Questions tagged [pyshark]

0

votes
0

answer
6

Views

Pyshark library memory issue

I Would like some help on managing memory consumption of pyshark library. Using it creates an effect of requiring more memory as you process more pcap files. I guess that something is no dereferenced and thus stays in memory forever. For example if you run this script with any pcap file, you will se...
Ciro Alvaro
2

votes
0

answer
25

Views

I am trying to capture packets from a raspberry pi for just a second to get the packets per second ratio

import pyshark capture = pyshark.LiveCapture(interface = 'wlan0') capture.sniff(timeout=1) print(capture) I get this as result: "LiveCapture (0 packets)" But how is possible to get 0 packets all the time?
1

votes
1

answer
452

Views

How to print all destination ports and source ports in the PCAP file?

import pyshark pkts = pyshark.FileCapture("test.pcap") for p in pkts: print I am trying to print all destination ports and source ports in the PCAP file. How could I do it?
Ed S
3

votes
2

answer
425

Views

Pyshark: can only get first field value if same key name (field name) show multiple entries with different value

I am using Pyshark to parse Wireshark sniffer log, and I used exported Json format file (based on pcapny file) to find field names when use 'get_field_value' function to retrieve field value. For example, in order to get BSSID value: In Json format file, this info is displayed as "wlan.bssid": "11:...
Alex Wang
2

votes
1

answer
1.2k

Views

Python 3.4.3 - Error Pyshark capture.sniff()

Here is my code: import pyshark capture = pyshark.LiveCapture(interface='en0') capture.sniff() Now here is the error: Traceback (most recent call last): File "", line 1, in capture.sniff() File "/Library/Frameworks/Python.framework/Versions/3.4/lib/python3.4/site-packages/pyshark/capture/capture.p...
Bob Ebert
5

votes
0

answer
494

Views

pyshark can not capture the packet on windows 7 (python)

I want to capture the packet using pyshark. but I could not capture the packet on windows 7. this is my python code import pyshark def NetCap(): print 'capturing...' livecapture = pyshark.LiveCapture(interface="eth0", output_file='./test.pcapng') livecapture.sniff(packet_count=10) print 'end of cap...
D.S Choi
2

votes
1

answer
287

Views

Pyshark FileCapture doesn't work

I'm new with pyshark, and I write a sample code by searching on the tutorial import pyshark cap = pyshark.FileCapture("input.cap") cap_1 = cap[0] and then it give me an error /Users/tingyugu/anaconda3/bin/python /Users/tingyugu/PycharmProjects/final/test.py Traceback (most recent call last): File "/...
tingyu gu
5

votes
2

answer
1.9k

Views

Get full hexdump of parsed packet in Pyshark

I am using Pyshark to parse packet from pcap file. I have object of parsed packet. Separately I can get hex_value of each fields after changed raw_mode attribute to True. >>> packet = pyshark.FileCapture("ip_packet.pcap") >>> packet_1 = packet[0] >>> packet_1.layers() [, , ] >>> packet_1.ip.addr '...
Misha
2

votes
1

answer
161

Views

error while running cap.sniff(), live packets pyshark

while running the cap.sniff(timeout=20),pyshark in python, i got the following errorTraceback (most recent call last): File "", line 1, in File "C:\Users\user\AppData\Local\Programs\Python\Python36-32\lib\site-packages\pyshark\capture\capture.py", line 132, in load_packets self.apply_on_packets(kee...
user3306040
2

votes
0

answer
131

Views

OSX PyShark: RuntimeWarning: coroutine 'wait_for' was never awaited

I was wondering if anyone around here might know what causes this issue. I keep getting this error on OSX High Sierra, while running a python script which uses the pyshark library. I am running Tshark 2.6.2 Python 3.7.0 PyShark 0.4.1 The error: /usr/local/lib/python3.7/site-packages/pyshark-0.4.1-...
Erik van de Ven
2

votes
3

answer
2.3k

Views

Count the number of packets with pyshark

In this code with pyshark import pyshark cap = pyshark.FileCapture(filename) i = 0 for idx, packet in enumerate(cap): i += 1 print i print len(cap._packets) i and len(cap._packets) give two different results. Why is that?
Bob
5

votes
3

answer
3.9k

Views

pyshark - data from TCP packet

Is there anyway to get the payload of a TCP packet using pyshark? I am trying to compare the data sections of different packets across multiple TCP streams but I can't find a way to get at the data of the packet. pkt['tcp'].data does not seem to exist.
Cru Jones
1

votes
1

answer
245

Views

using pyshark on python 2.7 encounter lxml.etree.XMLSyntaxError

This is really a simple script written in python, which I can run it normally on Linux. But when I moved it to Windows, there is a strange error. I wish some helps. Before running the code, I have made some preparation for the environment: 1. Install Microsoft Visual C++ Compiler for python 2.7 2. I...
mortimer