phaethon/kamene

DNS packet print() error

Closed this issue · 3 comments

shpshp commented

Sometimes the following code:

#!/usr/bin/python3

from kamene.all import *

interface = "wlan0"

def print_packet(packet):
    ip_layer = packet.getlayer(IP)
    print(ip_layer.show())

print("[*] Start sniffing...")
sniff(iface=interface, filter="ip", prn=print_packet)
print("[*] Stop sniffing")

throws out the following error:

        \an        \
         |###[ DNS Resource Record ]###
         |  rrname    = 'webextensions.settings.services.mozilla.com.'
         |  type      = AAAA
         |  rclass    = IN
         |  ttl       = 1598
Traceback (most recent call last):
  File "./kamene-test.py", line 13, in <module>
    sniff(iface=interface, filter="ip", prn=print_packet)
  File "/usr/local/lib/python3.6/dist-packages/kamene/sendrecv.py", line 608, in sniff
    r = prn(p)
  File "./kamene-test.py", line 10, in print_packet
    print(ip_layer.show())
  File "/usr/local/lib/python3.6/dist-packages/kamene/packet.py", line 876, in show
    self.payload.show(indent=indent, lvl=lvl+(" "*indent*self.show_indent), label_lvl=label_lvl)
  File "/usr/local/lib/python3.6/dist-packages/kamene/packet.py", line 876, in show
    self.payload.show(indent=indent, lvl=lvl+(" "*indent*self.show_indent), label_lvl=label_lvl)
  File "/usr/local/lib/python3.6/dist-packages/kamene/packet.py", line 864, in show
    fvalue.show(indent=indent, label_lvl=label_lvl+lvl+"   |")
  File "/usr/local/lib/python3.6/dist-packages/kamene/packet.py", line 869, in show
    reprval = f.i2repr(self,fvalue)
  File "/usr/local/lib/python3.6/dist-packages/kamene/fields.py", line 73, in i2repr
    return repr(self.i2h(pkt,x))
  File "/usr/local/lib/python3.6/dist-packages/kamene/layers/dns.py", line 242, in i2h
    x = len(rdataf.i2m(pkt, pkt.rdata))
  File "/usr/local/lib/python3.6/dist-packages/kamene/layers/dns.py", line 228, in i2m
    s = inet_pton(socket.AF_INET6, s.decode("utf-8"))
AttributeError: 'str' object has no attribute 'decode'
phaethon commented

Apparently there is an issue with some specific DNS packets. It would be great if you could put it into try block and give more details on the packet. Otherwise, it will not be trivial to trace the issue.

On the other note: packet.getlayer(IP) might return None, which does not have a show method. This is not what happens in this trace though.

phaethon commented

I have fixed one probable cause. Please, test using latest commit from GitHub.

shpshp commented

Yeah, that's better!) Thank you!