Skip to content

Instantly share code, notes, and snippets.

@p1-olm

p1-olm/nas-eps_layer_to_USER_DLT.py

Created August 3, 2017 12:12
Show Gist options
  • Save p1-olm/ee3fa5ef8964ef4ffed46ef6353ea656 to your computer and use it in GitHub Desktop.
Save p1-olm/ee3fa5ef8964ef4ffed46ef6353ea656 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nas-eps_layer_to_USER_DLT.py
from scapy.all import *
from subprocess import Popen, PIPE
from tempfile import mkdtemp
packets = rdpcap("/tmp/toconvert.pcap")
temp_pcaps = mkdtemp()
paths_pcaps = []
for i, pkt in enumerate(packets):
if pkt[3].load[2] == "\x0e": # type 14
nas_payload = pkt[3].load[16:]
od = Popen(["od","-Ax", "-tx1", "-v"], stdout=PIPE, stdin=PIPE)
output = od.communicate(input=nas_payload)[0]
txt2pcap = Popen(["text2pcap", "-l", "147", "-", "-"], stdin=PIPE, stdout=PIPE)
raw_packet = txt2pcap.communicate(input=output)[0]
paths_pcaps.append(temp_pcaps + "/" + str(i) + ".pcap")
with open(paths_pcaps[-1], "wb") as f:
f.write(raw_packet)
cmd = ["mergecap", "-w", "/tmp/output.pcap"]
paths_pcaps.reverse()
cmd.extend(paths_pcaps)
Popen(cmd)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment