Error building scapy IPv4 routing table : 'NoneType' object has no attribute 'group'

[JeongJuhyeon]

Posting because the previous thread with the previous error message got closed. If I'm not supposed to do that, apologies!

Environment: Windows 10 x64, Scapy 2.4.0 RC3 (or any other recent version), Npcap 0.98. Tried many things such as the (new in Win10?) "Network Reset", updating adapter drivers and so on, none of which have made a difference.

Running 'netsh interface ipv4 show address' in Powershell gives

Configuration for interface "Ethernet"
    DHCP enabled:                         Yes
    InterfaceMetric:                      5

Configuration for interface "Npcap Loopback Adapter"
    DHCP enabled:                         Yes
    IP Address:                           169.254.193.140
    Subnet Prefix:                        169.254.0.0/16 (mask 255.255.0.0)
    InterfaceMetric:                      25

Configuration for interface "Local Area Connection* 12"
    DHCP enabled:                         Yes
    InterfaceMetric:                      25

Configuration for interface "VMware Network Adapter VMnet1"
    DHCP enabled:                         No
    IP Address:                           192.168.139.1
    Subnet Prefix:                        192.168.139.0/24 (mask 255.255.255.0)
    InterfaceMetric:                      35

Configuration for interface "VMware Network Adapter VMnet8"
    DHCP enabled:                         No
    IP Address:                           192.168.29.1
    Subnet Prefix:                        192.168.29.0/24 (mask 255.255.255.0)
    InterfaceMetric:                      35

Configuration for interface "Wi-Fi"
    DHCP enabled:                         Yes
    IP Address:                           192.168.103.9
    Subnet Prefix:                        192.168.103.0/24 (mask 255.255.255.0)
    Default Gateway:                      192.168.103.1
    Gateway Metric:                       0
    InterfaceMetric:                      55

Configuration for interface "Bluetooth Network Connection"
    DHCP enabled:                         Yes
    InterfaceMetric:                      65

Configuration for interface "Loopback Pseudo-Interface 1"
    DHCP enabled:                         No
    IP Address:                           127.0.0.1
    Subnet Prefix:                        127.0.0.0/8 (mask 255.0.0.0)
    InterfaceMetric:                      75

More than anything I'd like to know if there would be a workaround, e.g. is there a way to manually set my IP?

[gpotter2]

Hi !

Could you return the content of the following commands:

• 1

  conf.prog.powershell

• 2

  from scapy.arch.windows import _get_metrics; _get_metrics()

• 3

  [x for x in exec_query(['Get-NetRoute', '-AddressFamily IPV4'], ['ifIndex', 'DestinationPrefix', 'NextHop', 'RouteMetric', 'InterfaceMetric'])]

• 4

  get_windows_if_list()

Thanks !

[JeongJuhyeon]

Sure!

• 1

  'C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe'

• 2

  AttributeError                            Traceback (most recent call last)
  <ipython-input-2-24a729b385b4> in <module>()
  ----> 1 from scapy.arch.windows import _get_metrics; _get_metrics()
  
  C:\Python27\lib\site-packages\scapy\arch\windows\__init__.pyc in _get_metrics(ipv6)
      859         if len(_buffer) == 32:  # An interface, with all its parameters, is 32 lines long
      860             if_index = re.search(_pattern, _buffer[3]).group(1)
  --> 861             if_metric = int(re.search(_pattern, _buffer[5]).group(1))
      862             res[if_index] = if_metric
      863             _buffer = []
  
  AttributeError: 'NoneType' object has no attribute 'group'

