Skip to content
This repository has been archived by the owner on Jan 9, 2019. It is now read-only.

Understanding the Packet Body

Jump to bottom
Joshua Garner edited this page Dec 28, 2016 · 4 revisions

A reply from the Ulterius server will be in one of two states: encrypted or unencrypted. If a reply is encrypted it will be a binary body of data; otherwise it will be plain text JSON.

Encrypted packets have a header and a payload. The header looks like this:

-----------Header-----------
Endpoint Name Length (int32)
Endpoint Name Bytes (bytes[Length])
Endpoint Encryption Type Bytes (bytes[3])
----------------------

If you were to parse this header in C# it would look like this:

using (var binaryReader = new BinaryReader(new MemoryStream(packetData)) {
   var endpointLength = binaryReader.ReadInt32();
   var endpointName =   binaryReader.ReadBytes(endpointLength);
   var encryptionType = binaryReader.ReadBytes(3);
}

The header retains valuable information that makes it easier to manage responses. The endpoint name says where the data is coming from, and the encryption type helps in decrypting the data.

Standard Ulterius responses use CBC encryption, however, screen share frames are encrypted with OFB for expediency purposes.

All the remaining bytes of data within the packet are the payload. If the response is from the standard API, decrypting will result in a JSON string. If the response is for screen share, it will result in a screen share frame body. See Understanding the Screen Share Protocol for information on handling that.

Clone this wiki locally