Tshark can not parse pcap packets having special characters ^ { } - character

I'm trying to read a PCAP file, when it has username having special characters like {SRUN3} or ): \r05P^0/ 37peipei58 it's not decoding the required variables correctly.
Say i expect 15 variables as ouptput like src Ip, target IP, username, port id, .... it outputs only partial variables say 6 variables instead of 15 variables.
If there are no special characters it works perfect.
Please do advice on this.
Cheers,

Related

How to save all ip addresses connected to the network in a text file

I would like to create an alert software for employees without outsourcing for security reasons. I found a way to send alerts from cmd with msg command, I didn't test this code but I generated it from Microsoft site, if there is any error please let me know
msg #allip.txt "test"
For IP list, I found a solution using arp -a using cmd but I have to clear the extra info in the file like this, the problem is that if I leave the extra info in the text the code doesn't work
Interface: 192.168.1.140 --- 0x3
Internet Address Physical Address Type
192.168.1.1 00-00-00-00-00-00 dynamic
192.168.1.61 00-00-00-00-00-00 dynamic
192.168.1.255 00-00-00-00-00-00 static
...
Is there a way to save only the internet address table
To extract all the cached IP addresses - which is what arp.exe /a reports - use the following:
Note: Judging by the linked docs, these cached addresses, stored along with their "their resolved Ethernet or Token Ring physical addresses", with a separate table maintained for each network adapter, are the IP addresses the computer at hand has actively talked to in the current OS session, which is not the same as the complete set of computers connected to the network.
To scan an entire subnet for reachable IP addresses, consider a third-party function such as Ping-Subnet.
((arp /a) -match '^\s+\d').ForEach({ (-split $_)[0] })
To save to a file, say ips.txt, append > ips.txt or | Set-Content ips.txt.
Note:
In Windows PowerShell, you'll get different character encodings by these file-saving methods (UTF-16 LE ("Unicode") for > / ANSI for Set-Content)
In PowerShell (Core) 7+, you'll get BOM-less UTF-8 files by (consistent) default.
Use Set-Content's -Encoding parameter to control the encoding explicitly.
Explanation:
-match '^\s+\d' filters the array of lines output by arp /a to include only those starting with (^) at least one (+) whitespace char. (\), followed by a decimal digit (\d) - this limits the output lines to the lines showing cache-table entries.
.ForEach() executes a script block ({ ... }) for each matching line.
The unary form of -split, the string splitting operator, splits each matching line into an array of fields by whitespace, and index [0] returns the first such field.

Extracting symbol names from nm output

I'd like to use nm -P -g symbol names to generate a .c file. however I'm not sure how to extract those symbol names.
Reading https://pubs.opengroup.org/onlinepubs/9699919799/utilities/nm.html says:
The format given in nm STDOUT uses <space> characters between the fields, which may be any number of <blank> characters required to align the columns.
I'm not sure how to interpret this - should my regex be ^[^ ]+_mkdocs[ ] [note: workaround for stackoverflow's wonky code formatting] or something else? I want the result to be whatever symbol name I extracted concatenated with (&doc);
e.g.
foo_mkdocs T 0 0
should become
foo_mkdocs(&doc);
but I'm unsure if I'm understanding nm's output format specification correctly.

Is this how a byte array look like?

I am having difficulty trying to understand some data.
I have a Perl Script and all I know about that script is that it is sending some data packets over the network.
When I debug through the script the data that it sends looks like following: "KFD!P#"
I am very new to Perl and all I know is that it should be a Byte[]. Should I not see something like \dsdsds \dssds if it is a byte array?
Is this string represented in any expression that I am not able to understand?
Any ideas?
To print the contents of a perl string that is being used as a buffer, you need to convert it to a printable form first. Use unpack for that.
For example to convert it to a string of hex digits:
print unpack('H*', $buffer),"\n";
Read perlpacktut to learn more.
Run wireshark to see what it is putting over the wire.
Any string can be considered a byte array so you won't need any keywords like "byte" in the code.
Sharing the code somewhere or some portion of it would provide more context to work with and address your question.

Adding special character at several places in a string in perl script

I read some raw data from my device. This data contains the IP address as well but in a different format. As you know the IP address is generally written in the format a.b.c.d. However I have data of the format abcd given from the device. I need to get this in the format a.b.c.d How do I do this in a perl script?
Regards
First, let us split the hex string into substrings of two characters:
... split /..\K/, "c0a80001";
We treat each fragment as a hex string, and get the numeric value with the hex builtin:
... map hex, ...
Then, we join all numbers with a period:
join '.', ...
Combined:
my $ip = join '.', map hex, split /..\K/, "c0a80001";
print "$ip\n";
Output: 192.168.0.1. This is the usual text representation for an IPv4 address.
There are many ways. This inserts dots with substring.
map { substr($string,$_,0)='.' } (6,4,2);
Maybe you prefer regexes.
$string =~ s/[0-9a-f]{2}\K(?!\Z)/./g;
It really depends on the approach taken, but mostly you would need to escape with a backslash the dot from the IP address
a\.b\.c\.d
Some source code with be nice btw ...

Python 3 CGI: how to output raw bytes

I decided to use Python 3 for making my website, but I encountered a problem with Unicode output.
It seems like plain print(html) #html is astr should be working, but it's not. I get UnicodeEncodeError: 'ascii' codec can't encode characters[...]: ordinal not in range(128). This must be because the webserver doesn't support unicode output.
The next thing I tried was print(html.encode('utf-8')), but I got something like repr output of the byte string: it is placed inside b'...' and all the escape characters are in raw form (e.g. \n and \xd0\x9c)
Please show me the correct way to output a Unicode (str) string as a raw UTF-8 encoded bytes string in Python 3.1
The problem here is that you stdout isn't attached to an actual terminal and will use the ASCII encoding by default. Therefore you need to write to sys.stdout.buffer, which is the "raw" binary output of sys.stdout. This can be done in various ways, the most common one seems to be:
import codecs, sys
writer = codecs.getwriter('utf8')(sys.stdout.buffer)
And the use writer. In a CGI script you may be able to replace sys.stdout with the writer so:
sys.stdout = codecs.getwriter('utf8')(sys.stdout.buffer)
Might actually work so you can print normally. Try that!