wireshark text2pcap generate ranap/map pcap files_wireshark中的text2cap-优快云博客

本文链接：https://blog.youkuaiyun.com/nomad2/article/details/5570665

本文介绍如何为RANAP和TCAP协议构造数据包，包括所需添加的头部信息，并通过具体实例展示了不同协议的数据包结构。最后，介绍了如何使用特定命令将这些数据转换成pcap文件。

摘要生成于 C知道，由 DeepSeek-R1 满血版支持，前往体验 >

1. for ranap, need adding the following headers (2 pcap data examples)

sctp data chunk

0000   00 03 00 98 00 00 00 00 00 00 00 00 00 00 00 02
0000   00 03 00 54 00 00 00 00 00 00 00 00 00 00 00 02

98 = all data length (sctp + m3 + m2 + sccp)

88 = m3 + m2 + sccp

80 = m3 + m2 + sccp - m3 header (01 00 06 01 00 00 00 88)

m2ua

0000   01 00 06 01    00 00 00 88   03 00    00 80
0000   01 00 06 01    00 00 00 44   03 00    00 3c

mtp3

0000   83 09 88 04 04
0000   83 09 88 04 04

sccp

0000   09 00 03 07 0b 04 43 09 08 8e 04 43 12 10 8e   67
0000   09 00 03 07 0b 04 43 09 08 8e 04 43 12 10 8e   23

2. for map/tcap, need to add the following headers,

sctp data chunk

0000   00 03 00 84 00 00 00 00 00 00 00 00 00 00 00 02
0000   00 03 00 a8 00 00 00 00 00 00 00 00 00 00 00 02

m2ua

0000   01 00 06 01   00 00 00 74 03 00   00 6c
0000   01 00 06 01   00 00 00 98 03 00   00 8d

mtp3

0000   83 09 88 04 04
0000   83 09 88 04 04

sccp

0000   09 00 03 07 0b 04 43 09 08 08 04 43 12 10 06 53
0000   09 00 03 07 0b 04 43 09 08 08 04 43 12 10 06 74

3. then use cmd 'text2pcap -s 2904,2904,0 -o hex a a.pcap' to generate the pcap from with the RANAP/TCAP data.