style="display:inline-block;width:728px;height:90px"
data-ad-client="ca-pub-7505528228218001"
data-ad-slot="1225241371">

August 2014

Attempting to load offline file, manipulate packets within offline cap file and then save/output to another offline cap file

Hey everyone,

I guess I will jump right in.

I have tried in vain to get a .pcap file read into a Pcap object, then make some changes to certain headers within certain packets and then write these changes either back to the original file or save as a different file.

Sadly I have been unsuccessful into doing so, i appear to be able to change the destination within the udp header but when it comes to dumping these packets i have changed i get an output file consisting of no packets at all.

public Pcap openOfflineFile(String fileLocation) {
StringBuilder errorBuffer = new StringBuilder();
Pcap pcap = Pcap.openOffline(fileLocation, errorBuffer);
if (pcap == null) {
System.err.printf("Error while opening device for capture: "
+ errorBuffer.toString());
}
return pcap;
}

public Pcap marshalHeaders(Pcap pcap) {
final Rtp rtp = new Rtp();
final Udp udp = new Udp();

PcapPacketHandler jpacketHandler = new PcapPacketHandler() {

public void nextPacket(PcapPacket packet, String user) {
if (packet.hasHeader(rtp)) {

}
if (packet.hasHeader(udp)) {
udp.destination(1000);
udp.checksum(udp.calculateChecksum());
packet.scan(Ethernet.ID);
System.out.println(packet);
}
}
};

pcap.loop(Pcap.LOOP_INFINITE, jpacketHandler, "jNetPcap rocks!");

return pcap;
}

public void dumpToPcapFile(Pcap pcap) {

String ofile = "C:\\Users\\blackwellsa\\Desktop\\o.cap";
final PcapDumper dumper = pcap.dumpOpen(ofile); // output file

ByteBufferHandler dumpHandler = new ByteBufferHandler() {

@Override
public void nextPacket(PcapHeader arg0, ByteBuffer arg1,
PcapDumper arg2) {
dumper.dump(arg0, arg1);

}

};

pcap.loop(10, dumpHandler, dumper);

File file = new File(ofile);
System.out.printf("%s file has %d bytes in it!\n", ofile, file.length());

not able to filter host

I want to filter capture based on host name and i am passing "host google" to setfilter method but i am not able to filter.the filter compiling is failing and i am getting unknown host google.am i doing anything wrong,i am using windows 8.please help me with this.
thanks in advance.

HTTPS traffic to HTTP with server private key

Hi,

Can I create a HTTP packet from a HTTPS packet?

I know decrypt the traffic, but I'm not sure about what is the information I need decrypt.

I tried next one, but it didn't work:

byte[] data = packet.getByteArray(0, packet.size());
byte[] decryptedData = decrypt(data);

PcapPacket p = new PcapPacket(decryptedData);

Any help is usefull. Thanks in advance Smile