Skip to content

Instantly share code, notes, and snippets.

@angely-dev

angely-dev/raw2pcap.py

Created February 13, 2020 16:01
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save angely-dev/04c17ec10a03a2f15085cd1335147ff4 to your computer and use it in GitHub Desktop.
Save angely-dev/04c17ec10a03a2f15085cd1335147ff4 to your computer and use it in GitHub Desktop.
Download ZIP
Convert Huawei capture-packet output to Wireshark.
Raw
raw2pcap.py
from os import remove
from re import search
from scapy.all import *
import argparse
# Usage
parser = argparse.ArgumentParser(description='Convert raw Huawei hex packets to cap file.')
parser.add_argument('--raw-file', help='the raw file location (source)', default='raw.txt')
parser.add_argument('--cap-file', help='the cap file location (destination)', default='cap.pcap')
args = parser.parse_args()
# Delete previous cap file
try:
remove(args.cap_file)
except FileNotFoundError:
pass
# Extract each frame from raw file
with open(args.raw_file) as file:
frames = file.read().split('-------------------------------------------------------')
# Convert each frame to hex bytes
valid_frames = []
for frame in frames:
frame = frame.replace('-', '')
frame = frame.replace('\n', '')
frame = frame.replace(' ', '')
if frame.isalnum():
# Frame is considered valid
# if the raw file is correctly formatted (see below)
# all frames are valid
valid_frames.append(frame)
# Write pcap file
for frame in valid_frames:
frame = hex_bytes(frame)
wrpcap(args.cap_file, frame, append=True)
# Print summary
print(f'OK - {len(valid_frames)} frames written')
@angely-dev
Copy link
Author

angely-dev commented Feb 13, 2020
edited

Note this is really Huawei specific (an example from the official doc).
Example of a raw.txt file (there can be more packets, e.g., 100 is common).

  Packet: 1                                                                     
  -------------------------------------------------------                       
  01 80 c2 00 00 0e 00 18 82 01 23 45 81 00 00 14                               
  88 cc 02 07 04 00 18 82 01 23 45 04 15 05 47 69                               
  67 61 62 69 74 45 74 68 65 72 6e 65 74 30 2f 30                               
  2f 31 06 02 00 78 08 00 0a 09 53 35 33 48 49 2d                               
  32 30 36 0c a0 53 35 33 32 38 43 2d 48 49 20 0d                               
  0a 48 75 61 77 65 69 20 56 65 72 73 61 74 69 6c                               
  65 20 52 6f 75 74 69 6e 67 20 50 6c 61 74 66 6f                               
  72 6d 20 53 6f 66 74 77 61 72 65 20 0d 0a 20 56                               
  -------------------------------------------------------                       
                                                                                
  Packet: 2                                                                     
  -------------------------------------------------------                       
  01 80 c2 00 00 0a 00 e0 fc 09 bc f9 81 00 00 14                               
  88 a7 00 03 00 00 01 b4 9a 09 00 01 00 0e 00 00                               
  00 00 00 18 82 01 23 45 00 07 00 0d 53 35 33 48                               
  49 2d 32 30 36 00 0f 00 15 53 35 33 30 30 20 56                               
  32 30 30 52 30 30 31 43 30 30 00 12 00 1d 56 65                               
  72 73 69 6f 6e 20 35 2e 31 31 30 20 56 32 30 30                               
  52 30 30 31 43 30 30 00 11 00 1d 56 65 72 73 69                               
  6f 6e 20 35 2e 31 31 30 20 56 32 30 30 52 30 30                               
  -------------------------------------------------------                       
                                                                                
  Packet: 3                                                                     
  -------------------------------------------------------                       
  01 80 c2 00 00 0e 00 18 82 01 23 45 81 00 00 14                               
  88 cc 02 07 04 00 18 82 01 23 45 04 15 05 47 69                               
  67 61 62 69 74 45 74 68 65 72 6e 65 74 30 2f 30                               
  2f 31 06 02 00 78 08 00 0a 09 53 35 33 48 49 2d                               
  32 30 36 0c a0 53 35 33 32 38 43 2d 48 49 20 0d                               
  0a 48 75 61 77 65 69 20 56 65 72 73 61 74 69 6c                               
  65 20 52 6f 75 74 69 6e 67 20 50 6c 61 74 66 6f                               
  72 6d 20 53 6f 66 74 77 61 72 65 20 0d 0a 20 56                               
  -------------------------------------------------------

Example of usage:

# The script and the raw file are located in the same folder
$ ls
raw2pcap.py  raw.txt

# Use a Virtual Environment (not mandatory but good practice)
$ virtualenv venv
$ source venv/bin/activate

# Scapy is required
$ pip install scapy

# Use it!
$ python3.7 raw2pcap.py # or python3.6
OK - 3 frames written

It generates a cap.pcap file which can be opened with Wireshark:

image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment