Advertisement
easternnl

Analysing a cap/capng file in Batch with Wireshark (alpha)

Sep 14th, 2018
543
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Batch 0.73 KB | None | 0 0
  1. @echo off
  2.  
  3. set filename=%1
  4. set tshark=C:\tools\wireshark2\tshark.exe
  5. set sort=C:\tools\GnuWin32\bin\sort
  6. echo %filename%
  7. echo.
  8.  
  9. echo Fileinfo
  10.  
  11. C:\tools\Wireshark2\capinfos.exe %filename%
  12.  
  13. echo Statistics
  14. %tshark% -r %filename% -q -z conv,ip
  15.  
  16.  
  17. echo Number of SSL sessions in file:
  18. %tshark%  -T fields -e ssl.handshake.session_id -r %filename% | %sort% -n | uniq | wc -l
  19.  
  20.  
  21. echo TCP Streams in file:
  22. %tshark%  -T fields -e tcp.stream -r %filename% | %sort% -n | uniq | wc -l
  23.  
  24. rem echo TCP length of IP packet
  25. rem %tshark% -T fields -e frame.number -e ip.addr -e ip.len -r %filename%
  26.  
  27. rem Display ping times:
  28. rem %tshark% -r %filename% -Tfields -e frame.time_relative -e ip.addr -e tcp.analysis.ack_rtt -2 -R ip.dst==yourlocalip
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement