#!C:/Perl/bin/Perl.exe -w
use strict;
use warnings;
use Carp qw (cluck confess croak);
use Net::Pcap;
use NetPacket;
use NetPacket::Ethernet qw(:strip);
use NetPacket::IP;
use NetPacket::UDP;
use NetPacket::TCP;
use List::Util qw( sum );

my $err;
my $pcap = Net::Pcap::pcap_open_offline('FILE LOCATION', \$err) or confess;

Net::Pcap::pcap_loop($pcap,-1,\&process_packet,undef);

sub process_packet {
    my ($user_data, $header, $packet) = @_;
	my $rec = parse_packet($packet);
	
    
}
sub parse_packet {
	my $packet = shift;
	my $ip_obj=NetPacket::IP->decode(eth_strip($packet));
	my $udp_obj=NetPacket::UDP->decode($ip_obj->{data});
	my $hexString=unpack("H$udp_obj->{len}",$udp_obj->{data});
    if(substr($hexString,0,2) eq '03' && $udp_obj->{len} > 3) {
#        print "UDP OBJ LEN: $udp_obj->{len} : ".substr($hexString,0,$udp_obj->{len})."\n";
        my $xorKey=substr($hexString,2,4);
        my $encryptedData=substr($hexString,6,$udp_obj->{len});
        my $decryptedData=sum(map(hex,unpack '(a4)*',$encryptedData)) & map(hex,unpack '(a4)*',$xorKey);
        print $decryptedData."\n";
#        my @inBytes=unpack("(A2)*",$hexString);
#        my $xorKey="$inBytes[1]$inBytes[2]";
#        print $xorKey ^ (sum(map (hex,unpack '(a4)*',substr($hexString,2,$udp_obj->{len}))));
    }
    
}