pyshark FileCapture crashes when tshark is missing the permissions to open the pcap file

[0xa1a1aa]

2021-01-21 02:55:30,956 - FileCapture - DEBUG - Creating TShark subprocess with parameters: /usr/bin/tshark -l -n -T pdml -Y tcp or udp or dns.qry.name eq wpad -r /tmp/tshark_capture_21.01.2021_02:55:27.pcapng 2021-01-21 02:55:30,956 - FileCapture - DEBUG - Executable: /usr/bin/tshark 2021-01-21 02:55:30,959 - FileCapture - DEBUG - TShark subprocess created tshark: You don't have permission to read the file "/tmp/tshark_capture_21.01.2021_02:55:27.pcapng". 2021-01-21 02:55:31,243 - FileCapture - DEBUG - EOF reached (sync) Traceback (most recent call last): File "./netscan.py", line 137, in main() File "./netscan.py", line 96, in main tshark_scan.print_results(output_file) File "/home/kali/netscan/src/tshark_scan.py", line 99, in print_results capture.close() File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 426, in close self.eventloop.run_until_complete(self.close_async()) File "/usr/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete return future.result() File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 430, in close_async await self._cleanup_subprocess(process) File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 421, in _cleanup_subprocess raise TSharkCrashException("TShark seems to have crashed (retcode: %d). " pyshark.capture.capture.TSharkCrashException: TShark seems to have crashed (retcode: 2). Try rerunning in debug mode [ capture_obj.set_debug() ] or try updating tshark. Exception ignored in: <function Capture.del at 0x7fbae1e20310> Traceback (most recent call last): File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 435, in del File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 426, in close File "/usr/lib/python3.8/asyncio/base_events.py", line 616, in run_until_complete File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 430, in close_async File "/home/kali/.local/lib/python3.8/site-packages/pyshark/capture/capture.py", line 421, in _cleanup_subprocess pyshark.capture.capture.TSharkCrashException: TShark seems to have crashed (retcode: 2). Try rerunning in debug mode [ capture_obj.set_debug() ] or try updating tshark.

[BMWE]

Have similar issue of crash while running on win10

Exception ignored in: <function Capture.del at 0x0000017035AFA790> Traceback (most recent call last): File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 435, in del self.close() File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 426, in close self.eventloop.run_until_complete(self.close_async()) File "C:\Users\BMWE\anaconda3\lib\site-packages\nest_asyncio.py", line 96, in run_until_complete return f.result() File "C:\Users\BMWE\anaconda3\lib\asyncio\futures.py", line 178, in result raise self._exception File "C:\Users\BMWE\anaconda3\lib\asyncio\tasks.py", line 280, in __step result = coro.send(None) File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 430, in close_async await self._cleanup_subprocess(process) File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 421, in _cleanup_subprocess raise TSharkCrashException("TShark seems to have crashed (retcode: %d). " pyshark.capture.capture.TSharkCrashException: TShark seems to have crashed (retcode: 1). Try rerunning in debug mode [ capture_obj.set_debug() ] or try updating tshark.

My code:

import pyshark

capture = pyshark.LiveCapture(interface=r"\Device\NPF_{313BC920-21E0-4D04-83E3-025F138170CD}",
                              display_filter="udp.port==1900")
rawdata =[]
for packet in capture.sniff_continuously(packet_count=20):
    rawdata=[packet.ip.id, packet.ip.checksum]

[LiuZhipeng99]

I have the same error

[LiuZhipeng99]

Have similar issue of crash while running on win10

Exception ignored in: <function Capture.del at 0x0000017035AFA790> Traceback (most recent call last): File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 435, in del self.close() File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 426, in close self.eventloop.run_until_complete(self.close_async()) File "C:\Users\BMWE\anaconda3\lib\site-packages\nest_asyncio.py", line 96, in run_until_complete return f.result() File "C:\Users\BMWE\anaconda3\lib\asyncio\futures.py", line 178, in result raise self._exception File "C:\Users\BMWE\anaconda3\lib\asyncio\tasks.py", line 280, in __step result = coro.send(None) File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 430, in close_async await self._cleanup_subprocess(process) File "C:\Users\BMWE\anaconda3\lib\site-packages\pyshark\capture\capture.py", line 421, in _cleanup_subprocess raise TSharkCrashException("TShark seems to have crashed (retcode: %d). " pyshark.capture.capture.TSharkCrashException: TShark seems to have crashed (retcode: 1). Try rerunning in debug mode [ capture_obj.set_debug() ] or try updating tshark.

My code:

import pyshark

capture = pyshark.LiveCapture(interface=r"\Device\NPF_{313BC920-21E0-4D04-83E3-025F138170CD}",
                              display_filter="udp.port==1900")
rawdata =[]
for packet in capture.sniff_continuously(packet_count=20):
    rawdata=[packet.ip.id, packet.ip.checksum]

seems that the package in pypi is not updated one. Downloaded the src from github and compared with pypi. After updating the files, it seems to work fine.

[muralidharanr19]

facing same issue

[trombadore-google]

I am facing this as well once I create a FileCapture object and then try to access any packet in the capture.