Author Topic: Running wireshark with sudo or gksudo (fix) !  (Read 6393 times)

ZEROF

  • Hero Member
  • *****
  • Posts: 1244
    • View Profile
    • Pen Tester
on: June 21, 2012, 02:07:41 PM
Hi all,

If you try to run wireshark as root you will get this error :

Code: [Select]
sudo wireshark


To fix this error message open terminal any type :

Code: [Select]
sudo -i
nano /etc/wireshark/init.lua

Find line disable_lua = false and replace with disable_lua = true

Save and restart wireshark !
« Last Edit: June 21, 2012, 02:16:20 PM by ZEROF »


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*


weVeg

  • Hero Member
  • *****
  • Posts: 737
    • View Profile
Reply #1 on: June 21, 2012, 02:26:39 PM
thanks ZEROF, fixed :)

una voce libera รจ sempre liberatrice
under_r00t


hackme

  • Newbie
  • *
  • Posts: 13
    • View Profile
Reply #2 on: July 10, 2012, 09:08:40 AM
Thanks ... it work!
fixed!



gayungan

  • Newbie
  • *
  • Posts: 13
    • View Profile
Reply #3 on: July 11, 2012, 04:20:31 AM
wonderfull.. nice..awesome



encrypted

  • Newbie
  • *
  • Posts: 9
    • View Profile
Reply #4 on: July 16, 2012, 03:51:43 PM
Hello ZEROF,

I want to thank you for posting that info - simply because I was doing a lot more work for the same product. Here is what I did to run as non-root but capture packets:
Code: [Select]
sudo apt-get install libcap2-bin ... then I had to create groups and lock that in..
Code: [Select]
groupadd wireshark
usermod -a -G wireshark stretch
newgrp wireshark
chgrp wireshark /usr/bin/dumpcap
chmod 750 /usr/bin/dumpcap
lastly... you had to give the ability to capture..
Code: [Select]
setcap cap_net_raw,cap_net_admin=eip /usr/bin/dumpcap

I think I rather fiddle with the /etc/wireshark/init.lua more than anything else.

Ciao.
E.



ZEROF

  • Hero Member
  • *****
  • Posts: 1244
    • View Profile
    • Pen Tester
Reply #5 on: July 16, 2012, 05:18:36 PM
Hi encrypted,

I know about that solution, but i preffered to find why this true/false issue made me crazy :).

Cheers !


Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*