Skip to content

Error while running in a pcap "struct.error: unpack requires a buffer of 14 bytes' #21

@eldraco

Description

@eldraco

python3 /opt/Malware-Project/tools/CapTipper/CapTipper.py 2017-2-20_win10.pcap -r .
CapTipper v0.3 b14 - Malicious HTTP traffic explorer tool
Copyright 2015 Omri Herscovici omriher@gmail.com

[A] Analyzing PCAP: 2017-2-20_win10.pcap
unpack requires a buffer of 14 bytes
ERROR:root:Traceback (most recent call last):
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 194, in read_tcp_packet
state, pack = read_tcp_pac(link_packet, link_layer_parser)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 135, in read_tcp_pac
state, source, dest, tcp_packet, src_mac = read_ip_pac(link_packet, link_layer_parser)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 102, in read_ip_pac
n_protocol, ip_packet = link_layer_parser(link_packet)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 67, in dl_parse_ethernet
(n_protocol, ) = struct.unpack(b'!12xH', ethernet_header)
struct.error: unpack requires a buffer of 14 bytes

^Cint() argument must be a string, a bytes-like object or a number, not '_collections._tuplegetter'

You can try with this pcap https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-371-1/2017-2-20_win10.pcap

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions