gallimaufry
gallimaufry copied to clipboard
Published
20 hours ago •
bannsec
bannsec
Issue parsing hex value for `idVendor`
In [4]: usb = USB("gallimaufry/examples/keyboard/csaw2012/dongle.pcap")
---------------------------------------------------------------------------
ValueError Traceback (most recent call last)
Cell In[4], line 1
----> 1 usb = USB("/home/gsgx/code/gallimaufry/examples/keyboard/csaw2012/dongle.pcap")
File ~/code/gallimaufry/Gallimaufry/USB.py:27, in USB.__init__(self, pcap)
24 self.pcap_filename = pcap
25 self.devices = []
---> 27 self._enumerate_devices()
File ~/code/gallimaufry/Gallimaufry/USB.py:37, in USB._enumerate_devices(self)
35 # Build out a new device for each
36 for device in device_descriptors:
---> 37 self.devices.append(Device(device, self.pcap))
File ~/code/gallimaufry/Gallimaufry/Device.py:16, in Device.__init__(self, device_descriptor, pcap)
14 def __init__(self, device_descriptor, pcap):
15 self.string_descriptors = {}
---> 16 self._parse_device_descriptor(device_descriptor)
18 # PCAP will filter the pcap down to only this device
19 self.pcap = pcap
File ~/code/gallimaufry/Gallimaufry/Device.py:71, in Device._parse_device_descriptor(self, device_descriptor)
68 self.device_minor = int(bcdDevice[2:3],10)
69 self.device_subminor = int(bcdDevice[3:4],10)
---> 71 self.idVendor = int(device_descriptor['_source']['layers']['DEVICE DESCRIPTOR']['usb.idVendor'],10)
72 self.idProduct = int(device_descriptor['_source']['layers']['DEVICE DESCRIPTOR']['usb.idProduct'],16)
73 self.iManufacturer = int(device_descriptor['_source']['layers']['DEVICE DESCRIPTOR']['usb.iManufacturer'],10)
ValueError: invalid literal for int() with base 10: '0x16c0'
Getting the same issue with other pcaps in the examples folder. Probably in a newer version of tshark it started reporting this as a hex value. You could change the base to 10, or you could make it 0 which would allow both version to work.
BTW, you may want to consider using scapy instead of tshark to avoid having to parse tshark output
