How can I read pcap files in a friendly format?

Wireshark is probably the best, but if you want/need to look at the payload without loading up a GUI you can use the -X or -A options

tcpdump -qns 0 -X -r serverfault_request.pcap

14:28:33.800865 IP 10.2.4.243.41997 > 69.59.196.212.80: tcp 1097
        0x0000:  4500 047d b9c4 4000 4006 63b2 0a02 04f3  E..}..@[email protected].....
        0x0010:  453b c4d4 a40d 0050 f0d4 4747 f847 3ad5  E;.....P..GG.G:.
        0x0020:  8018 f8e0 1d74 0000 0101 080a 0425 4e6d  .....t.......%Nm
        0x0030:  0382 68a1 4745 5420 2f71 7565 7374 696f  ..h.GET./questio
        0x0040:  6e73 2048 5454 502f 312e 310d 0a48 6f73  ns.HTTP/1.1..Hos
        0x0050:  743a 2073 6572 7665 7266 6175 6c74 2e63  t:.serverfault.c
        0x0060:  6f6d 0d0a 5573 6572 2d41 6765 6e74 3a20  om..User-Agent:.
        0x0070:  4d6f 7a69 6c6c 612f 352e 3020 2858 3131  Mozilla/5.0.(X11
        0x0080:  3b20 553b 204c 696e 7578 2069 3638 363b  ;.U;.Linux.i686;

tcpdump -qns 0 -A -r serverfault_request.pcap

14:29:33.256929 IP 10.2.4.243.41997 > 69.59.196.212.80: tcp 1097
E..}..@[email protected].
...E;...^M.P..^w.G.......t.....
.%.}..l.GET /questions HTTP/1.1
Host: serverfault.com

There are many other tools for reading and getting stats, extracting payloads and so on. A quick look on the number of things that depend on libpcap in the debian package repository gives a list of 50+ tools that can be used to slice, dice, view, and manipulate captures in various ways.

For example.

Related Posts:

  1. Using prevNext Modx Addon
  2. What is Xpenology? Is it Linux related thing?
  3. Create blank image in Imagemagick
  4. Google Calendar API event insert always return 404 “not found” error
  5. Using getline() with file input in C++
  6. Compiler Error “void value not ignored as it ought to be” in C programming [duplicate]
  7. Exception in thread “AWT-EventQueue-0” java.lang.NullPointerException Error
  8. Different between ./ , ../ , ../../ , ~/ on file path(URL) in asp.net
  9. Difference between associative entity and associative relationship attribute?
  10. max value of integer
  11. How to install apoc for neo4j?
  12. Plot logarithmic axes with matplotlib in python
  13. Regex lookahead, lookbehind and atomic groups
  14. Why git asks to enter a commit message to explain why this merge is necessary
  15. What does enctype=’multipart/form-data’ mean?
  16. How do I remove version tracking from a project cloned from git?
  17. What is the difference between == and equals() in Java?
  18. XQuery data and text() function
  19. PHP – exit or return which is better?
  20. How do you copy and paste into Git Bash
  21. What does “?” mean in Java?
  22. MIPS fetch address not aligned on word boundary, used .align 4, still no go
  23. Collapse all methods in Visual Studio Code
  24. what is difference between mp4 and mpegts?
  25. There is no directive with “exportAs” set to “ngForm”
  26. In Typescript, what is the ! (exclamation mark / bang) operator when dereferencing a member?
  27. How to resolve ‘preflight is invalid (redirect)’ or ‘redirect is not allowed for a preflight request’
  28. Implement touch using Python?
  29. How to override equals method in Java
  30. Manually create a pyspark dataframe
  31. Couchbase query using “\uefff” break the next conditional keys
  32. VMWare Workstation VM not starting because of locked portion of file
  33. What is the difference between memoization and dynamic programming?
  34. Windows Activator .bat Text
  35. ldap_bind: Invalid Credentials (49)
  36. Error compiling CUDA from Command Prompt
  37. Java – String cannot be converted to int
  38. Why doesn’t Dijkstra’s algorithm work for negative weight edges?
  39. How do emulators work and how are they written?
  40. How to sign-extend a number in Verilog
  41. How to draw a checkmark / tick using CSS?
  42. c array – warning: format not a string literal
  43. Create Hyperlink in Slack
  44. How to join two tables by multiple columns in SQL?
  45. Java “params” in method signature?
  46. what is the diffrence between TCP TAHOE and TCP RENO
  47. Missing value auth-url required for auth plugin password
  48. JMS Topic vs Queues
  49. How to set the authorization header using cURL
  50. yum error “Cannot retrieve metalink for repository: epel. Please verify its path and try again” updating ContextBroker
  51. OCaml: Match expression inside another one?
  52. What should be hadoop.tmp.dir ?
  53. How does DHT in torrents work?
  54. C++ undefined reference to WinMain@16 (Code::Blocks)
  55. Lambda Calculus Reduction steps
  56. JavaScript: IIF like statement
  57. What is cardinality in Databases?
  58. What is the relationship between PyTorch and Torch?
  59. Error: Local workspace file (‘angular.json’) could not be found
  60. Cannot join on Memo, OLE, or Hyperlink Object
  61. Very basic inheritance: error: expected class-name before ‘{’ token
  62. Why doesn’t “System.out.println” work in Android?
  63. What is the `data-target` attribute in Bootstrap 3?
  64. PostgreSQL: Query has no destination for result data
  65. server error:405 – HTTP verb used to access this page is not allowed
  66. Subtract 1 day with PHP
  67. Node inconsistent with parents in JAGS model (R)
  68. How can I enable Assembly binding logging?
  69. While running the script throws cannot find module ‘dotenv’
  70. What makes Lisp macros so special?
  71. zsh command cannot found pip
  72. How can I move a tag on a git branch to a different commit?
  73. Undo text entry in Jupyter Notebook under Win7
  74. Brackets : how to make autocomplete / autoindent works ?
  75. How do you use replace in Spyder?
  76. Is there a Variable Explorer for PyCharm
  77. Eclipse IDE – Error: Build path specifies execution environment Java SE 1.7
  78. Operator Overloading C++; too many parameters for << operation
  79. What are the double colons (::) in R?
  80. Visual Studio 2019 – error MSB8020: The build tools for Visual Studio 2013 cannot be found
  81. How do you run CMD.exe under the Local System Account?
  82. ApiNotActivatedMapError for simple html page using google-places-api
  83. The correct way to read a data file into an array
  84. HTTP status code 0 – Error Domain=NSURLErrorDomain?
  85. How to list all available Kafka brokers in a cluster?
  86. Ext.getCmp(id) or Ext.ComponentQuery.query(attribute)
  87. textarea’s rows, and cols attribute in CSS
  88. WP available widget for certain area
  89. Forbid contributors viewing drafts
  90. show taxonomy meta field in template
  91. Posting to admin-ajax from front end. Is this redirect ok?
  92. WordPress permalinks and javascript redirection
  93. Can I move a WordPress installation to an IP (without domain name)?
  94. How to properly add and access a JavaScript file in WordPress?
  95. Reset counter with jQuery [closed]
  96. Edit plugin function with a hook
  97. The Principles of Essay Title Generator Free
  98. Plural Forms error in Query Monitor
  99. How to get all the users list after you performed the hook "pre_get_users"?
  100. List Taxonomy terms along with their posts

Leave a Comment

techhipbettruvabetnorabahisbahis forumuedusedusedueduedueduedueduseduedus