Open aktayozan opened 7 months ago
Most of the requests are protobuf but i guess some of these responses are not protobuf. I captured raw requests with mitmproxy, because I don't know much about reverse engineering i couldn't figure what kind of data is this. If you share a contact details ( like a mail ) i can send raw datas ( you can view with mitmproxy web ).
plz attach the mitmproxy dump here if possible, delete some irrelevant rows if it's too large.
I've never seen such tcp protocol before, not sure if it's some existing protocol, 99% sure it's their own protocol. But a tcp packet is never a proto chunk, just extract the proto from it. Anyway, why are you so nervous about this..
Thanks for clarification, i don't want people to find these datas, because its not easy to bypass its ssl security and capture network requests
Your data isn't proto, just out of curiosity, I did a quick analysis:
For the second data, it contains 5 segments, take the first segment for example:
2000
05f3
, it's the length from the beginning2000
to the trailingc23e00
000000000d03000000
c23e00
analysis.txt
I wonder what protocol this is, especially the trailing
c23e00
, do you see any string like "grpc" or anything might related to protobuf in bumble?