aboutsummaryrefslogtreecommitdiff
path: root/wireshark/pictochat.lua
blob: 4927a9b69c1d8b12c18ead4a21157b980480f3f7 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55

local pc = Proto("pictochat", "Nintendo DS PictoChat")
pc.fields.msg_type = ProtoField.uint16("pictochat.msg_type", "Frame type", base.DEC, {
	[0] = "Message",
	[1] = "???",
})
pc.fields.resend = ProtoField.uint16("pictochat.resend", "Resend", base.DEC, {
	[0] = "Resend",
	[2] = "Original",
})
-- TODO: 6 bytes unknown
pc.fields.length = ProtoField.uint16("pictochat.length", "Message length")
-- TODO: 4 bytes unknown
pc.fields.mp_sender = ProtoField.ether("pictochat.mp_sender", "Multiplayer sender MAC")
pc.fields.sender = ProtoField.ether("pictochat.sender", "Sender MAC")
pc.fields.unknown_counter = ProtoField.uint16("pictochat.unknown_counter", "Unknown counter")
-- TODO: 14 bytes unknown
pc.fields.content_offset = ProtoField.uint16("pictochat.content_offset", "Content offset")
pc.fields.content = ProtoField.bytes("pictochat.content", "Content")
pc.fields.sequence = ProtoField.uint16("pictochat.sequence", "Packet sequence")
pc.fields.unknown_constant = ProtoField.bytes("pictochat.unknown_constant", "unknown_constant")

local nifi_length_field = Field.new("nifi.length")
local pc_msg_type_field = Field.new("pictochat.msg_type")
local pc_resend_field = Field.new("pictochat.resend")
local pc_sender_field = Field.new("pictochat.sender")

function pc.dissector(buffer, pinfo, tree)
	local header_length = nifi_length_field()()
	if header_length == 0 then return end

  buffer = buffer(0x18) -- skip the Ni-Fi header

	local pc_tree = tree:add(pc, buffer(), "PictoChat: " .. header_length .. " bytes")

	pc_tree:add_le(pc.fields.msg_type, buffer(0x00, 2))
	pc_tree:add_le(pc.fields.resend, buffer(0x02, 2))
	pc_tree:add_le(pc.fields.length, buffer(0x0a, 2))
	pc_tree:add_le(pc.fields.mp_sender, buffer(0x10, 6))
	pc_tree:add_le(pc.fields.sender, buffer(0x16, 6))
	pc_tree:add_le(pc.fields.sender, buffer(0x1c, 6)) -- copy
  pc_tree:add_le(pc.fields.unknown_counter, buffer(0x22, 2))
	pc_tree:add_le(pc.fields.content_offset, buffer(0x32, 2))
	pc_tree:add(pc.fields.content, buffer(0x36, 0xa0))
	pc_tree:add_le(pc.fields.sequence, buffer(0xd6, 2))
	pc_tree:add_le(pc.fields.resend, buffer(0xd8, 2)) -- copy
	pc_tree:add(pc.fields.unknown_constant, buffer(0xda, 4))

	pinfo.cols.protocol = pc.name
	pinfo.cols.src = tostring(pc_sender_field())
	pinfo.cols.info = pc_msg_type_field().display .. ", " .. pc_resend_field().display

end

register_postdissector(pc)