神州数码UDP数据包各种数据头标识
2013-04-19 17:12
141 查看
神州数码UDP数据包各种数据头标识
3C E8 2B 56 C9 D0 B1 08 94 DF 2E AA 98 95 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 80 80
02 80 21 48 68 58 49 49 48 68 E8 这里 02 80 XX---账号的头标识后面跟着是账号
01 20 D9 68 E8 58 D8 59 01 XX---密码的头标识后面是密码
A0 30 C8 48 39 C8 39 49 58 39 D9 48 A0 30 ---标识本机IP 10.1.24.70
21 91 3C BD 8D 8C 3C 21 91---登录为网络形式[local|internet]这里是local
31 81 80 F1 08 C9 39 D8 39 C8 48 39 48 59 49 C8 3181---版本号 3.5.10.0621
(后面的恕在下能力有限,暂时分析不出来)
1D AD C2 4E C3 81 8A 3C E8 2B 56 C9 D0 B1 08 94 DF 2E AA 98 95 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00
00 00 80 80
59 D8 D8 49 39 D9 59 48 D6 D7 27 8B C7 0E 86 DF 86 FB A8 98 3E 80 80 00 01 80 80 81 80 00 10 80 00 90 10 27 97 73 61 11 80 00 91 00 0020 80 00 A0 CC 6E 2C C8 2A 38 93 97 00 2E BD 7E 2A 09 2F 68 00 38 93 97 00 0000 00 00 2E BD 7E 2A BE 2F 68 00 69 69 00 00
00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 5C 7E 2A 17 76 96 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 4C 7E 2A 06 02 C8 2A 00 00 00 00 0E A0 97 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 21 40 00 00 00 00 00 00 00 00
00 0000 00 00 00 00 00 A1 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3080 00 58 11 00 00 00
00 D8 11 00 00 00 00 59 11 21 8D 1D 00 D9 11 00 00 00 0068 11 00 00 00 00 89 81 80 08 81 00
20 40 C859 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 -----应该是通信密文(登录成功后所有的操作都要包含这段密文)这里密文是1634029307212373。
90 81 7811 81 10 A1 69 26 B7 57 1A CB A6 EA 1B 8B 8A DA CA 56 07 4A 7E 56 07 86 DF 86FB 37 2B D8 C8 49 48 B4 8A 8B 08 28 16 6F EB EA C7 46 59 D8 D8 49 39 D9 59 48D6 D7 27 8B C7 0E 86 DF 86 FB A8 90 81
78 11 81 10 A1 69-----(这个头标识怎么这么长,有待探究)好长的一段啊,这个就是传说中的返回信息了流量信息等。被翻译成:认证成功!当月包月流量为5120M。 (您还有6384.979兆剩余流量)。
98 3E 80 80 00 01 80 80 81 80 00 10 80 00 90 10 27 97 73 61 11 80 00 91 00 00 20 80 00A0 CC 6E 2C C8 2A 38 93 97 00 2E BD 7E 2A 09 2F 68 00 38 93 97 00 00 00 00 00 2E BD 7E 2A BE 2F 68 00 69 69 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 0000 00 00 00 00 00 5C 7E 2A 17 76 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4C 7E 2A 06 02 C8 2A 00 00 00 00 0E A0 97 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 21 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 A1 94
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 80 00 58 1100 00 00 00 D8 11 00 00 00 00 59 11 21
8D 1D 00 D9 11 00 00 00 00 68 11 00 0000 00 89 81 80 08 81 00 妈妈咪啊。。这一大堆是什么?
20 41 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9
20 41------ 保持登录状态密文(与登录时获取的密文相同)这里是1634029307212373。
A0 30 C848 39 C8 39 49 58 39 D9 48
A0 30 ----- 本机IP地址标识 10.1.24.70
91 20 1D48 B8 58 1C B8 91 20 ------本机MAC标识 F0-4D-A2-CF-5E-80不知道为什么只有前面的F0-4D-。
50 11 8000 00 00 这个是什么?貌似一个标识结尾的东东。
20 40 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------
熟悉的服务器端密文1634029307212373。
50 11 80 00 00 00 同样结尾标识的东东。
20 41 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------熟悉的客户端密文1634029307212373。
A0 30 C8 48 39 C8 39 49 58 39 D9 48
A0 30 ----- 本机IP地址标识 10.1.24.70
91 20 1D 48 B8 58 1C B8
91 20 ------本机MAC标识 F0-4D-A2-CF-5E-80不知道为什么只有前面的F0-4D-。
20 40 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------密文1634029307212373。为什么服务器发的也是20
40???
用户登录包数据(包含账号密码)
整包数据:
80 AA B2 5F F1 57 26 7F 06 0F 63 C2 9B 35 22 D2 EA 8E 91 20 4E B4 0B B7 75 02 8021 48 68 58 49 49 48 68 E8 01 20 D9 68 E8 58 D8 59 A0 30 C8 48 39 C8 39 49 58 39 D9 48 21 91 3C BD 8D 8C 3C 31 81 80 F1 08 C9 39 D8 39 C8 48 39 48 59 49 C81D AD C2 4E C3 81 8A3C E8 2B 56 C9 D0 B1 08 94 DF 2E AA 98 95 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 80 80
拆分分析:
80 AA B2 5F F1 57 26 7F 06 0F 63 C2 9B 35 22 D2 EA 8E 91 20 4E B4 0B B7 75 有点像固定格式暂时不清楚02 80 21 48 68 58 49 49 48 68 E8 这里 02 80 XX---账号的头标识后面跟着是账号
01 20 D9 68 E8 58 D8 59 01 XX---密码的头标识后面是密码
A0 30 C8 48 39 C8 39 49 58 39 D9 48 A0 30 ---标识本机IP 10.1.24.70
21 91 3C BD 8D 8C 3C 21 91---登录为网络形式[local|internet]这里是local
31 81 80 F1 08 C9 39 D8 39 C8 48 39 48 59 49 C8 3181---版本号 3.5.10.0621
(后面的恕在下能力有限,暂时分析不出来)
1D AD C2 4E C3 81 8A 3C E8 2B 56 C9 D0 B1 08 94 DF 2E AA 98 95 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00
00 00 80 80
服务器登录认证成功返回包数据
整包数据:
01 EC CC BC F5 F5 48 A7 C4 2C 3E 55 0B 60 0A 61 75 5C 81 81 80 20 40 C8 59 C9 5848 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 90 81 78 11 81 10 A1 69 26 B7 57 1A CB A6 EA 1B 8B 8A DA CA 56 07 4A 7E 56 07 86 DF 86 FB 37 2B D8 C8 49 48 B4 8A 8B 0828 16 6F EB EA C7 4659 D8 D8 49 39 D9 59 48 D6 D7 27 8B C7 0E 86 DF 86 FB A8 98 3E 80 80 00 01 80 80 81 80 00 10 80 00 90 10 27 97 73 61 11 80 00 91 00 0020 80 00 A0 CC 6E 2C C8 2A 38 93 97 00 2E BD 7E 2A 09 2F 68 00 38 93 97 00 0000 00 00 2E BD 7E 2A BE 2F 68 00 69 69 00 00
00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 5C 7E 2A 17 76 96 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 4C 7E 2A 06 02 C8 2A 00 00 00 00 0E A0 97 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 21 40 00 00 00 00 00 00 00 00
00 0000 00 00 00 00 00 A1 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3080 00 58 11 00 00 00
00 D8 11 00 00 00 00 59 11 21 8D 1D 00 D9 11 00 00 00 0068 11 00 00 00 00 89 81 80 08 81 00
拆分分析:
01EC CC BC F5 F5 48 A7 C4 2C 3E 55 0B 60 0A 61 75 5C 81 81 80 分析不出来20 40 C859 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 -----应该是通信密文(登录成功后所有的操作都要包含这段密文)这里密文是1634029307212373。
90 81 7811 81 10 A1 69 26 B7 57 1A CB A6 EA 1B 8B 8A DA CA 56 07 4A 7E 56 07 86 DF 86FB 37 2B D8 C8 49 48 B4 8A 8B 08 28 16 6F EB EA C7 46 59 D8 D8 49 39 D9 59 48D6 D7 27 8B C7 0E 86 DF 86 FB A8 90 81
78 11 81 10 A1 69-----(这个头标识怎么这么长,有待探究)好长的一段啊,这个就是传说中的返回信息了流量信息等。被翻译成:认证成功!当月包月流量为5120M。 (您还有6384.979兆剩余流量)。
98 3E 80 80 00 01 80 80 81 80 00 10 80 00 90 10 27 97 73 61 11 80 00 91 00 00 20 80 00A0 CC 6E 2C C8 2A 38 93 97 00 2E BD 7E 2A 09 2F 68 00 38 93 97 00 00 00 00 00 2E BD 7E 2A BE 2F 68 00 69 69 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 0000 00 00 00 00 00 5C 7E 2A 17 76 96 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4C 7E 2A 06 02 C8 2A 00 00 00 00 0E A0 97 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 21 40 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 A1 94
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 30 80 00 58 1100 00 00 00 D8 11 00 00 00 00 59 11 21
8D 1D 00 D9 11 00 00 00 00 68 11 00 0000 00 89 81 80 08 81 00 妈妈咪啊。。这一大堆是什么?
