1) Download videosnarf
Download the tar file:
videosnarf-0.63.tar.gz
http://sourceforge.net/projects/ucsniff/files/
2) Build and Compile VideoSnarf
Extract file above
cd videosnarf-(version)
./configure
make
make install
3) Download FFmpeg
Download the tar file
ffmpeg-0.6.tar.gz
http://ffmpeg.org/download.html
4) Build and Compile FFmpeg
Extract file above
cd ffmpeg-(version)
./configure
make
make install
5) Obtain packet capture using Wireshark and then filter it by source IP address and UDP port
Once you have filtered packet capture, Save As this filtered packet capture as new file containing only the stream you want to replay (Use Save As and then Selected Displayed packets)
6) Use Videosnarf to detect RTP streams in the packet capture
videosnarf -i filename.pcap -c
Will generate H264-media-1.264 file
7) Use FFMPEG to convert H264 file to AVI video
ffmpeg -i H264-media-1.264 myvideo.avi
8) Play your video.avi in your favorite video player
Very helpful blog. Thanks!!. I tested it on debian 5.0(downloaded from http://www.vmware.com/appliances/directory/va/95763/download) and it worked great. I had to install the following packages for 'make' and 'make install' commands to work successfully.
ReplyDeletedebian50chrysaor:~# apt-get install libpcap-dev
debian50chrysaor:~# apt-get install libnet1-dev
Also, I had to spend some time to get the devID of my usb flash drive, here is the command to do that.
debian50chrysaor:~# ls -la /dev/disk/by-id/usb-*
lrwxrwxrwx 1 root root 9 2010-09-18 12:23 /dev/disk/by-id/usb-Kingston_DataTraveler_2.0_5B761D9C2C76-0:0 -> ../../sdb
After that, i could mount/umount the usb drive easily.
mount /dev/sdb /mnt/usbdrive
umount /dev/sdb /mnt/usbdrive
--Tapan Gautam
Is there a smiliar tool for H263 that reads a offline pcap file ?
ReplyDelete