• 3

         [['19', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['7', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['5', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['6', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['13', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['21', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['11', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['1', '255.255.255.255/32', '0.0.0.0', '256', ''],
     ['19', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['7', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['5', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['6', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['13', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['21', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['11', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['1', '224.0.0.0/4', '0.0.0.0', '256', ''],
     ['11', '192.168.139.255/32', '0.0.0.0', '256', ''],
     ['11', '192.168.139.1/32', '0.0.0.0', '256', ''],
     ['11', '192.168.139.0/24', '0.0.0.0', '256', ''],
     ['7', '192.168.103.255/32', '0.0.0.0', '256', ''],
     ['7', '192.168.103.9/32', '0.0.0.0', '256', ''],
     ['7', '192.168.103.0/24', '0.0.0.0', '256', ''],
     ['21', '192.168.29.255/32', '0.0.0.0', '256', ''],
     ['21', '192.168.29.1/32', '0.0.0.0', '256', ''],
     ['21', '192.168.29.0/24', '0.0.0.0', '256', ''],
     ['13', '169.254.255.255/32', '0.0.0.0', '256', ''],
     ['13', '169.254.193.140/32', '0.0.0.0', '256', ''],
     ['13', '169.254.0.0/16', '0.0.0.0', '256', ''],
     ['1', '127.255.255.255/32', '0.0.0.0', '256', ''],
     ['1', '127.0.0.1/32', '0.0.0.0', '256', ''],
     ['1', '127.0.0.0/8', '0.0.0.0', '256', ''],
     ['7', '0.0.0.0/0', '192.168.103.1', '0', '']]

• 4

     [{'description': 'Ethernet',
      'guid': '{18BAEA38-D03F-4918-9CC1-82F26E0EA9AD}',
      'mac': 'FC:45:96:8C:BC:E2',
      'name': 'Realtek PCIe GBE Family Controller',
      'netid': 'Ethernet',
      'win_index': '6'},
     {'description': 'Wi-Fi',
      'guid': '{3362F3FD-2EDC-4734-B9FF-9993E38AD2CA}',
      'mac': '58:00:E3:E5:ED:3B',
      'name': 'Qualcomm Atheros QCA9377 Wireless Network Adapter',
      'netid': 'Wi-Fi',
      'win_index': '7'},
     {'description': 'Bluetooth Network Connection',
      'guid': '{0CE93136-79EC-4634-A215-B0701AD5B61D}',
      'mac': '58:00:E3:E5:ED:3C',
      'name': 'Bluetooth Device (Personal Area Network)',
      'netid': 'Bluetooth Network Connection',
      'win_index': '5'},
     {'description': 'VMware Network Adapter VMnet8',
      'guid': '{D93CCE5E-CA79-45D9-865D-C8E1D7332E91}',
      'mac': '00:50:56:C0:00:08',
      'name': 'VMware Virtual Ethernet Adapter for VMnet8',
      'netid': 'VMware Network Adapter VMnet8',
      'win_index': '21'},
     {'description': 'VMware Network Adapter VMnet1',
      'guid': '{3D96BFB5-6CA5-4AF4-A176-F5E5DB0C1F3B}',
      'mac': '00:50:56:C0:00:01',
      'name': 'VMware Virtual Ethernet Adapter for VMnet1',
      'netid': 'VMware Network Adapter VMnet1',
      'win_index': '11'},
     {'description': 'Npcap Loopback Adapter',
      'guid': '{45739832-0831-49DF-B43D-0588004D229F}',
      'mac': '02:00:4C:4F:4F:50',
      'name': 'Npcap Loopback Adapter',
      'netid': 'Npcap Loopback Adapter',
      'win_index': '13'}]

So I guess it seems like the problem might still be with looking up the InterfaceMetrics, like you alluded to in the previous thread (https://github.com/secdev/scapy/issues/1034). It's interesting that 'netsh interface ipv4 show address' does show all the devices to seemingly have the metrics, while the 'Get-NetRoute' command you mentioned in that thread failed to show them. Perhaps 'Get-NetRoute' has a bug?

[gpotter2]

Note that the full command is netsh interface ipv4 show interfaces level=verbose Could you return its content ?

