JuiceNet Base (Wireshark Dissector)

jnb.lua

-- JuiceNet Base Protocol Dissector --
-- By: jython234 (https://github.com/jython234) --
-- Copyright (C) 2015 --
jnb_proto = Proto("JNB", "JuiceNet Base Protocol")
local bit = require("bit")
local subtree

function jnb_proto.dissector (buffer,pinfo,tree)
	-- Dissect packets here --
	pinfo.cols.protocol = "JNB"
	
	local packetID = buffer(0,1)
	local length = buffer:len()
	
	m = jnb_proto.fields
	
	pinfo.cols.info = "Packet 0x" .. packetID
	subtree = tree:add(mcpe_proto,buffer(),"Packet 0x" .. packetID)
	subtree:add("Data Length: " .. length)
	subtree:add(m.id, buffer(0,1), "0x" .. buffer(0,1))
	
	if (packetID:uint() == 0x00) then
		pinfo.cols.info = "ID_REQUEST_CONNECTION_PACKET: 0x00"
		subtree:add(buffer(1,8), "Session ID: " .. buffer(1,8))
		subtree:add(buffer(8,8), "Maximum Packet Size: " .. buffer(8,8))
		subtree:add(buffer(10,-1),"Server Address: " .. buffer(10,-1):string())
		
	elseif (packetID:uint() == 0x01) then
		pinfo.cols.info = "ID_CONNECTION_ACCEPTED_PACKET: 0x01"
		subtree:add(buffer(1,8), "Session ID: " .. buffer(1,8))
		subtree:add(buffer(8,8), "Token: " .. buffer(8,8))
		subtree:add(buffer(10,-1),"Client Address: " .. buffer(10,-1):string())
		
	elseif (packetID:uint() == 0x03) then
		pinfo.cols.info = "ID_CONFIRMATION_PACKET_RECIEVED: 0x03"
		nums = buffer(1,2):uint()
		subtree:add(buffer(1,2), "Packet Numbers: " .. nums)
		cnt = 0
		offset = 3
		while cnt<nums do
			subtree:add(buffer(offset,4), "Packet Number: " .. buffer(offset,4):uint())
			offset = offset + 4
			cnt = cnt + 1
		end
		
	elseif (packetID:uint() == 0x3A) then
		pinfo.cols.info = "ID_CONFIRMATION_PACKET_NOT_RECIEVED: 0x3A"
		nums = buffer(1,2):uint()
		subtree:add(buffer(1,2), "Packet Numbers: " .. nums)
		cnt = 0
		offset = 3
		while cnt<nums do
			subtree:add(buffer(offset,4), "Packet Number: " .. buffer(offset,4):uint())
			offset = offset + 4
			cnt = cnt + 1
		end
	elseif(packetID:uint() == 0x02) then
		pinfo.cols.info = "ID_DATA_PACKET: 0x02"
		subtree:add(buffer(1,4), "Packet Number: " .. buffer(1,4):uint())
		i = 0
		data = buffer(4,-1)
		len = data:len()
		while i<len do
			start = i
			i = i + 2
			
			isSplit = buffer(4 + i,1)
			
			pkt = nil
			
			if (isSplit:uint() == 1) then
				len = buffer(4 + i + 8,4):uint()
				
				pkt = subtree:add(buffer(4 + start, len), "InternalPacket")
				
				pkt:add(buffer(4 + i,1), "IsSplit: True")
				i = i + 1
				pkt:add(buffer(4 + i,4), "SplitID: " .. buffer(4 + i,4):uint())
				i = i + 4
				pkt:add(buffer(4 + i,4), "SplitIndex: " .. buffer(4 + i,4):uint())
			elseif (isSplit:uint() == 0) then
				len = buffer(4 + 1 + i,4):uint()
				
				pkt = subtree:add(buffer(4 + start, len), "InternalPacket")
				
				pkt:add(buffer(4 + i,1), "IsSplit: False")
				i = i + 1
			else
				subtree:add(buffer(4 + i,1), "IsSplit: " .. isSplit)
				i = i + 1
			end
			len = buffer(4 + i,4):uint()
			pkt:add(buffer(4 + i,4), "Internal Packet Length: " .. len)
			i = i + 4
			
			ipID = buffer(4 + i, 1)
			if (ipID:uint() == 0x10) then
				-- Ping Packet --
				ping = pkt:add(buffer(4 + i, len), "Ping Packet: 0x10")
				ping:add(buffer(4 + 1 + i,8), "Ping ID: " .. buffer(4 + 1 +i,8))
			else
				pkt:add(buffer(4 + i,1), "PacketID: " .. buffer(4 + i,1))
				pkt:add(buffer(4 + i,len), "Buffer: " .. buffer(4 + i,len))
			end
			
			i = i + 1 + len
		end
	end
end

udp_table = DissectorTable.get("udp.port")
udp_table:add(4200,jnb_proto)