So you've got Wireshark traces that you need to send to another party. Due to security reasons, they're not supposed to know the IP addresses, MSISDNs and IMSIs that are inside the packets. AFAIK, Wireshark has no feature to mask certain fields. The next best thing? Use a hex editor.
Not sure if UltraEdit can cut it, but the one I've tried is a freeware called HxD. Load a Wireshark trace, do a hex search and replace, then save. Easy as that. Of course, the header checksums will now be incorrect. For that, you'll need another tool called Bit-Twist. Aside from correcting checksums, you also use it to replace/edit fields in the Ethernet, IP, TCP, UDP, ICMP, and ARP headers.
No comments:
Post a Comment