A smart UDP protocol analyzer?

Is there a "smart" UDP protocol analyzer that can help me reverse engineer a message based protocol?

I'm using Wireshark to do the sniffing, bu开发者_JAVA百科t if there's a tool that can detect regularities in the protocol (repeated strings, bits of the protocol that are CRC/Checksum or length, ...) and aid the process that would help.

---

You are asking for a universal inference engine. The best way to try to recover the protocol (assuming you are in a jurisdiction that permits this) is to understand the underlying message transfer from the beginning of a session, and then trying to manually simulate the behaviour of each party through a sequence of ping-pong message trials. This way you develop an understanding of the message structures and their functioning.

Using the UDP frame boundaries is a good place to start looking for structure.

If you have no documentation, you will find that even if you gain a good understanding of the protocol, expect to be surprised many times during the project.

If you can, have your existing systems carry out exactly the scenario you need to use, and then simply replicate the same sequence with payload (and any checksum) changes only. This way you can possibly achieve the requirement without a comprehensive understanding of the protocol.

For an example of the effort in doing this you could look at a historical review of the Samba project at A bit of history and a bit of fun.