Questions tagged [protocol]
A system of rules designed to allow the communication between two or more participants. The two main types of protocols are either stateless protocols (UDP) or stateful protocols (TCP).
81 questions
0
votes
0
answers
26
views
Retrieve the address of a peer to peer video stream from cheap WiFi camera drone
I recently picked up a Chinese WiFi drone from which I recovered the electronic modules.
I would like to use the module allowing video transmission via Wifi for other projects. So I first tried with ...
0
votes
1
answer
53
views
Help me find how the RFID copier writes the values in the tag
At first it may seems that it uses ascii but the values don't match.
The numbers 1-15 seem to written in the first nibble(without knowing what the rest bits mean)
For higher values i don't have a clue....
- 3
3
votes
0
answers
72
views
Reverse-engineer Bubendorff CLEP21 remote controller
TLDR; I have a Bubendorff shutter system, whereas each shutter has its own remote controller. I am trying to clone the remote controllers, to build a single system for shutter control. There are three ...
- 131
0
votes
1
answer
57
views
Is there any way to read the data in STC11F02E?
I need to read the data from the STC11F02E microcontroller. Is there a way to do this?
- 1
2
votes
2
answers
133
views
Reverse Engineer an ultrasonic cartridge communication with the station to bypass remaining uses
I Have an ultrasonic machine that has a cartridge with a set amount of uses. When that value gets to 0, the cartridge has to be disposed, and a new one bought. The thing is that with some maintenance ...
- 41
0
votes
0
answers
43
views
What is the protocol used in those datas?
I am currently working on analyzing packet exchanges between a computer and an access control system. At present, the computer and this access control system require an intermediary software to ...
- 1
1
vote
1
answer
116
views
microcontroller to microcontroller - is this I2C protocol?
I have a consumer grade hot water boiler that I am trying to interface to get various internal measurements (outlet temp, inlet temp, etc.). The main control board is powered by a defunct Fujitsu ...
- 11
0
votes
0
answers
43
views
Microsoft Teams web client: how does Teams knows if a device is allowed or not
In my company I am able to use Ms Teams only inside windows but when I try from a Virtual machine (Hyper-V) running linux it says that this device is not allowed.
So how can the Teams Server knows ...
- 101
2
votes
1
answer
80
views
Keycode from a serial PDA keyboard (iPAQ G750)
I have a folding PDA keyboard (model number iPAQ G750). It is using a proprietary serial protocol, I want to adapt it to Bluetooth using a micro controllers. The keyboard sends out a 2-byte keycode ...
- 31
0
votes
0
answers
43
views
9 pin serial port as GPIO
So I have a Royal DS 2260. It's an ancient "digital organizer" from the late 90s.
It has a 2.5mm headphone jack that can be used to either send/receive data to and from other digital ...
- 183
1
vote
0
answers
175
views
How to reverse engineer a USB sump pump controller that is not designed to connect to a computer
I have a sump pump monitor / controller that is USB-enabled. The USB port on the side is designed to hook to a WiFi module or a once-promised, now-canceled, never-produced Z-wave module (which is what ...
- 111
1
vote
0
answers
187
views
How can I extract the timestamp from this bytestring?
I am missing a piece of the puzzle that is the TCP protocol the Battlefield Bad Company games use to transfer dogtag records to/from the FESL backend. The general packet structure is quite clear and I ...
- 11
4
votes
0
answers
712
views
Decoding the Apple vendor tag in the 802.11 beacon
Background
Looking to answer Is there a way to detect if you're connected via a shared WiFi Hotspot? on apple.stackexchange.com lead me to How does iOS and OS X detect when a Wi-Fi network is a ...
- 41
2
votes
0
answers
110
views
Reverse engineering 18 Bytes protocol
I'm not really used to do algorithm reverse engineering, so I need some help
It's a SPI communication between a STM and a wireless chip, hopefully the data were correctly acquired by the logic ...
- 21
2
votes
0
answers
661
views
Understanding gRPC message
Problem
I intercepted a gRPC network request from an application, and I intend to modify the contents and resend the message programmatically. As no tools (except for MitmProxy, see below) were able ...
0
votes
1
answer
199
views
Identifying the source of encryption used by UDP packets in a PCAP file
I have a PCAP file (mediafire link to the file) which basically represents packet captures between 2 machines running the same game connected to each other via LAN inside RPCS3 using RPCN.
One of ...
