Ask Your Question

How to use custom protocol with text2pcap?

asked 2020-05-28 17:06:17 +0000

aznboystride gravatar image

updated 2020-05-28 17:08:11 +0000

My wireshark has a built in custom-dissector for a built in custom-protocol.

I have a data payload of the custom-protocol, and I would like to use text2pcap to craft a packet using the data payload & the custom-protocol. Does text2pcap allow custom protocols ? or just the ones like ( TCP, UDP, etc )?

To be concrete, I have a reference PCAP file with the custom protocol that Wireshark can read. I would like to craft similar packets with the same protocol, given the payload

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted

answered 2020-05-28 18:36:27 +0000

Guy Harris gravatar image

The extent to which text2pcap "allows" protocols such as TCP, UDP, etc. is that it can take data for a protocol running on top of TCP, UDP, IP, etc. and construct its own link-layer, IP, TCP, UDP, etc. headers.

text2pcap does not have a general, extensible mechanism to add custom protocols to that list.

If you were to construct headers for your custom protocol and add them to the data payload, and put that into a hex dump file, and if your custom protocol runs atop a standard link-layer protocol that text2pcap knows how to construct, or runs atop IP with a custom protocol number, you could get text2pcap to turn that into a pcap file.

You cannot, however, get it to construct headers for your custom protocol, unless you modify it by hand to allow it to do so.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower


Asked: 2020-05-28 17:06:17 +0000

Seen: 635 times

Last updated: May 28 '20