jared
/
interwebs-o-trash
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Interwebs O Trash - IoT Hacking Stuff
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
interwebs-o-trash/dissector.lua

dissector.lua 2.1KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445 
  1. -- protocol dissector for EcoPlugs protocol

  2. 

  3. -- declare our protocol

  4. eocProt = Proto("EP","EcoPlugs IoT")

  5. 

  6. -- create a function to dissect it

  7. function eocProt.dissector(buffer,pinfo,tree)

  8.   pinfo.cols.protocol = "EP"

  9.   local protocolTree = tree:add(eocProt, buffer(), "EcoPlugs Protocol Data")

  10. 

  11.   if buffer:len() == 408 then

  12.     -- this is a broadcast packet response

  13.     protocolTree:add(buffer(4,6), "Version: " .. buffer(4,6):stringz())

  14.     protocolTree:add(buffer(10,32), "ID: " .. buffer(10,32):stringz())

  15.     protocolTree:add(buffer(42,32), "Name: " .. buffer(42,32):stringz())

  16.     protocolTree:add(buffer(74,32), "Short ID: ".. buffer(74,32):stringz())

  17.     protocolTree:add(buffer(106,14), "Time: " .. buffer(106,14))

  18.     protocolTree:add(buffer(252,8), "Region: " .. buffer(252,8):stringz())

  19.     protocolTree:add(buffer(260,5), "Zip Code: " .. buffer(260,5):stringz())

  20.     ipl = protocolTree:add(buffer(272,48), "Cloud IP Addresses")

  21.     ipl:add(buffer(272,16), "Cloud IP 1: " .. buffer(272,16):stringz())

  22.     ipl:add(buffer(288,16), "Cloud IP 2: " .. buffer(288,16):stringz())

  23.     ipl:add(buffer(304,16), "Cloud IP 3: " .. buffer(304,16):stringz())

  24.     protocolTree:add(buffer(368,18), "Device MAC Address: " .. buffer(368,18):stringz())

  25.     protocolTree:add(buffer(386,18), "Host: " .. buffer(386,18):stringz())

  26.   else

  27.     -- this is a query/set command

  28.     protocolTree:add(buffer(0,6), "Command: " .. buffer(0,6))

  29.     protocolTree:add(buffer(6,4), "Model: " .. buffer(6,4))

  30.     protocolTree:add(buffer(10,6), "Version: " .. buffer(10,6):stringz())

  31.     protocolTree:add(buffer(16,32), "ID: " .. buffer(16,32):stringz())

  32.     protocolTree:add(buffer(48,32), "Name: " .. buffer(48,32):stringz())

  33.     protocolTree:add(buffer(80,32), "Short ID: ".. buffer(80,32):stringz())

  34.     -- set command here

  35.     if buffer:len() == 130 then

  36.       protocolTree:add(buffer(128,2), "Set Mode: " .. buffer(128,2))

  37.     end

  38.   end

  39. end

  40. 

  41. -- load the udp.port table

  42. udp_table = DissectorTable.get("udp.port")

  43. 

  44. -- register our protocol to handle udp port 25 and if I could, dest ports of 31423

  45. udp_table:add(25, eocProt)