GeoIP unreadable file html
Hello guys,
First, I tried to look about this problem over the Internet and on this forum as well and didn't find any useful information.
I'm not fluent in English, so sorry for any language's mistake.
I'm diving into Wireshark, already read the User's manual, currently reading the Wireshark Network Analysis book by Laura Chappell and I'm actually encountering an issue regarding GeoIP.
I downloaded the mmdb files, put into a folder, linked Wireshark to the folder in the preferences. I have the "Map" button in Statistics > Endpoints, however when I click on "Open in a browser.." nothing happens.
I tried to export a HTML file ("Save as" button), and when I click to open it I can read this message on my browser (Firefox 74.0 / Ubuntu 19.10) :
Tried to apply a chmod 777 to the file, then a blank page opens, and that's all.
If someone can help me, I would appreciate. I'm currently preparing the WCNA :)
Thanks
EDIT : When I open Wireshark through a terminal, and then I click on "OPen in a browser.." here is what I see :
[code]05:35:10.030 Main Warn QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /run/user/1000/gdm/Xauthority which is owned by kevin.)
"my" variable $file masks earlier declaration in same scope at /usr/bin/run-mailcap line 339.
Can't use string ("action") as a SCALAR ref while "strict refs" in use at /usr/bin/run-mailcap line 329.
Opening "/tmp/ipmap_20200325053510_CLhQoy.html" with Firefox Web Browser (text/html)
Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /run/user/1000/gdm/Xauthority which is owned by kevin.)
[9085:9085:0325/053510.280308:ERROR:zygote_host_impl_linux.cc(89)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
Running Firefox as root in a regular user's session is not supported. ($XAUTHORITY is /run/user/1000/gdm/Xauthority which is owned by kevin.)
/usr/bin/xdg-open: 870: iceweasel: not found
/usr/bin/xdg-open: 870: seamonkey: not found
/usr/bin/xdg-open: 870: mozilla: not found
/usr/bin/xdg-open: 870: epiphany: not found
/usr/bin/xdg-open: 870: konqueror: not found
/usr/bin/xdg-open: 870: chromium: not found
/usr/bin/xdg-open: 870: chromium-browser: not found
[9116:9116:0325/053510.322255:ERROR:zygote_host_impl_linux.cc(89)] Running as root without --no-sandbox is not supported. See https://crbug.com/638180.
/usr/bin/xdg-open: 870: www-browser: not found
/usr/bin/xdg-open: 870: links2: not found
/usr/bin/xdg-open: 870: elinks: not found
/usr/bin/xdg-open: 870: links: not found
/usr/bin/xdg-open: 870: lynx: not found
/usr/bin/xdg-open: 870: w3m: not found
xdg-open: no method available for opening 'file:///tmp/ipmap_20200325053510_CLhQoy.html'
[/code]
Comments
From your output:
Are you running Wireshark as root? If so, DON'T DO THAT.
See the README.Debian file for instructions on how to configure your system to not require root privs to capture.
Doing this may or may not fix your issue.
Thanks for your help Grahamb :)
Yeah I was doing that, I reconfigured everything to run in user's mode, defined one more time the preferences and the location of the GeoIP folder, however when I click on "Open in a browser..." the page is still blank. I read that there is some troubles regarding the last version of Firefox, so I installed Chrome, and same things
I think something is wrong with the file, isn't it ?
https://imgur.com/YZwrajs
There seem to be some shenanigans with the temporary file handling, AFAICT from my Debian based dev. build. BTW: you never stated which Wireshark version you're running.
Qt 5.12.5 on Debian/testing, I'm seeing two problems with the development build:
EndpointDialog::createMapif I don't calltf.fileName()before thefclose(fp)the returned QUrl is empty.EndpointDialog::createMapit seems thattf.setAutoRemove(false)has no effect, since the temporary file is removed regardless.Was there any resolution for this? I have the same issue in Kali with Wireshark 3.2.8. I run as root and save the map in ipmap.html. Then, try to open in Firefox or Chromium and the page is blank. BTW, when I run Wireshark as non-root user in Kali the coloring is all messed up inside the menus and I cannot even see the options, i.e. in Preferences and in Endpoints. What could be the issue here?