Need to convert bytearray into text2pcap format

Hi,

I'm looking for a method to add hex increments as a first column to the following file.

Something like this:

0000
0010
0020
0030
0040
0050
0060
0070
0080
0090
00a0
00b0
00c0
00d0
00e0

I have the following logic, but am unsure how to get counter=hex value, and increment the hex value.

Can I please get some assistance around this?

$ awk 'BEGIN {counter=10} {print counter, $0; counter++}' capture.txt
10 84 78 ac 54 99 e4 bc 05 1d a2 00 62 00 c0 a2 00
11 00 fc 00 0c 29 15 6c c6 a8 9d 21 93 2b 90 81 00
12 02 6c 08 00 45 00 05 98 e5 5a 00 00 fe 11 11 ed
13 c0 a8 15 06 ac 11 3e 4d d6 d7 08 07 05 84 2d 8e
14 00 09 00 0d 60 b1 29 8d 5d 12 c8 10 32 f8 3a 00
15 00 00 00 00 01 09 00 88 d6 0f a5 f6 67 13 da 1e
16 ca da 00 17 11 38 88 c5 03 e1 00 06 06 00 00 67
17 13 da 1e 11 38 88 c5 ca da 03 e1 02 07 f0 00 00
18 01 6b 91 5d 81 06 00 00 00 00 00 00 05 24 00 00
19 00 00 00 00 1f 9d 00 00 00 00 00 00 00 1b 00 00
20 00 00 00 00 00 12 00 00 01 6b 91 5d 12 20 04 71
21 c2 50 26 5c 0a 8e 55 56 f9 1d 00 00 00 00 00 00
22 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
23 00 00 00 00 00 00 00 00 00 00 00 00 01 07 01 08
24 d6 0f 9e 69 67 13 da 1e 13 da 1e 11 38 88 c5 65

Thanks.

Try

awk '{printf "%04x %s\n", counter, $0; counter += NF}'  file
0000 84 78 ac 54 99 e4 bc 05 1d a2 00 62 00 c0 a2 00
0010 00 fc 00 0c 29 15 6c c6 a8 9d 21 93 2b 90 81 00
0020 02 6c 08 00 45 00 05 98 e5 5a 00 00 fe 11 11 ed
.
.
.

Hi RudiC,

That works perfectly.

awk '{printf "%04x %s\n", counter, $0; counter += NF}' capture.txt

From what I understand, %04x pads the first element with 0s to make up 4 digits in hex, and is assigned to variable counter. After this, we print the rest of the line as a string.

However I cannot understand why we need counter+=NF in this case, as NF should be 16. Can you please explain this logic? Can we use something else to accomplish this (i.e for loop).

Thanks.

Yes

No. It's used as printf 's "format string" to be used for variable counter

YES, be aware of the strike through.

[quote]
However I cannot understand why we need counter+=NF in this case, as NF should be 16. Can you please explain this logic?

[quote]
The counter in fact is a pointer into the file, starting at the zeroth byte, then at the 16th, etc. Thus adding the line length (better: line's byte count) keeps the pointer pointing to the correct file position.

What?

Hi RudiC,

Interesting to know - when you say a pointer do you mean a pointer, say in the C programming language? Or just a pointer to the location.

In terms of for loop, I was wondering whether we could change the syntax to be more verbose like this:

awk -v counter=0000 'BEGIN { for (i = 1; i <= NR; ++i) printf "%04x %s\n, ", counter, $0; counter+=10}'

Additionally I'm not sure what part of the awk statement tells the first column to increment by 10, i.e. from 0000 to 0010. That's why I put a counter+=10 above.

Thanks.

Those 0000 and 0010 are hexadecimals, and the difference is 16. That's why I added NF which is the count of the 16 line elements. The scriptwould work with 14, 15, or 17 element lines as well.

Call it counter or pointer, it's an indicator of the position in file. A (typed) pointer in C is pointing to the memory location of a structure (type). Yes, there are similarities.