Hey guys!
I currently have a huge .pcap file that shows the following information after applying the filter gtp.message == 0x10
- 197 1.748402 201.144.195.25 201.157.107.1 GTP 216 Create PDP context request
- 771 6.475531 201.144.195.86 201.157.107.1 GTP 216 Create PDP context request
- 809 6.640840 201.134.179.88 201.157.107.1 GTP 224 Create PDP context request
- 177 14.61336 201.144.195.86 201.157.107.1 GTP 216 Create PDP context request
- 212 17.48780 201.134.179.86 201.157.107.1 GTP 221 Create PDP context request
...plus hundreds and hundreds more.
When you check inside each packet, there's are some values I'm looking for:
- e212.imsi
- e164.msisdn
- gtp.lac
- gtp.sai_sac
I need to extract these values for each "Create PDP context request" packet displayed. The problem is, doing it manually is extremely time-consuming and my right-hand hurts at this point (NSFW not intended).
Is there a way on which I could make a batch script or filter to recursively extract the e212.imsi and other fields found inside each "Create PDP context request" packet?
Thank you very much!
PS: Sorry for the absence of screenshots, the platform doesn't allow me to use them yet.
