s.in

Wireshark

3 posts in this topic

Hi,

I was wondering if there is any way of exporting objects from a pcap file using the command line. While the wireshark GUI and Network miner do a neat job of this, I need to export the objects as part of a script I'm working on. Tried Google, no luck. Would be grateful for any pointers on this. Thanks.

0

Share this post


Link to post
Share on other sites

Thanks for the response.

I've been looking at tshark and using it for picking up other stuff from my pcap

e.g. "tshark -r file.pcap -V -T fields -e http.cookie -e http.referer -e frame.time"

However,the problem i'm facing is in identifying / exporting objects, as opposed to data elements.

Would be grateful for a pointer - tshark or wireshark documentation dosent address this at all

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now