PCAP Files
Cameron Simpson
cs at zip.com.au
Fri Apr 26 02:52:28 EDT 2013
On 25Apr2013 21:55, Hasil Sharma <hasilsharma7 at gmail.com> wrote:
| I m having network dumps in the form of pcap files and I want to
| extract the html,css, image files etc etc all that can be extracted
| from those pcap files , can anyone please tell me how to accomplish
| such a task in python ?
I would reassemble the TCP packets into data streams and then handle
them to an HTTP or MIME parser. For the first part, have you tried
a google search? Like this:
https://www.google.com.au/search?q=reassemble+pcap+files+into+tcp+streams
Looks promising, particularly the "streams" and "tcpreplay" stuff.
Or even search the Python Package Index for "pcap", even indirectly via google:
https://www.google.com.au/search?q=pypi+pcap&ie=utf-8&oe=utf-8&aq=t&rls=org.mozilla:en-GB:official&client=firefox-beta&channel=fflb
Then just handle the data streams to a normal Python MIME parser
to figure out what's in them.
Cheers,
--
Cameron Simpson <cs at zip.com.au>
I have come here to chew bubblegum and kick ass, and I'm all out of
bubblegum. - Roddy Piper
More information about the Python-list
mailing list