File "zeus.py", line 419, in <module>
auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch
File "zeus.py", line 380, in __run_attacks
main_xss(url, verbose=verbose, proxy=proxy_to_use, agent=agent_to_use, tamper=opt.tamperXssPayloads)
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 143, in main_xss
with open(filename) as urls:
TypeError: coercing to Unicode: need string or buffer, tuple found
2017-09-30 08:22:11,214;zeus-log;DEBUG;verifying operating system...
2017-09-30 08:22:11,231;zeus-log;DEBUG;already ran, skipping...
2017-09-30 08:22:11,232;zeus-log;DEBUG;running with options '{'runInVerbose': True, 'runXssScan': True, 'dorkToUse': 'incontent:admin'}'...
2017-09-30 08:22:11,233;zeus-log;INFO;log file being saved to '/home/baal/bin/python/zeus-scanner/log/zeus-log-100.log'...
2017-09-30 08:22:11,233;zeus-log;DEBUG;using default search engine (Google)...
2017-09-30 08:22:11,233;zeus-log;INFO;using default search engine...
2017-09-30 08:22:11,233;zeus-log;INFO;starting dork scan with query 'incontent:admin'...
2017-09-30 08:22:11,234;zeus-log;DEBUG;checking for user-agent and proxy configuration...
2017-09-30 08:22:11,234;zeus-log;INFO;attempting to gather query URL...
2017-09-30 08:22:11,234;zeus-log;DEBUG;setting up the virtual display to hide the browser...
2017-09-30 08:22:11,938;zeus-log;INFO;firefox browser display will be hidden while it performs the query...
2017-09-30 08:22:11,938;zeus-log;WARNING;your web browser will be automated in order for Zeus to successfully bypass captchas and API calls. this is done in order to grab the URL from the search and parse the results. please give selenium time to finish it's task...
2017-09-30 08:22:11,938;zeus-log;DEBUG;running selenium-webdriver and launching browser...
2017-09-30 08:22:11,938;zeus-log;DEBUG;adjusting selenium-webdriver user-agent to 'Zeus-Scanner(v1.0.23)::Python->v2.7'...
2017-09-30 08:22:33,011;zeus-log;INFO;browser will open shortly...
2017-09-30 08:22:34,688;zeus-log;DEBUG;searching search engine for the 'q' element (search button)...
2017-09-30 08:22:34,807;zeus-log;INFO;searching 'http://google.com' using query 'incontent:admin'...
2017-09-30 08:22:38,413;zeus-log;DEBUG;obtaining URL from selenium...
2017-09-30 08:22:38,425;zeus-log;DEBUG;found current URL from selenium browser...
2017-09-30 08:22:38,426;zeus-log;INFO;closing the browser and continuing process..
2017-09-30 08:22:38,926;zeus-log;INFO;URL successfully gathered, searching for GET parameters...
2017-09-30 08:22:38,928;zeus-log;INFO;no proxy configuration detected...
2017-09-30 08:22:39,411;zeus-log;INFO;adjusting user-agent header to default user agent 'Zeus-Scanner(v1.0.23)::Python->v2.7'...
2017-09-30 08:22:39,447;zeus-log;DEBUG;found 'http://www.youtube.com/results?gl=US&tab=w1'...
2017-09-30 08:22:39,448;zeus-log;DEBUG;found 'http://opensolution.org/forum/?iTopic=2093'...
2017-09-30 08:22:39,448;zeus-log;DEBUG;found 'http://www-01.ibm.com/support/docview.wss?uid=swg22001831'...
2017-09-30 08:22:39,449;zeus-log;INFO;found a total of 3 URL's with a GET parameter...
2017-09-30 08:22:39,449;zeus-log;INFO;saving found URL's under '/home/baal/bin/python/zeus-scanner/log/url-log/url-log-44.log'...
2017-09-30 08:22:41,399;zeus-log;INFO;loading payloads...
2017-09-30 08:22:41,468;zeus-log;DEBUG;a total of 298 payloads loaded...
2017-09-30 08:22:41,488;zeus-log;INFO;payloads will be written to a temporary file and read from there...
2017-09-30 08:22:41,496;zeus-log;INFO;loaded URL's have been saved to '('/tmp/tmpFjFK26', 'test')'...
2017-09-30 08:22:41,496;zeus-log;INFO;testing for XSS vulnerabilities on host 'http://www.youtube.com/results?gl=US&tab=w1'...
2017-09-30 08:22:41,496;zeus-log;ERROR;[7;31;31mran into exception 'coercing to Unicode: need string or buffer, tuple found' exception has been saved to log file...
Traceback (most recent call last):
File "zeus.py", line 419, in <module>
auto=opt.autoStartSqlmap, verbose=opt.runInVerbose, batch=opt.runInBatch
File "zeus.py", line 380, in __run_attacks
main_xss(url, verbose=verbose, proxy=proxy_to_use, agent=agent_to_use, tamper=opt.tamperXssPayloads)
File "/home/baal/bin/python/zeus-scanner/lib/attacks/xss_scan/__init__.py", line 143, in main_xss
with open(filename) as urls:
TypeError: coercing to Unicode: need string or buffer, tuple found
2017-09-30 08:22:41,526;zeus-log;INFO;[32mZeus got an unexpected error and will automatically create an issue for this error, please wait...[0m
2017-09-30 08:22:41,526;zeus-log;INFO;[32mgetting authorization...[0m
2017-09-30 08:22:41,542;zeus-log;INFO;[32mextracting traceback from log file...[0m
Error info:
Running details:
Linux-4.10.0-33-generic-x86_64-with-Ubuntu-17.04-zesty
Commands used:
zeus.py -d incontent:admin -x --verbose
Log file info: