Highlighted
New Member.
280 views

how to decode winsocket script

Hello team, 

i am recording .net tcp protocol windows application in vugen with win socket protocol.. i am able to do recording , but the scripts generated is not readable. it is something like:

 

send  buf0 118
    "\x00\x01\x00\x01\x02\x02"
    "Vnet.tcp://10.243.19.128/Services/ApplicationService/ApplicationService.sv"
    "c/Application"
    "\x03"
    "\b\t"
    "\x15"
    "application/negotiate"

recv  buf1 1
    "\n"

send  buf2 45
    "\x16\x01\x00\x00"
    "(NTLMSSP"
    "\x00\x01\x00\x00\x00\xb7\x82\x18\xe2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"
    "\x00\x00\x00\x00\x00\x00\x06\x01\xb1\x1d\x00\x00\x00\x0f"

 

 

. please help me how to make it readable so that we can do corelation and parameterization.

 

Thanks

Nishant

0 Likes
1 Reply
Highlighted
Micro Focus Expert
Micro Focus Expert

Re: how to decode winsocket script

Hi Nishant,

About your question regarding windows socket script, you need to know that this type of protocol is a very low level of protocol that captures TCP trafic after creating a Winsock Vuser script, you can view the recorded buffers as raw data or as a snapshot. This type of script is always in this form and it very hard to interpret the requests/responses but you can guide yourself using this guides:

https://admhelp.microfocus.com/lr/en/12.60/help/WebHelp/Content/VuGen/Correlation/protocols/winsock_correlation.htm

https://admhelp.microfocus.com/lr/en/12.60/help/WebHelp/Content/VuGen/Correlation/protocols/winsock_manual_correlation.htm

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.