Stack Overflow
Stack Overflow

Questions tagged [pyshark]

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

PyShark is a Python wrapper allowing packet parsing using Wireshark dissectors. This package allows parsing from a capture file or a live capture, using all installed Wireshark dissectors.

189 questions
3
votes
0 answers

OSX PyShark: RuntimeWarning: coroutine 'wait_for' was never awaited

I was wondering if anyone around here might know what causes this issue. I keep getting this error on OSX High Sierra, while running a python script which uses the pyshark library. I am running Tshark 2.6.2 Python 3.7.0 PyShark 0.4.1 The…
Erik van de Ven
  • 4,747
  • 6
  • 38
  • 80
3
votes
1 answer

error while running cap.sniff(), live packets pyshark

while running the cap.sniff(timeout=20),pyshark in python, i got the following errorTraceback (most recent call last): File "", line 1, in File…
user3306040
  • 35
  • 6
3
votes
3 answers

pyshark: access raw udp payload

I'm new to pyshark. I'm trying to write a parser for custom UDP packets. I'm using the FileCapture object to read packets from a file. >>> cap = pyshark.FileCapture('sample.pcap') >>> pkt = cap.next() >>> pkt >>>…
tano
  • 836
  • 1
  • 10
  • 25
3
votes
1 answer

Pyshark FileCapture doesn't work

I'm new with pyshark, and I write a sample code by searching on the tutorial import pyshark cap = pyshark.FileCapture("input.cap") cap_1 = cap[0] and then it give me an error /Users/tingyugu/anaconda3/bin/python…
tingyu gu
  • 73
  • 8
3
votes
4 answers

Pyshark: can only get first field value if same key name (field name) show multiple entries with different value

I am using Pyshark to parse Wireshark sniffer log, and I used exported Json format file (based on pcapny file) to find field names when use 'get_field_value' function to retrieve field value. For example, in order to get BSSID value: In Json…
Alex Wang
  • 73
  • 1
  • 6
2
votes
0 answers

how can i stop repeating fields of dhcp in pyshark

if a field is missed in a packet it prints the previous stored field. How to stop it so it prints only associated fields with a new packet and didn't print the previous packet field if a field is missed. import pyshark from collections import…
roXx
  • 69
  • 9
2
votes
1 answer

Pulling data from pyshark

I am trying to pull data out of data packets that I am recieving from another device. I have isolated the packet I want to pull the data from but cannot figure out how to extract the data that I want. I am using pyshark to get to the packet but this…
hunterkeating
  • 21
  • 2
2
votes
0 answers

How do I solve key error: layer does not exist while processing packet captures

I have been using pyshark to process the packet capture data and while printing out the DNS requests and responses, I am getting an error of: ' File "/home/nilufa/anaconda3/lib/python3.7/site-packages/pyshark/packet/packet.py", line 50, in…
Nilufa Islam
  • 29
  • 4
2
votes
1 answer

How can I save a filtered pyshark FileCapture to a new pcap file?

I have a program that can scan a pcap file using pyshark.FileCapture and then print the filtered packets. I want to save those packets to a new pcap file. Code: import pyshark import os import sys from scapy.all import * def save_to_pcap(cap,…
Tomer Katzir
  • 53
  • 1
  • 8
2
votes
3 answers

I want to stop packet capture while sniffing continuously once a condition is met

Problem I have written a script that sniffs packet from a host, however, I am sniffing the packets in continuous mode and would like to stop sniffing on a timeout. I have written the following code to stop packet sniffing, but it doesn't seem to…
Sajan Maharjan
  • 118
  • 1
  • 10
2
votes
1 answer

python using pyshark to parse .pcap file

I have a wireshark .pcap file and i want to get all the assets (urls, ip's, pc names etc..) from this file. i tried to use some examples i found online, but i'm having some problems getting those items. i managed to find the dst and src ip address,…
dor mordehcai
  • 102
  • 1
  • 1
  • 6
2
votes
2 answers

Follow TCP stream using python and pyshark

When doing it manually in Wireshark, I right click a packet -> follow -> TCP stream a new window would be opened with the relevant information. Is there a way to do the exact same thing and get this information by using pyshark module and python…
Elias Shourosh
  • 89
  • 3
  • 14
2
votes
1 answer

Is it possible to access the hexdump of a packet in PyShark?

I am using pyshark to open and parse pcap files. Currently I've been able to access the packet fields. But I cannot seem to find a way to access the hexdump value of each packet. Is there any way to do that?
B Faley
  • 17,120
  • 43
  • 133
  • 223
2
votes
2 answers

pyshark live capture with display filter

i found a nice python module pyshark that as far as i got can be used the same way as tshark with bpf filtering. I am actually looking for live capture option with bpf filtering and display filtering to do something else with those data and store…
user1627588
  • 133
  • 2
  • 6
  • 16
1
vote
2 answers

How to get the protocol name in PyShark?

Using PyShark, how can I get a string with the name of an IP protocol from the number on the packet proto field? For example, converting 6 to 'TCP'.
user20828450
  • 11
  • 2
1
2
3
12 13