unpangle

command

v0.0.0-...-2bf7a1d Latest Latest Go to latest Published: Jul 14, 2021 License: ISC Imports: 8 Imported by: 0

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/pangbox/pangcrypt

Links

Open Source Insights

README ¶

Unpangle

Unpangle is a simple helper command that lets you unmangle PangYa packets directly.

It is designed to consume the copy-paste format from Wireshark, which is simply a string of hex-formatted octets delimited by colons, like this: 54:3a:00:00:56:01:00:02:...

To use, first determine the crypto key for the session you are looking at by looking at the hello packet. Then, copy a data segment of a server or client packet, and run unpangle with it:

$ unpangle -key 2 54:3a:00:00:56:01:00:02:ab:62:65:22:00:53:5c:18:46:06:7b:7b:02:02:74:71:75:70:05:05:02:07:72:73:76:77:04:7c:76:06:73:0a:04:70:02:74:01:42:34:46:36:00:00:00:00:00:00:00:00:00:00:00:00:00

([]uint8) (len=57 cap=59) {
 00000000  01 00 02 00 63 65 20 00  30 39 38 46 36 42 43 44  |....ce .098F6BCD|
 00000010  34 36 32 31 44 33 37 33  43 41 44 45 34 45 38 33  |4621D373CADE4E83|
 00000020  32 36 32 37 42 34 46 36  00 00 00 00 00 00 00 00  |2627B4F6........|
 00000030  00 00 00 00 00 00 00 00  00                       |.........|
}

Installation

Unpangle is written in pure Go. You can install it like so:

$ go get -v github.com/pangbox/pangcrypt/cmd/unpangle

...

$ unpangle -help

You must have the Go toolchain and Git installed. Also, in order to be able to run Unpangle after running go get, you will need to ensure that your $PATH (Unix-like) or %PATH% (Windows) environment variable contains $HOME/go/bin (Unix-like) or C:\Users\[your username]\go\bin (Windows.)

Adding a folder to $PATH (Unix-like)

Adding a folder to %PATH% (Windows)

Caveats

Packets larger than the MTU will span multiple TCP packets and may be difficult to copy out of Wireshark. TCP sessions that span across the real Internet may also contain retransmissions and other anomalies. You need to use a TCP reconstruction algorithm to properly extract packets with this issue.

PangYa packets will sometimes contain multiple messages in them, so Unpangle treats data as a stream that starts on a packet boundary. If you provide multiple messages, Unpangle will print each message individually, warning you if there is any left over data that was not parsed.

Documentation ¶

There is no documentation for this package.

Source Files ¶

View all Source files

main.go

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL