How to call VNC / RFB dissector from my lua dissector?
I can't find it in Dissector.list()
1 Answer
- Sort by
oldest newest most voted
1
VNC is not registered as a dissector. See end of packet-vnc.c:
#define VNC_PORT_RANGE "5500-5501,5900-5901"
proto_reg_handoff_vnc(void)
{
vnc_handle = create_dissector_handle(dissect_vnc, proto_vnc);
dissector_add_uint_range_with_preference("tcp.port", VNC_PORT_RANGE, vnc_handle);
heur_dissector_add("tcp", test_vnc_protocol, "VNC over TCP", "vnc_tcp", proto_vnc, HEURISTIC_ENABLE);
It's a subdissector to the tcp.port table.
There is an example of getting a subdissector at the end of the Wiki page for Lua/Dissectors:
local tcp_dissector_table = DissectorTable.get("tcp.port")
original_http_dissector = tcp_dissector_table:get_dissector(80)
Here is an example getting the VNC dissector based on the port number 5500:
local tcp_port_table = DissectorTable.get("tcp.port")
local vnc_dissector = tcp_port_table:get_dissector(5500)
print (vnc_dissector)
print "----------"
10/17/2021 1:34:40 PM Console opened 10/17/2021 1:35:08 PM VNC 10/17/2021 1:35:08 PM ----------
Comments
Is there a reason why it's not registered (and others like it)? Seems like adding the following to proto_register_vnc() would also fix this problem.
register_dissector("vnc", dissect_vnc, proto_vnc);
A sentence or two in the WSDG and/or README.dissector describing "subdissector" (and "sub-dissector" and "sub-protocol dissector" and "subprotocol dissector") might help to reason why not all dissectors (or in this case, subdissector) are registered in the dissector table.
Thanks! .
Your Answer
Please start posting anonymously - your entry will be published after you log in or create a new account.
This space is reserved only for answers. If you would like to engage in a discussion, please instead post a comment under the question or an answer that you would like to discuss.
Comments