RobertLarsen · September 9, 2015 08:36
diff --git a/base64_to_pcap.py b/base64_to_pcap.py
 #!/usr/bin/env python2

 import base64, struct, sys

 if len(sys.argv) > 1:
    try:
        binary = base64.decodestring(sys.argv[1])
        #File header
        sys.stdout.write(struct.pack("IHHIIII", 
                            0xa1b2c3d4,  # Magic
                            2,           # Major
                            4,           # Minor
                            0,           # This zone
                            0,           # Sigfigs
                            0xffffffff,  # Snaplen
                            1            # DataLink type (Ethernet)
        ))
        
        #Record header
        sys.stdout.write(struct.pack("IIII",
                            0,           # Timestamp seconds
                            0,           # Timestamp microseconds
                            len(binary), # Length of packet in file
                            len(binary)  # Original length of packet
        ))
        
        #Record data
        sys.stdout.write(binary)
    except:
        sys.stderr.write('Invalid base64\n')
 else:
    sys.stdout.write("Usage: %s <base64>\n" % sys.argv[0])
	#!/usr/bin/env python2

	import base64, struct, sys

	if len(sys.argv) > 1:
	try:
	binary = base64.decodestring(sys.argv[1])
	#File header
	sys.stdout.write(struct.pack("IHHIIII",
	0xa1b2c3d4, # Magic
	2, # Major
	4, # Minor
	0, # This zone
	0, # Sigfigs
	0xffffffff, # Snaplen
	1 # DataLink type (Ethernet)
	))

	#Record header
	sys.stdout.write(struct.pack("IIII",
	0, # Timestamp seconds
	0, # Timestamp microseconds
	len(binary), # Length of packet in file
	len(binary) # Original length of packet
	))

	#Record data
	sys.stdout.write(binary)
	except:
	sys.stderr.write('Invalid base64\n')
	else:
	sys.stdout.write("Usage: %s <base64>\n" % sys.argv[0])