diff options
| author | lonkaars <loek@pipeframe.xyz> | 2024-04-29 18:40:03 +0200 |
|---|---|---|
| committer | lonkaars <loek@pipeframe.xyz> | 2024-04-29 18:40:03 +0200 |
| commit | 8f33d9c9a7c95f17c480782fee3b5e405d41a79c (patch) | |
| tree | c3898b34563d5225d6027e4b6138c16e1172534d | |
| parent | 8934da54f4bf6101ae03cdc9ef4644d9d26297f3 (diff) | |
WIP wireshark dissector
| -rw-r--r-- | docs/notes.md | 14 | ||||
| -rw-r--r-- | experiments/pcap/.gitignore | 2 | ||||
| -rw-r--r-- | experiments/pcap/main.c | 53 | ||||
| -rw-r--r-- | experiments/pcap/makefile | 2 | ||||
| -rw-r--r-- | wireshark/nifi-dissect.lua | 32 | ||||
| -rwxr-xr-x | wireshark/wireshark | 5 |
6 files changed, 106 insertions, 2 deletions
diff --git a/docs/notes.md b/docs/notes.md index 5a79e76..6043bfa 100644 --- a/docs/notes.md +++ b/docs/notes.md @@ -72,9 +72,19 @@ sufficiently advanced local multiplayer emulation. - windows only + very advanced debugger -[note]: <> (interesting links) - [toolchaingenericds]: https://bitbucket.org/Coto88/toolchaingenericds/src/master/ [nogba]: https://problemkaputt.de/gba.htm [melonds]: https://melonds.kuribo64.net/ [desmume]: https://desmume.org/ + +## MelonDS hacking + +source: <https://git.pipeframe.xyz/fork/melonDS> + +### Findings + +- melonDS @ Config > Wifi settings "Local multiplayer features do not use the same network protocols as online play" +- comment @ src/Wifi.cpp:46 "multiplayer host TX sequence" +- references to `RFTransfer_Type{2,3}` @ <https://www.problemkaputt.de/gbatek.htm#dswifirfchip> +- nintendo ds ni-fi protocol @ <https://web.archive.org/web/20090202194241/http://masscat.afraid.org/ninds/proto_info.php> + diff --git a/experiments/pcap/.gitignore b/experiments/pcap/.gitignore new file mode 100644 index 0000000..be0cff0 --- /dev/null +++ b/experiments/pcap/.gitignore @@ -0,0 +1,2 @@ +main +*.pcap diff --git a/experiments/pcap/main.c b/experiments/pcap/main.c new file mode 100644 index 0000000..25fb0fc --- /dev/null +++ b/experiments/pcap/main.c @@ -0,0 +1,53 @@ +#include <stdio.h> +#include <stdint.h> +#include <string.h> + +#include <pcap/pcap.h> + +pcap_dumper_t* dumper; + +ssize_t test_write(uint8_t* buf, size_t count) { + struct pcap_pkthdr packet; + packet.len = count; + packet.caplen = count; + pcap_dump((u_char*) dumper, &packet, buf); + + return count; +} + +ssize_t test_read(uint8_t* buf, size_t count) { + strncpy((char*) buf, "i read hello world!", count); + + struct pcap_pkthdr packet; + packet.len = count; + packet.caplen = count; + pcap_dump((u_char*) dumper, &packet, buf); + + return count; +} + +void test() { + ssize_t len; + const char* msg = "i write hello world!"; + + len = test_write((uint8_t*) msg, strlen(msg)); + printf("wrote %lu bytes: \"%s\"\n", len, msg); + + char buf[80] = { 0 }; + len = test_read((uint8_t*) buf, 16); + buf[len] = '\0'; + printf("read %lu bytes: \"%s\"\n", len, buf); +} + +int main() { + // see also: <https://www.tcpdump.org/linktypes.html> + pcap_t* handle = pcap_open_dead(DLT_NULL, 1 << 16); + dumper = pcap_dump_open(handle, "dump.pcap"); + + test(); + + pcap_dump_close(dumper); + + return 0; +} + diff --git a/experiments/pcap/makefile b/experiments/pcap/makefile new file mode 100644 index 0000000..53c3aea --- /dev/null +++ b/experiments/pcap/makefile @@ -0,0 +1,2 @@ +CFLAGS += -lpcap +main: main.c diff --git a/wireshark/nifi-dissect.lua b/wireshark/nifi-dissect.lua new file mode 100644 index 0000000..98520e5 --- /dev/null +++ b/wireshark/nifi-dissect.lua @@ -0,0 +1,32 @@ +proto = Proto("NIFI", "Nintendo DS ni-fi") + +MAGIC = ProtoField.uint32("nifi.magic", "Magic", base.HEX) +SENDERID = ProtoField.int32("nifi.senderid", "SenderID", base.DEC) +TYPE = ProtoField.uint32("nifi.type", "Type", base.DEC) +LENGTH = ProtoField.uint32("nifi.length", "Length", base.DEC) +TIMESTAMP = ProtoField.uint64("nifi.timestamp", "Timestamp", base.DEC) + +proto.fields = { + MAGIC, + SENDERID, + TYPE, + LENGTH, + TIMESTAMP, +} + +function proto.dissector(buffer, pinfo, tree) + -- check magic ("NIFI") + if buffer(0, 4):uint() ~= 0x4e494649 then return end + + pinfo.cols.protocol = proto.name + + local subtree = tree:add(proto, buffer(), "Ni-Fi data") + + subtree:add(MAGIC, buffer(0, 4)) + subtree:add_le(SENDERID, buffer(4, 4)) + pinfo.cols.src = tostring(buffer(4, 4):le_int()) + subtree:add_le(TYPE, buffer(8, 4)) + subtree:add_le(LENGTH, buffer(12, 4)) + subtree:add_le(TIMESTAMP, buffer(16, 8)) +end + diff --git a/wireshark/wireshark b/wireshark/wireshark new file mode 100755 index 0000000..b871ea3 --- /dev/null +++ b/wireshark/wireshark @@ -0,0 +1,5 @@ +#!/bin/sh +# simple wrapper to load nifi-dissect script as DLT_USER0 dissecter +here="$(dirname "$0")" +exec wireshark -X "lua_script:$here/nifi-dissect.lua" -o 'uat:user_dlts:"User 0 (DLT=147)","nifi","","","",""' "$@" + |