View unanswered posts | View active topics It is currently Wed Oct 16, 2019 4:59 am



Post new topic Reply to topic  [ 14 posts ]  Go to page 1, 2  Next
 LIve capture not starting, not able to read pcap files 
Author Message

Joined: Fri Aug 19, 2011 6:45 am
Posts: 5
Reply with quote
Post LIve capture not starting, not able to read pcap files
Hi there,

I've latest xplico installed on debian squeeze 64 bit. It installed without errors, when I run it I have access to web gui, again no errors. Creating new cases and session works fine as well but when I want to run live capture, xplico stays blank and empty. I've also tried loading pcap files but same thing. Xplico stays empty and doesn't do any live capture or decoding of the packets. I went to scripts directory and when I try to manually run session_mng.pyc I get this


/opt/xplico/script/session_mng.pyc -n "AP home" "April"
/opt/xplico/script/session_mng.pyc: line 1: O
: command not found
/opt/xplico/script/session_mng.pyc: line 2: ���McI@sddlZddlZddlZddlZddlZddlZddlmZddm: command not found
/opt/xplico/script/session_mng.pyc: line 3: dZ
dZ
�Zd: command not found d�Z
/opt/xplico/script/session_mng.pyc: line 4: syntax error near unexpected token `)'
/opt/xplico/script/session_mng.pyc: line 4: `kry)ejejd
d�d
�\ZZWn/ejk'


Thank's in advance!


Wed Aug 24, 2011 3:47 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Hi,
have you installed python3-all, python3-httplib2 and binfmt-support?
Ciao.
Gianluca


Wed Aug 24, 2011 3:57 pm
Profile WWW

Joined: Fri Aug 19, 2011 6:45 am
Posts: 5
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Yes.

python3-all = 3.2.3
python3-httplib2 = 0.7.1-1
binfmt-support = 2.0.6


One thing popped up. When I did search for binfmt I got something called mono as well?!


Wed Aug 24, 2011 4:03 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Hi,
I have tried with the last 64bit Debian Live (6.0.1).
Your problem is caused by binfmt-support. I'm get the same error not installing this package. Of course, installing the package everything work fine.
Because you have already installed the package then try to restart it.

Ciao.
Gianluca


Wed Aug 24, 2011 6:18 pm
Profile WWW

Joined: Fri Aug 19, 2011 6:45 am
Posts: 5
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
I've reinstalled binfmts-support package restarted both binfmts and xplico and still I'm getting the same error. This is output of /update-binfmts --display


python2.6 (enabled):
package = python2.6
type = magic
offset = 0
magic = \xd1\xf2\x0d\x0a
mask =
interpreter = /usr/bin/python2.6
detector =
python2.7 (enabled):
package = python2.7
type = magic
offset = 0
magic = \x03\xf3\x0d\x0a
mask =
interpreter = /usr/bin/python2.7
detector =
cli (enabled):
package = mono-runtime
type = magic
offset = 0
magic = MZ
mask =
interpreter = /usr/bin/cli
detector = /usr/lib/cli/binfmt-detector-cli
jar (enabled):
package = openjdk-6
type = magic
offset = 0
magic = PK\x03\x04
mask =
interpreter = /usr/bin/jexec
detector =
jarwrapper (enabled):
package = <local>
type = magic
offset = 0
magic = PK\x03\x04
mask =
interpreter = /usr/bin/jarwrapper
detector = /usr/bin/jardetector
python3.2 (enabled):
package = python3.2
type = magic
offset = 0
magic = \x6c\x0c\x0d\x0a
mask =
interpreter = /usr/bin/python3.2
detector =


The error is still the same

/opt/xplico/script/session_mng.pyc -n "AP home" "April"
/opt/xplico/script/session_mng.pyc: line 1: O
: command not found
/opt/xplico/script/session_mng.pyc: line 2: ���McI@sddlZddlZddlZddlZddlZddlZddlmZddm: command not found
/opt/xplico/script/session_mng.pyc: line 3: dZ
dZ
�Zd: command not found d�Z
/opt/xplico/script/session_mng.pyc: line 4: syntax error near unexpected token `)'
/opt/xplico/script/session_mng.pyc: line 4: `kry)ejejd
d�d
�\ZZWn/ejk'

I'll try re installing xplico. See what happens.


Wed Aug 24, 2011 8:16 pm
Profile

Joined: Fri Aug 19, 2011 6:45 am
Posts: 5
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
I've re installed xplico and I still have that same error. I do have binfmts-support installed and running.

Any ideas?


Wed Aug 24, 2011 9:00 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Hi,
yes, I have an idea. The session_mng.pyc was made with python3.1. Try to install python3.1.
The python3.1 'magic' is different to python3.2.


Thu Aug 25, 2011 7:00 am
Profile WWW

Joined: Fri Aug 19, 2011 6:45 am
Posts: 5
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Bravo Maestro!

That done it! After installing python-3.1 everything works like charm!

Grazie mille Gianluca!!!


Fri Aug 26, 2011 11:46 pm
Profile

Joined: Thu Oct 27, 2011 6:12 pm
Posts: 3
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Hi.
I have installed xplico form CERT repo for fedora 14 the cli is working fine, but the web gui is showing the same symptom as described in this post, I already tried all the suggestions in this post but still the gui is not decoding pcaps, any help will be appreciated.
Gregorio Narvaez
GCFA


Fri Oct 28, 2011 5:27 pm
Profile
Site Admin

Joined: Wed Sep 16, 2009 10:09 pm
Posts: 394
Reply with quote
Post Re: LIve capture not starting, not able to read pcap files
Hi Gregorio,
can you make the tests below?
- go in to /opt/xplico/script, launch the script ./session_mng.pyc and give us its output
- go in to /opt/xplico/bin, launch ./dema and give us its output

In this way we can try to identify the problem.

Ciao.
Gianluca


Sat Oct 29, 2011 7:28 am
Profile WWW
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 14 posts ]  Go to page 1, 2  Next


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
cron
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group.
Designed by Vjacheslav Trushkin for Free Forums/DivisionCore.