Packet Analyzer
This tool is intended to help analyze packets sent by the app to the camera and vice versa. The end goal is to be able to pass a Wireshark capture to this tool and have an output that is parsed and human-readable. The current implementation is a work in progress and only supports a few packet types. It also does not support analysis of entire Wireshark captures. But as a proof of concept, it can be used to analyze payloads of individual packets.
Using this tool is simple.
- Capture packets using Wireshark.
- Select a packet of interest.
- Right click on
Datafield of the packet and selectCopy -> Value - Use the copied value as the 'payload' (
--payloador-p) for this tool. - Identify if the packet is
sentfrom the app to the camera orreceivedfrom the camera to the app. - Use the
-tor--typeflag to specify the type of packet.
Although this is intended to be used as a tool for developing the main insta360.rtmp
module, there's still a lot of improvements that can be made to this tool, and we
would appreciate any contributions.
For the same reason, we have also laid out all the intricacies of this tool below.
Classes:
| Name | Description |
|---|---|
PacketUtils |
Utility class for all packets. |
ReceivedPacket |
Model for received packets. |
SyncPacket |
Model for sync packets. |
KeepAlivePacket |
Model for keep alive packets. |
PhoneCommandPacket |
Model for phone command packets. |
Attributes:
| Name | Type | Description |
|---|---|---|
ALL_PROTO_CLASSES |
List of all protobuf classes. |
|
PACKET_ID_MAP |
Mapping of packet types to their respective values. |
|
MESSAGE_CODE_ID_MAP |
Mapping of message codes to their respective values. |
|
MESSAGE_CODE_TO_PROTO_CLASS_MAP |
Mapping of message codes to their respective protobuf classes. |
|
RESPONSE_CODE_ID_MAP |
Mapping of response codes to their respective values. |
KeepAlivePacket
Bases: PacketUtils
Model for keep alive packets.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
raw_packet |
bytes
|
Raw bytes of the packet. |
required |
Methods:
| Name | Description |
|---|---|
pformat |
Pretty format the packet. |
pformat()
Pretty format the packet.
Returns:
| Type | Description |
|---|---|
str
|
Pretty formatted packet. |
PacketUtils
Base utility class for all packets.
Methods:
| Name | Description |
|---|---|
get_packet_type |
Get the type of packet. |
get_message_code_type |
Get the type of message code. |
get_response_code_type |
Get the type of response code. |
get_proto_class |
Get the protobuf class for a message code. |
parse_against_all_proto_classes |
Parse the raw body against all protobuf classes. |
get_message_code_type(message_code)
Get the type of message code from MESSAGE_CODE_ID_MAP.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
message_code |
int
|
Message code. |
required |
Returns:
| Type | Description |
|---|---|
str
|
Message code type if matched, else 'UNKNOWN'. |
get_packet_type(packet)
Get the type of packet from PACKET_ID_MAP.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
packet |
bytes
|
Raw bytes of the packet. |
required |
Returns:
| Type | Description |
|---|---|
str
|
Packet type if matched, else 'UNKNOWN'. |
get_proto_class(message_code)
Get the protobuf class for a message code.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
message_code |
int
|
Message code. |
required |
Returns:
| Type | Description |
|---|---|
|
Protobuf class if matched, else None. |
get_response_code_type(response_code)
Get the type of response code from RESPONSE_CODE_ID_MAP.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
response_code |
int
|
Response code. |
required |
Returns:
| Type | Description |
|---|---|
str
|
Response code type if matched, else 'UNKNOWN'. |
parse_against_all_proto_classes(raw_body)
Tries to parse the raw body against all protobuf classes.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
raw_body |
bytes
|
Raw body of the packet. |
required |
Returns:
| Type | Description |
|---|---|
|
List of possible protobuf classes. |
PhoneCommandPacket
Bases: PacketUtils
Model for phone command packets.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
raw_packet |
bytes
|
Raw bytes of the packet. |
required |
Methods:
| Name | Description |
|---|---|
pformat |
Pretty format the packet. |
pformat()
Pretty format the packet.
Returns:
| Type | Description |
|---|---|
str
|
Pretty formatted packet. |
ReceivedPacket
Bases: PacketUtils
Model for received packets.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
raw_packet |
bytes
|
Raw bytes of the packet. |
required |
Methods:
| Name | Description |
|---|---|
pformat |
Pretty format the packet. |
Example
# python3 ./tools/packet_analyzer.py -t r -p 31000000040000c8000215000080005c080b0814121b5a0408001043a201120800108080d8dfe401188080cfec01
{
'ascii_body': '\x08\x0b\x08\x14\x12\x1bZ\x04\x08\x00\x10C\xa2\x01\x12\x08\x00\x10\x80\x80\xd8\xdf\xe4\x01\x18\x80\x80\xcf\xec\x01',
'packet_length': 49,
'raw_body': '\x08\x0b\x08\x14\x12\x1b\x5a\x04\x08\x00\x10\x43\xa2\x01\x12\x08\x00\x10\x80\x80\xd8\xdf\xe4\x01\x18\x80\x80\xcf\xec\x01',
'raw_header': '\x31\x00\x00\x00\x04\x00\x00\xc8\x00\x02\x15\x00\x00\x80\x00\x5c',
'raw_packet': '\x31\x00\x00\x00\x04\x00\x00\xc8\x00\x02\x15\x00\x00\x80\x00\x5c\x08\x0b\x08\x14\x12\x1b\x5a\x04\x08\x00\x10\x43\xa2\x01\x12\x08\x00\x10\x80\x80\xd8\xdf\xe4\x01\x18\x80\x80\xcf\xec\x01',
'raw_packet_length': '\x31\x00\x00\x00',
'raw_response_code': '\xc8\x00',
'raw_response_seq': '\x15\x00\x00\x00',
'raw_response_type': '\x04\x00\x00',
'response_code': 200,
'response_code_str': 'OK',
'response_seq': 21,
'response_type': 'PHONE_COMMAND'
}
pformat()
Pretty format the packet.
Returns:
| Type | Description |
|---|---|
str
|
Pretty formatted packet. |
SyncPacket
Bases: PacketUtils
Model for sync packets.
Parameters:
| Name | Type | Description | Default |
|---|---|---|---|
raw_packet |
bytes
|
Raw bytes of the packet. |
required |
Methods:
| Name | Description |
|---|---|
pformat |
Pretty format the packet. |
Example
# python3 ./tools/packet_analyzer.py -t s -p 180000000400000d0002180000800000080318ffffffff07
{
'body': {'limit': 2147483647, 'mediaType': 'DNG'},
'message_code': 13,
'message_code_str': 'PHONE_COMMAND_GET_FILE_LIST',
'message_seq': 24,
'message_type': 'PHONE_COMMAND',
'packet_length': 24,
'proto_class': 'GetFileList',
'raw_body': '\x08\x03\x18\xff\xff\xff\xff\x07',
'raw_header': '\x18\x00\x00\x00\x04\x00\x00\x0d\x00\x02\x18\x00\x00\x80\x00\x00',
'raw_message_code': '\x0d\x00',
'raw_message_seq': '\x18\x00\x00\x00',
'raw_message_type': '\x04\x00\x00',
'raw_packet': '\x18\x00\x00\x00\x04\x00\x00\x0d\x00\x02\x18\x00\x00\x80\x00\x00\x08\x03\x18\xff\xff\xff\xff\x07',
'raw_packet_length': '\x18\x00\x00\x00'
}
pformat()
Pretty format the packet.
Returns:
| Type | Description |
|---|---|
str
|
Pretty formatted packet. |
main()
Entry point for the tool.
parse_args()
Parse command line arguments.
Returns:
| Type | Description |
|---|---|
|
Parsed arguments. |