diff options
author | lonkaars <loek@pipeframe.xyz> | 2024-05-03 12:10:28 +0200 |
---|---|---|
committer | lonkaars <loek@pipeframe.xyz> | 2024-05-03 12:10:28 +0200 |
commit | 30ae02066e91471a5689e260198f71406159ebfc (patch) | |
tree | ee236c8c16c942fadec588427d480c2d979478c2 /docs/notes.md | |
parent | 1634d546d3e941701fdbab211dfa376f334339f1 (diff) |
more dissector + protocol research
Diffstat (limited to 'docs/notes.md')
-rw-r--r-- | docs/notes.md | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/docs/notes.md b/docs/notes.md index 6e515f9..5da8efe 100644 --- a/docs/notes.md +++ b/docs/notes.md @@ -188,6 +188,31 @@ Notable: message) - The completely filled message also shows an interesting pattern at the end, hinting at a slightly odd image codec +- Message length **can not** be used to consistently check which packets + contain PictoChat message data. + +#### MAC addresses + +The following table of addresses may be visible in the packet captures. An +[ethers](../wireshark/ethers) file is provided in the wireshark folder, which +may be symlinked to `~/.config/wireshark/ethers` to make Wireshark resolve the +MAC addresses to human-readable names. + +|address|label|source| +|-|-|-| +|`00:09:bf:11:22:33`|Default firmware MAC|[melonDS/src/SPI\_Firmware.h:37](../melonDS/src/SPI_Firmware.h)| +|`03:09:bf:00:00:00`|Multiplayer CMD|[melonDS/src/Wifi.cpp:42](../melonDS/src/Wifi.cpp)| +|`03:09:bf:00:00:10`|Multiplayer Reply|[melonDS/src/Wifi.cpp:43](../melonDS/src/Wifi.cpp)| +|`03:09:bf:00:00:03`|Multiplayer ACK|[melonDS/src/Wifi.cpp:44](../melonDS/src/Wifi.cpp)| +|`00:f0:77:77:77:77`|Access point|[melonDS/src/WifiAP.cpp:37](../melonDS/src/WifiAP.cpp)| +|`10:00:de:ad:be:ef`|Instance 1 (`lork`) firmware MAC|me| +|`20:00:de:ae:02:ff`|Instance 2 (`lork2`) firmware MAC|me| +|`ff:ff:ff:ff:ff:ff`|Broadcast|| + +In melonDS's settings, the firmware MAC addresses for `lork` and `lork2` are +set to `11:00:de:ad:be:ef` and `22:00:de:ad:be:ef` respectively, but these +always get mangled and sent as the addresses noted in the table above. I have +no idea why this happens. #### Analysis @@ -256,7 +281,6 @@ messages from the system that joined later) routers/APs, but is this encryption also used when the WiFi module is used in local multiplayer mode? Does this even matter inside the emulator? - ## TODO: - message reassembly field? (how does pictochat know which part a message index is) @@ -266,4 +290,5 @@ messages from the system that joined later) * resolution * pixel ordering * palette color indices (pixels are 1 nibble) +- what types of pictochat packets are there? |