You are browsing as a guest. Sign up (or log in) to start making projects!

Open comments for this post

@satvikhardat on JSON to Protobuf Editor

24m 2s logged

I am a ethical hacker and a bug bounty hunter, currently top 100 on google vrp, whenever i want to hack google based targets, they use protbuf everywhere i see like every single place, its all just protobuf encoded as base64, but the CLI tools that we have to decode and edit protobuf are too complex, like if you wish to just edit a single field in a proto blob, you would have to ask chatgpt to write a whole script using some random magicaly proto lib that i never seemed to understand, so instead i thought why not have a live mode editor that can show you the json of a pasted proto blob and you can easily edit the json and the changes would refect to the proto.

Right now, the workflow is painful.

You copy the base64 blob, decode it, run something like protoc --decode_raw, stare at numeric field IDs, guess what each field means, then if you want to modify even one field, you usually need to write a custom script with some random Protobuf library. Most of the time I end up asking ChatGPT to generate a Python script, then debugging that script, then trying to re-encode the payload correctly.

The idea is simple:

Paste a Protobuf blob, decode it into a JSON-like structure, edit the JSON, and instantly get the updated Protobuf output back.

No schema required.

The main mode will be schemaless. If the payload has fields like 1, 2, 3, the editor should show them as editable JSON keys. For example:

{
“1”: “satvik”,
“2”: 16,
“3”: true,
“4”: {
“1”: “nested-value”
}
}

Then if I change field 2 from 16 to 17, the Protobuf output should update automatically.

The hard part is that Protobuf without a schema is ambiguous. A length-delimited field could be a string, raw bytes, a nested message, or packed repeated values. A varint could be an integer, boolean, enum, or something else. So the editor needs to show possible interpretations instead of pretending it knows everything.

This is mainly built for bug bounty hunters, reverse engineers, API testers, and developers who work with Protobuf APIs but don’t want to fight CLI tools every time they need to edit one field.

The end goal is:

Edit raw Protobuf like JSON. No schema required.

(attached image is a protbuf response from a google api, you can see why its hard to work with protobuf)

0
1

Comments 0

No comments yet. Be the first!