2

I want to parse HTTP2 data with Python

The start of stream is PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n that OK.

The next packet is \x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x04\x01\x00\x00\x00

Next packet is : \x00\x00\x04\x08\x00\x00\x00\x00\x00\x00\xff\x00\x01

How can I parse it with Python please .

When I put this data in Wireshark and parse it as HTTP2 I see that as well. But I want to do that only with Python

Improve this question

2 Answers 2

Reset to default
1

The start of your stream is the HTTP/2 Connection preface, that is the start of a HTTP/2 connection. After the preface has been sent initial settings must be established. This is done directly after the connection preface with an SETTINGS frame. So to parse the packets you must follow each bit(s) or byte(s) and determine what they mean per the protocol. So to help you out, the first bit in your first byte \x00 is zero (00000000, just a heads up, bits are read left to right in a protocol, but values are right to left), which means that the sender must supply its own settings in the settings frame.

IETF Hypertext Transfer Protocol Version 2 (HTTP/2)

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

there is no script that can parse it? If I care only about data. Is this data can be xor or something like that?
1

You can parse it with scapy. First import necessary module and define your packets:

from scapy.contrib.http2 import *
pkt0 = b"PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"
pkt1 = b"\x00\x00\x06\x04\x00\x00\x00\x00\x00\x00\x04\x01\x00\x00\x00"
pkt2 = b"\x00\x00\x04\x08\x00\x00\x00\x00\x00\x00\xff\x00\x01"

Then you can confirm that the first packet is a preface, parse the other packets and display them:

assert pkt0 == H2_CLIENT_CONNECTION_PREFACE
frame1 = H2Frame(pkt1)
frame2 = H2Frame(pkt2)
frame1.show()
'''
###[ HTTP/2 Frame ]###
  len       = 0x6
  type      = SetFrm
  flags     = set()
  reserved  = 0
  stream_id = 0
###[ HTTP/2 Settings Frame ]###
     \settings  \
      |###[ HTTP/2 Setting ]###
      |  id        = Initial window size
      |  value     = 16777216
'''
frame2.show()
'''
###[ HTTP/2 Frame ]###
  len       = 0x4
  type      = WinFrm
  flags     = set()
  reserved  = 0
  stream_id = 0
###[ HTTP/2 Window Update Frame ]###
     reserved  = 0
     win_size_incr= 16711681
'''

Or you can parse them together:

frame_sequence = H2Seq(pkt1 + pkt2)
frame_sequence.show()
'''
###[ HTTP/2 Frame Sequence ]###
  \frames    \
   |###[ HTTP/2 Frame ]###
   |  len       = 0x6
...
'''

frame_sequence.frames is a list of H2Frame frames. To access the payload, use the payload property. For example: frame1.payload.settings[0].value, frame2.payload.win_size_incr.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.