Stack Overflow
Stack Overflow

Questions tagged [pyshark]

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

189 questions
0
votes
1 answer

Ports to be opened for remote capturing

I am trying to capture remote tcp packets using tshark/pyshark. I can see the packets in wireshark if the firewall in the remote machine is turned off. It doesn't work with the firewall on. I have the tcp ports 2002 and 1448 opened in the remote…
Arun Thomas
  • 805
  • 1
  • 12
  • 21
0
votes
1 answer

Using Pyshark to pair key and value from JSON packet

I am trying to parse a PCAP file using Pyshark. Some of the packets have JSON in them and I am trying to print them out with matching key:value. This is what I have at the moment for testing: import pyshark packets =…
Doritos
  • 403
  • 3
  • 16
0
votes
0 answers

How to extract RAW data from PCAP file which of 6LoWPAN or IEEE 802.15.4 using python/ scapy?

I am trying to extract the data from 6LoWPAN support device type. Able to retrieve raw data only. I tried using Scapy and pypcapkit. Both are providing src, dst, type and raw data only. >>from scapy.all import * >>pcap =…
Eswar thammana
  • 25
  • 8
0
votes
1 answer

Wireshark Displayed Packets

I am a Wireshark learner and currently I am using Tshark to sniff my network packages. Currently my local IP is 192.168.0.114 and my collegue is 192.168.0.102. However when I start capturing packets, I receive some packets with source IP…
I.K.
  • 414
  • 6
  • 18
0
votes
0 answers

Read STDIN to pyhon with pyshark?

I would like to get the processed result by tshark or wireshark and use it in python, which I think the .json format it great. Now I use: ssh root@ip tcpdump -i eth0 -w - | tshark -i - -Tjson to get the network packet from a remote system cause the…
shih alex
  • 71
  • 1
  • 8
0
votes
0 answers

Python PyShark Generator Exit

I have a code block that reads ICMP packets from PyShark. Like : capture = pyshark.LiveCapture(interface=self.networkInterface) packet_generator = capture.sniff_continuously() while True: if self.exitProgram: …
I.K.
  • 414
  • 6
  • 18
0
votes
0 answers

importing pyshark on windows platform resulting in multiple errors

my python version is 3.7.2 windows version is Windows 7 Ultimate Service pack 1 pyshark version is 0.4.2.2 LXML version is 4.3.2 Issue :- "import pyshark " alone is resulting me in the following errors Traceback (most recent call last): File…
Ramanjeet Singh
  • 13
  • 3
0
votes
1 answer

How to convert pyshark packet to binary value

I am able to read .pcap file with pyshark. Here is my code: packets = pyshark.FileCapture(pcap_dir) # pcap_dir is the directory of my pcap file To print a packet, I use print(packets[0]). My question is: how can I convert packets[0] to its binary…
Ahmed Hussein
  • 715
  • 1
  • 15
  • 38
0
votes
1 answer

(win10) Python 3.6 - Error Pyshark capture.sniff()

Here is my code: import pyshark cap = pyshark.LiveCapture(output_file='newOutput') error: Traceback (most recent call last): File "", line 1, in File "C:\Program Files\Python36\lib\site-packages\pyshark\capture\live_capture.py",…
user8110523
0
votes
0 answers

How to pass the UDP port number as parameter using Pyshark to read protocol?

I am able to decode GPRS-NS protocol using UDP port number "0-65535" in wireshark but i cannot see data in PyShark. How to pass UDP port number as parameter in File capture method?
surya navuru
  • 1
  • 2
0
votes
1 answer

Pyshark install continue to fail Visual C++ requirement though build tools installed.

I'm trying to install pyshark on a Win10 machine. I'm running Python3.6. I continually get the following error, even though I have installed MS C++ Redistributables and MS Build Tools 2015. error: Microsoft Visual C++ 14.0 is required. Get it with…
SteveJ
  • 3,034
  • 2
  • 27
  • 47
0
votes
1 answer

Pyshark Exporting Data to CSV

Hello everyone I am working with capturing the data and exporting out the data using pyshark, So I have a network capture called "final_traces.pcap" I am able to inspect the file and even print out the data from the captures by the help of a library…
Coding_Karma
  • 65
  • 9
0
votes
0 answers

From a given pcap file how to filter mac frames?

From a given pcap file how do I filter mac frames and display the result in the terminal window? So far, I have the following code that iterates through all frames import pyshark cap = pyshark.FileCapture('filename.pcap') for pkt in cap: print…
muneeb shah
  • 1
0
votes
1 answer

Change encoding to convert Pyshark raw data to scapy raw data

I have made some modifications to Pyshark to have it include the raw data in it's layers. From there, I can grab the frame_raw.value which looks something…
Zachary Alfakir
  • 23
  • 4
0
votes
2 answers

Second Simulcrypt layer field value with same name is not accessible

(This issue is similar to Alex Wang's question, but the answer there was protocol-specific) I like that Wireshark has support for Simulcrypt but there are limitations: display filters are applied at the packet level, so often give ambiguous results…
Greg Vaeth
  • 1
  • 2
1 2 3
12 13