Closed emanuele-f closed 4 months ago
Qpp0
commented
4 months ago I have the same problem here. It seems that because these ASCII encodings correspond to Chinese characters, there is an issue with the display. Is there a way to make the Lua script support decoding to UTF-8?
emanuele-f
commented
4 months ago @Qpp0 can you try changing this line base.ASCII to base.UNICODE here in the wireshark plugin, to see if it works?
Qpp0
commented
4 months ago @Qpp0 can you try changing this line
base.ASCIItobase.UNICODEhere in the wireshark plugin, to see if it works?
@emanuele-f
I have already tried doing it,but it doesn't work.I’m not sure if it’s related to the Lua version used by Wireshark. In fact, by right-clicking on ‘appname’ and selecting ‘Show Packet Bytes,’ choosing UTF-8 encoding, it displays correctly.”
emanuele-f
commented
4 months ago @Qpp0 please try this other change, other than base.UNICODE also modify line 54 to local appname = trailer(8, 20):raw(). Here is the full diff:
diff --git a/tools/pcapdroid.lua b/tools/pcapdroid.lua
index 0cb2c52a..c0127cbf 100644
--- a/tools/pcapdroid.lua
+++ b/tools/pcapdroid.lua
@@ -30,7 +30,7 @@ local fields = {}
fields.magic = ProtoField.uint32("pcapdroid.magic", "Magic", base.HEX)
fields.uid = ProtoField.int32("pcapdroid.uid", "UID", base.DEC)
-fields.appname = ProtoField.string("pcapdroid.appname", "App name", base.ASCII)
+fields.appname = ProtoField.string("pcapdroid.appname", "App name", base.UNICODE)
pcapdroid.fields = fields
@@ -51,7 +51,7 @@ function pcapdroid.dissector(buffer, pinfo, tree)
return
end
- local appname = trailer(8, 20):string()
+ local appname = trailer(8, 20):raw()
local subtree = tree:add(pcapdroid, buffer(), string.format("PCAPdroid, App: %s", appname))
subtree:add(fields.magic, trailer(0, 4))local appname = trailer(8, 20):raw()
Problem solved!
emanuele-f
commented
4 months ago Thanks for confirming
See https://github.com/emanuele-f/PCAPdroid/issues/428#issuecomment-2097458571