Ask Your Question
0

Can I do a binary / Hex dump from wireshark ?

asked 2022-01-19 17:30:58 +0000

xarzu gravatar image

Hello Friends,

I loaded a .pcapng file and examined the packets of data. I am working on code that uses this data and so I want to write some test code to help with this task. One step I want to make is to simulate the raw binary data that I see in the wireshark. In the wireshark UK, I am talking about the third window which shows a binary dump of data in hex format. How can I copy this data? When I tried, it only copied a text ascii representation of what is shown in the wireshark window.

I installed a hex code editor plug-in into notepad++ so that I can edit hex data by hand. But that is time consuming as it editing any hex code by hand.

I hopened the .pcapng file in hex editior and maybe this is the way to go, but it seemed as if I was looking at something that required a learning curve.

Please advise.

edit retag flag offensive close merge delete

Comments

Are you looking to export the full packet or just a portion of it?

Chuckc gravatar imageChuckc ( 2022-01-19 19:44:36 +0000 )edit

both. The answer below works for both

xarzu gravatar imagexarzu ( 2022-01-20 05:39:12 +0000 )edit

1 Answer

Sort by ยป oldest newest most voted
0

answered 2022-01-19 19:54:48 +0000

SYN-bit gravatar image

You can export the whole frame by right-clicking on the "Frame" line in the packet details. Then choose for export packet bytes and choose a filename, the file will contain the binary data of the whole packet.

edit flag offensive delete link more

Comments

good job. That works !

xarzu gravatar imagexarzu ( 2022-01-20 05:33:58 +0000 )edit

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

1 follower

Stats

Asked: 2022-01-19 17:30:58 +0000

Seen: 2,762 times

Last updated: Jan 19 '22