How to tackle protobuf


  • Admin

    Hey guys,
    Lately I had plenty of requests to implement a way to encode data for application/protobuf serialization.

    A few minutes ago I implemented a way to send raw data as request body, and I will explain how you can use this to your advantage to replicate protobuf requests, even if it is a hacky way to do it and not a proper serialization (I will try to add that in OpenBullet2 if I can).

    First of all, use fiddler to sniff the protobuf request, then go to the HEX tab and look at the black values (the blue ones are for the headers and we are not interested in those).

    Finally observe the values and how they are mapped to the ones in plaintext. In my tests it usually went something like

    0A 22 0A 20 [some data] AA 06 22 0A 14 [more data] 12 0A [more data]
    

    We will first use UTILITY > Conversion blocks to convert our data from UTF8 to HEX like this

    UTILITY Conversion UTF8 HEX "<MYVAR>" -> VAR "RAW" 
    

    Then we will feed the converted values to the request block like this

    REQUEST POST "http://example.com" Raw 
      RAWDATA "0A220A20<RAW1>AA06220A14<RAW2>120A<RAW3>" 
      CONTENTTYPE "application/protobuf" 
      HEADER "your_user_agent" 
      HEADER "Pragma: no-cache" 
      HEADER "Accept: */*" 
    

    Sometimes the response is unreadable garbage so you might want to add

      -> BASE64 "OUTPUT" 
    

    in order to get some distinguishable output.

    Alright, have a good one,

    Ruri out



  • Thanks for the quick update on this. ^_^



  • Just want to add that you need Openbullet 1.2.2#684 (or later) for this
    Which you can download here:
    https://github.com/openbullet/openbullet/releases



  • This needs an proper serialiser! even to decode the response there is no way.


  • Admin

    We're working on it, but it's hard because you have to know in advance how the data types look like and compile the schema using the protobuf compiler. It's not something you can do on the fly, it needs pre-planning.



  • best of luck @Ruri and @meinname you rock guys



  • @Ruri said in How to tackle protobuf:

    We're working on it, but it's hard because you have to know in advance how the data types look like and compile the schema using the protobuf compiler. It's not something you can do on the fly, it needs pre-planning.

    Thanks for trying! you can make it an option that the user can define their own schema or .proto file!


Log in to reply