In TCP protocol, because MSS limitation, sometimes one endpoint needs to split one TCP packet into multiple packets and send them. Today, I met a case which requires to reassemble them into one.
Firstly, I used Wireshark to “Hex Dump” first need-reassemble packet:
0000 18 cf 24 4c 71 4b 54 89 98 76 b8 30 08 00 45 00
......
Modify the length in IP header, append remaining TCP payload, then used colrm to remove offset:
# colrm 1 4 < data > data.txt
Used awk to prepend 0x and append , for every value:
awk '{ for(i = 1; i <= NF; i++) {$i="0x"$i","} print}' data.txt
Added the variable definition for array:
const u_char new_packet_4[] = {
0x18, 0xcf, ......
.......
}
Lastly, write a small program to insert new packet 4 and remove original packet 4 and 5, and code is here (Don’t forget to modify the header of packet 4).