search

NUKIB / maldump

Multi-quarantine extractor
GNU General Public License v3.0
40 stars 8 forks source link

No module named maldump.parsers.kaitai #11

Closed mpilking closed 1 month ago

mpilking commented 2 months ago

Describe the bug I have a clean VM with Windows 11. I've installed Python 3.10 and earlier later tried with 3.12. In both cases, after installing maldump with the command pip install maldump, I get the following error: ModuleNotFoundError: No module named 'maldump.parsers.kaitai'

Here's exactly what I did in the new VM:

C:\Windows\System32>pip --version
pip 23.0.1 from C:\Program Files\Python310\lib\site-packages\pip (python 3.10)

C:\Windows\System32>pip install maldump
Collecting maldump
  Downloading maldump-0.3.0-py3-none-any.whl (93 kB)
     ---------------------------------------- 93.6/93.6 kB 2.7 MB/s eta 0:00:00
Collecting kaitaistruct
  Downloading kaitaistruct-0.10-py2.py3-none-any.whl (7.0 kB)
Collecting defusedxml
  Downloading defusedxml-0.7.1-py2.py3-none-any.whl (25 kB)
Collecting colorama
  Downloading colorama-0.4.6-py2.py3-none-any.whl (25 kB)
Collecting pycryptodome
  Downloading pycryptodome-3.20.0-cp35-abi3-win_amd64.whl (1.8 MB)
     ---------------------------------------- 1.8/1.8 MB 14.0 MB/s eta 0:00:00
Installing collected packages: pycryptodome, kaitaistruct, defusedxml, colorama, maldump
Successfully installed colorama-0.4.6 defusedxml-0.7.1 kaitaistruct-0.10 maldump-0.3.0 pycryptodome-3.20.0

[notice] A new release of pip is available: 23.0.1 -> 24.1.2
[notice] To update, run: python.exe -m pip install --upgrade pip

C:\Windows\System32>maldump -l e:\C
Traceback (most recent call last):
  File "C:\Program Files\Python310\lib\runpy.py", line 196, in _run_module_as_main
    return _run_code(code, main_globals, None,
  File "C:\Program Files\Python310\lib\runpy.py", line 86, in _run_code
    exec(code, run_globals)
  File "C:\Program Files\Python310\Scripts\maldump.exe\__main__.py", line 4, in <module>
  File "C:\Program Files\Python310\lib\site-packages\maldump\__main__.py", line 17, in <module>
    from maldump.av_manager import AVManager
  File "C:\Program Files\Python310\lib\site-packages\maldump\av_manager.py", line 5, in <module>
    from maldump.avs import (avast, avg, avira, eset, forticlient, gdata,
  File "C:\Program Files\Python310\lib\site-packages\maldump\avs\avira.py", line 6, in <module>
    from maldump.parsers.avira_parser import AviraParser
  File "C:\Program Files\Python310\lib\site-packages\maldump\parsers\avira_parser.py", line 5, in <module>
    from maldump.parsers.kaitai.avira_parser import AviraParser as KaitaiParser
ModuleNotFoundError: No module named 'maldump.parsers.kaitai'

C:\Windows\System32>

Here are my installed PIP packages:

C:\Windows\System32>pip list
Package      Version
------------ -------
colorama     0.4.6
defusedxml   0.7.1
kaitaistruct 0.10
maldump      0.3.0
pip          23.0.1
pycryptodome 3.20.0
setuptools   65.5.0

Expected behavior For the same data set on an older Windows 10 VM running Python 3.10 with maldump 0.2.0, I get the following results:

G:\>maldump -l e:\C
--- Microsoft Defender ---
C:\Windows\System32\Tasks\SRL User Maintenance
C:\Windows\System32\SRLUpdate.exe

Desktop (please complete the following information):

Ddilrat commented 2 months ago

Just had this same issue. Kaitai folder is missing from the parsers directory when I installed with pip. I grapped the code manually, copied the kaitai folder to that location and it is fixed.

image

vojtechjelinek commented 1 month ago

This should be fixed.