QuantumEntangledAndy
commented
1 week ago Could you send a packet capture that is in this binary format? Would be nice to see what you mean
Open byteit101 opened 1 week ago
QuantumEntangledAndy
commented
1 week ago Could you send a packet capture that is in this binary format? Would be nice to see what you mean
byteit101
commented
1 week ago I'm actually not sure if this is "newer" or legacy. I couldn't get the new Reolink client 8.15 running on wine, so used the older 8.8.5.
This capture has me looking at most settings in two cameras, sequentially. Both are on their respective latest firmware. I included all traffic attributable to the cameras, and I temporarily set the password to Password1 before capturing.
Is your feature request related to a problem? Please describe. It looks like newer firmware versions use a binary representation of the XML. It would be nice to decode this and add it to the wireshark dissector
Describe the solution you'd like It would be great to document all the XML endpoints now so that they can be used in the reverse engineering of the binary format. I've created wireshark dissectors before, and love doing protocol decoding, so I don't mind doing some of the grunt work. However, I'm busy for the next 4-6ish months, so if someone can ensure the messages and other institutional knowledge is fully documented I, or anyone who does this before I get to it, would be able to decode the binary much quicker, hopefully.
I have already determined that it isn't encrypted for
<Ip>packets, as I found my mac address and IP address at byte 7 and 26, respectively