On Feb 12, 2004, at 1:45 AM, Pablo wrote:
i imagine that i haven't explained very well before, i'm
sorry. I want to know exactly what is the format of dmp
files. I have a program (WepCrack:
wepcrack.sourceforge.net/) that use this type of files and i
want to understand the code. It is necesary for me to know
what is the format of .dmp files. I imagine that you know
what is this format.
I.e., you're asking this purely out of curiosity, because you want to
know what the code in WepCrack is doing?
Then here's a mail message describing the *CURRENT* libpcap format:
http://www.tcpdump.org/lists/workers/2002/04/msg00096.html
Note, however, the very first paragraph:
Well, my first question is "why do you need that information"? libpcap
can be used to read and write those files.
Note also that a Perl script can use libpcap:
http://search.cpan.org/~kcarnut/Net-Pcap-0.05/Pcap.pm
so "this is a Perl program" is insufficient reason, by itself, to write
your own code to read libpcap files or write them.
Note also that I say "*CURRENT* libpcap format" for a reason. At some
point there will probably be a new libpcap format, to support a number
of things the current version doesn't support, and code people have
written that reads the current format will *NOT* be able to read the
new format. (Libpcap and Ethereal's Wiretap will, of course, be made
to read both the old format and the new format.)