diff options
Diffstat (limited to 'executables')
| -rw-r--r-- | executables/extract-tcp.sh | 34 | ||||
| -rw-r--r-- | executables/hexen.py | 2 |
2 files changed, 35 insertions, 1 deletions
diff --git a/executables/extract-tcp.sh b/executables/extract-tcp.sh new file mode 100644 index 0000000..26a6f91 --- /dev/null +++ b/executables/extract-tcp.sh @@ -0,0 +1,34 @@ +#!/bin/bash +# Usage: ./extract-tcp.sh input.pcap output.txt + +if [ "$#" -ne 2 ]; then + echo "Usage: $0 <input.pcap> <output.txt>" + exit 1 +fi + +INPUT="$1" +OUTPUT="$2" + +# Extract TCP packet information with headers and payload data +tshark -r "$INPUT" -Y "tcp" -T fields \ + -e data \ + -e frame.number \ + -e frame.time_relative \ + -e ip.src \ + -e ip.dst \ + -e tcp.srcport \ + -e tcp.dstport \ + -e tcp.seq \ + -e tcp.ack \ + -e tcp.flags \ + -e tcp.flags.syn \ + -e tcp.flags.ack \ + -e tcp.flags.fin \ + -e tcp.flags.reset \ + -e tcp.flags.push \ + -e tcp.len \ + -E header=y \ + -E separator="|" > "$OUTPUT" + +echo "TCP packet analysis written to $OUTPUT" +echo "Format: HexData|Frame#|Time|SrcIP|DstIP|SrcPort|DstPort|Seq|Ack|Flags|SYN|ACK|FIN|RST|PSH|DataLen" diff --git a/executables/hexen.py b/executables/hexen.py index 3f4b8ca..ec19edd 100644 --- a/executables/hexen.py +++ b/executables/hexen.py @@ -10,7 +10,7 @@ try: except ImportError: msvcrt = None # Will be None on non-Windows OS -MCAST_GRP = '239.192.55.1' +MCAST_GRP = '172.16.20.109' MCAST_PORT = 1681 MAGIC = '/Users/crt/Documents/bodeting/research/bad-bruteforcing/attempt-1.txt' |