search

GoVanguard / legion

Legion is an open source, easy-to-use, super-extensible and semi-automated network penetration testing tool that aids in discovery, reconnaissance and exploitation of information systems.
GNU General Public License v3.0
993 stars 169 forks source link

Screenshot fail under Kali #255

Open carlo0501 opened 1 week ago

carlo0501 commented 1 week ago

When running legion 0.4.3 in kali, screenshot taking fails with an error about selenium driver. Apparently, check if application is running in kali (module kali() in auxiliary.py) has a mistake. str(platform.uname().release) returns only kali version string ('6.8.11-amd64' on my machine) str(platform.uname().node) should be used instead.

fritz-fritz commented 5 days ago

A better description would be “isKali() check fails” though yes I found this while investigating why screenshots failed.

Your proposed fix would not fix the check on my system. A better check would be on the version string which could be added without breaking the existing check like so:

release = str(platform.uname().release).lower()
version = str(platform.uname().version).lower()
return "kali" in release or "kali" in version

Also note that the kali package does not actually require eyewitness which the screenshooter.py will attempt when isKali() returns true. The control file offers an OR in the depends which meant on my system Legion was installed without it as cutyacapt was installed and met the dependency.

Seems like the screenshooter.py code could use some serious refactoring overall as selenium has deprecated PhantomJS.

I would suggest instead of hardcoding the method by platform to instead to test for what is installed in order of preference by shutil.which().