I would like to open an omnipeek (.pkt) file in a C program. How do I do it? Conversion to .pcap and opening via pcap library results in loss of important radio information. Can I have a sample program which reads a .pkt file offline?
Thanks!
Well, Wireshark is a sample program that does that, albeit a large one. See the wiretap/peekclassic.c file for the "classic" Peek format (used in older versions of WildPacket's software) and wiretap/peektagged.c for the "tagged" Peek format (used in current versions of their software).
You might want to handle more radio information in the "tagged" format than Wireshark currently handles.
WildPackets tech support can provide you with documentation of the file format. Also, recent versions of OmniPeek will include the radio information when saving in pcap format.
Related
i am trying to open and edit a file that contains some type of custom protection.
file game :gameguard.des
its from lineage2/interlude/system file.
this is not the original version though, it has been modified to block some packets sent to the server.
i've used VS2010 to open it and it shows me the memory and the contents in hex, like viewing computer memory.
here is the file attached. http://www20.zippyshare.com/v/88173717/file.html
so my question is, how can i open it viewing the code in a higher level and edit it? what tools i need to use to do that?
regards, George
This is a Win32 program. You can try to disassemble it, but it's itself a binary file and what the VS2010 is showing you is correct, because it's showing it most probably in HEX format to you.
You need to first figure out which compiler was used to compile this application, then maybe it helps you to refactor the executable.
The fact that you can not directly run this application might be just the extension, maybe if you change the extension to .exe, it runs under windows. I don't recommend it though.
I am working on my master's thesis which is about XML-HTTP DOS attacks.
I have some pcap files and DARPA dataset but I don't know how to use them to simulate DOS attacks ?
I used Wireshark to open files and it works but it shows just information.
Do I need to write a program to apply these datasets? Or already exist some tools ?
Thanks in advance
This is an example of C code used to read in a pcap file (as output by tcpdump or wireshark) with the pcap library. This code is only tested to work on my system (OS X 10.5 and gcc), so let me know if it doesn’t work on yours.
To use: install the pcap libraries on your system and compile with the “-lpcap” switch. For this program the command line arguments are a list of pcap files to read in. The program keeps track of simple byte counts and traffic volume, but illustrates the use of pcap_next and how to access the data in the packet (in this case to get at the IP header).
try this:
http://inst.eecs.berkeley.edu/~ee122/fa07/projects/p2files/packet_parser.c
or this:
http://code.google.com/p/pcapsctpspliter/issues/detail?id=6
Is there any archive format that offers the following:
be digitally sign-able with a digital certificate from a trusted source like Verisign - for preventing changes to the file (I am not referring to read only, but in case the file was changed it should no longer be signed telling the user this is not the original file)
be stream-able - be able to be opened even if not all of the content has been transferred (also not strictly linearly)
be "readable" - be able to read the data without extracting to a temporary folder (AFAIK if you open a file in a zip archive it is extracted first, and this stays true even for zip based formats like OOXML. This is not what I want)
be portable - support on at least Windows, Linux and Mac OS X is a must, or at least future support
be free of patents - Be open source - also preferably a license that allows commercial use(as far as i know GPL a share-alike license so it doesn't allow commercial use, BSD on the other hand allows it)
Note: Though it may come in handy eventually I can not think right now of a scenario that would require both point 1 and point 2 simultaneously. Or lets leave it a be able to check the signature only when the whole file was downloaded.
I am not interested in:
being able to be compressed
being supported on legacy systems
Does any existing archive format fit this description (tar evolutions like DAR and pax come to mind) ?
If there is, are there programing libraries available for the above mentioned OSs?
If not, would it be hard to create such a thing?
Usage scenario:
I want to use this to create a new media container.
Current media containers contain the audio, video and subtitle streams directly.
Matroska, currently the most advanced container, has supplementary features like attachments and menus.
The menu functionality however is not implemented and very limited.
What I want to create is one level higher.
I want to create a file similar in a way to OOXML.
Also all of the menuing should be done in web technologies like HTML5 (as it is now the tag allows for any kind of codec to be used) and CSS.
Also just like you have holograms on dvds to prove the authenticity I want to create a sign-able file
Research notes:
Before asking this question I stumbled uppon this:
Whats the best way digitally sign a zip file for download using .Net
While detached signing would be feasable for the individual files contained in this archive it is not an ellegant solution for the archive file. Not end user friendly.End users should be able to doubleclick the file to open it in a media player like VLC, and see a message that the file is legit (just like you see in a browser if the page is transmitted with SSL through HTTPS or not)
EDIT: clarified point 5
EDIT 2: added a note to clarify point 1 and 2
EDIT 3: added usage scenario
EDIT 4: added research notes section
P.S.: This is my first question on StackOverflow
I doubt that you find such format out of the box. I understand how such solution can be built with help of our SolFS, but SolFS doesn't have built-in signing (you can add signing easily).
I am trying to locate a set of source code that would allow me to open and read the contents of an Excel file on Linux from within a C program.
I dont really want to link it to OpenOffice SDK if I can find something that just does these two things.
carl
If following suites you, then You may take read routines from
Sourceforge
and write routines from
What is a simple and reliable C library for working with Excel files?
As far as I know there is no library that does this. The common method is always to save the file as CVS in Excel, although then markup etc. is lost.
You could try to use the Excel plugin of Gnumeric:
http://svn.gnome.org/viewvc/gnumeric/trunk/plugins/excel/
It works very well (inside gnumeric).
You can use xlhtml to convert the Excel files into HTML, and then use your favorite HTML parser to extract the cell data.
Check out the answers to What is the best C library that can access Excel files?
Possible things for you to look at:
C : xlsLib
C++ : LibExcel
Though I think both are write-only, which is perhaps not what you need.
Grab the xls reading code from Open Office.
why don't you just use Google Docs? With Gears it has offline support and you can edit files too, just a thought - http://docs.google.com
Check out XLSX I/O at https://sourceforge.net/projects/xlsxio/
It is a cross platform C library to read from and write to Excel .xslx files.
Works on Windows, OS X, Linux and does not require Excel or Office to be installed.
It is intended for sequential access to data in .xlsx files, so if it's only the values you are interested in this is what you need.
Suppose I have an open file. How can I detect when the file is changed by another program in the background. Some text editors can detect and update the open file if it is changed by another process.
I'm specifically asking for this with C under Linux(this seems to be OS dependent).
If you don't want to poll the file using stat, and don't mind being Linux-specific, then you can use the inotify API. Your kernel needs to be 2.6.13 or newer and glibc 2.4 or newer (which they will be if you're targeting anything from the past 2 or 3 years). The API basically gives you a file descriptor that you can poll or select, and read to get information about modified files. If your application is interactive, like an editor, then it will typically have some sort of event loop that calls select or poll, and can watch your inotify file descriptor for events.
Using inotify is generally preferable stat, because you get notifications immediately and you don't waste time and disk I/O polling when the file isn't changing. The downside is that might not work over NFS or other networked file systems, and it's not portable.
This page at IBM Developerworks gives some example C code, and the man page is the definitive reference.
use stat function. Example in the page.
Text editors I've seen on Windows and Linux have done it the same way: they don't check to see whether the file has actually changed, they just looking at the file's stat mtime.