Reputation: 387
Wireshark Corba stub decompiling
I am trying to find a way to decompile a omniorb CORBA stub that I found through wireshark. The technology seems old as I can not find any new deep documentation whatsoever. Here is the data of the request:
Key Addres: .omniINSPOA.FMPOA.FMRPO
Stub data: f552010001000000000000002a00100085000000560000000000014e0000000100000065000000038020018020018001000c0301010201010302010301020303010201030304000000650605030280014040200280200180200180200c80180f011433126b14101433120612071208404040200380050100030280e802010c4040400000005a00000000000000000000000000000000ffff00
I am ow trying to get the information out, I't should say something about a password and a username. Those credentials are only testing ones though. Is there a way to find out what was transmitted here? I would greatly appreciate any help as I am really really stuck.
Upvotes: 0
Views: 287
Answers (1)
Reputation: 3002
The CORBA specification has detailed information how data is encoded on the wire. When you would print the data as hex you should be able to read some bytes (assuming it is not using SSL) and manually try to demarshal the data, but it would help when you have the original IDL. There is also a book called "IIOP Complete" which has a lot of information about the protocol.
Upvotes: 0
Related Questions
- Compiling Wireshark packet dissector
- Wireshark Lua Dissector Response Request
- Debugging wireshark dissector
- Exporting Wireshark Dissector
- Wireshark STOMP protocol dissector
- Wireshark Dissector :- Running autogen.sh and configure again
- Wireshark dissector configuration argument
- wireshark lua dissector to get uncompressed entity body
- [wireshark]how to use a plug-in to dissect a packet
- Reassembling packets in a Lua Wireshark Dissector