0xInfection / TIDoS-Framework

The Offensive Manual Web Application Penetration Testing Framework.
GNU General Public License v3.0
1.78k stars 392 forks source link

[Bug] => Unhandled exception on some modules #59

Closed RemakingEden closed 5 years ago

RemakingEden commented 6 years ago

Hi @0xInfection,

Thanks for the framework, I'm really enjoying working with it so far.

I'm new to Github and leaving issues so forgive me if I do anything wrong/miss anything off this report. I have seen on other issues you have requested debug info on the modules. I'm not entirely sure how to do this, however, I will give everything I can.

My system is Linux Mint and my Python version is Python 2.7.15rc1

The modules I am having an issue with are: (All of these come from using the Auto awesome feature)

   =====================================
    R E V E R S E   D N S   L O O K U P
   =====================================

 [!] Looking Up for Reverse DNS Info...
 [~] Result: 

 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: list index out of range
 [-] Returning back to main menu...
     ==================================
      G R A B   H T T P   H E A D E R S
     ===================================

 [!] Grabbing HTTP Headers...
 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: 'module' object has no attribute 'HTTPError'
 [-] Returning back to main menu...
    ================================
     HTTP STRICT TRANSPORT SECURITY
    ================================

 [*] Configuring headers...
 [*] Got any cookies? [just enter if none] :> 
 [*] Making the request...
 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: local variable 'flag' referenced before assignment
 [-] Returning back to main menu...

I'm also finding that when the error occurs none of the previous info is saved so the /opt/tidos/tmp/criteo.com-subdomains.lst is blank and there is nothing at all in /opt/tidos/tmp/logs/criteo.com-logs.

If I find any more I will add them, let me know if there is other info you need from me.

0xInfection commented 6 years ago

Thank you for raising this issue. I was always looking for these kinda issues. I'll push a patch within today. And yeah, if there are more, just bring them on. It will be a good fixing them.

And about the debug info, what I wanted was the website itself which in your case is criteo.com. And the rest you have provided.

0xInfection commented 6 years ago

Alright have a look at #60. These 3 bugs have been tested and fixed. You can try cloning the Fixing-#59 branch via git clone -b Fixing-#59 https://github.com/0xinfection/tidos-framework and tell me if the issue still has been fixed or not. 🙂

RemakingEden commented 6 years ago

Alright have a look at #60. These 3 bugs have been tested and fixed. You can try cloning the Fixing-#59 branch via git clone -b Fixing-#59 https://github.com/0xinfection/tidos-framework and tell me if the issue still has been fixed or not.

Thanks for the quick fix. Strangely enough with the branch you linked above I only get the reverse DNS lookup. Nothing else. The main menu etc does not even load. It was a fresh install after uninstall. Did you do something wrong?

RemakingEden commented 6 years ago

image

0xInfection commented 6 years ago

Oh shit, I forgot to revert the test environments.

Update: Fixed it. Just do a git pull and run python2 tidos.py file. No need to run the install file over again.

RemakingEden commented 6 years ago

Seems to be fixed. I won't have time to have a decent look until tomorrow but I will update when i'm sure. Thanks again!

RemakingEden commented 6 years ago

All the past ones seem to be working now. I have found some new issues. Linked below. Still going through everything so I will update soon.

   =================================
    S E S S I O N   F I X A T I O N
   =================================

 [*] Making the request...
 [+] Found cookie reflecting in headers...
 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: unsupported operand type(s) for +: 'RequestsCookieJar' and 'str'
 [-] Returning back to main menu...
    X S S  (Cookie Based)
    =======================

 [+] This website values session cookies...
 [*] Trying Payload :  <font style='color:expression(alert('XSS'))'>
 [+] Using !nfected cookie : !xBeMmlHzG/KrrcpTkGyUzli5QPYSH/CGWbHUBfFoDNYWehJOPxrhwkBkifkaG5uChydo7Q5BpRnuNYaXlttYQwBiDUZS46z/okfzKyl1 <font style='color:expression(alert('XSS'))'>
 [*] Trying Payload : ' onmouseover=alert(/Black.Spook/)
 [+] Using !nfected cookie : !ndDVKaEV/al80AFTkGyUzli5QPYSH6A5WPLm7dZoT8YpqTpHzIX/Xifke1tB4T4hRxA9/MjixRLbH9Zd0g6q/32WYibLC/QPQkNIg7ox' onmouseover=alert(/Black.Spook/)
 [*] Trying Payload : ";eval(unescape(location))//#  %0Aalert(0)
 [+] Using !nfected cookie : !P2WXKbNIky2gfhhTkGyUzli5QPYSHzL7GOElVk3ABKKKOKFYFP28d2rERrKBAY8lLfQfoI/ENRoiwNQb0W06nIv9TRrSaGoQGW2xM6HM";eval(unescape(location))//#  %0Aalert(0)
 [*] Trying Payload : "><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
 [+] Using !nfected cookie : !RTBDEqPpvyuCL1lTkGyUzli5QPYSH9Ty6iynpfkpVnEm+A6yEm5l++BtLwYdBg8/+yECqgaeDh+6fI8awypFGiuesVBNBzuW+v1TQ80T"><BODY onload!#$%&()*~+-_.,:;?@[/|\]^`=alert("XSS")>
 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: unexpected end of regular expression
 [-] Returning back to main menu...

^^ This happens with all XSS automatic tests

    ======================================
     S Q L i   H U N T E R (Auto Awesome)
    ======================================
  [It is recommended to run ScanEnum/Crawlers  
          before using this module] 

 [-] Path file not found!
 [*] Loading module SQLi...

 [!] Module Selected : Bruteforce Modules

 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: global name 'os' is not defined
 [-] Returning back to main menu...
0xInfection commented 6 years ago

I found the SQLi issue in both Auto Awesome modules. They all will be worked on.

Update: Alright, all these issues have been fixed in the above 5 commits, some have improved a lot in their functionality too! 💜

Test out the branch and let me know!

RemakingEden commented 6 years ago

Awesome :) Found a couple of other little things

    ===================================
      O S   F I N G E R P R I N T I N G
     ===================================

 [*] Initialising Module [1]...
 [*] Getting ip address...
 [+] Website IP : 178.250.0.144
 [*] Trying to identify operating system...
 [!] Configuring requests...
 [*] Getting raw data...
 [*] Analysing responses...
 [+] Operating System Identified : Windows

 [+] Module [1] Completed!
 [-] Unhandled Exception occured...
 [-] Exception : global name 'flag' is not defined
  =========================
    C M S   D E T E C T O R
   =========================

 [*] Parsing the web URL... 
 [!] URL successfully parsed !
 [*] Passive Fingerprinting CMS...
 [!] Setting priority to False...
 [*] Importing token...
 [+] Token detected : 756ab2cfa1ed5575a71e0714ef05c2e228f17b6b1476de7075f7f4d6b4978272376fb3
 [*] Active Fingerprinting CMS...

 [*] Parsing raw-data...
 [-] Unhandled runtime exception while execution...
 [-] Exception Encountered: global name 'domain' is not defined
 [-] Returning back to main menu...
0xInfection commented 6 years ago

Will be fixed within today. :)

Update: Alright they have been tested working and fixed in the two commits below.

0xInfection commented 5 years ago

I guess everything has been working as intended. So yeah, for now I am closing this as fixed. Since, this fixes a lot of bugs, I wouldn't like the PR to be hanging. So yeah, thank you so much for your contribution. If you find some other bugs out there, just don't hesitate to pull up an issue.

RemakingEden commented 5 years ago

I guess everything has been working as intended. So yeah, for now I am closing this as fixed. Since, this fixes a lot of bugs, I wouldn't like the PR to be hanging. So yeah, thank you so much for your contribution. If you find some other bugs out there, just don't hesitate to pull up an issue.

Thanks mate, ive lost all my time since moving to Japan. If I get some more time I will look over everything again :)