This is our old Q&A Site. Please post any new questions and answers at ask.wireshark.org.

Hi,

I am working on a project for a professor to collect smb packet headers on university network. Due to security reasons uid, mid, file path, etc. needs to be one-way encrypted.

I was wondering if anyone can help me figure out how i can modify these header fields in the dissected tree directly that is returned by libwireshark (edt->tree) before i can save this header to a pcap or a simple xml file with header in hex format.

Thank You

asked 25 Mar '11, 04:55

hetul317's gravatar image

hetul317
1111
accept rate: 0%


You cannot change data with Wireshark. You should add a program that modifies the files after you have saved them.

permanent link

answered 27 Mar '11, 11:07

harper's gravatar image

harper
312
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×205
×52
×6
×3

question asked: 25 Mar '11, 04:55

question was seen: 4,778 times

last updated: 27 Mar '11, 11:07

p​o​w​e​r​e​d by O​S​Q​A