Created
March 28, 2019 18:35
-
-
Save adleong/cad31555cc4e8ddd892f02e38e378456 to your computer and use it in GitHub Desktop.
Decoding gRPC messages from Wireshark
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Look at the contents of a data frame: copy data as raw (to paste buffer) | |
| ``` | |
| pbpaste | cut -c 11- | xxd -r -p | protoc --raw_decode | |
| ``` | |
| Drop the first 10 characters (first 5 bytes: the gRPC frame header), encode as binary, decode as raw protobuf. | |
| You won't see field names, but you will get field numbers. | |
| Try to match the field numbers and types to known protobuf message types using your brain. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment