Decoding Amf3

[staroflaw]

Hello,

I just need some advice on how to Decoding AMF3 Packets.

I play a Flash game called EVONY and am trying to 'log' some in game info. (Commands sent and the reply)

I am using wireshark to capture the packets, but they look like jargon.

...cmd.%trade.searchTrades.data
..resType........
#..cmd.data.%trade.searchTrades
C..sellers
buyers.packageId.ok...
#.
amount.price....$.@H.fffff
.....r.@H......
.......@Hs33333
.......@H......
.......@G.........
....^.@F.G..z.
.......@F......
.....@.@F.G..z.
.......@F......
....r.@E...
=q...........

I can see some data but as you can see alot of "...."

I have been reading about 'amfast' But Ime not a programmer and dont understand how to use it. Or if it will help.

Any info is welcome.

Thank you

Edited January 5, 2011 by staroflaw

[digip]

I don't know anything about "AMF3" but they have a PDF sheet about it on the macromedia site: http://download.macromedia.com/pub/labs/amf/amf3_spec_121207.pdf

Might shed some light on what you are seeing. The reasons you see all the code like that is because its more than likely binary, or encoded data. I don't think you will see plain text data come across for it, and as such, might need a debugger to attach your browser when using the flash app to see more of what its doing. That is of course if you can follow ASM and know what to look for.

[staroflaw]

Thanks digip.

I have had a good read of the pdf and I understand most of it.

I'm going to use AMFast to decode the AMF. Well try.. lol

Now time to learn python.

Thanks for your post.

-Star-