kismetwireless/python-kismet-db

Splitting output to smaller pcaps fails

haxorthematrix opened this issue · 8 comments

When taking a large Kismet sqlite3 database and using kismet_log_to_pcap, a typeerror is returned:

# kismet_log_to_pcap --in Kismet-20190904-10-18-58-1.kismet --outtitle small --limit-packets 100000
Limiting to 100000 packets per file in small-X.pcap
DLT 0 for all packets
Logging to None
Traceback (most recent call last):
  File "/usr/local/bin/kismet_log_to_pcap", line 10, in <module>
    sys.exit(main())
  File "/usr/local/lib/python2.7/dist-packages/kismetdb/scripts/log_to_pcap.py", line 110, in main
    logf = open(results.outfile, file_mode)
TypeError: coercing to Unicode: need string or buffer, NoneType found

The kismet database has plenty of packets:

# ls -la | grep Kismet
-rw-r--r--  1 root root 196722688 Sep  4 10:36 Kismet-20190904-10-18-58-1.kismet

Installed on Kali per instructions at https://www.kismetwireless.net/docs/readme/kismetdb_to_pcap/ which references the kismetwireless.net git repo as opposed to this one.

Sorry to hear you're having trouble.
What version of Kismet are you using to generate the sqlite file, and what version of Python?

Also, I think you're missing the --out argument.

Eh, I'm trying to troubleshoot from my phone and not being super successful :-)

Ignore the part about --out

If you can give me the version of Python and Kismet, I'll try to reproduce the issue tonight. I'm pretty sure I have a test for this, specifically, but I may have missed it.

I'm using:

# kismet --version
Kismet 2019-08-R1
# python --version
Python 2.7.16+

Hey @haxorthematrix thanks a bunch for the bug report.

I've pushed a fix to the issue/5 branch. If you're comfortable testing the library from that branch (uninstall the one you have, git clone the repo, switch to the issue/5 branch, and pip install .) I'd like your confirmation that the issue is fixed for you before merging down toward master and cutting a new release.

I can give that a try today, or this evening.

Apologies, life got in the way. I just cloned/checked out/pulled the issue/5 branch and installed and re-ran the initial command as reported, as well as tested with a few other large captures.

The fix appears to work great. Thanks!