Jump to content

How to convert HEX to text(string) from a TCPRecv packet

nfaustin
 Share

Recommended Posts

nfaustin Adventurer

nfaustin

Posted
Posted

Hi Guys,

I currently develop a tool for my work. I use this TCP server and listening from a client machine.

The packet receive are in HEX values, I tried to convert and display these debug log messages but

it seem the HexToString nor BinaryToString doesn't work completely.

Here is the sample data : 

0x4C4F473A3A617474726962757465732E7769646765745F696E746572616374697665203D20747275650A0A004C4F473A3A617474726962757465732E7769646765745F69636F6E203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F736368656D6156657273696F6E203D20312E350A0A004C4F473A3A617474726962757465732E68617264776172655F6465766963655F6964203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F74696D657A6F6E65537472696E67203D20474D542B383A30300A0A004C4F473A3A617474726962757465732E75736572506172616D735F537472696E67203D203C5061726D733E3C46774C6576656C3E323031303131323530313C2F46774C6576656C3E3C2F5061726D733E0A0A004C4F473A3A3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672053746F7265644D61700A0A004C4F473A3A53746F7265644D61703A3A696E697428293A20746869732E736F6E616D65203D20456E76656C6F706557697A6172645F64333930656538302D663436612D343930372D386437352D3530386238343239353064360A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A206861735368617265644F626A65637473203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A20666C757368203D2070656E64696E670A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A2072657476616C203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6F6E526561647948616E646C657228293A200A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672042726F777365720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67204A706567204173736973740A0A004C4F473A3A4A7065674173736973743A3A726573657448574A70656741737369737428293A200A0A004C4F473A3A4A7065674173736973743A3A72656E6465724A70656753746174757328293A20756E646566696E65643A20494E56414C49445F55524C0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67205072696E7420736572766963650A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E6720536F756E6420506C617965720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20646F6E6520696E697469616C697A696E672073657276696365732E20496E766F6B696E672063616C6C6261636B2E0A0A00

And sample trial code : 

$Hex = "0x4C4F473A3A617474726962757465732E7769646765745F696E746572616374697665203D20747275650A0A004C4F473A3A617474726962757465732E7769646765745F69636F6E203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F736368656D6156657273696F6E203D20312E350A0A004C4F473A3A617474726962757465732E68617264776172655F6465766963655F6964203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F74696D657A6F6E65537472696E67203D20474D542B383A30300A0A004C4F473A3A617474726962757465732E75736572506172616D735F537472696E67203D203C5061726D733E3C46774C6576656C3E323031303131323530313C2F46774C6576656C3E3C2F5061726D733E0A0A004C4F473A3A3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672053746F7265644D61700A0A004C4F473A3A53746F7265644D61703A3A696E697428293A20746869732E736F6E616D65203D20456E76656C6F706557697A6172645F64333930656538302D663436612D343930372D386437352D3530386238343239353064360A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A206861735368617265644F626A65637473203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A20666C757368203D2070656E64696E670A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A2072657476616C203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6F6E526561647948616E646C657228293A200A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672042726F777365720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67204A706567204173736973740A0A004C4F473A3A4A7065674173736973743A3A726573657448574A70656741737369737428293A200A0A004C4F473A3A4A7065674173736973743A3A72656E6465724A70656753746174757328293A20756E646566696E65643A20494E56414C49445F55524C0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67205072696E7420736572766963650A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E6720536F756E6420506C617965720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20646F6E6520696E697469616C697A696E672073657276696365732E20496E766F6B696E672063616C6C6261636B2E0A0A00"
$String = _StringToHex($Hex)
; OR
;$String = BinaryToString($Hex)

;ConsoleWrite($String)

MsgBox(0, "Hex", "Original Hex: " & $Hex & @LF& @LF & " String: "& @LF & $String)

The output is incorrect because the output should be like on this site.

What wrong with this?

[font="Palatino Linotype"][size="2"]*** The information contained in this post should be considered and certified WORKS ON MY MACHINE ***[/size][/font][font="Palatino Linotype"][size="2"] [/size][/font]
Link to comment
Share on other sites
trancexx Universalist

trancexx

Posted
Posted

Nothing is particularly wrong. You just have to remove null-terminators to display the whole string. 

$Hex = "0x4C4F473A3A617474726962757465732E7769646765745F696E746572616374697665203D20747275650A0A004C4F473A3A617474726962757465732E7769646765745F69636F6E203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F736368656D6156657273696F6E203D20312E350A0A004C4F473A3A617474726962757465732E68617264776172655F6465766963655F6964203D20756E646566696E65640A0A004C4F473A3A617474726962757465732E68617264776172655F74696D657A6F6E65537472696E67203D20474D542B383A30300A0A004C4F473A3A617474726962757465732E75736572506172616D735F537472696E67203D203C5061726D733E3C46774C6576656C3E323031303131323530313C2F46774C6576656C3E3C2F5061726D733E0A0A004C4F473A3A3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D3D0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672053746F7265644D61700A0A004C4F473A3A53746F7265644D61703A3A696E697428293A20746869732E736F6E616D65203D20456E76656C6F706557697A6172645F64333930656538302D663436612D343930372D386437352D3530386238343239353064360A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A206861735368617265644F626A65637473203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A20666C757368203D2070656E64696E670A0A004C4F473A3A53746F7265644D61703A3A6E65656443616C6C6261636B28293A2072657476616C203D20747275650A0A004C4F473A3A53746F7265644D61703A3A6F6E526561647948616E646C657228293A200A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E672042726F777365720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67204A706567204173736973740A0A004C4F473A3A4A7065674173736973743A3A726573657448574A70656741737369737428293A200A0A004C4F473A3A4A7065674173736973743A3A72656E6465724A70656753746174757328293A20756E646566696E65643A20494E56414C49445F55524C0A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E67205072696E7420736572766963650A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20696E697469616C697A696E6720536F756E6420506C617965720A0A004C4F473A3A536572766963654D616E616765723A3A696E6974536572766963657328293A20646F6E6520696E697469616C697A696E672073657276696365732E20496E766F6B696E672063616C6C6261636B2E0A0A00"
$String = StringReplace(BinaryToString($Hex), Chr(0), "")

ConsoleWrite($String & @CRLF)

♡♡♡

.

eMyvnE

Link to comment
Share on other sites
nfaustin Adventurer

nfaustin

Posted
  • Author
Posted

Haha, it working now.....

Thanks you so much trancexx..

I think need to sleep now...

[font="Palatino Linotype"][size="2"]*** The information contained in this post should be considered and certified WORKS ON MY MACHINE ***[/size][/font][font="Palatino Linotype"][size="2"] [/size][/font]
Link to comment
Share on other sites
  • 2 months later...
qty Seeker

qty

Posted
Posted

sorry for hooking this thread, i came here due to searching and my question suits perfectly.

im doing some tcp packet capturing with the winpcap udf and i stuck with this hex/bin/ascii translations.

i dont get how to split tcp packet information, maybe trancexx you could hint me the direction.

if this is the tcp packet pattern http://de.wikipedia.org/w/index.php?title=Datei:TCP_Header.svg&filetimestamp=20070706210301

how would i, for example, access the data offset?

why is this, what you wrote, working:

$String = StringReplace(BinaryToString($Hex), Chr(0), "")

why can you convert a HEX expression with a binary convert function?

i would have expected some sort of HexToAscii($hex) or something similar.

i guess im missing some basic knowledge about the hex<->binary connection

the traffic im capturing is plaintext. if i use your solution i can see the the desired plaintext

but dont know how to handle the other stuff that comes with the captured data.

ty in advance for any hint

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...