- P2Pストリーミングの一つ.MacOSXにも対応しているらしい.
- 以下のようなログサーバーと思われるものへのPOSTアクセスを行う.
POST //log/normal/ HTTP/1.0
Date: (日付)
Host: log.octoshape.net
Octoshape-Client: (ユーザー名)
Octoshape-Version: L03-N00-U00_0701160
Content-Length: 1083
Octoshape-Type: 1
Octoshape-ProgramType: OctoUpdater
HTTP/1.0 200 OK
Date:(日付)
Octoshape-LLevel: 0
Host: (アクセス者のIPアドレス):(ポート番号)
Content-Length: 0
- 以下のようなバージョンチェックPOSTアクセスを行う.
POST /update/client-1 HTTP/1.0
Host: update.octoshape.org
Accept-Charset: UTF8
Content-Length: 162
Content-Type: application/x-www-form-urlencoded
inv=&variant=&id=(ユーザー名)&group=&language=en&platform=osx_i386&caller=updater&platformversion=&seed=1179462431730&version=L03_0E-N00_1F_900-U00_0701160_900
- 以下のようなアクセスを行い自身のIPアドレスを調べさせる(?)
GET /proxytest/protocol2 HTTP/1.0
*Hello wo####
-
- ポートはTCP80番以外に443,27298等も使われる,443を使ってはいても暗号化がされているわけではない.
- NAT越えのため?
- Host:ヘッダーがないが,アクセスしているのはproxyexam.octoshape.netもしくはdirserver.octoshape.net.
- proxyexam.octoshape.netからUDPソースポート5060,554,53664,6970,デスティネーションポート8247へ向けてのアクセスがある.内容は
<info ip="アクセス者のIPアドレス"/>
- 以下のようなPOSTアクセスを行う.アクセスすべきサーバーやポートの情報であるらしい.
POST //stats/post/ HTTP/1.0
Content-Type: application/x-octolog
Octoshape-ProgramType: OctoClient
Octoshape-Client: (ユーザー名)
Octoshape-Type: 3
Date: (日付)
Host: statlog.octoshape.org
Content-Length: 108
Octoshape-Version: L03-N00-U00-C00_070507A
HTTP/1.0 200 OK
Content-Type: text/xml; charset=us-ascii
Date: (日付)
Content-Length: 1212
Expires: (日付に同じ)
<octodir softttl="300" ttl="86400">
<currentSpams key="spamlist" softttl="86400" XMLHASH="72vLPJ"/>
<menu key="menu." softttl="86400" XMLHASH="VxfR6-"/>
<menu key="menu." softttl="86400" XMLHASH="VxfR6-"/>
<alternatives key="timeservers" XMLHASH="KLHlgi">
<serveraddrs id="LSWB35_MISCSERVER">
<prefixstream ip="85.17.103.65" port="80,443" prefix="123" reuseAddr="true"/>
<http ipp="85.17.103.65:80" reuseAddr="true" root="/octotime"/>
<octogram ip="85.17.103.65" octoport="123" port="554,5060,6970"/>
</serveraddrs>
<serveraddrs id="SBCH10_MISCSERVER">
<prefixstream ip="64.34.178.8" port="80,443" prefix="123" reuseAddr="true"/>
<http ipp="64.34.178.8:80" reuseAddr="true" root="/octotime"/>
<octogram ip="64.34.178.8" octoport="123" port="554,5060,6970"/>
</serveraddrs>
<serveraddrs id="VOXL13_MISCSERVER">
<prefixstream ip="69.9.191.78" port="80,443" prefix="123" reuseAddr="true"/>
<http ipp="69.9.191.78:80" reuseAddr="true" root="/octotime"/>
<octogram ip="69.9.191.78" octoport="123" port="554,5060,6970"/>
</serveraddrs>
</alternatives>
<currentSpams key="spamlist." softttl="86400" XMLHASH="4YLm68"/>
</octodir>
- このhttp ippとして挙げられたアドレスとポート80にPOSTアクセスする.NATサーバーという文字列が見られる
POST /octodir/v1 HTTP/1.0
Content-Type: text/plain
Host: 85.17.103.65:80
Content-Length: 44
udpnatservers VxfR6- menu. tcpnatservers
HTTP/1.0 200 OK
Content-Type: text/xml; charset=us-ascii
Date: (日付)
Content-Length: 677
Expires: (同じ日付)
<octodir softttl="300" ttl="86400">
<_natserver key="tcpnatservers" XMLHASH="eitUuD">
<element ip1="206.51.230.21" ip2="206.51.230.22" port1="12550" port2="12560"/>
<element ip1="70.84.223.164" ip2="70.84.223.165" port1="12550" port2="12560"/>
<element ip1="85.17.11.135" ip2="85.17.11.136" port1="12550" port2="12560"/> </_natserver>
<_natserver key="udpnatservers" XMLHASH="ia-A6y">
<element ip1="206.51.230.21" ip2="206.51.230.22" port1="12500" port2="12520"/>
<element ip1="70.84.223.164" ip2="70.84.223.165" port1="12500" port2="12520"/>
<element ip1="85.17.11.135" ip2="85.17.11.136" port1="12500" port2="12520"/> </_natserver>
</octodir>
- 同じサーバーのポート443にアクセスする.POSTするURLは同じ
POST /octodir/v1 HTTP/1.0
Content-Type: text/plain
Host: 85.17.103.65:443
Content-Length: 47
STREAMLINK.PARADISE.STREAM1_AAC VxfR6- menu.
HTTP/1.0 200 OK
Content-Type: text/xml; charset=us-ascii
Date: Fri, 18 May 2007 04:30:54 GMT
Content-Length: 1692
Expires: Fri, 18 May 2007 04:30:54 GMT
<octodir softttl="300" ttl="86400">
<channel key="STREAMLINK.PARADISE.STREAM1_AAC" name="PARADISE.stream1_aac" playfilename="PARADISEstream1aac" softttl="30" XMLHASH="E.73Uv">
<stream maxbitrate="70000" name="PARADISE.stream1_aac" streamtype="aac">
<serveraddrs group="EU.NL.LSWB" id="LSWB17_GRID_PARADISE.stream1_aac" prio="100" publish="true" service="gridstream">
<prefixstream ipp="85.17.35.195:41000" prefix="27" reuseAddr="true"/>
</serveraddrs>
<serveraddrs group="US.NEWYORK.VOXL" id="VOXL11_UNICAST_DIV3" prio="400" publish="true" service="unicaststream">
<http ipp="69.9.191.76:80" nodelay="read" reuseAddr="true" root="/pull"/>
<octostream ipp="69.9.191.76:7000" octoport="38" protocol="rpacket2"/>
<prefixstream ipp="69.9.191.76:443" prefix="124" reuseAddr="true"/>
</serveraddrs>
<serveraddrs group="EU.NL.LSWB" id="LSWB13_UNICAST_DIV3" prio="400" publish="true" service="unicaststream">
<http ipp="87.255.35.19:80" nodelay="read" reuseAddr="true" root="/pull"/>
<octostream ipp="87.255.35.19:7000" octoport="38" protocol="rpacket2"/>
<prefixstream ipp="87.255.35.19:443" prefix="124" reuseAddr="true"/>
</serveraddrs>
<serveraddrs group="US.CALIFORNIA.S4Y" id="S4Y02_UNICAST_DIV3" prio="400" publish="true" service="unicaststream">
<http ipp="69.64.58.44:80" nodelay="read" reuseAddr="true" root="/pull"/>
<octostream ipp="69.64.58.44:7000" octoport="38" protocol="rpacket2"/>
<prefixstream ipp="69.64.58.44:443" prefix="124" reuseAddr="true"/>
</serveraddrs>
</stream>
</channel>
</octodir>
- ここで挙げられたIPとポートにUDPアクセスする.内容はHTTP
POST / HTTP/1.0
Osh-octotime: 1179462655296
Content-Length: 0
Oshtcp-streamtype: YWFj
Oshtcp-position: 1179462632296
Oshtcp-description: T2N0b0NsaWVudCBMMDMtTjAwLVUwMC1DMDBfMDcwNTA3QSBwcm94eShHZW5VRFAsR2VuVENQKSB2YXJpYW50Og
Osh-stream: UEFSQURJU0Uuc3RyZWFtMV9hYWM
Osh-user: bmFrYWVfMzQ1MDY3OTk3
Osh-lan: nVIRhQTO
Osh-supported-versions: 200701300
Host: 69.64.58.44:7000
Osh-ses: MTE3OTQ2MjY1NDQ4NC0z
Osh-mode: pingop
Oshtcp-ses-counter: 1179462514921
HTTP/1.0 200 Ok
Osh-status: ok
Osh-prio: 149504
Osh-srchash: RQm/UAAAARKQ08F1
Osh-supported-versions: 200701300
Content-Length: 0
Osh-selected-version: 200701300
RPOST / HTTP/1.0
Content-Length: 0
Oshtcp-streamtype: YWFj
Oshtcp-position: 1179462632296
Oshtcp-description: T2N0b0NsaWVudCBMMDMtTjAwLVUwMC1DMDBfMDcwNTA3QSBwcm94eShHZW5VRFAsR2VuVENQKSB2YXJpYW50Og
Osh-stream: UEFSQURJU0Uuc3RyZWFtMV9hYWM
Osh-user: bmFrYWVfMzQ1MDY3OTk3
Osh-lan: nVIRhQTO
Osh-supported-versions: 200701300
Osh-ses: MTE3OTQ2MjY1NDQ4NC0z
Osh-mode: connect
Oshtcp-state: AAEALAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
Oshtcp-ses-counter: 1179462514922
HTTP/1.0 200 OK
Osh-status: ok
Expires:: Fri, 18 May 2007 04:30:56 GMT
Data:: Fri, 18 May 2007 04:30:56 GMT
Last-Modified:: Fri, 18 May 2007 04:30:56 GMT
Osh-prio: 149519
Osh-srchash: RQm/UAAAARKQ08F1
Cache-control: nocache, nostore
Osh-supported-versions: 200701300
Osh-selected-version: 200701300
Pragma: no-cache
Pragma: features=broadcast
- 以後UDPで自らもサーバーとなり配信を始める.UDPポートは双方とも8247が使われることが多いらしい.途中コントロール信号と思われる多数の"+"を含んだパケットやDon't Panic!という文字列を含んだパケットが見られる.
- octoshape.{org,net}のサーバーたち
64.34.178.8 |
dirserver.octoshape.net proxyexam.octoshape.net |
64.72.125.132 |
log.octoshape.net log.octoshape.org |
66.135.40.24 |
statlog.octoshape.org |
69.9.191.78 |
dirserver.octoshape.net proxyexam.octoshape.net |
70.84.223.164 |
octoshape.com sbeach04.octoshape.com sbeach10.octoshape.com www.octoshape.com |
72.51.38.219 |
update.octoshape.org |
85.17.1.159 |
sbeach04.octoshape.com sbeach10.octoshape.com www.octoshape.com |
85.17.1.160 |
statlog.octoshape.org |
85.17.103.50 |
update.octoshape.net |
85.17.103.65 |
dirserver.octoshape.org proxyexam.octoshape.org |
85.17.11.117 |
update.octoshape.org |