aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/lib/protocols/http.c6
-rw-r--r--tests/pcap/xiaomi.pcapbin6044 -> 12323 bytes
-rw-r--r--tests/pcap/xiaomi2.pcapbin6252 -> 0 bytes
-rw-r--r--tests/result/xiaomi.pcap.out19
-rw-r--r--tests/result/xiaomi2.pcap.out9
5 files changed, 17 insertions, 17 deletions
diff --git a/src/lib/protocols/http.c b/src/lib/protocols/http.c
index 8f7f1c262..4b66a1da6 100644
--- a/src/lib/protocols/http.c
+++ b/src/lib/protocols/http.c
@@ -413,6 +413,12 @@ static void ndpi_http_parse_subprotocol(struct ndpi_detection_module_struct *ndp
ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_OOKLA, NDPI_PROTOCOL_HTTP, NDPI_CONFIDENCE_DPI);
}
}
+
+ if (flow->http.url != NULL &&
+ strstr(flow->http.url, "micloud.xiaomi.net") != NULL)
+ {
+ ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_XIAOMI, NDPI_PROTOCOL_HTTP, NDPI_CONFIDENCE_DPI);
+ }
}
}
diff --git a/tests/pcap/xiaomi.pcap b/tests/pcap/xiaomi.pcap
index 1197e5ff4..9eb4e7019 100644
--- a/tests/pcap/xiaomi.pcap
+++ b/tests/pcap/xiaomi.pcap
Binary files differ
diff --git a/tests/pcap/xiaomi2.pcap b/tests/pcap/xiaomi2.pcap
deleted file mode 100644
index 19da03f50..000000000
--- a/tests/pcap/xiaomi2.pcap
+++ /dev/null
Binary files differ
diff --git a/tests/result/xiaomi.pcap.out b/tests/result/xiaomi.pcap.out
index e6bd91d2a..de4c3ba62 100644
--- a/tests/result/xiaomi.pcap.out
+++ b/tests/result/xiaomi.pcap.out
@@ -1,11 +1,14 @@
-Guessed flow protos: 0
+Guessed flow protos: 1
-DPI Packets (TCP): 7 (1.75 pkts/flow)
-Confidence DPI : 4 (flows)
+DPI Packets (TCP): 19 (2.71 pkts/flow)
+Confidence DPI : 7 (flows)
-Xiaomi 18 5123 4
+Xiaomi 52 11467 7
- 1 TCP 115.164.74.232:5222 <-> 192.168.247.13:38018 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][4 pkts/456 bytes <-> 3 pkts/1283 bytes][Goodput ratio: 40/85][149.32 sec][Hostname/SNI: 47.241.35.73][bytes ratio: -0.476 (Download)][IAT c2s/s2c min/avg/max/stddev: 143/153 49772/74586 149015/149020 70175/74434][Pkt Len c2s/s2c min/avg/max/stddev: 74/78 114/428 172/980 41/395][User-Agent: M2010J19SG][PLAIN TEXT (xiaomi.com)][Plen Bins: 34,0,16,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 97.39.119.172:5222 <-> 192.168.93.59:51488 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][3 pkts/377 bytes <-> 2 pkts/1249 bytes][Goodput ratio: 45/89][0.25 sec][Hostname/SNI: 47.241.59.87][User-Agent: M2101K7BG][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 3 TCP 115.164.74.232:5222 <-> 192.168.244.219:45904 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][3 pkts/378 bytes <-> 2 pkts/1244 bytes][Goodput ratio: 45/89][0.26 sec][Hostname/SNI: 47.241.35.73][User-Agent: Redmi Note 9S][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 4 TCP 47.241.7.88:5222 -> 10.52.151.160:39180 [VLAN: 208][proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 1 TCP 192.168.2.100:45106 <-> 18.193.233.122:5222 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][8 pkts/2061 bytes <-> 7 pkts/1063 bytes][Goodput ratio: 74/56][359.14 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net2-2117517874.eu-central-1.elb.amazonaws.com][bytes ratio: 0.319 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/1 59816/100 358553/211 133599/79][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 258/152 1014/488 311/142][User-Agent: Redmi Note 8T][PLAIN TEXT (xiaomi.com)][Plen Bins: 14,0,14,14,0,0,14,0,0,0,14,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 2 TCP 192.168.2.100:37708 <-> 3.127.176.74:5222 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][8 pkts/1983 bytes <-> 7 pkts/641 bytes][Goodput ratio: 73/27][455.15 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net1-1667981913.eu-central-1.elb.amazonaws.com][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 75808/90740 453408/453409 168869/181335][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/92 999/171 303/39][User-Agent: Redmi Note 9 Pro][PLAIN TEXT (xiaomi.com)][Plen Bins: 16,0,16,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 3 TCP 115.164.74.232:5222 <-> 192.168.247.13:38018 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][4 pkts/456 bytes <-> 3 pkts/1283 bytes][Goodput ratio: 40/85][149.32 sec][Hostname/SNI: 47.241.35.73][bytes ratio: -0.476 (Download)][IAT c2s/s2c min/avg/max/stddev: 143/153 49772/74586 149015/149020 70175/74434][Pkt Len c2s/s2c min/avg/max/stddev: 74/78 114/428 172/980 41/395][User-Agent: M2010J19SG][PLAIN TEXT (xiaomi.com)][Plen Bins: 34,0,16,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 4 TCP 97.39.119.172:5222 <-> 192.168.93.59:51488 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][3 pkts/377 bytes <-> 2 pkts/1249 bytes][Goodput ratio: 45/89][0.25 sec][Hostname/SNI: 47.241.59.87][User-Agent: M2101K7BG][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 5 TCP 115.164.74.232:5222 <-> 192.168.244.219:45904 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][3 pkts/378 bytes <-> 2 pkts/1244 bytes][Goodput ratio: 45/89][0.26 sec][Hostname/SNI: 47.241.35.73][User-Agent: Redmi Note 9S][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,25,25,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,25,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 6 TCP 192.168.2.100:48698 <-> 203.107.1.65:80 [proto: 7.287/HTTP.Xiaomi][ClearText][Confidence: DPI][cat: Web/5][3 pkts/530 bytes <-> 1 pkts/66 bytes][Goodput ratio: 66/0][0.49 sec][Hostname/SNI: 203.107.1.65][URL: 203.107.1.65/164566/sign_d?host=appmarket.micloud.xiaomi.net&sdk=android_1.3.3&t=1650284179&s=762f2c07cf9262c61753f45b4117c232&sid=jccM7PF4XY0T&net=wifi&bssid=02%3A00%3A00%3A00%3A00%3A00][StatusCode: 0][User-Agent: Dalvik/2.1.0 (Linux; U; Android 10; Redmi Note 9 Pro MIUI/V12.0.3.0.QJZMIXM)][Risk: ** HTTP Numeric IP Address **][Risk Score: 10][PLAIN TEXT (GET /164566/sign)][Plen Bins: 0,0,0,0,0,0,0,0,0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
+ 7 TCP 47.241.7.88:5222 -> 10.52.151.160:39180 [VLAN: 208][proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][1 pkts/136 bytes -> 0 pkts/0 bytes][Goodput ratio: 48/0][< 1 sec][PLAIN TEXT (xiaomi.com)][Plen Bins: 0,0,100,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
diff --git a/tests/result/xiaomi2.pcap.out b/tests/result/xiaomi2.pcap.out
deleted file mode 100644
index 9bfa5f01b..000000000
--- a/tests/result/xiaomi2.pcap.out
+++ /dev/null
@@ -1,9 +0,0 @@
-Guessed flow protos: 0
-
-DPI Packets (TCP): 8 (4.00 pkts/flow)
-Confidence DPI : 2 (flows)
-
-Xiaomi 30 5748 2
-
- 1 TCP 192.168.2.100:45106 <-> 18.193.233.122:5222 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][8 pkts/2061 bytes <-> 7 pkts/1063 bytes][Goodput ratio: 74/56][359.14 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net2-2117517874.eu-central-1.elb.amazonaws.com][bytes ratio: 0.319 (Upload)][IAT c2s/s2c min/avg/max/stddev: 7/1 59816/100 358553/211 133599/79][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 258/152 1014/488 311/142][User-Agent: Redmi Note 8T][PLAIN TEXT (xiaomi.com)][Plen Bins: 14,0,14,14,0,0,14,0,0,0,14,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,14,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
- 2 TCP 192.168.2.100:37708 <-> 3.127.176.74:5222 [proto: 287/Xiaomi][Encrypted][Confidence: DPI][cat: Web/5][8 pkts/1983 bytes <-> 7 pkts/641 bytes][Goodput ratio: 73/27][455.15 sec][Hostname/SNI: fr-app-chat-global-xiaomi-net1-1667981913.eu-central-1.elb.amazonaws.com][bytes ratio: 0.511 (Upload)][IAT c2s/s2c min/avg/max/stddev: 2/0 75808/90740 453408/453409 168869/181335][Pkt Len c2s/s2c min/avg/max/stddev: 66/66 248/92 999/171 303/39][User-Agent: Redmi Note 9 Pro][PLAIN TEXT (xiaomi.com)][Plen Bins: 16,0,16,16,0,0,0,16,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,16,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0]
Powered by cgit, Themed by Ted Yin.