Is there a way to convert byte arrays to PyShark dataframe?

0
votes

I used scapy to sniff packets, but Scapy can't return the packet info like PyShark(Wireshark). For example:

>>> cap = pyshark.FileCapture('test.pcap', only_summaries=True)
>>> cap[1].info
'FTP Data: 1460 bytes'

>>> cap[2].info
'Response: 150 Opening BINARY mode data connection for Notes chapter2.pdf(14868284 bytes)'

>>> type(cap[2])
<class 'pyshark.packet.packet_summary.PacketSummary'>

This feature is what I really want, but I only have packet raw byte array or Scapy dataframe. Is it a solution to convert byte array to PyShark dataframe? Because my computer has weird issues when sniffing using PyShark.

1
pythonwiresharkscapypacket-snifferspyshark

1 Answers

1
votes

If you have the packet as a byte variable, you can read it in Pyshark with:

c = pyshark.InMemCapture()
c.parse_packet(binary_packet)
c.parse_packets(list_of_binary_packets) # More efficient