expliot.core.common.pcaphelper¶
Helper for pacp files.
Module Contents¶
Classes¶
Helper class to create pcap frame to write in pcap file. |
|
Helper class to create and write data to the pcap file. |
Functions¶
|
Opens pcap file for reading. |
Attributes¶
- expliot.core.common.pcaphelper.PCAPH_MAGIC_NUM_BE = 2712847316¶
- expliot.core.common.pcaphelper.PCAPH_MAGIC_NUM_LE = 3569595041¶
- expliot.core.common.pcaphelper.PCAPH_MAGIC_NUM_BE_NS = 2712812621¶
- expliot.core.common.pcaphelper.PCAPH_MAGIC_NUM_LE_NS = 20740616865¶
- expliot.core.common.pcaphelper.PCAPH_VER_MAJOR = 2¶
- expliot.core.common.pcaphelper.PCAPH_VER_MINOR = 4¶
- expliot.core.common.pcaphelper.PCAPH_THISZONE = 0¶
- expliot.core.common.pcaphelper.PCAPH_SIGFIGS = 0¶
- expliot.core.common.pcaphelper.PCAPH_SNAPLEN = 65535¶
- expliot.core.common.pcaphelper.WIRESHARK_GLB_HDR_LEN = 24¶
- expliot.core.common.pcaphelper.WIRESHARK_PKT_HDR_LEN = 16¶
- expliot.core.common.pcaphelper.SYS_LE_STR = little¶
- expliot.core.common.pcaphelper.SYS_BE_STR = big¶
- class expliot.core.common.pcaphelper.PcapFrame(packet, ts32=None)¶
Helper class to create pcap frame to write in pcap file.
- __build_packet_pcap_hdr()¶
Build the packet header string with timestamp and length info.
- Returns
Packet header string
- get_pcap_frame()¶
Return packet header string and packet string.
- Returns
Packet header + packet string
- class expliot.core.common.pcaphelper.PcapDumper(datalink, filename)¶
Helper class to create and write data to the pcap file.
- write_to_pcapfile(pcapframe)¶
Write packet header and packet to pcap file.
- Parameters
pcapframe – pcap frame including packet header and packet
- expliot.core.common.pcaphelper.wireshark_dump_reader(filename)¶
Opens pcap file for reading. Read wireshark global header Identify file endienness and read next packet accordingly
- Parameters
filename – pcap file name to be rad from disk
TODO: Test magic number for BE machine
