-
Notifications
You must be signed in to change notification settings - Fork 2
Reconstitutes transmitted bittorrent files from a network capture
License
tcoppi/BittorrentReconstituter
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
BitTorrent-Reconstituter is the work of Charlie Moore, Aaron Lovato, and Thomas Coppi for the CS 489 Network Forensics class. This program can be run on live input or a .pcap file. It will parse out the BitTorrent files that were transferred and reconstruct them. If a torrent file is specified, it will break the files up appropriately and give them the correct filenames. Otherwise it'll output one big file whose filename is the checksum of its contents. This big file will be all the other files concatenated together. They must be cut up manually if we don't have the torrent file, because there is no way for us to know the file boundries without it. ===--------------------------------------------------------------------------=== Requirements ------------ A POSIX compatible system is required, as well as the boost, pcap, and OpenSSL libraries. We have tested on Linux and Mac OS X. Compilation ----------- To build the project for most configurations, run make with no targets, which will create an executable named "btfinder". The following targets are also available: tags: build vi style tags goodtags: build emacs style tags apidocs: generate doxygen autodocs clean: remove generated files Usage: ./btfinder [options] <input files> The input files can be any number of pcap files and possibly the accompanying torrent files. If torrent files are specified, the program will attempt to match them with the pcap files for verification and file splitting. Example usage: ./btfinder ./sample_pcaps/mippo.pcap ./sample_pcaps/mippo-creative_v92.mp3.torrent Options: The '=' in the long form for any of these options is optional. --help Show a help message describing these options --interface[=]<iface>, -i <iface> Specify the interface you want to listen for live input. Offline processing will not be done with this mode. --input-file[=]<filename>, -r <filename> Specify filenames for offline processing. Any non-pcap/torrent files will be ignored. This option doesn't work if -i was specified as well. Any extra arguments at the end will be added as an input file as well
About
Reconstitutes transmitted bittorrent files from a network capture
Resources
License
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published