Decrypt KLAP data from PCAP files (#1041)

Allows for decryption of pcap files capturing klap communication with devices.
This commit is contained in:
Carter Strickland
2024-07-15 07:18:43 -05:00
committed by GitHub
parent a2b7daa069
commit 7e9b1687d0
3 changed files with 335 additions and 0 deletions

View File

@@ -99,3 +99,30 @@ id
New parser, parsing 100000 messages took 0.6339647499989951 seconds
Old parser, parsing 100000 messages took 9.473990250000497 seconds
```
## parse_pcap_klap
* A tool to allow KLAP data to be exported, in JSON, from a PCAP file of encrypted requests.
* NOTE: must install pyshark (`pip install pyshark`).
* pyshark requires Wireshark or tshark to be installed on windows and tshark to be installed
on linux (`apt get tshark`)
```shell
Usage: parse_pcap_klap.py [OPTIONS]
Export KLAP data in JSON format from a PCAP file.
Options:
--host TEXT the IP of the smart device as it appears in the pcap
file. [required]
--username TEXT Username/email address to authenticate to device.
[required]
--password TEXT Password to use to authenticate to device.
[required]
--pcap-file-path TEXT The path to the pcap file to parse. [required]
-o, --output TEXT The name of the output file, relative to the current
directory.
--help Show this message and exit.
```