Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Error while running in a pcap "struct.error: unpack requires a buffer of 14 bytes' #21

Open
eldraco opened this issue Nov 29, 2020 · 0 comments

Comments

@eldraco
Copy link

eldraco commented Nov 29, 2020

python3 /opt/Malware-Project/tools/CapTipper/CapTipper.py 2017-2-20_win10.pcap -r .
CapTipper v0.3 b14 - Malicious HTTP traffic explorer tool
Copyright 2015 Omri Herscovici omriher@gmail.com

[A] Analyzing PCAP: 2017-2-20_win10.pcap
unpack requires a buffer of 14 bytes
ERROR:root:Traceback (most recent call last):
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 194, in read_tcp_packet
state, pack = read_tcp_pac(link_packet, link_layer_parser)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 135, in read_tcp_pac
state, source, dest, tcp_packet, src_mac = read_ip_pac(link_packet, link_layer_parser)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 102, in read_ip_pac
n_protocol, ip_packet = link_layer_parser(link_packet)
File "/opt/Malware-Project/tools/CapTipper/pcapparser/packet_parser.py", line 67, in dl_parse_ethernet
(n_protocol, ) = struct.unpack(b'!12xH', ethernet_header)
struct.error: unpack requires a buffer of 14 bytes

^Cint() argument must be a string, a bytes-like object or a number, not '_collections._tuplegetter'

You can try with this pcap https://mcfp.felk.cvut.cz/publicDatasets/CTU-Malware-Capture-Botnet-371-1/2017-2-20_win10.pcap

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant