Wireshark mailing list archives
Re: BitTorrent info_hash decoder using Wireshark
From: Jaap Keuter <jaap.keuter () xs4all nl>
Date: Wed, 09 Nov 2011 12:56:29 +0100
Hi,Well, by definition you can't. A hash is specifically designed to do that, creating an opaque identifier. Only with access to the torrent file you'll
be able to figure out the corresponding file name. Thanks, Jaap On Tue, 8 Nov 2011 12:51:07 -0800 (PST), firstname lastname wrote:
I have a pcap file which has traffic captured between the client and the server. Here, the server is a tracker and it looks like an announcement message from a Torrent client to the Tracker requesting to download a file. The request looks like below: GET http://tracker21.df6d4cf3-2787-4001-80ff-e8a23e7ff1ec.automated.snxd.com/?info_hash=%FEg%F6mth%90%5E%84%F6%F5z%E3%E8%DFu%E7%FA%14%0E&peer_id=&port=0&uploaded=0&downloaded=0&left=3760800 ...... The info hash looks like this: %FEg%F6mth%90%5E%84%F6%F5z%E3%E8%DFu%E7%FA%14%0E I want to decode this info_hash. I believe wireshark has the capability to dissect the Bittorrent Protocol, however I am unsure of whether there is a way to make it decode the info_hash and peer_id fields as well? I have searched on Google for algorithm used to encode the info hash but not much success. http://nakkaya.com/2009/12/03/bittorrent-tracker-protocol/ This is one reference, but I am trying to understand the algorithm. While doing that, I got this thought. It would be great if we can get the info_hash, since this way we can conclude which file was being downloaded from the tracker. Regards, NeonFlash
___________________________________________________________________________ Sent via: Wireshark-users mailing list <wireshark-users () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-users Unsubscribe: https://wireshark.org/mailman/options/wireshark-users mailto:wireshark-users-request () wireshark org?subject=unsubscribe
Current thread:
- BitTorrent info_hash decoder using Wireshark firstname lastname (Nov 08)
- Re: BitTorrent info_hash decoder using Wireshark Jaap Keuter (Nov 09)