Hello
im looking for a tool that can automate ICMP Fragmentation packets. i have this pcap that contains fragmented ICMP Packets that contain an .xlsx file now instead of manually reassemble the fragments im looking for a tool that can automate this process. any ideas?
This should be fairly straight forward. There are plenty of python libraries for parsing pcap files, you can the extract the individual payloads. If there's sequence information in the headers is reliable then reassembly is trivial, otherwise you can use some heuristics given it's a known file format.
Best
Gareth
PS - this sounds like a student coursework!
PPS - if we're talking a small number of packets <20 then it is probably quicker to do by hand using wireshark.
thanks for your replay. do you have any pointers on which python libs are out there that can do that? scapy? regarding the manual approach, how can i do that via wireshark? id need to use an HEX editor to remove all the header and footer of the protocol and leave just the payload.
I don't have any recommendations for a python lib - any will probably do you're not doing anything difficult.
The way you stated for wireshark is the only one I know - if you find a quicker way let me know!