Im receiving some udp packets from a network interface called tun0. I am able to see those packets through wireshark. What I need is to extract the payloads from those packets. I tried to use python sockets but Im unable to extract the payload and I think thats because of the packets have a uip stack. Is there anyway to take the payload from the wireshark directly to real time processes? Or is there any other suggestions?
答案 0 :(得分:0)
If I understand correctly what you're trying to accomplish is to get the udp.stream out of Wireshark without the headers. If youre using Windows you might wanna use powershell: http://winpowershell.blogspot.com/2010/01/powershell-udp-clientserver.html?m=1
But if you're using linux or don't have powershell/ not comfortable using it you may use tshark like this. tshark -r $file -R '(ip.addr eq 10.0.0.X and ip.addr eq 10.0.0.X) and (udp.port eq X and udp.port eq X)' -T fields -e data
Hopefully this will works.