Posted 03 February 2012 - 12:37 AM
I was wondering if there is any way of exporting objects from a pcap file using the command line. While the wireshark GUI and Network miner do a neat job of this, I need to export the objects as part of a script I'm working on. Tried Google, no luck. Would be grateful for any pointers on this. Thanks.
Posted 10 February 2012 - 02:00 AM
I've been looking at tshark and using it for picking up other stuff from my pcap
e.g. "tshark -r file.pcap -V -T fields -e http.cookie -e http.referer -e frame.time"
However,the problem i'm facing is in identifying / exporting objects, as opposed to data elements.
Would be grateful for a pointer - tshark or wireshark documentation dosent address this at all
BinRev is hosted by the great people at Lunarpages!