This shows you the differences between two versions of the page.
| — |
unsniff:samples:pdudrill:ruby [2014/09/11 23:23] (current) |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| + | <file ruby pdudrull.rb> | ||
| + | # ------------------------------------------------------------------ | ||
| + | # pdudrill.rb Print all fields in a PDU (drilldown) | ||
| + | # usage : pdudrill <capture-file> <pduid> | ||
| + | # | ||
| + | # | ||
| + | # ------------------------------------------------------------------ | ||
| + | require 'win32ole' | ||
| + | USAGE = "pdudrill <capture-filename> <pdu-id>" | ||
| + | |||
| + | |||
| + | # function printField | ||
| + | # Formats and prints a field (also subfields if present) | ||
| + | # | ||
| + | def printField(indent, field) | ||
| + | pad = " "*indent | ||
| + | print pad | ||
| + | print "#{field.Name}\t\t #{field.Value} \n" | ||
| + | |||
| + | if field.SubFieldCount > 0 | ||
| + | field.SubFields.each { |f| printField(indent+2, f) } | ||
| + | end | ||
| + | end | ||
| + | |||
| + | |||
| + | if ARGV.length != 2 | ||
| + | puts USAGE | ||
| + | exit 1 | ||
| + | end | ||
| + | |||
| + | InputFile = ARGV[0] | ||
| + | PduID = ARGV[1] | ||
| + | UnsniffDB = WIN32OLE.new("Unsniff.Database") | ||
| + | UnsniffDB.Open(InputFile) | ||
| + | |||
| + | |||
| + | PDU = UnsniffDB.PDUIndex(PduID) | ||
| + | PDU.Fields.each { |field| printField(1,field) } | ||
| + | |||
| + | UnsniffDB.Close() | ||
| + | </file> | ||