I have a capture of some TCP packets in pcapng format and I’d like to open it in python to inspect the TCP payloads with address 192.168.1.198. I’ve only found this library: https://python-pcapng.readthedocs.io/en/latest/api/blocks.html but it does not support inspecting TCP payloads.
Is there an easy way?
Advertisement
Answer
You can use python-pcapng package. First install python-pcapng package by following command.
pip install python-pcapng
Then use following sample code.
from pcapng import FileScanner
with open(r'C:UserszahangirDownloadsMDS19 Wireshark Log 08072021.pcapng', 'rb') as fp:
scanner = FileScanner(fp)
for block in scanner:
print(block)
print(block._raw) #byte type raw data
Above code worked for me.
Reference: https://pypi.org/project/python-pcapng/