Beefy Boxes and Bandwidth Generously Provided by pair Networks
Welcome to the Monastery
 
PerlMonks  

Wireshark JSON to perl script

by Tux (Abbot)
on Jan 15, 2020 at 16:04 UTC ( #11111440=perlquestion: print w/replies, xml ) Need Help??

Tux has asked for the wisdom of the Perl Monks concerning the following question:

Before I even try to think if it would be possible at all, I want to ask if there is a monk or group of monks that has tried this before:

I have a Wireshark JSON output froom the communication of an application with a connected device.

What I want is a script that translates this JSON log into a perl script that reproduces this communication.

In theory the log contains all the requirements: if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet.

The returned data - if this works - can then be compared to the returning packet in the JSON log etc etc.

Ideas? Links? Existing attempts?


Enjoy, Have FUN! H.Merijn

Replies are listed 'Best First'.
Re: Wireshark JSON to perl script
by haukex (Chancellor) on Jan 15, 2020 at 16:11 UTC

    I don't know about Perl, but have you taken a look at https://wiki.wireshark.org/Tools#Traffic_generators? (at first glance, most of these appear to require pcap format, though)

    Update: Also, at what level do you want to generate these packets? I.e. do you need to spoof MACs, or do you just want to replay the contents of a TCP stream?

      I will have a look at the tools.

      No need to do MAC stuff. It is most likely UDP related, but I did not yet dig deep. Playing with the idea first.


      Enjoy, Have FUN! H.Merijn
Re: Wireshark JSON to perl script
by LanX (Archbishop) on Jan 15, 2020 at 16:25 UTC
    > Ideas? Links? Existing attempts?

    I've never used wireshark and would need to see a SSCCE before commenting in deep.

    > if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet.

    Well what hinders you to create a package Wireshark::Replay with subs

    • eth()
    • ip()
    • udp()

    which are sequentially fed with the data snippets to reproduce the traffic?

    Cheers Rolf
    (addicted to the Perl Programming Language :)
    Wikisyntax for the Monastery FootballPerl is like chess, only without the dice

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://11111440]
Approved by haukex
Front-paged by marto
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others wandering the Monastery: (6)
As of 2020-02-18 15:12 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What numbers are you going to focus on primarily in 2020?










    Results (76 votes). Check out past polls.

    Notices?