Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[BU5HI5]

very technical question about implementation. I need to know what is the way KAD SEARCH_RES is encoded, i looked into code it looks like it uses UTF-8 but when I tried to decde hex data it gives shit no the data from the packet any help will be needed. I need this stuff for my studies project.

[Kry]

There is no "encoding". I you're talking about searching for keywords, it's the usual in *Mule: UTF8.

[BU5HI5]

Ok, I have SEARCH_RES message packet captured by wireshark, how can I derive filnames, sizes etc. from it? Just decode UTF-8? Did not help. Any clue?

[Kry]

Do you know what SEARCH_RES has? If you don't, look at the code for processing it.

[BU5HI5]

I look to all packets having second udp payload byte 0x38 o 0x3B  as far as I know this should include responses from clients inlcuding informations about files. Correct me if I'm wrong and please be more clear I'm not that fluent in KAD as you do Thanks anyway!

[skolnick]

What Kry means (probably, I'm guessing) with his answers is that you should first do your own homework, investigate, get documents on kad, search eMule code (if for some reason is clearer than aMule's) and then, if you still have some very specific question about it, or something is not clear, then ask here (or IRC). We will not do your homework. From what I see on your posts, you have not searched about kad.

Regards.

[Kry]

What Kry means [...] We will not do your homework.

[BU5HI5]

OK, got it. Now I looked to the code, messages are parsed in many ways as they include many different metadata thus "parser" is complex.

I have more precise question, in
String CDataIO::readStringUTF8 there is line
str = UTF82unicode(val); 

Can not find definition of UTF82unicode() function, it is called many times in code but can not find it's definition is it in some external module, if so where?

Regards

[skolnick]

Have you grepped the files that are included in the one you found this call? But besides that, I think what that method does is pretty obvious.

Regards.

[lfroen]

I think what that method does is pretty obvious.

Yea, something like converting string from UTF8 to unicode.

[BU5HI5]

KADEMLIA_SEARCH_REQ (0x30) should have form like that: < HASH(key)[16] >< ext0/1[1] > is it so that if last byte of packet is 00 it is source search and if byte after hash  is 01 it is keyword search with some extension?

What i could see in the packets there is a lot of 0x30 messages containing only hash and 0x01 byte at the end, which type of search are those?


 Could you please advice me how to differ this 2 types of search requests?

[BU5HI5]

if you still have some very specific question about it, or something is not clear, then ask here (or IRC). We will not do your homework. (...)

Regards.

Ok, I think question above is specific enough.
I know you have no gain on helping in my case, but you know I'm not going to kill your application, just trying to analyse it, and understand some trends for my studies.

This would help me a lot If you could clarify difference between: 
- keyword search and
- source search in 0x30.

 Looking only to the packets looks like, source search have alwais hash(16B) + 01,  but in case of keyword search there are differences between implementations.  It is alwias hash of first keyword (16B) +

-in Emule 0000 or 02 + rest of keyords
- in Amule 0101 + rest of keywords

Is that so?

And second question, is it a case that source searches are much more frequent than others ( client needs to find some peer having the same file so he generates source searches during whole download peroid?) What I see is ration between source searches and rest is like 99:1 does it make sense?

 I hope this time you will just answer my precise question.

regards,


 

 

[skolnick]

OK, I think you can understand aMule (or eMule) better doing some traffic captures. Use wireshark for that, since I think it has a dissector for kad (it sure has one for ed2k protocol). That way, you can produce search requests, or whatever you want, and look how the traffic is produced, and even get the replies of other clients, then understand better how everything works. I've donde it with ed2k (I haven't looked at kad yet) and it's not that hard.

Regards.