- 103
2
votes
0
answers
94
views
Help MMO Tcp Packet
I'm trying re-send the packets that an MMO sends to the server just to learn more about packets. The game uses TCP.
I sent the same message in the game chat "oi"
to analyze the packages sent ...
- 21
0
votes
0
answers
82
views
Password encryption when transferring from master to PLC
So, there is a PLC and a SoftMaster program to work with it. The PLC works according to the XGFenet protocol.
When connecting to the PLC for the first time in SoftMaster, a password must be entered. ...
- 101
1
vote
2
answers
196
views
What is the best approach to reverse a custom TCP Application Layer?
I have recorded a TCP Stream using Wireshark, so I have Client/Server Communication as a hex dump.
What is the best approach to reverse the custom application layer?
Some data seems to be ascii ...
- 11
0
votes
1
answer
1k
views
Reversing DALY BMS BLE protocol
I am trying to communicate with the DALY BMS (Battery management system) via BLE.
I was wondering if anyone has any bit of information regarding their protocol, something to start with?
- 111
6
votes
1
answer
2k
views
HackRF One - Replay Attack on Garage Door does not work (12 DIP switches)
TL;DR solution
Setting 4MHz sample rate and 2Mhz bandwidth in the capture tab (according to the Nyquist theorem the sample rate has to be double the bandwidth)
Using the length of a DIP switch ...
- 63
2
votes
1
answer
145
views
How to determine a type of binary serialization?
I'm trying to analyze the messages that the game sends to the server through WebSockets. I have a simple WebSockets proxy that stands in the middle and prints all messages to the console.
I noticed ...
- 21
4
votes
2
answers
662
views
On reverse engineering an udp protocol to control a drone
My goal is to control my drone with my raspberry pi using python and not the app that is being delivered together with it.
First I connected the app to the drone, flew and used aircrack-ng to get the ...
3
votes
1
answer
850
views
Is it possible to sniff an ATA Drive password?
Context: I have a proprietary Tandberg Data RDX QuickStor Internal USB3 drive bay for PC (item number 8666-RDX) and some storage cartridges for it.
Esentially, these are just regular TOSHIBA MK3276GSX ...
- 31
5
votes
3
answers
1k
views
Modern tools for reversing binary network protocols
What are some modern tools or techniques for attempting to reverse a binary protocol sent over UDP?
I've been trying to do research on this, and it seems like almost everything is obselete. Previous ...
0
votes
2
answers
309
views
What checksum algorithm is this?
I'm trying to control an air conditioning unit. The app and the unit communicate using the Broadlink protocol. I can decode the settings it's sending and replay them.
The payload is 32 bytes but only ...
- 3
2
votes
1
answer
1k
views
Reverse UART communication protocol
I'm objective is to build a custom wifi module to be used on a Samsung AC AR24HSFSAWKN. I have such an official module SWL-B70F for which I'm trying to reverse engineer the communication with the main ...
- 141
0
votes
2
answers
295
views
Touch screen driver module - Determine comunication protocol
I have taken apart an old non-functional Lenovo IdeaCentre (B320) computer.
I would like to get the glass touch panel to 'work' (I would consider anything from simply being able to sniff the x,y ...
0
votes
1
answer
275
views
Manufacturer interface on OCZ Agility 4 SSD
Inside the housing of an OCZ Agility 4 SSD I found several additional connectors on the opposite site of the SATA connectors.
What are they good for and how to connect them properly?
Zoomed:
- 125
1
vote
1
answer
126
views
What's wrong with my mitm to support rr commands with gdbserver on IDA?
First of here is the gdb remote protocol doc.
The idea of the below script is the following - you enter an actual command (one that will be send as a direct packet see packets) in the gdb window then ...
- 475
0
votes
1
answer
811
views
Determine checksum / CRC algorithm
I am doing reverse engineering on some network protocol. It is client to server communication and I am pretty stuck with identifying checksum (or CRC) algorithm used in packet structure.
I tried ...
- 1
1
vote
1
answer
218
views
Checksum field within IR protocol
I am trying to reverse engineer the IR protocol for my air conditioner (GREE - remote control YAP1FF) and with the data I found online and a lot of testing with a IR receiver there is only one field I ...
- 11
1
vote
0
answers
308
views
Reconstructing struct/union-based IPC protocol wire format
I'm embarking on my first reverse-engineering adventure. I think I've picked a rather dense piece of steak to start out with.
I have three C programs which communicate together using an unknown IPC ...
