Giters

double-free / pcap-udp

Draft code to extract udp payload from a pcap packet.

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

pcap-udp

Draft code to extract udp payload from a pcap packet.

from 172.27.129, Epoch Time: 1587604544.352389000 seconds

000000000000098c07db00000002000000000000054e006400000100000020290000065e0000065e789c8d995d6c145514c76776b7ed160629088a8852b15844d0f9d8d99dc5a2085189415315454d0d246840e5a10f406ae2432560349a5003288446ab890f2642aae9830ac24a2b22082e52a5026241502814cb57f92ae0b2e70eb9373dfcb9fb72939dfce67cde73cfb963bc6bc496361886e115ed36f2bfbe5fdb8e63e77ec97469a963bba5f4f7c585b476cc708d475bc62e583d37eef642bfc9a19e6dbbe9a48c1e6c0c51e7dae8b784fa294742e3031ae8f13c1ba06b08b5dd942c75597d7e31a7d70185d70a856d5f42cdd58334a47ec74a5dbe5643ea3a165db947035dcf2abc7979a8304033f9b8ba69570e8ef9d9100df47b56eaae4003ddc04a5d3545036d26d475e544348361f975515503405b28873dcf93d0a25d5df4b8bc04a03f7068fcc9291ae84652d8516d9dd3468feb2700f447169d5faf816e126ef2e5e0188b33b4365702f427423d5741175c4d7f806e166820e7b0992d1141aa05e816f270a04a5d1827f42d14d79fd90273e22cadb0366d65a52eea21a970d36d63a59edfa421f517929a0e941c7eb55623ae59169d1f68a0db49612f19c8e862813e510acadaafacd437bb34a4ee203461cb253cea1d0da502b495455fe8d1407f235b130945e1a7e7d2da9a01e8ef94c349c556e3fd265a9b2b819b76129ab06d193d1768a06d62abdb0959e1319b420f03f40f72939f945163265589f8577500dd25f66b8e92abff1bb4c24db79b505b51d8583b390c0e90ba47a08192884b0e6948fd93453f6ad340f7b2d9549ea5c7b084ffc5a2d36a34d0f6109515360e5159c355621f8b760fd140f78b947095e09cabd750f86fd6c3ab6b343c7c40e4b023bb2932ab41033d0872b8e0e43a944dffb0b6869d29b4f55f0e35cd391ae8a11c9a4b7edf971b02a389dc145bd20ed0c3ac9b1ec96ab8a9431498a4bc5f23af88930e56c4236c457c7629adb0221e25a98152d6a293dea3c7b097e8144d6d4a29a63ba6e697c2a1a82138c606a760aa4670fe63d1e20a0db48b75d3f34d1a6e3a2e0e0e5be9d61cea9bfaa4d1d8708255b85f9986c227590f6f9fa1e1e153acad55ad1ab69e66151e606928dc2d7238b07b9f7491bdb3b2c04d6710baac135589b300352f1f6b04e83980169cde6700f4bc985f03b94ac456d038885be90bc2c3be5c25cc51edf418b65c3da098c6ecb66aa0f045b2d577e4026374b4d00a3b984b646b2a90d3bf6863458802852fb3b64eb2ae6fab6584b62aa85525140787a465b2e8f05a0da911745c7535b62b6efa38f7e7c4ab683487867132c4aff7abe877255889f055bdde14bbfa262b72bd375d514a7e936a4e011bbad7275f3f7456a1f0445a6952321ab39755c4a2d91e0d34cea6e9411ac7adaa926ba7a955ccda3a7a8686ad7d44a94d2a135feb81fc02eba5d5972db5e344df1ad402852d72534a1d513fa0c55cd508a4f623a98e2b971f730d6d8e683f3054583788892fa5d8ba65618802a9fdc3a142b90418418500f6375689b865546f2d9a9b34d001ac9b3eacd370d34011d78492881b68448dbf540dd01bc3ca254b8dbc56162a0c3c3c28545809cec07a0d74309a330b6723f4263611a79fa215e6f0cd2c3ab346c3c34358f4e5ac067a8be8963dc5d62fc5115a8eb6fa5021d59713b1f0397253ff8928876f451e8e9e411e1e86c6f18a25a0bfb16e1389e807ccce195f6c00856f0fb7ba9288a5651ab60e171e0e947bdcd68c86874b85ad8e72675d5d4b6eca82eb33eb0e71f3a696f0794bc50aba656b0468c88c49eb3300bd93bd02fe84ca5a6e6c0368197b053cf86db21556c491c2c36939256231baf0282e479bee2ed469743e830e8e72846edb0efa566b94385f53ca9cb9ff8b506180de2d12

from 172.27.129 Epoch Time: 1587604544.352391000 seconds

000000000000098c07db00000002000000010000012651392423d5a236a179c41acd498dc6eb4490c0746bdd23465457b9c85a417d2b4eff3142aa27b781c6e1449812001dcba29dc334d07bb90ec68cd18dea9c2d68e7dc0753623318652c5b8ca89ebc5f23c333f4d44705c661bfbb94575290e05677c30f0a8a9bb6d260fce23ba8e5f2d8836336b9091f1c09719195542ae2c313e8319abd2c9fa4263dd9c3d1cf29aeb8334db2674e9a3c9c4b7f109c148bfa6d1a68107eed51b2690add32f67d0cf54de9b00d51ee0f8e8cd2b0751c8b5ea8d340ef1783b1d2fb8fbc54170607d85ac16ebae3b1fc82abc47816ed6ecf2fb80e3fc006c7a1442c9886147e90ae0a6df5a47b8a9a1f7ce64c10fdb0723f1fdd49b52957d600fa9068e095e3caf854e4303cd527b2b78c8fd3c713e512e07f37d3e5d84c5e1213

from 172.27.1, unix epoch: 1587604544.351407000

000000000000098c07db0000000100000000000003b0006400000100000010d50000039a0000039a789c9d974d48545114c7ef1bc74cd4fcc8cc4ceb55d65869bdaf79f35e594dd3879a65535a6d8284825ab430c24db5888836150c2a61308b69532d328236212d0227080a148a0ada48b4988240a2a2e8831ef7dc57f7d2ed70e96d0ebccb8f73cfb9ff73eeb9a48b4447728410bbe415a15fd91cc3342dc388c76d5d370d4b87df370f52a33d7b60928e7cdbb9db277f5a7fa195016a1896e3f93c3a36404da46bc6fa375a455123ee3a3c7a384b8d5ea6235eabffdf6b0da0b623781dbd4f4dc935ccebdc00b5831d3b090ed59c51588e5521682da0a6eb7268a4fb0d2cf7605ee7419a12167f385adb476a8ba63248ac7510ab6ff3698a68b7c09e20083a1fbcfa3e1f6b647c204c1382d6b373b5840c7fcd866942d005ec70843491a7f7a8a94c2511b40150cb3638b4f880a170380ba51bfe715e61c38dac723c933f9ccfa026329146bc3649d16f53d44687a71174116cd8b3f83469875a61398ba5693108d1b605355ded87e541034175403dcbe3d0a214a0cdef310d2f611a161bccd1023541bd22e8529986b5bb2d602fe4107419a0a2572dca50b4ad35870d865793d6fa48c1eb720cc54b7d8514ad8334e16a8ac934ac69c76119d5700b78357d1e2dca57518b97fa4af01ad01c1aad19013b3c8da0aba41b2eee53d8f06a2cc3751d58865ba51b6ed215626d63bd29ee096aba144a0241d7b00c7b711e9da98765b4e8d6b2b6266c583b5508bd22b11accab29145dfbefca41bc9ae19dc36f980c9d0169542411af9634c331b873f0166ecb324cde8e2ac4ea001adccd3c3aed29c41a6757b378bf4e7686b122a82b459fa715d08454fea5edb08ccadf93cabfbe965a7c82f1a587e364140e671da0aecba3e4c6176a4af3d82cb15e9aa677398534b587a82089cb4fc25811748314cd342ba01ba5e895230ae826297af1a5029a04d4f2f8918b4cce8643429be96629fa22a780a6d81822dcafa4f73b1c125a395ba4685fbf02ba1534ec260449f85074a583d8f0b34d2ac4ebc720d6d79810b74bd3f4b8a090a60e401d4b18a5c7cb1562ed44aeab88338c35d32e403d93efc391d3ac857b67117407f36a0b2d3c9b840cc7b0e1a75bda9b2aa072f0deb4538a56972ba0bb580b77f979987c800633ab018bb507d0b8f0a60bde37f4c38b6e37f2082dfe348409312d977f1ebca38fd03dec7e4d082fc982ca9db3973518615ad31afba9c55b78af14adcd28a4a98f3d1bc431e4218b191d6af7b10cfb4247646fbae05c11affbd923d4109e486377607922fd07fd058c28382e1622b6c2

take aways:

  • for the same channel, different feed has an independent sequence id. So DO NOT USE it to drop packet

About

Draft code to extract udp payload from a pcap packet.

Languages

Language:C++ 80.2%Language:Python 16.3%Language:CMake 2.5%Language:Dockerfile 1.0%