diff options
| author | Sigma-Ohio <crt@teleco.ch> | 2025-06-18 16:06:16 +0200 |
|---|---|---|
| committer | Sigma-Ohio <crt@teleco.ch> | 2025-06-18 16:06:16 +0200 |
| commit | d3d802ebce9f8ab46bbf154c144a84f73adebdbc (patch) | |
| tree | 7f50d6f052bf8854b47bead22c796f6dbfa3f6df /executables | |
| parent | cd31f7ba5054140ec37f3c1762643979d4da61ad (diff) | |
Diffstat (limited to 'executables')
| -rw-r--r-- | executables/extract-tcp.sh | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/executables/extract-tcp.sh b/executables/extract-tcp.sh new file mode 100644 index 0000000..26a6f91 --- /dev/null +++ b/executables/extract-tcp.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# Usage: ./extract-tcp.sh input.pcap output.txt + +if [ "$#" -ne 2 ]; then + echo "Usage: $0 <input.pcap> <output.txt>" + exit 1 +fi + +INPUT="$1" +OUTPUT="$2" + +# Extract TCP packet information with headers and payload data +tshark -r "$INPUT" -Y "tcp" -T fields \ + -e data \ + -e frame.number \ + -e frame.time_relative \ + -e ip.src \ + -e ip.dst \ + -e tcp.srcport \ + -e tcp.dstport \ + -e tcp.seq \ + -e tcp.ack \ + -e tcp.flags \ + -e tcp.flags.syn \ + -e tcp.flags.ack \ + -e tcp.flags.fin \ + -e tcp.flags.reset \ + -e tcp.flags.push \ + -e tcp.len \ + -E header=y \ + -E separator="|" > "$OUTPUT" + +echo "TCP packet analysis written to $OUTPUT" +echo "Format: HexData|Frame#|Time|SrcIP|DstIP|SrcPort|DstPort|Seq|Ack|Flags|SYN|ACK|FIN|RST|PSH|DataLen" |