Closed joshlemon closed 4 years ago
Hi Josh.
This error is generated by a module I use and not the module I wrote. Would you mind trying the command line version of srum-dump? This will confirm that the issue is the 3rd Party module and not something else. You can download ese2csv here https://github.com/MarkBaggett/ese-analyst
Mark
OK, tried using the command line version.
srum_dump2.exe --SRUM_INFILE E:\C\Windows\system32\SRU\SRUDB.dat --XLSX_OUTFILE G:\SRUM --XLSX_TEMPLATE "C:\Forensic Program Files\srum-dump2\SRUM_TEMPLATE2.xlsx" --REG_HIVE E:\C\Windows\system32\config\SOFTWARE
I no longer get the error from above anymore, however, I'm seeing this error (and yep, I'm running the command prompt as local Admin and I've tried a number of different folders on different drives as well):
Writing output file to disk.
I was unable to write the output file. Do you have an old version open? If not this is probably a path or permissions issue.
Error : [Errno 13] Permission denied: 'G:\\SRUM'
Done.
As a side note, I can confirm ese-analyst does work without any issues, but I'd really like to get srum_dump2 to work if possible.
I'm going to keep this issue open as a reminder for me to continue checking for a fix in the openpyxl (which writes the XLS files). Until that happens ese2csv is the best option.
I also received similar error
|XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX| 100.00% FINISHED
Writing output file to disk.
I was unable to write the output file. Do you have an old version open? If not this is probably a path or permissions issue.
Error : [Errno 13] Permission denied: 'D:\\SRUM'
Done.
Tried running srum_dump_csv.exe
via kape ... no go either
Running 'srum_dump_csv.exe': -i D:\export\SRUDB.dat -t D:\export\SRUM_TEMPLATE2.xlsx -r D:\export\SOFTWARE -o D:\SRUM\SystemActivity -q
[1976] Failed to execute script srum_dump_csv
Traceback (most recent call last):
File "srum_dump_csv.py", line 385, in <module>
File "srum_dump_csv.py", line 94, in ese_getnextrow
File "srum_dump_csv.py", line 104, in smart_retrieve
AttributeError: 'bytes' object has no attribute 'encode'
Could you possibly share the srum data with me?
If not can you try to dump the data with Ese2csv.exe and tell me if that works?
Thank you @MarkBaggett ... Ese2csv worked. Thanks for the suggestion/alternate solution
It looks like there is an error when attempting to write output from srum_dump2.exe
Below is a screenshot of the error message I'm getting. I'm running this with SRUM_TEMPLATE2.xlxs and with the SOFTWARE hive include in the parsing.