我正在尝试阅读一些 flex/amf 流量,但缺乏适当的文档/示例使其非常困难。
有人可以引导我完成以下 rtmp/amf3 数据包的解码:
0x43, 0x00, 0x68, 0xcd, 0x00, 0x01, 0x33, 0x11, 0x00, 0x05, 0x00, 0x40, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x11, 0x0a, 0x81, 0x13, 0x4f, 0x66, 0x6c, 0x65, 0x78, 0x2e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x2e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x73, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x69, 0x6e, 0x67, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x13, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x0f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x17, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x13, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x49, 0x64, 0x11, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x15, 0x74, 0x69, 0x6d, 0x65, 0x54, 0x6f, 0x4c, 0x69, 0x76, 0x65, 0x13, 0x74, 0x69, 0x6d, 0x65, 0xc3, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x09, 0x62, 0x6f, 0x64, 0x79, 0x01, 0x06, 0x29, 0x6c, 0x69, 0x73, 0x74, 0x41, 0x6c, 0x6c, 0x50, 0x72, 0x61, 0x63, 0x74, 0x69, 0x63, 0x65, 0x47, 0x61, 0x6d, 0x65, 0x73, 0x0a, 0x0b, 0x01, 0x21, 0x44, 0x53, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x04, 0x3c, 0x15, 0x44, 0x53, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x06, 0x11, 0x6d, 0x79, 0x2d, 0x72, 0x74, 0x6d, 0x70, 0x73, 0x09, 0x44, 0x53, 0x49, 0x64, 0x06, 0x49, 0x42, 0x45, 0x32, 0x34, 0x31, 0x32, 0x33, 0x34, 0x2d, 0x31, 0x45, 0x31, 0x39, 0x2d, 0x30, 0x33, 0x43, 0x33, 0x2d, 0x39, 0x30, 0x34, 0x43, 0x2d, 0x32, 0x31, 0x36, 0x33, 0x36, 0x36, 0x30, 0x41, 0x42, 0x34, 0x37, 0x46, 0x01, 0x06, 0x17, 0x67, 0x61, 0x6d, 0x65, 0x53, 0x65, 0xc3, 0x72, 0x76, 0x69, 0x63, 0x65, 0x06, 0x49, 0x31, 0x34, 0x43, 0x30, 0x46, 0x42, 0x38, 0x30, 0x2d, 0x46, 0x37, 0x43, 0x34, 0x2d, 0x42, 0x42, 0x34, 0x42, 0x2d, 0x31, 0x46, 0x32, 0x34, 0x2d, 0x34, 0x39, 0x36, 0x32, 0x38, 0x30, 0x42, 0x38, 0x39, 0x33, 0x42, 0x38, 0x01, 0x04, 0x00, 0x04, 0x00, 0x09, 0x01, 0x01
我的尝试:
0x43 - 0100 0011 : [01] - 类型 1 = rtmp 标头将是 7 个字节。流 ID - 3,将在这个单字节中。
还设法通过移动 UTF 1 位来读取以下内容以获得长度:
0x4f: flex.messaging.messages.RemotingMessage
0x0d:源
0x13:操作
0x0f:标题
0x17:目的地
0x13:消息ID
0x11:客户标识
0x15:生存时间
在这里我的猜测停止了,“时间”/“邮票”似乎不起作用。当然,我无法理解所有其他字节是如何编码的(对象/数组等);