保持登录状态包数据
整包数据:
81 79 CD 14 0B 6F D3 D6 88 74 B9 03 BF 1B AC 6A AA CB 20 41 C8 59 C9 58 48 49 E8C9 48 D9 49 C8 49 C9 D9 C9 A0 30 C8 48 39 C8 39 49 58 39 D9 48 91 20 1D 48 B8 58 1C B8 50 11 80 00 00 00拆分分析:
81 79 CD14 0B 6F D3 D6 88 74 B9 03 BF 1B AC 6A AA CB 这一段是固定的吗?是什么哈,肯定又是汉字!20 41 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9
20 41------ 保持登录状态密文(与登录时获取的密文相同)这里是1634029307212373。
A0 30 C848 39 C8 39 49 58 39 D9 48
A0 30 ----- 本机IP地址标识 10.1.24.70
91 20 1D48 B8 58 1C B8 91 20 ------本机MAC标识 F0-4D-A2-CF-5E-80不知道为什么只有前面的F0-4D-。
50 11 8000 00 00 这个是什么?貌似一个标识结尾的东东。
服务器返回保持登录状态包数据
整包数据:
10B8 B1 60 BC 6D 1A DD F3 66 2A 56 CC 22 9D B4 0D 3E 81 81 80 20 40 C8 59 C9 5848 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 50 11 80 00 00 00拆分分析:
10 B8 B1 60 BC 6D 1A DD F3 66 2A 56 CC 22 9D B4 0D 3E 81 81 80 我永远分析不出来这前面一串乱码,汉字!你丫的?20 40 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------
熟悉的服务器端密文1634029307212373。
50 11 80 00 00 00 同样结尾标识的东东。
退出登录包数据
整包数据:
90 68 A0 60 7B 59 9E 87 BB A8 5A 8B 1B 93 5B 9F E2 2E 20 41 C8 59 C9 58 48 49 E8 C9 48D9 49 C8 49 C9 D9 C9 A0 30 C8 48 39 C8 39 49 58 39 D9 48 91 20 1D 48 B8 58 1C B8拆分分析:
90 68 A0 60 7B 59 9E 87 BB A8 5A 8B 1B 93 5B 9F E2 2E 略20 41 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------熟悉的客户端密文1634029307212373。
A0 30 C8 48 39 C8 39 49 58 39 D9 48
A0 30 ----- 本机IP地址标识 10.1.24.70
91 20 1D 48 B8 58 1C B8
91 20 ------本机MAC标识 F0-4D-A2-CF-5E-80不知道为什么只有前面的F0-4D-。
服务器返回退出信息
整包数据:
11 99 28 AE DE 31 80 B4 93 49 5A 20 8A C4 2F 73 0C 0D 81 81 80 20 40 C8 59 C9 5848 49 E8 C9 48 D9 49 C8 49 C9 D9 C9拆分分析:
11 99 28 AE DE 31 80 B4 93 49 5A 20 8A C4 2F 73 0C 0D 81 81 80 So Happy20 40 C8 59 C9 58 48 49 E8 C9 48 D9 49 C8 49 C9 D9 C9 20 40 ------密文1634029307212373。为什么服务器发的也是20
40???
内容来自用户分享和网络整理,不保证内容的准确性,如有侵权内容,可联系管理员处理 
相关文章推荐
- 一个单独的UDP数据包能够放入数据的最大长度是65508
- 解读TCP/UDP数据包(二):TCP数据包结构
- Android Wi-Fi Tcpdump抓的数据包中怎么确认UDP视频数据是否有丢包
- linux 接收udp组播数据包后反馈链路层数据
- TCP、UDP数据包大小的限制(UDP数据包一次发送多大为好)——数据帧的物理特性决定的,每层都有一个自己的数据头,层层递减
- 各种数据类型表示范围
- 5、用户数据报发送 基于UDP 协议的网络程序
- android 数据解析总结(各种解析)
- 32位64位下各种数据类型大小的对比
- 提交数据的各种方式form,curl ,sockt,file_get_contents
- Android使用wifi通过UDP协议发送广播数据包给PC接收不到问题解决方法
- 获取新增数据的唯一标识
- 各种操作系统下基本数据字节数,以及存储原理
- asp.net发送给udp端口,发送数据包,服务端为windows服务侦听.可以不使用Remoting
- javascript学习碎片---js对表格数据修改、增加、删除,获取行列数据,打包为json数据包
- FFMPEG 实现 YUV,RGB各种图像原始数据之间的转换(swscale)
- WireShark数据包分析数据封装
- Castle ActiveRecord 连接各种数据引擎的配置文件归纳
- 各种数据类型的取值范围[转]----C/C++
- UDP的分析与UDP一次性能发多大的数据