[FIXED] Python KeyError: 'flags', when running BlueBorne script

Issue

I am trying to run the file l2cap_infra.py with Python 2, but I am getting the following error:

Traceback (most recent call last):
  File "l2cap_infra.py", line 524, in <module>
    main(*sys.argv[1:])
  File "l2cap_infra.py", line 508, in main
    l2cap_loop, _ = create_l2cap_connection(src_hci, dst_bdaddr, pcap_path=pcap_path)
  File "l2cap_infra.py", line 489, in create_l2cap_connection
    handle_information_negotiation_process(l2cap_loop)
  File "l2cap_infra.py", line 425, in handle_information_negotiation_process
    l2cap_loop.send(info_req)
  File "l2cap_infra.py", line 142, in send
    self._sock.send(packet)
  File "l2cap_infra.py", line 213, in send
    self.send_fragment(Raw(str(l2cap)[i:i+L2CAP_DEFAULT_MTU]), i == 0)
  File "l2cap_infra.py", line 223, in send_fragment
    hci = HCI_Hdr() / HCI_ACL_Hdr(handle=scapy_handle, flags=scapy_flags) / frag
  File "/usr/local/lib/python2.7/dist-packages/scapy/base_classes.py", line 227, in __call__
    i.__init__(*args, **kargs)
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 135, in __init__
    self.fields[f] = self.get_field(f).any2i(self, v)
  File "/usr/local/lib/python2.7/dist-packages/scapy/packet.py", line 170, in get_field
    return self.fieldtype[fld]
KeyError: 'flags'

This might be a version conflict; I had a similar problem and I had to edit a file in /usr/local/lib/python2.7/.

What code do I have to change in that linked file or in one of my pip libraries to make this code work?

Solution

It seems it's a compatibility issue between BlueBorne and Scapy.

You (most likely) have installed the latest Scapy version (v2.4.0), which dropped the fields kwarg from scapy.layers.bluetooth.HCI_ACL_Hdr's initializer, while BlueBorne (l2cap_infra.py, and possibly others) was not updated (or branched) accordingly.

The latest version that still has it is v2.3.3 ([GitHub]: secdev/scapy - (v2.3.3) scapy/scapy/layers/bluetooth.py).

Possible solutions:

• Uninstall your current Scapy version (pip uninstall scapy) and install v2.3.3 (pip install scapy==2.3.3). Probably, this is the simplest (and most suitable) for you ([PyPI]: scapy 2.3.3)
• Submit a bug to BlueBorne and wait for them to add support for newer Scapy versions
• Fix it yourself ("fields" (v2.3.3) to "PB" + "BC" (v2.4.0) kwargs conversion), and maybe submit a patch :)

Answered By - CristiFati