Wednesday, 18 July 2012

Wireshark Gamespy Protocol Dissector

When working on the gamespy CD key authentication protocol I quickly threw together a wireshark LUA script to dissect the packets. Although the CD key validation protocol is already widely known [1], it's still very usefull that wireshark automatically decodes the traffic for you. Essentially it applies the gamespy XOR cipher to decrypt the gamespy packets [1]. A screenshot explains this best:




If anyone is interested in the code, you can download the lua dissector script for wireshark. Copy it to the main directory of wireshark and add the line
dofile("gamespy.lua")
to the end of the file init.lua (also located in the main directory of wireshark) [2]. Note that's just a little script aimed at other programmers, feel free to improve.

References:
[1] Aluigi, Explanation of the authentication method used by the GamespyCD-Key SDK 0.1.
[2] The Wireshark Wiki: Lua.
Posted by at

1 comment:

  1. Anonymous23 August 2012 at 03:49

    Because the software doesn't use key frames like other editing software, they can be stopped anywhere and 'scrubbed' back and forth for effect. This is done without excessive CPU usage.

    Wire Shark

    ReplyDelete

Subscribe to: Post Comments (Atom)