Wireshark JSON to perl script

Tux has asked for the wisdom of the Perl Monks concerning the following question:

Before I even try to think if it would be possible at all, I want to ask if there is a monk or group of monks that has tried this before:

I have a Wireshark JSON output froom the communication of an application with a connected device.

What I want is a script that translates this JSON log into a perl script that reproduces this communication.

In theory the log contains all the requirements: if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet.

The returned data - if this works - can then be compared to the returning packet in the JSON log etc etc.

Ideas? Links? Existing attempts?

Enjoy, Have FUN! H.Merijn

Comment on Wireshark JSON to perl script Select or Download Code

Replies are listed 'Best First'.
Re: Wireshark JSON to perl script by haukex (Archbishop) on Jan 15, 2020 at 16:11 UTC
I don't know about Perl, but have you taken a look at https://wiki.wireshark.org/Tools#Traffic_generators? (at first glance, most of these appear to require pcap format, though) Update: Also, at what level do you want to generate these packets? I.e. do you need to spoof MACs, or do you just want to replay the contents of a TCP stream?	[reply]
Re^2: Wireshark JSON to perl script by Tux (Canon) on Jan 15, 2020 at 16:14 UTC
I will have a look at the tools. No need to do MAC stuff. It is most likely UDP related, but I did not yet dig deep. Playing with the idea first. Enjoy, Have FUN! H.Merijn	[reply]
Re: Wireshark JSON to perl script by LanX (Saint) on Jan 15, 2020 at 16:25 UTC
> Ideas? Links? Existing attempts? I've never used wireshark and would need to see a SSCCE before commenting in deep. > if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet. Well what hinders you to create a package `Wireshark::Replay` with subs eth() ip() udp() which are sequentially fed with the data snippets to reproduce the traffic? Cheers Rolf _{(addicted to the Perl Programming Language :) Wikisyntax for the Monastery FootballPerl is like chess, only without the dice}	[reply] [d/l]

Back to Seekers of Perl Wisdom