Skip to content

stubbfel/blob2wireshark

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

12 Commits
example
example
 
 
src/b2ws-plugin
src/b2ws-plugin
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
LICENSE.md
LICENSE.md
 
 
README.md
README.md
 
 

Repository files navigation

blob2wireshark

Is a plugin for wireshark, which helps to analyse binaries arrays or blob by dissectors

plugin functions:

  • convert bin files into pcap file
  • provides lua dissectors templates
  • creates lua dissectors snippets depends of pseudo-c-struct-definition

How to

Install

  1. Copy b2ws-plugin folder to a wireshark plugin folder

Convert binary file to pcap files

Create example a binary file with:

mkdir example_build
cd example_build
cmake ../example
make
./b2ws_example_blob_writer
ls *.bin
  1. Open Wireshark
  2. Open ImportBlob windows by click on "Tools-> bw2s -> ImportBlob"
  3. Click on "Change Settings", enter the path of the binary file.
    • you could also change the fake src, dst and type field.
  4. Click on "ImportBlob". Now the create a pcap file (in the same folder as the binary file) and open this file

Create lua dissector file

  1. Open Wireshark
  2. Open ImportBlob windows by click on "Tools-> bw2s -> ImportBlob"
  3. Click on "Create Dissector"
  4. Enter a name for the dissector and press ok. Now the plugin create a "default" lua dissector file in the b2ws-plugin folder. This file can und should be edit by you, e.g. add/change ProtoField or add protocol layes (see wiki.wireshark LuaAPI/).

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages