Home page logo
/

wireshark logo Wireshark mailing list archives

Re: Is the execution of lua script user-dependend ?
From: Hadriel Kaplan <hadrielk () yahoo com>
Date: Sat, 22 Mar 2014 09:33:20 -0700 (PDT)

I should have mentioned" if you want to override that behavior, change that line to this:

    run_user_scripts_when_superuser = true

But note that the above line will get over-written the next time you compile or install wireshark, because init.lua 
will be replaced.

-hadriel




On Saturday, March 22, 2014 12:22 PM, Hadriel Kaplan <hadrielk () yahoo com> wrote:
 
Look in the init.lua file in your global config directory.  It will have this line:

    run_user_scripts_when_superuser = false


That's the default, so wireshark won't load your script when you do sudo.  It's done that way for safety, since  a Lua 
script can do basically anything it wants.


-hadriel




On Saturday, March 22, 2014 11:57 AM, Toralf Förster <toralf.foerster () gmx de> wrote:
 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

/me wonders why as a common user the LUA script is executed whwreas as sudo it won't print the hello world :

tfoerste () n22 ~/devel/wireshark $ cat hello.lua
-
 -- hello.lua
- -- Lua's implementation of D. Ritchie's hello world program.
   print("hello world!")
- --
- --

tfoerste () n22 ~/devel/wireshark $ ./tshark -X lua_script:hello.lua
hello world!
tshark: There are no interfaces on which a capture can be done


tfoerste () n22 ~/devel/wireshark $ sudo ./tshark -X lua_script:hello.lua
Running as user "root" and group "root". This could be dangerous.
Capturing on 'wlp3s0'
  1 16:40:09.559696 62.231.75.133 -> 192.168.178.21 TCP 236 afs3-fileserver → 35798 [PSH, ACK] Seq=1 Ack=1 Win=520 
Len=170
  2 16:40:09.559792 192.168.178.21 -> 62.231.75.133 TCP 66 35798 → afs3-fileserver [ACK] Seq=1 Ack=171 Win=1304 Len=0
  3 16:40:09.822955 192.168.178.1 -> 239.255.255.250 SSDP 165 M-SEARCH * HTTP/1.1
  4
 16:40:09.823733 fe80::a96:d7ff:fe05:f928 -> ff02::c      SSDP 179 M-SEARCH * HTTP/1.1
^C4 packets captured


- -- 
MfG/Sincerely
Toralf Förster
pgp finger print:1A37 6F99 4A9D 026F 13E2 4DCF C4EA CDDE 0076 E94E
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iF4EAREIAAYFAlMtrzcACgkQxOrN3gB26U6T3QD/TsHPGLqRq1/XPCAv7Nru+zpz
a+LQikNYgxgzfl36B1IA/1O2NbW+zXx2F2hw4qDvkNQl/j5B/pbvrs1/On8y8liF
=Agst
-----END PGP SIGNATURE-----
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe



___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe
___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    http://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]