• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 577
  • Last Modified:

Writing payload to a file

Hi guys,

Related to this question:


How can the payload be written out to another memory location or written to a disk.

Specifically I would like to emulate stream behaviour with the packets that come from pcap.
1 Solution
For writing to a file, I recommend the pcap file format (it's pretty much the standard, so you'll be able to open and use the file with many other tools) :


Fortunately, the pcap library comes with functions to help with this :

        pcap_dump_open : opens a pcap file for writing
        pcap_dump : writes a packet to that file
        pcap_dump_close : closes the pcap file

If you just want to copy the payload to a memory buffer, you can simply use memcpy :

        memcpy(buffer, payload, payload_size);

Make sure that the buffer is large enough.

Take note of the 'off' member of the IP header, which indicates the offset of the data when it's spread out over multiple packets.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free tool for managing users' photos in Office 365

Easily upload multiple users’ photos to Office 365. Manage them with an intuitive GUI and use handy built-in cropping and resizing options. Link photos with users based on Azure AD attributes. Free tool!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now