Link to this headingProtobuf
Version 2 and 3
https://arkadiyt.com/2024/03/03/reverse-engineering-protobuf-definitiions-from-compiled-binaries/
https://gist.github.com/dunhamsteve/224e26a7f56689c33cea4f0fa7632c3d
https://github.com/mildsunrise/protobuf-inspector
Link to this headingHeader Byte
Parse the Header block of the current position of the binary data
Header Byte:
| +-------------+---+---+---+---+---+---+---+ | ||
| Continue Bit | Field Type | Wire Type |
Link to this headingFieldType
Basically the index number for the element in the specific protocol. This is used to match up the name of the element to the protobuf definition file.
Link to this headingWireType
| +------+------------------+----------------------------------------------------------+ | ||
| 0 | Varint | int32, int64, uint32, uint64, sint32, sint64, bool, enum |
| 1 | 64-bit | fixed64, sfixed64, double |
| 2 | Length-delimited | string, bytes, embedded messages, packed repeated fields |
| 3 | Start group | groups (deprecated) |
| 4 | End group | groups (deprecated) |
| 5 | 32-bit | fixed32, sfixed32, float |
Groups:
- Varint
- Length Delimited
- Has Sub Objects
- 32bit
- 64bit