Release of Wireshark plugin for Uru protocols

Wireshark Plugin For Uru Client Protocol

Moderator: Wireshark Plugin Managers

Post Reply
a'moaca'
Member
Posts: 163
Joined: Sat Dec 13, 2008 11:22 pm

Release of Wireshark plugin for Uru protocols

Post by a'moaca' » Mon May 17, 2010 8:27 am

Announcing the public release of my Wireshark plugin for Uru protocols!

After many years of tinkering I've decided to release my Wireshark plugin. OpenURU.org has offered to host the project. It is hosted here with Chogon's knowledge and okay, but this project is not officially sanctioned or supported by Cyan Worlds.

Wireshark is a network protocol analysis tool. The Uru plugin is a module for Wireshark that dissects Uru traffic. This lets you see what the server and client are saying to each other. The plugin should work for all Uru traffic (with a few undissected submessages) from UU onward*. However, MOUL/MOULagain connections are protected by encryption, and while the plugin does have decryption functionality, we do not have the server private key with which to decrypt the traffic.

I recognize that there is a fairly limited audience for this work, and the audience will be limited further by the encrypted connections. But there are use cases now, and with open source coming someday, there will definitely be value in this kind of tool.

Further details about using the plugin, how it handles the encryption, how to acquire the code, etc. are on the project's main page, on the OpenUru.org wiki. Please go there first!

Thanks to cjkelly1 for his help with this plugin over the years. I hope that it will prove useful to someone, and I hope to be able to add thanks to other contributors in the future!

- a'moaca'

* If you somehow have decrypted traces from Live 5-8 inclusive, the plugin may have the message typecodes wrong. If you have decrypted traces from Live 5-8, you might not need this plugin, but please let me know when the types changed anyway.

Christian Walther
Member
Posts: 294
Joined: Sat Dec 13, 2008 10:54 am

Re: Release of Wireshark plugin for Uru protocols

Post by Christian Walther » Mon May 17, 2010 5:13 pm

Wow! 8-) Lucky me that I haven’t spent a lot of work on manually dissecting my MOULa dumps yet! (I have mostly automated decryption, but not analysis of the individual messages.) This is going to make learning the protocol much easier – thank you so much!

I’ll be sure to give it a try next weekend or whenever I get around to it.

cjkelly1
Member
Posts: 34
Joined: Mon Dec 29, 2008 6:08 am

Re: Release of Wireshark plugin for Uru protocols

Post by cjkelly1 » Tue May 18, 2010 12:07 am

The secret to life, the universe, and everything is pellet scores! :lol:

Christian Walther
Member
Posts: 294
Joined: Sat Dec 13, 2008 10:54 am

Re: Release of Wireshark plugin for Uru protocols

Post by Christian Walther » Sun May 30, 2010 10:09 am

I have been using this for a few days now. Very useful!

I have come up with two modifications and have entered them into the issue tracker in case you like them: It may well be that there are better ways of achieving what I wanted – I have no experience with Wireshark programming at all and just went by what was already present in the Uru plugin.

Post Reply

Return to “Wireshark Plugin For Uru Client Protocol”

Who is online

Users browsing this forum: No registered users and 1 guest