from the apk
============

in the kelimelik apk (found on http://he2apps.com/kelimelik/ but could
be captured at install time on the android device with mitmproxy) there
is assets/resource.car.
This is an archive file. First the table of files then the files.
It contains compiled lua files.
showfiles.c (use as showfiles < resource.car) gives the name and offset.
extract.c extracts the data (used in the easy to generate extract.sh).
actions.txt was obtained with some sort of grep/strings/whatever I don't
remember on the .lu files.
*.lu.txt where disassembled from the .lu with ChunkSpy-0.9.8 (see disas.sh).
Use them to know what arguments take the GameModule_XX stuff.
The kelimelik client (you) sends GameModule_requestXX as far as I know.
Others are replies from server.

from the network
================

The protocol android<->server is captured by using the PC as a
transparent proxy with iptables. Just run:
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

Then configure the android device to use the PC has a default
gateway.

And then capture traffic with tcpdump. Analyze with tcptrace-6.6.7.
Then read packets and understand the format. Read source code
of my kelimelik client to understand.

logged2raw.c, play.c and packets.c were used in the analysis.