Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?
 
PerlMonks  

Wireshark JSON to perl script

by Tux (Abbot)
on Jan 15, 2020 at 16:04 UTC ( #11111440=perlquestion: print w/replies, xml ) Need Help??

Tux has asked for the wisdom of the Perl Monks concerning the following question:

Before I even try to think if it would be possible at all, I want to ask if there is a monk or group of monks that has tried this before:

I have a Wireshark JSON output froom the communication of an application with a connected device.

What I want is a script that translates this JSON log into a perl script that reproduces this communication.

In theory the log contains all the requirements: if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet.

The returned data - if this works - can then be compared to the returning packet in the JSON log etc etc.

Ideas? Links? Existing attempts?


Enjoy, Have FUN! H.Merijn

Replies are listed 'Best First'.
Re: Wireshark JSON to perl script
by haukex (Chancellor) on Jan 15, 2020 at 16:11 UTC

    I don't know about Perl, but have you taken a look at https://wiki.wireshark.org/Tools#Traffic_generators? (at first glance, most of these appear to require pcap format, though)

    Update: Also, at what level do you want to generate these packets? I.e. do you need to spoof MACs, or do you just want to replay the contents of a TCP stream?

      I will have a look at the tools.

      No need to do MAC stuff. It is most likely UDP related, but I did not yet dig deep. Playing with the idea first.


      Enjoy, Have FUN! H.Merijn
Re: Wireshark JSON to perl script
by LanX (Archbishop) on Jan 15, 2020 at 16:25 UTC
    > Ideas? Links? Existing attempts?

    I've never used wireshark and would need to see a SSCCE before commenting in deep.

    > if the first entry to the device has eth, ip, and udp information, that should suffice to create a connection with given IP and port and send the data in the packet.

    Well what hinders you to create a package Wireshark::Replay with subs

    • eth()
    • ip()
    • udp()

    which are sequentially fed with the data snippets to reproduce the traffic?

    Cheers Rolf
    (addicted to the Perl Programming Language :)
    Wikisyntax for the Monastery FootballPerl is like chess, only without the dice

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: perlquestion [id://11111440]
Approved by haukex
Front-paged by marto
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others contemplating the Monastery: (3)
As of 2020-02-29 00:58 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    What numbers are you going to focus on primarily in 2020?










    Results (128 votes). Check out past polls.

    Notices?