{"id":18756522,"url":"https://github.com/magicus/pppp-dissector","last_synced_at":"2025-09-01T13:31:56.917Z","repository":{"id":206792210,"uuid":"716702865","full_name":"magicus/pppp-dissector","owner":"magicus","description":"WireShark dissector for the PPPP protocol","archived":false,"fork":false,"pushed_at":"2023-11-13T16:39:08.000Z","size":72,"stargazers_count":7,"open_issues_count":2,"forks_count":0,"subscribers_count":2,"default_branch":"main","last_synced_at":"2024-11-07T17:57:32.404Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Lua","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/magicus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-11-09T17:33:29.000Z","updated_at":"2024-08-17T16:24:46.000Z","dependencies_parsed_at":"2023-11-12T11:30:51.231Z","dependency_job_id":"4cdfc09f-c9ac-4d3f-b34b-940b4cbdf4bb","html_url":"https://github.com/magicus/pppp-dissector","commit_stats":null,"previous_names":["magicus/pppp-dissector"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magicus%2Fpppp-dissector","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magicus%2Fpppp-dissector/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magicus%2Fpppp-dissector/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/magicus%2Fpppp-dissector/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/magicus","download_url":"https://codeload.github.com/magicus/pppp-dissector/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":231693385,"owners_count":18411894,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-07T17:36:58.696Z","updated_at":"2024-12-29T02:01:17.646Z","avatar_url":"https://github.com/magicus.png","language":"Lua","funding_links":[],"categories":[],"sub_categories":[],"readme":"WireShark dissector for the PPPP protocol\n===\n\nWireShark dissector for the P2P protocol used by various IoT devices,\ntypically cheap Chinese IP cameras.\n\n### Specification\n\nAn attempt to document the protocol (in addition to what is programmatically\n\"documented\" in the dissector) can be found [here](PPPP.md).\n\n### Usage\n\nTo use this dissector, put pppp_dissect.lua in your WireShark plugin folder.\nSee https://www.wireshark.org/docs/wsug_html_chunked/ChPluginFolders.html if\nyou need assistance in finding the folder.\n\nIf your device uses \"encrypted\" traffic, the dissector needs to know the PSK\n(pre-shared key) used for encryption. By default, the dissector checks the\nthree most commonly used PSK automatically, but if your device does not use any\nof these, you must manually enter the proper PSK. This needs to be set as the\nproperty `pppp.psk`. You can find this preference in the GUI by going to\nWireshark Preferences, selecting Protocols, and then selecting PPPP.\n\nYou can consult the [table of known PSKs](PPPP.md#pre-shared-key) to find the\nPSK for your device. If your prefix is not listed in that table, you will need\nto find the PSK some other way, typically be reverse-engineering an existing\napp.\n\n### Acknowledgements\n\nI am standing on the shoulder of giants. This would not have been possible\nwithout the work of Paul Marrapese (https://github.com/pmarrapese/iot) and\ndatenstau (https://github.com/datenstau/A9_PPPP). I am also very grateful to\n[@Python1320](https://github.com/Python1320) who helped me early on with\nproviding information from a different device, which enabled me to make the\ndissector more general.\n\nIn learning to write a Lua WireShark dissector, [this post](\nhttps://mika-s.github.io/wireshark/lua/dissector/2017/11/04/creating-a-wireshark-dissector-in-lua-1.html)\nfrom Mika's tech blog was incredibly helpful.\n\nIn contrast to pmarrapese's dissector, this dissector also handles \"encrypted\"\ntraffic (this is really more of an obfuscation than proper encryption). Nor\ndoes it rely on Wireshark Generic Dissector. This has both pros and cons. This\nmeans that it works on macOS (which WSGD does not -- this was the driving force\nfor me starting from scratch instead of building on pmarrapese's dissector).\nBut it is (probably) executing much slower, since it uses the Lua script\nengine.\n\n### License\n\nThis code is licensed under the MIT license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagicus%2Fpppp-dissector","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmagicus%2Fpppp-dissector","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmagicus%2Fpppp-dissector/lists"}