- 121
3
votes
0
answers
162
views
Reverse engineering non-standard LIN protocol
I'm trying to reverse engineer an ECU / GSU protocol from a model airplane jet turbine, in order to make a telemetry adapter.
I have decoded several other protocols in the past with good success but ...
- 31
1
vote
0
answers
49
views
Likely protocol determination by chip IDs and connections?
CONTEXT: My first post in this stack. Absolute beginner at RE. Also generally a beginner at anything electronics. Please be kind and correct me instead of ridiculing me.
GOAL: Replace a damaged ...
- 13
2
votes
1
answer
352
views
UE Megaboom serial protocol
I recently got a UE Megaboom Bluetooth speaker. Apart from various audio profiles, I noticed the speaker also exposes a Serial Port BT profile. I suspect this is the channel the app uses to control ...
- 171
0
votes
1
answer
413
views
How to calculate the checksum algorithm with data captures
I have an obsolete control system that I am trying to write an interface into our new control system. I have spent weeks capturing data and figuring out the addressing, polling commands, point ...
- 3
2
votes
1
answer
140
views
Can't identify checksum type in unknown RS485 protocol
I need to reverse a RS485 protocol in order to extract some values for further usage. Unfortunately only these few messages are available at the moment. They repeat continuosly. Only in special ...
3
votes
1
answer
637
views
Decipher variable length serial protocol
I have an ebike consisting of a controller which regulates power to the motor and a smart LCD which can adjust max speed, power output, pedal assist sensitivity etc as well as displaying the current ...
- 33
3
votes
1
answer
397
views
What Checksum/CRC algorithm in RF packet?
I am banging my head to figure out the checksum of a RF device, it seems to be a simple one but no luck so far...
The first 3 bytes is the SyncWord then 9 bytes is the payload and the last byte ...
- 33
0
votes
1
answer
441
views
Decoding serial data package
I have an assignment at work, to get information from Jenbacher generator and show values in new SCADA system. It has a B&R CP260 PLC with RS232 port and RS232 to RS485 converter. Currently it’s ...
- 1
2
votes
0
answers
153
views
serial protocol patterns
I am reversing a serial 232 protocol and I found these pattern in the data.
E5 A7 CD 01 00
79 .. .. 40
00 23 00 23 00 23 00 23 00 22 00 22 00 22 00 21
follows some recording and expected approx ...
- 133
4
votes
0
answers
388
views
Trouble finding the right Checksum algorithm
After reading a lot of posts here and their solutions, Punching lines in CRC calculators for several days now. I can't seem to find on which Checksum this code is based.
Background
This is a data ...
3
votes
1
answer
416
views
NFC Tag reverse engineering failed by a non-responding tag
I was curious about a system using NFC and I tried to find out what was the protocol. But after digging few days around, I have the card detected by my reader (acr122u) but that's all I get. I can't ...
- 31
3
votes
0
answers
2k
views
Reverse engineering unknown RS232/UART binary protocol
Background story
For couple of days I'm trying to crack the protocol used the old medical device, in order to collect data for a research in an automated way.
The device in question is Novametrix ...
- 163
2
votes
1
answer
1k
views
Deducing Protobuf Schema and Datatypes
I have a number of protobuf files but no .proto schema file!
cat myfile.pbuf | protoc --decode_raw > outputfile.txt
Using the above command, I was able to decode the file into a somewhat readable ...
- 135
1
vote
2
answers
3k
views
DPFMate Keychain tool
Got this Digital Keychain Photo viewer thingy. Comes with the DPFMate.exe software, which does not run under Windows 10. So far I've confirmed, that it runs perfectly on what they avertise - Windows ...
- 63
1
vote
0
answers
31
views
FFC on the back of a Chromebook Pixel Display Assembly
Hello!
I want to get the touch overlay of a Chromebook Pixel Display Assembly to work. I attached a picture of the Cable coming out of a mxT1664S touch controller. Can someone tell me what type of ...
- 11
1
vote
0
answers
127
views
Protocol RE, mysterious checksum function
Im trying to reverse engineer a protocol in which some text is sent and has a specific number appended. I figured out that the number is some kind of a checksum (depends on the text somehow) and also ...
- 11
2
votes
3
answers
3k
views
How to monitor/reverse engineer RS485-connected display device traffic?
Can anyone point me in the right direction for tutorials etc on reverse engineering RS484 connected battery management system?
I have a large 12V lithium battery module which has an internal BMS and ...
