How do you reverse engineer a funky protocol?

Owned by Eliot Muir
Last updated: Dec 31, 2021

After spending 3 decades in the computer industry I have more than my fair share of funky protocols. The funny thing is the younger members of my team don’t even know most of them.

Why is that?

Well mainly because a most of them were wildly complicated built by committees who did not understand the problems they were trying to solve.

There were such beauties as SOAP - Simple Object Access Protocol (this is an oxymoron).

Why do we see so many funky protocols implemented?

Unfortunately our industry doesn’t have enough emphasis on teaching fundamentals and so many companies end up using libraries which they don’t understand to implement their interfaces. The net result is that they often don’t understand the implementation details of what they actually have.

Oh my <insert deity of choice here>! Is there a solution?

Yes there is! Basically there are a variety of tools which make it easy to view what is actually being sent over the wire and then it’s easy to figure how a specific implementation has been done and reverse engineer it.

One of the most straightforward tools is using the developer tools in your browser like Chrome. If you have an example client program in say Javascript and some funky framework you can open up the network tab and see the HTTP requests and responses in plain text and figure out how to implement it.

This is what we call reverse engineering.

This is chat with myself and @Paul Le going over a few tools which are handy to to do reverse engineering. We looked at Postman, the Curl command line, what %20 means (see hexidecimal). And baud rate. We talked about HTTP 2.0 and the Network tools in chrome.