mlol yes yes configuration hacksery!HEAD master

author: Sigma-Ohio <crt@teleco.ch> 2025-06-18 16:06:16 +0200
committer: Sigma-Ohio <crt@teleco.ch> 2025-06-18 16:06:16 +0200
commit: d3d802ebce9f8ab46bbf154c144a84f73adebdbc (patch)
tree: 7f50d6f052bf8854b47bead22c796f6dbfa3f6df /executables/extract-tcp.sh
parent: cd31f7ba5054140ec37f3c1762643979d4da61ad (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/executables/extract-tcp.sh b/executables/extract-tcp.sh
new file mode 100644
index 0000000..26a6f91
--- /dev/null
+++ b/executables/extract-tcp.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+# Usage: ./extract-tcp.sh input.pcap output.txt
+
+if [ "$#" -ne 2 ]; then
+    echo "Usage: $0 <input.pcap> <output.txt>"
+    exit 1
+fi
+
+INPUT="$1"
+OUTPUT="$2"
+
+# Extract TCP packet information with headers and payload data
+tshark -r "$INPUT" -Y "tcp" -T fields \
+    -e data \
+    -e frame.number \
+    -e frame.time_relative \
+    -e ip.src \
+    -e ip.dst \
+    -e tcp.srcport \
+    -e tcp.dstport \
+    -e tcp.seq \
+    -e tcp.ack \
+    -e tcp.flags \
+    -e tcp.flags.syn \
+    -e tcp.flags.ack \
+    -e tcp.flags.fin \
+    -e tcp.flags.reset \
+    -e tcp.flags.push \
+    -e tcp.len \
+    -E header=y \
+    -E separator="|" > "$OUTPUT"
+
+echo "TCP packet analysis written to $OUTPUT"
+echo "Format: HexData|Frame#|Time|SrcIP|DstIP|SrcPort|DstPort|Seq|Ack|Flags|SYN|ACK|FIN|RST|PSH|DataLen"
author	Sigma-Ohio <crt@teleco.ch>	2025-06-18 16:06:16 +0200
committer	Sigma-Ohio <crt@teleco.ch>	2025-06-18 16:06:16 +0200
commit	d3d802ebce9f8ab46bbf154c144a84f73adebdbc (patch)
tree	7f50d6f052bf8854b47bead22c796f6dbfa3f6df /executables/extract-tcp.sh
parent	cd31f7ba5054140ec37f3c1762643979d4da61ad (diff)