unable to run from the global plugin folder

[blshkv]

Hi,

I have uploaded scripts into /usr/lib64/wireshark/plugins/ and facing the problem as listed below. Any idea what could be wrong?

Lua: Error during loading:
 ...eshark/plugins/2.6.4/patoolkit/web/tor_detection.lua:11: module 'util' not found:
    no field package.preload['util']
    no file './util.lua'
    no file '/usr/share/lua/5.1/util.lua'
    no file '/usr/share/lua/5.1/util/init.lua'
    no file '/usr/lib64/lua/5.1/util.lua'
    no file '/usr/lib64/lua/5.1/util/init.lua'
    no file '/usr/share/lua/5.1/util.lua'
    no file '/usr/share/lua/5.1/util/init.lua'
    no file './util.so'
    no file '/usr/lib64/lua/5.1/util.so'
    no file '/usr/lib64/lua/5.1/util.so'
    no file '/usr/lib64/lua/5.1/loadall.so'

Lua: Error during loading:
 ...eshark/plugins/2.6.4/patoolkit/web/post_requests.lua:13: module 'util' not found:

<skip>
Lua: Error during loading:
 ...gins/2.6.4/patoolkit/wifi/beacon_flood_detection.lua:13: module 'security' not found:
    no field package.preload['security']
    no file './security.lua'
    no file '/usr/share/lua/5.1/security.lua'
    no file '/usr/share/lua/5.1/security/init.lua'
    no file '/usr/lib64/lua/5.1/security.lua'
    no file '/usr/lib64/lua/5.1/security/init.lua'
    no file '/usr/share/lua/5.1/security.lua'
    no file '/usr/share/lua/5.1/security/init.lua'
    no file './security.so'
    no file '/usr/lib64/lua/5.1/security.so'
    no file '/usr/lib64/lua/5.1/security.so'
    no file '/usr/lib64/lua/5.1/loadall.so'

[sininspira2]

If I'm not mistaken, this is the error log when you're logged in as root and open Wireshark. Have you tried a non-root user?

[blshkv]

I'm porting your scripts to Pentoo Linux and it has to be installed into a system dir.

Could you push libraries (util.lua, security.lua) into a separate directory and load it similar to nmap: https://github.com/nmap/nmap/blob/master/nse_main.lua#L136

[blshkv]

https://stackoverflow.com/questions/9145432/load-lua-files-by-relative-path This could be a better way

[blshkv]

I'm reading an example of require function under wireshark: https://wiki.wireshark.org/Lua/Examples

There are the following 3 ways:

By putting both scripts in the personal plugins directory.
By loading fileshark_pcap.lua from init.lua using dofile().
By loading fileshark_pcap.lua from the command line using the '-X lua_script:fileshark_pcap.lua' argument, for either Tshark or Wireshark.

The current way (in the personal folder) works just fine. Unfortunately, non of them able to load a library script from a global folder (or I just unable to find a way).

Could you investigate or redesign scripts so it would be possible to ship them pre-installed with a distro?

Thanks

[sininspira2]

I'm just a random guy following the project and got notified and saw a similar error log to a problem I had previosuly, sorry lol.

[nishantsharmax]

@blshkv we are looking into it and will share the updates with you.

Thanks for using our tool!

[nishantsharmax]

@blshkv We have created a global plugin directory compatible version of the toolkit here: https://github.com/pentesteracademy/patoolkit/tree/global-plugins

Please check and let us know if you still face issues.

[blshkv]

nice, it works!

[nishantsharmax]

Great. Closing the issue.

[blshkv]

Sorry, I wanted to suggest to rename the LUA_PATH env variable into something less generic, more unique and project specific.

How about LIBPATOOLKIT_PATH for example?

[nishantsharmax]

@blshkv as per our current understanding, if we use any other environment variable name, it will require some additional work. So, for now, we are sticking to this one.

Thanks for asking.

[blshkv]

The generic name will likely couse some problems in future, since it points to your library, not a LUA path. So the very first question would be.. How do you install two plugins like yours?

[nishantsharmax]

@blshkv our mistake. We forgot to mention that you don't need to overwrite the variable but to append the plugins path to it. So, now one can append multiple plugins using the same variable. We have updated the README too. Thanks!

[blshkv]

yeap, that will work. Thanks!