adding scripts and names to scripts
This commit is contained in:
Stephen
@@ -0,0 +1,14 @@
|
||||
# Torrent files
|
||||
You can use this if you have a pcap file containing a torrent file and you want to put it back together</br>
|
||||
To get the pieces you need to follow the stream and get a hex</br>
|
||||
|
||||
to get the count export the pieces to a text file and use the countTorrentPieces script</br>
|
||||
|
||||
To reconstruct use this tshark command in the command line and copy and paste it into a text file</br>
|
||||
Use the readTorrentPieces to read every piece into a construct file</br>
|
||||
tshark -r torrent.pcap -Y 'bittorrent.piece.data and ip.dst_host == 192.168.29.129' -T fields -e frame.number -e frame.time -e frame.len -e ip.src_host -e bittorrent.piece.index -e bittorrent.piece.data -E separator=+</br>
|
||||
|
||||
This command will give some good details on the torrent file. Frames count IS NOT the same as the number of pieces. There can be multiple pieces in a frame.</br>
|
||||
tshark -r torrent.pcap -q -z io,stat,1,"bittorrent.piece.data and ip.dst_host == 192.168.29.129"</br>
|
||||
|
||||
Finally use the constructTorrentPieces to reconstuct the torrent file.</br>
|
||||
@@ -0,0 +1,54 @@
|
||||
# used python3
|
||||
|
||||
import re
|
||||
from ast import literal_eval
|
||||
|
||||
READ = open("pieces.txt", "r")
|
||||
construct = open("reconstruct.txt", "w")
|
||||
|
||||
lines = READ.readlines()
|
||||
|
||||
torrent = {}
|
||||
min = 100000
|
||||
max = 0
|
||||
count = 0
|
||||
fcount = 0
|
||||
|
||||
for line in lines:
|
||||
# filtering out file, just want data
|
||||
pieces = re.search(r'\+.*\+', line)
|
||||
pieces = pieces.group().strip('+')
|
||||
pieces = pieces.split(',')
|
||||
# print(pieces)
|
||||
|
||||
line = line.strip('+')
|
||||
data = re.search(r'\+.*\n', line)
|
||||
data = data.group().rstrip().strip('+')
|
||||
data = data.split(',')
|
||||
# print(data)
|
||||
|
||||
i = 0
|
||||
for piece in pieces:
|
||||
dec = literal_eval(piece)
|
||||
|
||||
if (dec > max):
|
||||
max = dec
|
||||
|
||||
if(dec < min):
|
||||
min = dec
|
||||
|
||||
torrent.update({dec:data[i]})
|
||||
fcount += 1
|
||||
i += 1
|
||||
|
||||
for i in range(min, max+1):
|
||||
x = torrent.get(i)
|
||||
construct.write(x)
|
||||
count += 1
|
||||
|
||||
print("Min was:", min)
|
||||
print("Max was:", max)
|
||||
print("fcount was", fcount)
|
||||
print("count was", count)
|
||||
|
||||
READ.close()
|
||||
@@ -0,0 +1,21 @@
|
||||
# used python3
|
||||
|
||||
import re
|
||||
|
||||
READ = open("pieces.txt", "r")
|
||||
|
||||
lines = READ.readlines()
|
||||
|
||||
count = 0
|
||||
|
||||
for line in lines:
|
||||
# using regex( findall() )
|
||||
# to extract words from string
|
||||
res = re.findall(r'\w+', line)
|
||||
|
||||
for word in res:
|
||||
if(word == "Piece"):
|
||||
count += 1
|
||||
|
||||
print(count)
|
||||
READ.close()
|
||||
@@ -0,0 +1,20 @@
|
||||
# used python3
|
||||
|
||||
import re
|
||||
|
||||
READ = open("rawOutput.txt", "r")
|
||||
construct = open("pieces.txt", "w")
|
||||
|
||||
lines = READ.readlines()
|
||||
|
||||
frames = 0
|
||||
|
||||
for line in lines:
|
||||
frames += 1
|
||||
res = re.search(r'\+0x.*', line)
|
||||
data = res.group()
|
||||
construct.write(data)
|
||||
construct.write('\n')
|
||||
|
||||
print("Done. number of frames were:", frames)
|
||||
READ.close()
|
||||
Reference in New Issue
Block a user