How can I extract the DICOM headers of files from a capture of traffic?
I have pcap files with DICOM protocols, is it possible to read the content of the packet and extract the DICOM header of the file sent in the network? What I don't understand is if I can recover the file content from the packed information. Is this information stored in the packet bytes pane?
Hi daje, any luck on this? I am trying to find the file header as well to reassemble the DICOM file. Have you figure it out?
You are able to recover the file contents, that you can see clearly in wireshark, but the problem is it requires a file header. You have to write some kind of script in order to export it with a file header for sure, either an empty one or the original file header that is in the original packet, which I am wondering how to find it.