Support for File type:"Wireshark - nanosecond libpcap" #14
Description
Having an issue after a recent upgrade.
Captipper works fine as along as capinfos shows the filetype as : 'Wireshark/tcpdump... - libpcap' but not if it's 'Wireshark - nanosecond libpcap'
See details below.
Works
File name: tmp1.pcap
File type: Wireshark/tcpdump/... - pcap
File encapsulation: Ethernet
Packet size limit: file hdr: 65535 bytes
Number of packets: 374
File size: 389 kB
Data size: 383 kB
Capture duration: 36 seconds
Start time: Thu Mar 3 09:37:30 2016
End time: Thu Mar 3 09:38:06 2016
Data byte rate: 10 kBps
Data bit rate: 85 kbps
Average packet size: 1024.82 bytes
Average packet rate: 10 packets/sec
SHA1: 3f5cdb3731a1c995959c3a4edd66168f03d96096
RIPEMD160: e8b732f88061521a9c7b2de5d428de4b05bf945e
MD5: 1168b1ff64f5c4d540a9e371c0d7ebff
Strict time order: True
Does not work
File name: tmp.pcap
File type: Wireshark - nanosecond libpcap
File encapsulation: Ethernet
Packet size limit: file hdr: 1536 bytes
Number of packets: 8
File size: 1264 bytes
Data size: 1112 bytes
Capture duration: 22 seconds
Start time: Thu Mar 3 09:26:32 2016
End time: Thu Mar 3 09:26:54 2016
Data byte rate: 49 bytes/s
Data bit rate: 396 bits/s
Average packet size: 139.00 bytes
Average packet rate: 0 packets/sec
SHA1: 5c41dfee0f69d5562d960fba8a064ad17e186aeb
RIPEMD160: 726ca7ba2c233b968ac3d0e19c380059a622679b
MD5: ec922f94e3d98e6bca066d75c65ce24e
Strict time order: True
Actual Error message:
~/Desktop/CapTipper $ python CapTipper.py tmp.pcap
CapTipper v0.3 b11 - Malicious HTTP traffic explorer tool
Copyright 2015 Omri Herscovici omriher@gmail.com[A] Analyzing PCAP: tmp.pcap
unknown file format.