vanhoefm · July 18, 2012 19:04
diff --git a/gamespy.lua b/gamespy.lua
 -- Wireshark LUA script to handle Gamespy Packets
 trivial_proto = Proto("gamespy","Gamespy Protocol")
 -- XOR Cipher:
 local tab = {  -- tab[i][j] = xor(i-1, j-1)
  {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, },
  {1, 0, 3, 2, 5, 4, 7, 6, 9, 8, 11, 10, 13, 12, 15, 14, },
  {2, 3, 0, 1, 6, 7, 4, 5, 10, 11, 8, 9, 14, 15, 12, 13, },
  {3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12, },
  {4, 5, 6, 7, 0, 1, 2, 3, 12, 13, 14, 15, 8, 9, 10, 11, },
  {5, 4, 7, 6, 1, 0, 3, 2, 13, 12, 15, 14, 9, 8, 11, 10, },
  {6, 7, 4, 5, 2, 3, 0, 1, 14, 15, 12, 13, 10, 11, 8, 9, },
  {7, 6, 5, 4, 3, 2, 1, 0, 15, 14, 13, 12, 11, 10, 9, 8, },
  {8, 9, 10, 11, 12, 13, 14, 15, 0, 1, 2, 3, 4, 5, 6, 7, },
  {9, 8, 11, 10, 13, 12, 15, 14, 1, 0, 3, 2, 5, 4, 7, 6, },
  {10, 11, 8, 9, 14, 15, 12, 13, 2, 3, 0, 1, 6, 7, 4, 5, },
  {11, 10, 9, 8, 15, 14, 13, 12, 3, 2, 1, 0, 7, 6, 5, 4, },
  {12, 13, 14, 15, 8, 9, 10, 11, 4, 5, 6, 7, 0, 1, 2, 3, },
  {13, 12, 15, 14, 9, 8, 11, 10, 5, 4, 7, 6, 1, 0, 3, 2, },
  {14, 15, 12, 13, 10, 11, 8, 9, 6, 7, 4, 5, 2, 3, 0, 1, },
  {15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0, },
 }
 function bxor (a,b)
  local res, c = 0, 1
  while a > 0 and b > 0 do
    local a2, b2 = a % 16, b % 16
    res = res + tab[a2+1][b2+1]*c
    a = (a-a2)/16
    b = (b-b2)/16
    c = c*16
  end
  res = res + a*c + b*c
  return res
 end
 -- Apply the "gamespy xor" to the packet
 function trivial_proto.dissector(buffer,pinfo,tree)
    pinfo.cols.protocol = "gamespy"
 	
 	-- Symmetric cipher used to encrypt/decrypt
 	cipher = {103, 97, 109, 101, 115, 112, 121}
 	index = 1
 	
 	decoded = ""
 	size = buffer:len()
 	
 	-- Apply XOR cipher and save the decoded string
 	for i=0,size-1 do
 		thebyte = bxor(buffer(i,1):uint(), cipher[index])
 		decoded = decoded .. string.char(thebyte)
 		
 		index = index + 1
 		if index == 8 then
 			index = 1
 		end
 	end
 	
 	-- Make wireshark display our results
    local subtree = tree:add(trivial_proto,buffer(),"Gamspy Protocol")
    subtree:add(buffer(0,size), "Decoded: " .. decoded)
 end
 -- load the udp.port table
 udp_table = DissectorTable.get("udp.port")
 -- register our protocol to handle udp port 7777
 udp_table:add(29910,trivial_proto)
	-- Wireshark LUA script to handle Gamespy Packets
	trivial_proto = Proto("gamespy","Gamespy Protocol")
	-- XOR Cipher:
	local tab = { -- tab[i][j] = xor(i-1, j-1)
	{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, },
	{1, 0, 3, 2, 5, 4, 7, 6, 9, 8, 11, 10, 13, 12, 15, 14, },
	{2, 3, 0, 1, 6, 7, 4, 5, 10, 11, 8, 9, 14, 15, 12, 13, },
	{3, 2, 1, 0, 7, 6, 5, 4, 11, 10, 9, 8, 15, 14, 13, 12, },
	{4, 5, 6, 7, 0, 1, 2, 3, 12, 13, 14, 15, 8, 9, 10, 11, },
	{5, 4, 7, 6, 1, 0, 3, 2, 13, 12, 15, 14, 9, 8, 11, 10, },
	{6, 7, 4, 5, 2, 3, 0, 1, 14, 15, 12, 13, 10, 11, 8, 9, },
	{7, 6, 5, 4, 3, 2, 1, 0, 15, 14, 13, 12, 11, 10, 9, 8, },
	{8, 9, 10, 11, 12, 13, 14, 15, 0, 1, 2, 3, 4, 5, 6, 7, },
	{9, 8, 11, 10, 13, 12, 15, 14, 1, 0, 3, 2, 5, 4, 7, 6, },
	{10, 11, 8, 9, 14, 15, 12, 13, 2, 3, 0, 1, 6, 7, 4, 5, },
	{11, 10, 9, 8, 15, 14, 13, 12, 3, 2, 1, 0, 7, 6, 5, 4, },
	{12, 13, 14, 15, 8, 9, 10, 11, 4, 5, 6, 7, 0, 1, 2, 3, },
	{13, 12, 15, 14, 9, 8, 11, 10, 5, 4, 7, 6, 1, 0, 3, 2, },
	{14, 15, 12, 13, 10, 11, 8, 9, 6, 7, 4, 5, 2, 3, 0, 1, },
	{15, 14, 13, 12, 11, 10, 9, 8, 7, 6, 5, 4, 3, 2, 1, 0, },
	}
	function bxor (a,b)
	local res, c = 0, 1
	while a > 0 and b > 0 do
	local a2, b2 = a % 16, b % 16
	res = res + tab[a2+1][b2+1]*c
	a = (a-a2)/16
	b = (b-b2)/16
	c = c*16
	end
	res = res + ac + bc
	return res
	end
	-- Apply the "gamespy xor" to the packet
	function trivial_proto.dissector(buffer,pinfo,tree)
	pinfo.cols.protocol = "gamespy"

	-- Symmetric cipher used to encrypt/decrypt
	cipher = {103, 97, 109, 101, 115, 112, 121}
	index = 1

	decoded = ""
	size = buffer:len()

	-- Apply XOR cipher and save the decoded string
	for i=0,size-1 do
	thebyte = bxor(buffer(i,1):uint(), cipher[index])
	decoded = decoded .. string.char(thebyte)

	index = index + 1
	if index == 8 then
	index = 1
	end
	end

	-- Make wireshark display our results
	local subtree = tree:add(trivial_proto,buffer(),"Gamspy Protocol")
	subtree:add(buffer(0,size), "Decoded: " .. decoded)
	end
	-- load the udp.port table
	udp_table = DissectorTable.get("udp.port")
	-- register our protocol to handle udp port 7777
	udp_table:add(29910,trivial_proto)