Yes, we can obtain the output of Wireshark in 4 lines of code. However, this output is not properly formatted (it is not collapsible). Please come up with some scrips to properly format the output of Pyshark to make it readable for the users. Do not hesitate to be creative! You can start on the ethernet layer of this packet. If you have some time, please format the output of the other layers as well.
How to get the Pyshark output you ask? I did it in this short script
We first need to convert the hexdumps to pcap files using text2pcap.
Use Pyshark's FileCapture function to convert pcap to the desired text output.
As usual, setup is pretty annoying. Make sure to install the command line version of Wireshark. This can be done with brew install on Mac. Here are the steps:
Set up brew
get rid of old wireshark. Delete app and run brew uninstall --force wireshark to be safe
Install wireshark by running brew install wireshark and brew install --cask wireshark
Check that it worked brew info --cask wireshark
Add an alias to your path directory alias wireshark='/Applications/Wireshark.app/Contents/MacOS/Wireshark'
Yes, we can obtain the output of Wireshark in 4 lines of code. However, this output is not properly formatted (it is not collapsible). Please come up with some scrips to properly format the output of Pyshark to make it readable for the users. Do not hesitate to be creative! You can start on the ethernet layer of this packet. If you have some time, please format the output of the other layers as well.
How to get the Pyshark output you ask? I did it in this short script
We first need to convert the hexdumps to pcap files using text2pcap.
Use Pyshark's
FileCapture
function to convert pcap to the desired text output.As usual, setup is pretty annoying. Make sure to install the command line version of Wireshark. This can be done with brew install on Mac. Here are the steps: