Skip to content
Permalink
Browse files

Version 0.0.12

  - Added support for PCAP files with big-endian byte order.
  • Loading branch information
Jerrythafast committed Feb 17, 2019
1 parent 8f9812f commit 7251c1f73c3467a44c5b3d55c300b95e054a76ef
Showing with 10 additions and 5 deletions.
  1. +4 −1 README.txt
  2. +6 −4 opt/se-logger/liveupdate.py
@@ -1,4 +1,4 @@
VERSION 0.0.11
VERSION 0.0.12

===============================================================================
INSTALLATION INSTRUCTIONS
@@ -86,6 +86,9 @@ commands used. Tested with Ubuntu 16.04, Python 2.7.11, MySQL 5.7.12, PHP 7.0.
===============================================================================
CHANGELOG

v0.0.12
- Added support for PCAP files with big-endian byte order.

v0.0.11
- Added is-pcap-encrypted.py for checking whether any encryption is already
occurring in the data you captured.
@@ -23,7 +23,7 @@
import struct, sys, MySQLdb, time
from collections import namedtuple

__version__ = "0.0.11"
__version__ = "0.0.12"

# SETTINGS
inverter_private_key = '\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00'
@@ -284,8 +284,10 @@ def get_data_from_pcap(self, f):
tcphdrlen = 20 # Has a 'header length' value that may indicate additional optional values.

# Check PCAP file header.
if f.read(pcaphdrlen)[:4] != "\xD4\xC3\xB2\xA1":
eprint("ERROR! PCAP format not supported! Can only read little-endian PCAP files with microsecond precision!")
try:
byteorder = {"\xD4\xC3\xB2\xA1": "<", "\xA1\xB2\xC3\xD4": ">"}[f.read(pcaphdrlen)[:4]]
except KeyError:
eprint("ERROR! PCAP format not supported! Can only read PCAP files with microsecond precision!")
return

while True:
@@ -295,7 +297,7 @@ def get_data_from_pcap(self, f):
pcaprechdr = f.read(pcaprechdrlen)
if not pcaprechdr:
break
pcaprechdr = struct.unpack("<LLLL", pcaprechdr)
pcaprechdr = struct.unpack(byteorder + "LLLL", pcaprechdr)
pcaptime = pcaprechdr[0] + pcaprechdr[1]/1000000.
packet_offset = pcaprechdr[2]

0 comments on commit 7251c1f

Please sign in to comment.
You can’t perform that action at this time.