pyrdp-covert Attribute Error: 'str' object has no attribute 'ip'

[MundaneTracing]

pyrdp-covert appears to see the source and dest.

┌──(venv)─(parallels㉿kali-linux-2022-2)-[~/Downloads] └─$ pyrdp-convert rdp-replay.pcap -l [*] Analyzing PCAP 'rdp-replay.pcap' ...

• 10.0.0.2:55510 -> 10.1.1.1:3389 : plaintext

But I get the below error on my kali vm. I get the same error with pyrdp installed on a Windows 10 machine as well. Followed the instructions for the layer 7 and no luck. I did not see a comparable previous issue upon searching.

Thoughts??

┌──(venv)─(parallels㉿kali-linux-2022-2)-[~/Downloads] └─$ pyrdp-convert rdp-replay.pcap --src 10.0.0.2 -f replay -o rdp-replay [*] Analyzing PCAP 'rdp-replay.pcap' ... Traceback (most recent call last): File "/home/parallels/Pentest/tools/pyrdp/venv/bin/pyrdp-convert", line 8, in sys.exit(main()) ^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/bin/convert.py", line 99, in main exitCode = converter.process() ^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 41, in process streams = self.listSessions() ^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 78, in listSessions if self.checkSrcExcluded(client) or self.checkDstExcluded(server): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 35, in checkSrcExcluded return len(self.srcFilter) > 0 and src not in self.srcFilter ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/utils.py", line 62, in eq if self.ip == other.ip and self.port == other.port: ^^^^^^^^ AttributeError: 'str' object has no attribute 'ip'

┌──(venv)─(parallels㉿kali-linux-2022-2)-[~/Downloads] └─$ pyrdp-convert rdp-replay.pcap --src 10.0.0.2 -f replay -o rdp-replay

┌──(venv)─(parallels㉿kali-linux-2022-2)-[~/Downloads] └─$ pyrdp-convert --src 10.0.0.2 --dst 10.1.1.1 -f replay -o rdp-replay rdp-replay.pcap [*] Analyzing PCAP 'rdp-replay.pcap' ... Traceback (most recent call last): File "/home/parallels/Pentest/tools/pyrdp/venv/bin/pyrdp-convert", line 8, in sys.exit(main()) ^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/bin/convert.py", line 99, in main exitCode = converter.process() ^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 41, in process streams = self.listSessions() ^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 78, in listSessions if self.checkSrcExcluded(client) or self.checkDstExcluded(server): ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/PCAPConverter.py", line 35, in checkSrcExcluded return len(self.srcFilter) > 0 and src not in self.srcFilter ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/parallels/Pentest/tools/pyrdp/pyrdp/convert/utils.py", line 62, in eq if self.ip == other.ip and self.port == other.port: ^^^^^^^^ AttributeError: 'str' object has no attribute 'ip'

[MundaneTracing]

rdp-replay.pcap.zip

Here is the pcap I'm working with.

[MundaneTracing]

Fixed issue by exporting "Captured" traffic and not Displayed traffic. Evidently I was missing some key data.

[obilodeau]

Glad you figured it out.