Next time you find yourself reverse engineering a weird protocol - use ImHex. You can literally define patterns (in a C++ / Rust -like language) so that your binary file gets highlighted and processed.
I can't recommend it enough - it's perfect for the job and it's free and Open Source.
Hey! fq author here. I have a bunch of related tools in the readme https://github.com/wader/fq?tab=readme-ov-file#tools two suggestions: gnu poke and wireshark (can decode lots of more things then just network protocols)
I'm trying to reverse engineer a kinda simple tcp data stream, and the values are tag-length-value for the most part, and I made a simple mitm proxy that prints known tags and their data values (that I was able to decipher) live, but I am doing the deciphering of known and unknown tags manually, but I was wondering if there is some way to automate this?
I basically would be interested in automatic seen tag tracking, replaying select tags many times to see if they are idempotent, replaying and modifying bytes on a select tag, omitting a select tag and seeing how the client responds.
I guess I could find the socket receive function in the binary and see if the tag values are in a switch or something too but like the original article, it's also new territory for me to read that.
I am just about to expand my mitm proxy with more code to inject/filter packets.
Just coming here to say this. I was reversing a license file for some software so I could play with it yesterday, and I could implement the encryption/decryption code direct in the data processor of imhex, such a time saver.
I can't recommend it enough - it's perfect for the job and it's free and Open Source.
https://imhex.werwolv.net/