize
print "\tdata:", moduleData
pingTimeout = bin_to_dec(login1_bin,p,32)
p = p + 32
print "ping timeout:", pingTimeout
hasOptsegment = bin_to_dec(login1_bin,p,1)
p = p + 1
if (hasOptsegment):
params_bool = bin_to_dec(login1_bin,p,1)
p = p + 1
if (params_bool):
threshold = bin_to_hex(login1_bin,p,32)
p = p + 32
rate = bin_to_hex(login1_bin,p,32)
p = p + 32
print "threshold:", threshold, "rate:", rate
name_len = bin_to_dec(login1_bin,p,7)
p = p + 7
accountname = bin_to_char(login1_bin,p,name_len)
p = p + len
unk64 = bin_to_hex(login1_bin,p,64)
p = p + 64
unk32 = bin_to_hex(login1_bin,p,32)
p = p + 32
print accountname, unk64, unk32
else:
print "No Success"
hasOptModule = bin_to_dec(login1_bin,p,1)
p = p + 1
if (hasOptModule):
print "\tauth\tlocale\tmoduleid"
p = p + (8 - p % 8) # align bits
auth = bin_to_char(login1_bin,p,32)
p = p + 32
locale = bin_to_char(login1_bin,p,32)
p = p + 32
moduleid = bin_to_hex(login1_bin,p,32*8)
p = p + 32*8
print "\t", auth, locale, moduleid
failType = bin_to_dec(login1_bin,p,2)
p = p + 2
if failType == 1:
errorCode = bin_to_dec(login1_bin,p,16)
p = p + 16
timestamp_maybe = bin_to_dec(login1_bin,p,32)
p = p + 32
print "errorCode:", errorCode, timestamp_maybe
else:
print "failType:", failType
# First Request parsing
Authentication_InformationRequest(hex_to_binary(login1))
# First Response parsing
Authentication_ProofRequest(hex_to_binary(login2))
# Second Request parsing
Authentication_ProofResponse(hex_to_binary(login3))
# Second Response parsing
Authentication_Complete(hex_to_binary(login4))