在python中寻找一个可以读取PCAP文件并将其写入csv格式的模块。已探索pyshark模块-无法获得所需形式的输出
capture = pyshark.FileCapture(r"C:Tempwiresharkdata.pcap")
for pkt in capture:
pkt = str(pkt)
out.write(pkt)
尝试模块rdpcap
阅读此处了解更多信息-https://medium.com/@vwri/从一个pcap-file-using-python-d938d7622d71 中提取密码
pkts = rdpcap('example.pcap')
with open("Pcap/test.csv", "w") as f:
for pkt in pkts:
if IP in pkt:
ip_src=pkt[IP].src
ip_dst=pkt[IP].dst
if TCP in pkt:
tcp_dport=pkt[TCP].dport
csv_header = "IP_src,IP_drc,dst_portn"
s = ""
for scr in str(ip_src):
s+=str(scr)
csv_header += s + ','
s_ = ''
for dst in str(ip_dst) :
s_+=str(dst)
csv_header += s_ + ','
s_1 = ''
for dst_tcp in str(tcp_dport):
s_1 += str(dst_tcp)
csv_header += s_1
f.write(csv_header)