Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]


Groups > comp.lang.python > #37393 > unrolled thread

Parse a Wireshark pcap file

Started byKevin Holleran <kdawg44@gmail.com>
First post2013-01-22 20:32 -0500
Last post2013-01-23 21:50 +0000
Articles 2 — 2 participants

Back to article view | Back to comp.lang.python


Contents

  Parse a Wireshark pcap file Kevin Holleran <kdawg44@gmail.com> - 2013-01-22 20:32 -0500
    Re: Parse a Wireshark pcap file Grant Edwards <invalid@invalid.invalid> - 2013-01-23 21:50 +0000

#37393 — Parse a Wireshark pcap file

FromKevin Holleran <kdawg44@gmail.com>
Date2013-01-22 20:32 -0500
SubjectParse a Wireshark pcap file
Message-ID<mailman.853.1358904722.2939.python-list@python.org>

[Multipart message — attachments visible in raw view] — view raw

Is there a way to parse out a wireshark pcap file and extract key value
pairs from the data?  I am illustrated a sniff of some traffic and why it
needs utilize HTTPS instead of HTTP but I was hoping to run the pcap
through a python script and just output some interesting key value
pairs....

Thanks for your help.

Kevin

[toc] | [next] | [standalone]


#37505

FromGrant Edwards <invalid@invalid.invalid>
Date2013-01-23 21:50 +0000
Message-ID<kdpm03$t8i$2@reader1.panix.com>
In reply to#37393
On 2013-01-23, Kevin Holleran <kdawg44@gmail.com> wrote:

> Is there a way to parse out a wireshark pcap file and extract key value
> pairs from the data?

You can use pylibpcap to read pcap files (or to capture live data).
I'm afraid I don't know what "parse out" or "extract key value pairs"
means.  pylibpcap doesn't have access to any of wireshark's packet
disecter plugins, if that's what you're after.

> I am illustrated a sniff of some traffic and why it needs utilize
> HTTPS instead of HTTP but I was hoping to run the pcap through a
> python script and just output some interesting key value pairs....

To what does "key value pairs" refer?

-- 
Grant Edwards               grant.b.edwards        Yow! I am a traffic light,
                                  at               and Alan Ginzberg kidnapped
                              gmail.com            my laundry in 1927!

[toc] | [prev] | [standalone]


Back to top | Article view | comp.lang.python


csiph-web