逆向工程问题 - .NET 数据包捕获

发布于 2024-11-07 20:31:59 字数 1821 浏览 3 评论 0原文

我正在与一位有兴趣将 Web 应用程序与专有 ERP 客户端/服务器系统集成的人合作。我正在尝试找出一种方法来对服务器的 API 调用进行逆向工程,并将其复制到集成工作所需的有限数量的函数中。

我使用wireshark从客户端捕获一些网络流量。作为一名 PHP/Java 程序员,我对 .NET 世界不是很熟悉,所以我希望这里有人可以查看下面的 TCP 流并为我指明正确的方向。是否可以通过查看流量来判断使用哪种 .NET 客户端与该服务器进行通信?

.NET.............."...tcp://XXXXXXXX:nnnn/Transporter.rem........application/octet-stream..........................GetMail.mDTA.Connectivity.ITransporter, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null....................System.Guid....._a._b._c._d._e._f._g._h._i._j._k........................../.1D.).`..k..

.NET.......................................................System.Collections.ObjectModel.Collection`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]].....items...System.Collections.Generic.List`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]]..........NDTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null.......System.Collections.Generic.List`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]]....._items._size._version...$DTA.Connectivity.Messaging.Message[].................................."DTA.Connectivity.Messaging.Message.....

.NET......D......."...tcp://XXXXXXXX:nnnn/Transporter.rem........application/octet-stream..........................SubmitOperation.mDTA.Connectivity.ITransporter, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null........................NDTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null.....0DTA.Connectivity.Operations.DataManagerOperation....._Type_SqlStatement._SplitAtSemicolon

I am working with someone who is interested in integrating a web application with a proprietary ERP client/server system. I am trying to figure out a way to reverse engineer the API calls to the server and duplicate it for the limited number of functions that I need to make the integration work.

I used wireshark to capture some network traffic from the client side. As a PHP/Java programmer, I am not very familiar with the .NET world, so I was hoping someone here could look at the TCP stream below and point me in the right direction. Is it possible, looking at the traffic, to tell what kind of .NET client to use to communicate with this server?

.NET.............."...tcp://XXXXXXXX:nnnn/Transporter.rem........application/octet-stream..........................GetMail.mDTA.Connectivity.ITransporter, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null....................System.Guid....._a._b._c._d._e._f._g._h._i._j._k........................../.1D.).`..k..

.NET.......................................................System.Collections.ObjectModel.Collection`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]].....items...System.Collections.Generic.List`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]]..........NDTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null.......System.Collections.Generic.List`1[[DTA.Connectivity.Messaging.Message, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null]]....._items._size._version...$DTA.Connectivity.Messaging.Message[].................................."DTA.Connectivity.Messaging.Message.....

.NET......D......."...tcp://XXXXXXXX:nnnn/Transporter.rem........application/octet-stream..........................SubmitOperation.mDTA.Connectivity.ITransporter, DTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null........................NDTA.Connectivity, Version=1.0.4098.30211, Culture=neutral, PublicKeyToken=null.....0DTA.Connectivity.Operations.DataManagerOperation....._Type_SqlStatement._SplitAtSemicolon

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(1

绾颜 2024-11-14 20:31:59

从表面上看,这是 .net 远程处理。这包括序列化对象并将它们沿着线路传递。

如果应用程序的二进制文件可用,您可以将它们添加为解决方案的引用,以便您可以使用相同的对象并拦截一些数据包。不过,您可能必须检查是否违反了任何许可证要求。

It's .net remoting by the looks of things. This consists of serializing objects and passing them down the wire.

If the binaries for the application are available you may be able to add them as references to your solution so that you can use the same objects and intercept some of the packets. You may have to check that you're not violating any license requirements with that though.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文