-
Notifications
You must be signed in to change notification settings - Fork 52
/
SSPTemplate.bt
executable file
·66 lines (55 loc) · 1.62 KB
/
SSPTemplate.bt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
//---------------------------------------------------------------
//--- 010 Editor v3.2 Binary Template
//
// File: SSPTemplate.bt
// Author: ThangCuAnh (TQN) - HVA
// Revision: 0.1, prototypes
// Date: 2010/10/09
// Purpose: Define a template for parsing SmartSniff Packet file
// References: http://www.nirsoft.net/utils/smsniff.html
//---------------------------------------------------------------
typedef BYTE IP_ADDRESS[4] <read = IP2Str>;
typedef BYTE MAC_ADDRESS[6] <read = MAC2Str>;
string IP2Str(IP_ADDRESS ip)
{
string strReturn;
SPrintf(strReturn, "IP: %02d.%02d.%02d.%02d", ip[0], ip[1], ip[2], ip[3]);
return strReturn;
}
typedef struct {
char signature[8]; // SMSNF200
WORD numberOfBytesInHeader;
IP_ADDRESS IP;
if ((Strcmp(signature, "SMSNF200") != 0) || (numberOfBytesInHeader != 4))
{
Warning("Not a valid SmartSniff Packet file");
return -1;
}
} SSP_HEADER;
typedef struct {
WORD packetHeaderSize;
if (packetHeaderSize != 0x18)
{
Waring("Invalid packetHeaderSize");
return -1;
}
DWORD numberOfReceivedBytes;
FILETIME fileTime;
MAC_ADDRESS sourceMAC;
MAC_ADDRESS destMAC;
BYTE packet[numberOfReceivedBytes] <fgcolor = cRed, bgcolor= cYellow>;
} SSP_PACKET;
string MAC2Str(MAC_ADDRESS mac)
{
string strReturn;
SPrintf(strReturn, "%02X-%02X-%02X-%02X-%02X-%02X", mac[0], mac[1], mac[2], mac[3], mac[4], mac[5]);
return strReturn;
}
// Define the headers
LittleEndian();
SSP_HEADER header;
while (!FEof())
{
SSP_PACKET record;
}
return 1;