Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.python > #37505

Re: Parse a Wireshark pcap file

Path csiph.com!v102.xanadu-bbs.net!xanadu-bbs.net!news.glorb.com!border3.nntp.dca.giganews.com!border1.nntp.dca.giganews.com!nntp.giganews.com!news-out.readnews.com!transit3.readnews.com!panix!not-for-mail
From Grant Edwards <invalid@invalid.invalid>
Newsgroups comp.lang.python
Subject Re: Parse a Wireshark pcap file
Date Wed, 23 Jan 2013 21:50:59 +0000 (UTC)
Organization PANIX Public Access Internet and UNIX, NYC
Lines 20
Message-ID <kdpm03$t8i$2@reader1.panix.com> (permalink)
References <mailman.853.1358904722.2939.python-list@python.org>
NNTP-Posting-Host dsl.comtrol.com
X-Trace reader1.panix.com 1358977859 29970 64.122.56.22 (23 Jan 2013 21:50:59 GMT)
X-Complaints-To abuse@panix.com
NNTP-Posting-Date Wed, 23 Jan 2013 21:50:59 +0000 (UTC)
User-Agent slrn/1.0.1 (Linux)
Xref csiph.com comp.lang.python:37505

Show key headers only | View raw


On 2013-01-23, Kevin Holleran <kdawg44@gmail.com> wrote:

> Is there a way to parse out a wireshark pcap file and extract key value
> pairs from the data?

You can use pylibpcap to read pcap files (or to capture live data).
I'm afraid I don't know what "parse out" or "extract key value pairs"
means.  pylibpcap doesn't have access to any of wireshark's packet
disecter plugins, if that's what you're after.

> I am illustrated a sniff of some traffic and why it needs utilize
> HTTPS instead of HTTP but I was hoping to run the pcap through a
> python script and just output some interesting key value pairs....

To what does "key value pairs" refer?

-- 
Grant Edwards               grant.b.edwards        Yow! I am a traffic light,
                                  at               and Alan Ginzberg kidnapped
                              gmail.com            my laundry in 1927!

Back to comp.lang.python | Previous | NextPrevious in thread | Find similar | Unroll thread


Thread

Parse a Wireshark pcap file Kevin Holleran <kdawg44@gmail.com> - 2013-01-22 20:32 -0500
  Re: Parse a Wireshark pcap file Grant Edwards <invalid@invalid.invalid> - 2013-01-23 21:50 +0000

csiph-web