Figuring out… PacketTracer!

For my study we have tot work with a program called packettracer.

This is a piece of software wich let you build a computer network and simulates how it works.

It works quiet simple, you log in to the website, download the lesson, enter your username and password and you are ready to go! And when you are done you can magically see your score on the website.

So this makes me wonder how it actually works and how it is able to keep track of your progress.

So I started of by pulling out wireshark to see any  communication between the local program and the website and surprisingly the program reports back over http (not even https) and we can see a few things happening when we login.

First the program sends back the username, password, some lession id and an lesson hash.

In which the server responds with a logged in message.

after this you are able to make the tasks you have tot do and when finished it will send some encoded data back to the server which will then update the score’s.

This makes me curious what it exactly sends back and how it knows how to encode it.

so at this point I have to figure out what extra data is packed in the .pka file.

This can theoretically be accomplished in two ways first is by deciphering the .pka file to a xml file and second is by tricking the program to enter the activity wizard (since this is password protected)

I dicided to try and decypher the file first.

After a bit of searching on the interwebs I came across this post from a guy who made some QTcode to convert a pka file to XML by using qUncompress.

So I copied the code, had a lot of struggles with the syntaxis and . . . nothing happened.

Over time they changed the method that they use to encode the pka file so the program is unable to convert the file

 

Edit 11-4-17: the piece of code that asks for a password is on line 95980

Continue?  Packet Tracer   O L L Y D B G   Please enter the password:  Password? — Packet Tracer      % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s     a   b   var muval = false; if(a == b)  muval = true;    var ipcval = false; if(a == b) ipcval = true;   var mwval = false; if(a == b) mwval = true; var instr = false; if(a == b) instr = true; var actval = false; if(a == b) actval = true;       return ((a == b) && muval  && ipcval && mwval && actval && instr);      % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s % s     Activity Wizard eng if( (a == b)  && muval  && ipcval && mwval && actval && instr ) eng.show(); a == b; The password you entered is incorrect!  Incorrect Password — Packet Tracer &Cancel &No &Yes    Do you want to use the current network as the answer network?   Use as the Answer Network? — Packet Tracer  Delete all device dialogs      EVENT_MANAGER.processEvents(InitializeActivityEvent.prototype.Type) /PT.conf.bak    /PT.conf.bak    Activity Wizard 1-1 tutorials.htm   index.htm   http://ptbugs.netacad.net   http://cisco.netacad.net/go/pt  http://ptbugs.netacad.net   /   /../help/   /   /../help/   /../help/default/   Menu Save   com.yourcompany.NewPTScriptModule   New PT Script Module    Please use the Scripting page of Activity Wizard to edit an activity file’s script module. Select Advanced profile in the Welcome page of Activity Wizard to enable the Scripting page. Packet Tracer   Please enter the script module password:    Password? — Packet Tracer  The password you entered is incorrect!  Incorrect Password — Packet Tracer Network Description:    /../Sounds/pullDown.wav Packet Tracer Network File (*.pkt)  /saves  Save File   .pkt    .pkt

Leave a Reply

Your email address will not be published. Required fields are marked *