Splitting output to smaller pcaps fails
haxorthematrix opened this issue · 8 comments
When taking a large Kismet sqlite3 database and using kismet_log_to_pcap, a typeerror is returned:
# kismet_log_to_pcap --in Kismet-20190904-10-18-58-1.kismet --outtitle small --limit-packets 100000
Limiting to 100000 packets per file in small-X.pcap
DLT 0 for all packets
Logging to None
Traceback (most recent call last):
File "/usr/local/bin/kismet_log_to_pcap", line 10, in <module>
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/kismetdb/scripts/log_to_pcap.py", line 110, in main
logf = open(results.outfile, file_mode)
TypeError: coercing to Unicode: need string or buffer, NoneType found
The kismet database has plenty of packets:
# ls -la | grep Kismet
-rw-r--r-- 1 root root 196722688 Sep 4 10:36 Kismet-20190904-10-18-58-1.kismet
Installed on Kali per instructions at https://www.kismetwireless.net/docs/readme/kismetdb_to_pcap/ which references the kismetwireless.net git repo as opposed to this one.
Sorry to hear you're having trouble.
What version of Kismet are you using to generate the sqlite file, and what version of Python?
Also, I think you're missing the --out
argument.
Eh, I'm trying to troubleshoot from my phone and not being super successful :-)
Ignore the part about --out
If you can give me the version of Python and Kismet, I'll try to reproduce the issue tonight. I'm pretty sure I have a test for this, specifically, but I may have missed it.
I'm using:
# kismet --version
Kismet 2019-08-R1
# python --version
Python 2.7.16+
Hey @haxorthematrix thanks a bunch for the bug report.
I've pushed a fix to the issue/5 branch. If you're comfortable testing the library from that branch (uninstall the one you have, git clone the repo, switch to the issue/5 branch, and pip install .
) I'd like your confirmation that the issue is fixed for you before merging down toward master and cutting a new release.
I can give that a try today, or this evening.
Any luck, @haxorthematrix?
Apologies, life got in the way. I just cloned/checked out/pulled the issue/5 branch and installed and re-ran the initial command as reported, as well as tested with a few other large captures.
The fix appears to work great. Thanks!