Per Steffensen wrote:
Hi
I am writing a Java program that has process a lot of pcap files to
extract certain data - in phase one I have to extract MMS's from those
pcaps. If I put some of my example pcap files into WireShare it shows me
that there is an MMS and I am able to extract the different parts of the
MMS (smil, images, etc) by using the WireShark GUI.
Basically I want to programmatically extract those different parts of
the MMS from my java program. I imagine to use the pcap processing
(guess you call it dissection) part of WireShark from my java program.
What is the best approach I can take?
I dont want to show the WireShark GUI. Guess I could call tshark from my
java program? But does tshark enable me to extract embedded data like
e.g. a JPG image?
I don't think you can do that from tshark.
Are there better approaches?
I have read a little about libwireshark. It that the way to go? How to
get started on using libwireshark? Documentation?
libwireshark exists but it is designed to only be used by Wireshark and
its tools. As such, there really isn't any documentation about how to
use it in other tools.
That being said, there has been traffic on this list from people who
have used libwireshark directly--with some success IIRC.
I have also seen some tools on Wiki (http://wiki.wireshark.org/Tools).
Are there good starting points among them?
Hope for some good feedback. Also hope to eventually be able to give
something back to the WireShark project.
Maybe it could be done in one of the scripting environments Wireshark
supports (Lua and Python)?