配置
1. install latest wireshark.
2. install irdeto plugin $/KMS/Base/Tools/WiresharkPluginLua, the bat file, if install bat file fails, then need to check *.ps1 file, the install path need to match.
3. config your lisening port in ../Wireshark/plugins/lua/port.lua
for example:
ecm_conn_port_table = {4350,4450},
4. wireshark set capture filter
net 192.168.0.0 mask 255.255.255.0
src net 192.168.0.0 mask 255.255.255.0
dst net 192.168.0.0 mask 255.255.255.0
port 53
not broadcast and not multicast
5. Set a special filter
select 1 line, right click the menu, apply as filter
常用命令
msp.ccp.ccp_opcode == 0x8c
msp.ccp.emm and ip.src == 10.86.10.200
msp.ccp.emm and tcp.port==5014
ip.dst==10.86.9.22
ip.src==10.86.10.119
tcp.port==4460 || tcp.port==4462
msps
CCA UNIQUE EMM
CCA SUPER-GROUP EMM
CCA GROUP-UNIQUE EMM
Cloaked CA ECM
dvbs
EMMG/ECMG SAS <==> KMS communicate
xml
SOAP/REST
浙公网安备 33010602011771号