Decoding a tcp response

[Dujith]

I'm trying to decode a TCP response from a security system. 

If i want to see which zones are active (open door, movement ect) i will have to send data that will request that. 

send: FEFE00D7E2FE0D
reply: 0004200000000000000000000000000080

The 00 after FEFE will request zone status (rest is CRC and end of message)

The reply is the same 00 followed by a 16 or 32 bit message (depends on how big the security system is)

 

Now that part is confusing to me as the 04200000000000000000000000000080 should translate to zone 3,14 and 128 according to their documentation.

(This is the example message + zones they have in the doc)

However i cannot find how they do that nor is it in the doc.

I'm thinking that there is some obvious way to get those zones out of that number. But i cannot see it 

 

I'll mail them, but since its the weekend and this is bugging me and they might not answer me anytime soon. I thought i post it here.

 

Edit: Some additional information

The message above is a 16byte value which should be 128 zones. the 32byte value would be used by the 256 zones system.

So in my simple thinking: the 16byte value could never represent all 128 zones if 1 byte was just a zone number.

[Eigenvektor]

I'm guessing they are using bits as flags (so bits 3, 14 and 128 would be set) and you're also dealing with endianess

8        16       24       32
00000100 00100000 00000000 00000000 = 0x04200000

40       48       56       64
00000000 00000000 00000000 00000000 = 0x00000000

72       80       88       96
00000000 00000000 00000000 00000000 = 0x00000000

104      112      120      128
00000000 00000000 00000000 10000000 = 0x00000080

If you put all those hexadecimal numbers together, you get 0x0420000, 0x00000000, 0x00000000, 0x00000080

[Dujith]

@Eigenvektor

So the binary number from the message is: 00000100001000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000

 

8x 00000100 = 3

16x 00100000 = 14

24x 00000000 = empty

32x 00000000 = empty

40x 00000000 = empty

48x 00000000 = empty

56x 00000000 = empty

64x 00000000 = empty

72x 00000000 = empty

| 

|

128x 1000000 = 128

 

I see now, each time its an 8 bit block that has a range of values assigned to the bits. So in the 16 8 bit slot its 16-9. Not with the actual binary value but which bit is set.

8x 11000011 = 8,7,2 and 1

Now to implement this in python and i'm good to go  after i learn how to that in python ofc . Never to old to learn

 

[Eigenvektor]

5 hours ago, Dujith said:

I see now, each time its an 8 bit block that has a range of values assigned to the bits. So in the 16 8 bit slot its 16-9. Not with the actual binary value but which bit is set. Now to implement this in python and i'm good to go  after i learn how to that in python ofc . Never to old to learn

Yes, exactly It's a bitmask where each bit has a value/position, so they can just enable/disable the bit that corresponds to a certain zone. You probably want to look into bitwise operators, like &, |, << and >> (bitwise and, bitwise or, left shift and right shift). The first two are similar to the boolean operator && and ||, except those work on bits instead of boolean expressions.

 

For example you can do

0b00000001 & 0b00000001 --> 0b00000001
0b00000000 & 0b00000001 --> 0b00000000

0b11111111 & 0b00000001 --> 0b00000001

You can use the bitwise "and" operator to test whether a certain bit is set. For example you can do "value & 0b00000001" to test whether the first bit of "value" is non-zero.

 

You can use the right shift (>>) and left shift (<<) operators to move those bits around, for example

0b00000001 << 1 --> 0b00000010 // shift left by one position
0b00000010 >> 1 --> 0b00000001 // shift right by one position