Thanks

[JeongJuhyeon]

Here it is:

Interface Loopback Pseudo-Interface 1 Parameters

IfLuid : loopback_0 IfIndex : 1 State : connected Metric : 75 Link MTU : 4294967295 byt Reachable Time : 40500 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 0 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : disabled Neighbor Unreachability Detection : disabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface Wi-Fi Parameters

IfLuid : wireless_32768 IfIndex : 7 State : connected Metric : 55 Link MTU : 1500 bytes Reachable Time : 43500 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface Bluetooth Network Connection Parameters

IfLuid : ethernet_32769 IfIndex : 5 State : disconnected Metric : 65 Link MTU : 1500 bytes Reachable Time : 23000 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface Local Area Connection* 12 Parameters

IfLuid : wireless_32769 IfIndex : 19 State : disconnected Metric : 25 Link MTU : 1500 bytes Reachable Time : 41000 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface Ethernet Parameters

IfLuid : ethernet_32770 IfIndex : 6 State : disconnected Metric : 5 Link MTU : 1500 bytes Reachable Time : 27000 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface VMware Network Adapter VMnet1 Parameters

IfLuid : ethernet_32774 IfIndex : 11 State : connected Metric : 35 Link MTU : 1500 bytes Reachable Time : 41000 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface VMware Network Adapter VMnet8 Parameters

IfLuid : ethernet_32775 IfIndex : 21 State : connected Metric : 35 Link MTU : 1500 bytes Reachable Time : 43500 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

Interface Npcap Loopback Adapter Parameters

IfLuid : ethernet_32776 IfIndex : 13 State : connected Metric : 25 Link MTU : 65536 bytes Reachable Time : 25500 ms Base Reachable Time : 30000 ms Retransmission Interval : 1000 ms DAD Transmits : 3 Site Prefix Length : 64 Site Id : 1 Forwarding : disabled Advertising : disabled Neighbor Discovery : enabled Neighbor Unreachability Detection : enabled Router Discovery : dhcp Managed Address Configuration : enabled Other Stateful Configuration : enabled Weak Host Sends : disabled Weak Host Receives : disabled Use Automatic Metric : enabled Ignore Default Routes : disabled Advertised Router Lifetime : 1800 seconds Advertise Default Route : disabled Current Hop Limit : 0 Force ARPND Wake up patterns : disabled Directed MAC Wake up patterns : disabled ECN capability : application

[JeongJuhyeon]

I tried this:

query_cmd = "netsh interface ipv4 show interfaces level=verbose"
from scapy.arch.windows import _PowershellManager
POWERSHELL_PROCESS = _PowershellManager()
query_cmd
'netsh interface ipv4show interfaces level=verbose'

POWERSHELL_PROCESS.query([query_cmd])

[]

POWERSHELL_PROCESS.query(["1+1"])

[]

POWERSHELL_PROCESS.query("1+1")

[]

So it looks like the queries just aren't working at all for me for some reason. Yet when I type in an invalid query:

query_cmd_typo = "netGGsh interface ipv4 show interfaces level=verbose"
POWERSHELL_PROCESS.query([query_cmd])
[]
POWERSHELL_PROCESS.query([query_cmd_typo])
['At line:1 char:1',
 '+ netgsh interface ipv4show interfaces level=verbose; echo scapy_end',
 '+ ~~~~~~',
 '+ CategoryInfo          : ObjectNotFound: (netgsh:String) [], CommandNotFoundException',
 '+ FullyQualifiedErrorId : CommandNotFoundException',
 '']

So they are seemingly being evaluated, yet they return empty lists even when executed successfully. Maybe I could try disabling Powershell to see if I can make Scapy fall back on cmd..

[gpotter2]

Think i got the bug.

[gpotter2]

Could you check that https://github.com/secdev/scapy/pull/1081 fixes the bug ? You might download it via git or https://github.com/gpotter2/scapy/archive/fix-1079.zip

[JeongJuhyeon]

Seems like it's fixed!

>>> from scapy.arch.windows import _get_metrics; _get_metrics()
{'1': 75, '11': 35, '13': 25, '19': 25, '21': 35, '5': 65, '6': 5, '7': 55}

Thanks a lot :)