August 2014

Attempting to load offline file, manipulate packets within offline cap file and then save/output to another offline cap file

Hey everyone,

I guess I will jump right in.

I have tried in vain to get a .pcap file read into a Pcap object, then make some changes to certain headers within certain packets and then write these changes either back to the original file or save as a different file.

Sadly I have been unsuccessful into doing so, i appear to be able to change the destination within the udp header but when it comes to dumping these packets i have changed i get an output file consisting of no packets at all.

public Pcap openOfflineFile(String fileLocation) {
StringBuilder errorBuffer = new StringBuilder();
Pcap pcap = Pcap.openOffline(fileLocation, errorBuffer);
if (pcap == null) {
System.err.printf("Error while opening device for capture: "
+ errorBuffer.toString());
return pcap;

public Pcap marshalHeaders(Pcap pcap) {
final Rtp rtp = new Rtp();
final Udp udp = new Udp();

PcapPacketHandler jpacketHandler = new PcapPacketHandler() {

public void nextPacket(PcapPacket packet, String user) {
if (packet.hasHeader(rtp)) {

if (packet.hasHeader(udp)) {

pcap.loop(Pcap.LOOP_INFINITE, jpacketHandler, "jNetPcap rocks!");

return pcap;

public void dumpToPcapFile(Pcap pcap) {

String ofile = "C:\\Users\\blackwellsa\\Desktop\\o.cap";
final PcapDumper dumper = pcap.dumpOpen(ofile); // output file

ByteBufferHandler dumpHandler = new ByteBufferHandler() {

public void nextPacket(PcapHeader arg0, ByteBuffer arg1,
PcapDumper arg2) {
dumper.dump(arg0, arg1);



pcap.loop(10, dumpHandler, dumper);

File file = new File(ofile);
System.out.printf("%s file has %d bytes in it!\n", ofile, file.length());

not able to filter host

I want to filter capture based on host name and i am passing "host google" to setfilter method but i am not able to filter.the filter compiling is failing and i am getting unknown host i doing anything wrong,i am using windows 8.please help me with this.
thanks in advance.

HTTPS traffic to HTTP with server private key


Can I create a HTTP packet from a HTTPS packet?

I know decrypt the traffic, but I'm not sure about what is the information I need decrypt.

I tried next one, but it didn't work:

byte[] data = packet.getByteArray(0, packet.size());
byte[] decryptedData = decrypt(data);

PcapPacket p = new PcapPacket(decryptedData);

Any help is usefull. Thanks in advance Smile