internal void BufferTCPPacket(TCPPacket pTCPPacket)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (Terminated)";
return;
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort.ToString();
return;
}
if (pTCPPacket.Syn && pTCPPacket.Ack)
{
mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return;
}
if (pTCPPacket.PayloadDataLength == 0)
{
return;
}
if (!gotKey)
{
byte[] tcpData = pTCPPacket.TCPData;
if (BitConverter.ToUInt16(tcpData, 1) != 0x0807)
{
this.Close();
mInboundSequence += (uint)tcpData.Length; //not valid xorkey
return;
}
ushort xorKey = BitConverter.ToUInt16(tcpData, 3);
mOutboundStream = new FiestaStream(true, xorKey);
mInboundStream = new FiestaStream(false, 0);
gotKey = true;
mInboundSequence += (uint)tcpData.Length;
return;
}
if (pTCPPacket.SourcePort == mLocalPort)
{
ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream); //process fromclient
}
else
{
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream); //process fromserver
}
}
internal void BufferTCPPacket(TCPPacket pTCPPacket)
{
if (pTCPPacket.Fin || pTCPPacket.Rst)
{
mTerminated = true;
Text += " (T.)";
if (mPackets.Count == 0)
{
this.Close();
}
return;
}
if (pTCPPacket.Syn && !pTCPPacket.Ack)
{
mLocalPort = (ushort)pTCPPacket.SourcePort;
mRemotePort = (ushort)pTCPPacket.DestinationPort;
mOutboundSequence = (uint)(pTCPPacket.SequenceNumber + 1);
Text = "Port " + mLocalPort.ToString();
return;
}
if (pTCPPacket.Syn && pTCPPacket.Ack)
{
mInboundSequence = (uint)(pTCPPacket.SequenceNumber + 1); return;
}
if (pTCPPacket.PayloadDataLength == 0)
{
return;
}
if (!gotEnc)
{
byte[] tcpData = pTCPPacket.TCPData;
short xorKey = 0;
if (tcpData.Length == 5 && tcpData[0] == 4 && tcpData[1] == 7 && tcpData[2] == 8)
{
xorKey = (short)(tcpData[3] | (tcpData[4] << 8));
}
else
{
/*FileStream fs = new FileStream("C:\\Documents and Settings\\Removed\\Desktop\\FiestaShark\\PacketTest.txt", FileMode.Create);
* BinaryWriter bw = new BinaryWriter(fs);
* for( short i = 0; i < 499; i++ ) {
* byte[] tmp = PacketCrypt.Decrypt(tcpData, i);
* bw.Write(i + " - ");
* bw.Write(tmp, 0, 32);
* bw.Write(Environment.NewLine);
* if( tmp[16] == 0 && tmp[17] == 0 ) {
* xorKey = i;
* bw.Write("[XorKey] = " + xorKey + Environment.NewLine);
* }
* }
* bw.Close();
* fs.Close();*/
return;
}
mOutboundStream = new FiestaStream(xorKey, true);
mInboundStream = new FiestaStream(xorKey, false);
mInboundSequence += (uint)tcpData.Length;
gotEnc = true;
//return;
}
if (pTCPPacket.SourcePort == mLocalPort)
{
ProcessTCPPacket(pTCPPacket, ref mOutboundSequence, mOutboundBuffer, mOutboundStream);
}
else
{
ProcessTCPPacket(pTCPPacket, ref mInboundSequence, mInboundBuffer, mInboundStream);
}
}
private void ProcessTCPPacket(TCPPacket pTCPPacket, ref uint pSequence, Dictionary <uint, byte[]> pBuffer, FiestaStream pStream)
{
if (pTCPPacket.SequenceNumber > pSequence)
{
byte[] data;
while ((data = pBuffer.GetOrDefault(pSequence, null)) != null)
{
pBuffer.Remove(pSequence);
pStream.Append(data);
pSequence += (uint)data.Length;
}
if (pTCPPacket.SequenceNumber > pSequence)
{
pBuffer[(uint)pTCPPacket.SequenceNumber] = pTCPPacket.TCPData;
}
}
if (pTCPPacket.SequenceNumber < pSequence)
{
int difference = (int)(pSequence - pTCPPacket.SequenceNumber);
if (difference > 0)
{
byte[] data = pTCPPacket.TCPData;
if (data.Length > difference)
{
pStream.Append(data, difference, data.Length - difference);
pSequence += (uint)(data.Length - difference);
}
}
}
else if (pTCPPacket.SequenceNumber == pSequence)
{
byte[] data = pTCPPacket.TCPData;
pStream.Append(data);
pSequence += (uint)data.Length;
}
FiestaPacket packet;
bool refreshOpcodes = false;
try {
while ((packet = pStream.Read(DateTime.Now)) != null)
{
mPackets.Add(packet);
Definition definition = Config.Instance.Definitions.Find(d => d.Outbound == packet.Outbound && d.Opcode == packet.Opcode);
if (!mOpcodes.Exists(kv => kv.First == packet.Outbound && kv.Second == packet.Opcode))
{
mOpcodes.Add(new Pair <bool, ushort>(packet.Outbound, packet.Opcode));
refreshOpcodes = true;
}
if (definition != null && definition.Ignore)
{
continue;
}
mPacketList.Items.Add(packet);
if (mPacketList.SelectedItems.Count == 0)
{
packet.EnsureVisible();
}
}
} catch (Exception exc) {
OutputForm output = new OutputForm("Packet Error");
output.Append(exc.ToString());
output.Show(DockPanel, new Rectangle(MainForm.Location, new Size(400, 400)));
mTerminated = true;
Text += " (T.)";
}
if (DockPanel.ActiveDocument == this && refreshOpcodes)
{
MainForm.SearchForm.RefreshOpcodes(true);
}
}