panic: runtime error: index out of range about termshark HOT 8 CLOSED

Thanks for reporting this. Please post tshark -v

from termshark.

I think I found where my issue is.

it's related to Wireshark and Tshark version, you require v3.0

I only have v2.6.8 on my kali system

from termshark.

Cheers. Closing this - let us know if it's not tshark version.

from termshark.

I think v2.6.8 is fine, that's the version I'm running. I only found problems with versions < 1.10.2 from a few years back. I'll re-open this to investigate. Just to confirm, @jJit0 , that the problem still exists for you? Can you let us know if you're able to get data back from a command like this:

tshark -i wlan0 -T psml -o gui.column.format:"No.","%m","Time","%t","Source","%s","Destination","%d","Protocol","%p","Length","%L","Info","%i"

Thanks!

from termshark.

Hello gcla,

Here is output of your command

`tshark -i wlan0 -T psml -o gui.column.format:"No.","%m","Time","%t","Source","%s","Destination","%d","Protocol","%p","Length","%L","Info","%i"
Running as user "root" and group "root". This could be dangerous.

Capturing on 'wlan0'

^C

14 packets captured

`

I also installed termshark from Debian unstable, but I still have the same error.
my wireshark version is 2.6.8-1.1

from termshark.

Hi @jJit0 - thanks for the output, and most strange - here's the sort of thing I see

gcla@elgin:~$ tshark -i wlan1 -T psml -o gui.column.format:"No.","%m","Time","%t","Source","%s","Destination","%d","Protocol","%p","Length","%L","Info","%i"
<?xml version="1.0" encoding="utf-8"?>
<psml version="0" creator="wireshark/2.6.8">
<structure>           
<section>No.</section>                                                              
<section>Time</section>
<section>Source</section>
<section>Destination</section>
<section>Protocol</section>
<section>Length</section>     
<section>Info</section>          
</structure>                    
                      
Capturing on 'wlan1'  
<packet>                                                                                                                                          
<section>1</section>
<section>0.000000000</section>
<section>192.168.86.246</section>
<section>52.21.251.252</section>
<section>TLSv1.2</section>    
<section>129</section>          
<section>Application Data</section>
</packet>             
...

i.e. XML output. Is it possible you have an old tshark in your PATH that is overriding the one from the wireshark package you're installing? But that doesn't quite add up because termshark, by default, picks the tshark that would come first in PATH and checks to make sure the version is compatible. So it would seem whatever tshark is being run on your machine is validated by termshark... Maybe the tshark you're installing somehow doesn't have XML support compiled in? Clutching at straws here :)

A couple of things:

• could you run tshark -v and paste the output?
• in ~/.config/termshark/termshark.toml you can set a specific tshark to use e.g.

[main]
  tshark = "/opt/wireshark-2.6.8/bin/tshark"

Maybe point it to the tshark that is part of the wireshark package, and see if that helps?

from termshark.

Hi gcla,

No need for all that, you just gave me the clue to look into /root/.config/wireshark.
Brilliant idea ;-)
The problem was in wireshark different columns, in fact.

I use to disable N°, Time and Length columns, to have more readability on packets, and by enabling them, termshark worked again.

Give it a try, and tell me if it's reproducible for you too.

It can be problematic, if you want to disable some columns in wireshark. I hope there will be a fix in next major release

from termshark.

Aha - yes, you're right, the column choices are currently fixed in termshark, unfortunately. :-/ I'll close this issue and open a feature request for configurable columns.

from termshark.