Closed kwiha closed 2 years ago
Thanks for reporting this. Do you have a pcap of the traffic that caused the error?
On Mon, 19 Aug 2019 at 7:06 pm, evil_comrade notifications@github.com wrote:
─$ python3 fatt.py -i en0 --print_output --json_logging 172.21.155.141:64655 -> 10.110.151.5:443 [TLS] ja3=e70e3fa3254bc795d1d96f17ec5dfb16 10.110.151.5:443 -> 172.21.155.141:64655 [TLS] ja3s=f4febc55ea12b31ae17cfb7e614afda8 Traceback (most recent call last): File "fatt.py", line 974, in main() File "fatt.py", line 968, in main cap.apply_on_packets(pp.process) File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 248, in apply_on_packets return self.eventloop.run_until_complete(coro) File "/opt/homebrew/Cellar/python37/3.7.3_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/asyncio/base_events.py", line 584, in run_until_complete return future.result() File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 259, in packets_from_tshark await self._go_through_packets_from_fd(tshark_process.stdout, packet_callback, packet_count=packet_count) File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 285, in _go_through_packets_from_fd packet_callback(packet) File "fatt.py", line 144, in process record = self.client_ja3(packet) File "fatt.py", line 475, in client_ja3 "sourceIp": packet.ip.src, File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/packet/packet.py", line 117, in getattr raise AttributeError("No attribute named %s" % item) AttributeError: No attribute named ip
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/0x4D31/fatt/issues/4?email_source=notifications&email_token=ACYKTMCYOUTMOLV7TFHIO7TQFJPADA5CNFSM4IM3BLK2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4HF5VHBA, or mute the thread https://github.com/notifications/unsubscribe-auth/ACYKTMABL4IV7SBPLHT4MZTQFJPADANCNFSM4IM3BLKQ .
Also stuck with this error. Anybody solved the problem already?
Solved the error: Fatt only supports fingerprinting on IPv4. Default settings in my system were IPv6. After switching back to IPv4 everything worked fine for me.
─$ tshark -v TShark (Wireshark) 3.0.0 (v3.0.0-0-g937e33de) ─$ python3 fatt.py -i en0 --print_output --json_logging 172.21.155.141:64655 -> 10.110.151.5:443 [TLS] ja3=e70e3fa3254bc795d1d96f17ec5dfb16 10.110.151.5:443 -> 172.21.155.141:64655 [TLS] ja3s=f4febc55ea12b31ae17cfb7e614afda8 Traceback (most recent call last): File "fatt.py", line 974, in
main()
File "fatt.py", line 968, in main
cap.apply_on_packets(pp.process)
File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 248, in apply_on_packets
return self.eventloop.run_until_complete(coro)
File "/opt/homebrew/Cellar/python37/3.7.3_2/Frameworks/Python.framework/Versions/3.7/lib/python3.7/asyncio/base_events.py", line 584, in run_until_complete
return future.result()
File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 259, in packets_from_tshark
await self._go_through_packets_from_fd(tshark_process.stdout, packet_callback, packet_count=packet_count)
File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/capture/capture.py", line 285, in _go_through_packets_from_fd
packet_callback(packet)
File "fatt.py", line 144, in process
record = self.client_ja3(packet)
File "fatt.py", line 475, in client_ja3
"sourceIp": packet.ip.src,
File "/Users/test/.local/share/virtualenvs/fatt-KOlk9kGi/lib/python3.7/site-packages/pyshark/packet/packet.py", line 117, in getattr
raise AttributeError("No attribute named %s" % item)
AttributeError: No attribute named ip