On Sat, May 23, 2009 at 4:30 PM, Rob Savoye <address@hidden>
wrote:
that implementing a sniffer (wireshark plugin?) at the same time
also
helps, although i'd found when doing MSRPC reverse-engineering that
massively verbose debug output substitutes for that need, anyway.
You can see my the video of my talk on reverse engineering RTMP at
FOSDEM this year, to see how I like to do this. Wireshark has RTMP
support these days. What I did was take a pile of hex dumps I'd
captured, and turned them all into a giant testsuite. That way I
didn't
need to use the Adobe plugin, which I'm too paranoid to even get
close to.
Discussion about RTMP and rtmpdump is the top story on Slashdot
right now:
http://tech.slashdot.org/article.pl?sid=09/05/23/2017218&art_pos=1
As I noted in the /. thread, the FOSDEM website site doesn't seem to
have links to the 2009 videos up yet, but you can get them directly
from the video mirror sites:
"Reverse Engineering of Proprietary Network Protocols, Tools, and
Techniques", by Rob Savoye
Ogg Theora (239M)
http://fosdem.unixheads.org/2009/maintracks/reverse.ogv
Xvid.avi (183M) [belnet.be]
http://fosdem.unixheads.org/2009/maintracks/reverse.xvid.avi
_______________________________________________
Gnash-dev mailing list
address@hidden
http://lists.gnu.org/mailman/listinfo/gnash-dev
PGP.sig