Wireshark mailing list archives
ask about wireshark's lua dissectors
From: Javier Aguinaga <el.tio.pastafrola () gmail com>
Date: Mon, 25 Nov 2013 13:28:18 -0200
Hi guys, i have been working in a lua dissector for a private protocol the protocol in the dump has a section with the return of the window's API GetSystemTimeAsFileTime in the form 6a 0e 2e c2 0c e2 ce 01 this is the value of the structure FILETIME in the serve is decoded with import datetime datetime.datetime.fromtimestamp((0xc22e0e6a + (0x01cee20c << 32)) / 10000000.0 - 11644473600) the hex number 0xc2220e6a is the representation of "6a 0e 2e c2" and 0x01cee20c is "0c e2 ce 01" i tried to decoded with a lua script: timelow = buffer(0,4):le_uint() timehihg = buffer(4,4):le_uint() the numbers are correct (i saw it with message()) but i have problems with: bit.lshift(timehigh,32) when i did message(bit.lshift(timehigh, 32)) i got -1037169046 i think that the problem has two reasons: * timehigh isn't a unsigned value * or timehigh is a 32 bits integer without the possility to extend to 64 bits i wanna get:
"%d" % (0xc22e0e6a << 32)
13992136940716032000 is there any way? p.s.: i also tried to get the complete number of 64 bits with le_uint64() but doesn't work thanks for advance Regards
___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev () wireshark org> Archives: http://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-request () wireshark org?subject=unsubscribe
Current thread:
- ask about wireshark's lua dissectors Javier Aguinaga (Nov 27)