我正在尝试阅读一些flex / amf流量,但缺乏适当的文档/示例使其变得非常困难。
有人可以告诉我解码下面的rtmp / amf3数据包:
0x43, 0x00, 0x68, 0xcd, 0x00, 0x01, 0x33, 0x11, 0x00, 0x05, 0x00, 0x40, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x11, 0x0a, 0x81, 0x13, 0x4f, 0x66, 0x6c, 0x65, 0x78, 0x2e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x69, 0x6e, 0x67, 0x2e, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x73, 0x2e, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x69, 0x6e, 0x67, 0x4d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x0d, 0x73, 0x6f, 0x75, 0x72, 0x63, 0x65, 0x13, 0x6f, 0x70, 0x65, 0x72, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x0f, 0x68, 0x65, 0x61, 0x64, 0x65, 0x72, 0x73, 0x17, 0x64, 0x65, 0x73, 0x74, 0x69, 0x6e, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x13, 0x6d, 0x65, 0x73, 0x73, 0x61, 0x67, 0x65, 0x49, 0x64, 0x11, 0x63, 0x6c, 0x69, 0x65, 0x6e, 0x74, 0x49, 0x64, 0x15, 0x74, 0x69, 0x6d, 0x65, 0x54, 0x6f, 0x4c, 0x69, 0x76, 0x65, 0x13, 0x74, 0x69, 0x6d, 0x65, 0xc3, 0x73, 0x74, 0x61, 0x6d, 0x70, 0x09, 0x62, 0x6f, 0x64, 0x79, 0x01, 0x06, 0x29, 0x6c, 0x69, 0x73, 0x74, 0x41, 0x6c, 0x6c, 0x50, 0x72, 0x61, 0x63, 0x74, 0x69, 0x63, 0x65, 0x47, 0x61, 0x6d, 0x65, 0x73, 0x0a, 0x0b, 0x01, 0x21, 0x44, 0x53, 0x52, 0x65, 0x71, 0x75, 0x65, 0x73, 0x74, 0x54, 0x69, 0x6d, 0x65, 0x6f, 0x75, 0x74, 0x04, 0x3c, 0x15, 0x44, 0x53, 0x45, 0x6e, 0x64, 0x70, 0x6f, 0x69, 0x6e, 0x74, 0x06, 0x11, 0x6d, 0x79, 0x2d, 0x72, 0x74, 0x6d, 0x70, 0x73, 0x09, 0x44, 0x53, 0x49, 0x64, 0x06, 0x49, 0x42, 0x45, 0x32, 0x34, 0x31, 0x32, 0x33, 0x34, 0x2d, 0x31, 0x45, 0x31, 0x39, 0x2d, 0x30, 0x33, 0x43, 0x33, 0x2d, 0x39, 0x30, 0x34, 0x43, 0x2d, 0x32, 0x31, 0x36, 0x33, 0x36, 0x36, 0x30, 0x41, 0x42, 0x34, 0x37, 0x46, 0x01, 0x06, 0x17, 0x67, 0x61, 0x6d, 0x65, 0x53, 0x65, 0xc3, 0x72, 0x76, 0x69, 0x63, 0x65, 0x06, 0x49, 0x31, 0x34, 0x43, 0x30, 0x46, 0x42, 0x38, 0x30, 0x2d, 0x46, 0x37, 0x43, 0x34, 0x2d, 0x42, 0x42, 0x34, 0x42, 0x2d, 0x31, 0x46, 0x32, 0x34, 0x2d, 0x34, 0x39, 0x36, 0x32, 0x38, 0x30, 0x42, 0x38, 0x39, 0x33, 0x42, 0x38, 0x01, 0x04, 0x00, 0x04, 0x00, 0x09, 0x01, 0x01
我的尝试:
0x43 - 0100 0011:[01] - 类型1 = rtmp标头将是7个字节。流ID - 3将在此单个字节中。
还设法通过将UTF 1位移位以获得长度来读取以下内容:
0x4f:flex.messaging.messages.RemotingMessage
0x0d:source
0x13:操作
0x0f:标题
0x17:目的地
0x13:messageId
0x11:clientId
0x15:timeToLive
这里我的猜测停止了,“时间”/“印章”似乎不起作用。当然,我无法理解所有其他字节是如何编码的(对象/数组等);
答案 0 :(得分:3)
使用Charles解析AMF! http://www.charlesproxy.com/documentation/additional/amf/
答案 1 :(得分:1)
0x43, 0x00, 0x68, 0xcd, 0x00, 0x01, 0x33, 0x11
1byte + 7bytes RTMP标头数据[0]
0x00, 0x05, 0x00, 0x40, 0x33, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05
Flex魔术字节,与调用版本,id等有关
0x11
启动AMF3数据
0x0a.....
AMF3对象和常规AMF3编码[1]
关于RTMP的注意事项,它将AMF数据块化为最小128字节,然后是单个头字节(不是AMF的一部分),例如上例中的0xc3。
答案 2 :(得分:1)
我从阅读开始
可以在Wikipedia上找到更多示例。
然后是你可能不需要的RTMP Specification。
接下来,您可以查看FluorineFX的源代码。这让我开始理解事情。 Sources FluorineFX。我所做的是在FluorineFX源代码中设置断点,然后从Flex应用程序进行调用。然后我可以通过FluorineFX源代码来理解事物(我旁边有AMF规范)。
规范很难阅读,但它们实际上只需要解析字节。
也许还要看看this JavaScript AMF project。