-
-
Save brandon15811/7e0cde09807274835605a7cfe6c66f96 to your computer and use it in GitHub Desktop.
MCPE 0.15 Packet dumper
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
""" | |
Setup (requires root on Android device): | |
pip install frida #(may require root on host machine) | |
curl -O https://build.frida.re/frida/android/arm/bin/frida-server | |
adb push frida-server /data/local/tmp/ | |
adb shell "chmod 755 /data/local/tmp/frida-server" | |
adb shell "/data/local/tmp/frida-server &" | |
Usage: | |
python dump.py | text2pcap -n -D -u 45656,19132 -4 192.168.1.2,192.168.1.3 - output.pcap | |
Uses hardcoded IPs and ports in the PCAP | |
""" | |
import frida | |
import signal | |
session = frida.get_usb_device().attach("com.mojang.minecraftpe") | |
with open('dump_hook.js') as f: | |
packetScript = session.create_script(f.read()) | |
packetScript.load() | |
signal.pause() |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
'use strict'; | |
//_ZNK11BatchPacket5writeEPN6RakNet9BitStreamE | |
//_ZN11BatchPacket4readEPN6RakNet9BitStreamE | |
function packetOnEnter(args) { | |
this.b = args[1]; | |
} | |
function packetOnLeave (retval) { | |
var rlen = Memory.readShort(this.b)/8; | |
var uint8arr = new Uint8Array(Memory.readByteArray(this.b.add(0x11), rlen)); | |
var hexStr = ''; | |
for (var i = 0; i < uint8arr.length; i++) { | |
var hex = (uint8arr[i] & 0xff).toString(16); | |
hex = (hex.length === 1) ? '0' + hex : hex; | |
hexStr += hex; | |
hexStr += ' '; | |
} | |
hexStr = '00000000 ' + hexStr; | |
return hexStr; | |
} | |
var sendPacket = Module.findExportByName(null, "_ZNK11BatchPacket5writeEPN6RakNet9BitStreamE"); | |
Interceptor.attach(ptr(sendPacket), { | |
onEnter:packetOnEnter, | |
onLeave: function (retval) { | |
console.log("O " + packetOnLeave.call(this, retval)); | |
} | |
}); | |
var readPacket = Module.findExportByName(null, "_ZN11BatchPacket4readEPN6RakNet9BitStreamE"); | |
Interceptor.attach(ptr(readPacket), { | |
onEnter:packetOnEnter, | |
onLeave: function (retval) { | |
console.log("I " + packetOnLeave.call(this, retval)); | |
} | |
}); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This doesn't use ModPE