Packet Buffer question

[dynobird]

Here's a method in the packet buffer I'm using:

Code Select Expand


public void InsertDword(int dWordheader){
        addByte((byte)((dWordheader & 0x000000FF) >> 0));
        addByte((byte)((dWordheader & 0x0000FF00) >> 8));
        addByte((byte)((dWordheader & 0x00FF0000) >> 16));
        addByte((byte)((dWordheader & 0xFF000000) >> 24));
}


I've never seen this "notation" before, what do the & and >> operators mean?
And as for the int, do I send it an int in base 10? Or do I send it the actual "header" or w/e, like
for the byte 0x13 would I send it as 13 for hex or 19 for base 10?

[Tuberload]

The '&' is the bitwise operator AND, and the ">>" is the bitwise right shift operator.

[MyndFyre]

Hrm....  I wonder why they didn't use pointers.

Code Select Expand


public void InsertDword(int dword)
{
        int *pd = &dword;
        addByte( *((byte*)pd) );
        addByte( *((byte*)pd + 1) );
        addByte( *((byte*)pd + 2) );
        addByte( *((byte*)pd + 3) );
}


Seems like it would have been more straightforward.

[dynobird]

Sorry, forgot to mention that it was java, that's why there are no pointers.
As for the int that you pass to the function, if I was to send the Dword 0x 00 00 00 13
Then... would I send to the function 19 as the base 10 int? If that's true then I'll make a hex-decimal converter but...
I want to make sure that this is the case.

[Tuberload]

You either pass it a variable in the form of base10 or use the hexadecimal literal to pass it the same value in the form of base16. It is completely up to you, although I prefer to pass it in the form of base16 to keep things simpler and keep myself from having to convert between the two.

[dynobird]

I tried passing it in hex, but it didn't work. Perhaps I need to cast it into an int? Like insertDword((int)0x13) ...
Sorry that I ask this question without trying out for myself but I don't have access to compiling right now =\ (or for a day or two)
Ever hear of cyber patrol?

[Tuberload]

Casting it back into an int would be pointless because it is being passed as an int already.

Give some feedback as to what exactely you mean by "it does not work" please. Post all methods that are used by this specific method you're having problems with. Post input and output results. Does your insertWORD(int) method work?

[dynobird]

Oh, erm, stupid mistake by me ;\
It's fixed now.
Thanks for sticking with me Tuberload.

I have another question, sort of unrelated, but for the sake of thread conservation I'll post it here:
Can anyone point me to a free, reliable packet logger? By reliable I mean efficient as well as no viruses, trojans, backdoors, etc...
Someone in the past pointed me to a good packet logger but when I googled it people said it had a trojan, so I want to get some advice on which to get before downloading one.

[Joe]

Heres the packet buffer from JavaOp2.
http://www.javaop.com/javaop2/src/javaop2_pub/src/util/BNetPacket.java
http://www.javaop.com/javaop2/src/javaop2_pub/src/util/Buffer.java

Code Select Expand

    /** Adds a dword to the buffer (4 bytes, little endian).
     * @param d The dword to add.
     */
    public void addDWord(int d)
    {
        addByte((byte)((d & 0x000000FF) >> 0));
        addByte((byte)((d & 0x0000FF00) >> 8));
        addByte((byte)((d & 0x00FF0000) >> 16));
        addByte((byte)((d & 0xFF000000) >> 24));

    }
   
    public void addArray(int []a)
    {
        for(int i = 0; i < a.length; i++)
            addDWord(a[i]);
    }
   
    /** Removes and returns a single dword (4 bytes).
     * @return The DWord that was removed.
     * @throws IndexOutOfBoundsException If there isn't enough room in the buffer to accomidate the
     *         requested removal.
     */
    public int removeDWord() throws IndexOutOfBoundsException
    {
        return ((removeByte() << 0) & 0x000000FF) |
               ((removeByte() << 8) & 0x0000FF00) |
               ((removeByte() << 16) & 0x00FF0000) |
               ((removeByte() << 24) & 0xFF000000);
    }

As for your packet logger, I suggest Ethereal.

[Tuberload]

Did you even follow the conversation? He solved the problem himself, and I am sure learned a lot more out of it than he would have by just using code given to him...

[Joe]

I read it, but I thought I'd post this too.

[deadly7]

Oh, erm, stupid mistake by me ;\
It's fixed now.
Thanks for sticking with me Tuberload.

I have another question, sort of unrelated, but for the sake of thread conservation I'll post it here:
Can anyone point me to a free, reliable packet logger? By reliable I mean efficient as well as no viruses, trojans, backdoors, etc...
Someone in the past pointed me to a good packet logger but when I googled it people said it had a trojan, so I want to get some advice on which to get before downloading one.

Ethereal is one i've used before, it's neat.

[Mythix]

WPE Pro works well.

[Tuberload]

I read it, but I thought I'd post this too.

I'm starting to think it would be in your best interest if you would just stop thinking so much.

[dynobird]

Ahhhhh =)
Symantec killed one of the WPE .dll's that makes it run so ... I've crossed WPE off my list
On the bright side, Ethereal passes through my antivirus scans just fine =) Except for one problem...
I have to install WinPCap, in order for Ethereal to capture packets, but I have no admin privileges, so I can't install ANY_THING.

So can someone be nice and email me the wpcap.dll file for Ethereal =)? It's the file that Ethereal says I need in order to capture packets.
And, if any of you know, is this the only file outside of the Ethereal download that you need for Ethereal to work?
Thanks in advance

EDIT
My email is dijame@gmail.com

EDIT-2
Nvm, found it off google, sorry for stupid post.