I started capturing packets between the client and the server so I could begin to understand the sequencing of ops. Still crawling my way through this. I have to admit, I don't know much about that sort of thing; so, it has been a learning experience. I looked at the packet collecting projects already in CVS and the one in PEQ's downloads. I could not get the first to work, and the later seemed to me only collected certain packets for privacy reasons. I decided to work from captures of Wireshark (something I have never done). \
When it comes to scripting, I am comfortable with python; so, I looked to the impacket module to parse the packets. Well, embarrassingly enough, I ran into an issue of not having RTFM for Wireshark, and I assumed the collection was a raw dump. This caused me headaches with the packets not looking right, but with a little investigation I found the pcap format, and was able to get things going. So, though I have not gotten much further along, I now am now beginning to look at the sequence of how things work between the server and client.
If I get no where at all, this is turning out to be quite fun.
Kit
|