Wireshark-users: Re: [Wireshark-users] Importing raw application protocol data with Wireshark

From: Jaap Keuter <jaap.keuter@xxxxxxxxx>
Date: Fri, 15 Sep 2017 08:18:34 +0200
... or “Import from Hex Dump” in Wireshark itself (it’s basically the same thing).

On 14 Sep 2017, at 15:53, Abhik Sarkar <sarkar.abhik@xxxxxxxxx> wrote:

text2pcap might help, provider the application layer itself has a dissector in Wireshark.

From https://www.wireshark.org/docs/wsug_html/#AppToolstext2pcap:
"text2pcap also allows the user to read in dumps of application-level data, by inserting dummy L2, L3 and L4 headers before each packet..."

See also: https://wiki.wireshark.org/HowToDissectAnything.

On 14 September 2017 at 15:28, Jack Guest <anonimusul@xxxxxxxxx> wrote:
Hi,

Is there any straightforward way of importing from a file
application-layer protocol data that lacks transport headers (i.e
lacks link-layer, internet-layer and transport-layer headers) in order
to be able to use an existing Wireshark protocol dissector to view and
analyze the application protocol raw data?


If not, what would it take to add such feature to Wireshark or the other tools?

Thanks,
Jack
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users@xxxxxxxxxxxxx>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
            mailto:wireshark-users-request@xxxxxxxxxxxxx?subject=unsubscribe