search

InQuest / omnibus

The OSINT Omnibus (beta release)
MIT License
316 stars 69 forks source link

ConnectionError #13

Closed DocKali closed 5 years ago

DocKali commented 5 years ago

Hi,

I clone this tool in my repo (Kali) and try to test it. Requirements.txt are fully installed, I can create a new session but when I try to create an artifact to investigate on, I have the following message : EXCEPTION of type 'ConnectionError' occurred with message: 'Error 111 connecting to 127.0.0.1:6379. Connection denied.'

The error seems to come from pymongo. I tried to install mongodb via apt-get install. Install is OK, service starts well but always the same message. Ports are open and redirected, I don't understand where the error come from.

Any help is welcome...

Thank you!!

deadbits commented 5 years ago

Hi @DocKali, It sounds like Redis isn't running or able to be connected to (port 6379 is Redis' default port). Omnibus needs both MongoDB and Redis running side by side. Do you have this setup as well?

I could take look at the error output if you'd like to make sure that's what is happening. Could you please run omnibus-cli like this: python omnibus-cli.py --debug, and send me an example of the command this happens with and the full Python exception output that's printed afterwards?

Thank you!

DocKali commented 5 years ago

Hi @deadbits,

Thank you for your answer. I try to open and redirect Redis' port but I've already the same error. Strange that the connection failed when ports are open and redirected, I can't understand where the problem is.

Here you have the full output exception :

``Traceback (most recent call last): File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 1653, in onecmd_plus_hooks stop = self.onecmd(statement) File "/usr/local/lib/python2.7/dist-packages/cmd2.py", line 1848, in onecmd stop = func(statement) File "omnibus-cli.py", line 249, in do_new for key in self.session.db.scan_iter(): File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 1489, in scan_iter cursor, data = self.scan(cursor=cursor, match=match, count=count) File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 1476, in scan return self.execute_command('SCAN', pieces) File "/usr/local/lib/python2.7/dist-packages/redis/client.py", line 673, in execute_command connection.send_command(args) File "/usr/local/lib/python2.7/dist-packages/redis/connection.py", line 610, in send_command self.send_packed_command(self.pack_command(*args)) File "/usr/local/lib/python2.7/dist-packages/redis/connection.py", line 585, in send_packed_command self.connect() File "/usr/local/lib/python2.7/dist-packages/redis/connection.py", line 489, in connect raise ConnectionError(self._error_message(e)) ConnectionError: Error 111 connecting to 127.0.0.1:6379. Connexion refusée. EXCEPTION of type 'ConnectionError' occurred with message: 'Error 111 connecting to 127.0.0.1:6379. Connexion refusée.'

deadbits commented 5 years ago

This still looks to me like Redis isn't running or isn't properly listening ton 127.0.0.1:6379.

The error is coming from the redis library, not Omnibus itself:

self.connect()
File "/usr/local/lib/python2.7/dist-packages/redis/connection.py", line 489, in connect
raise ConnectionError(self._error_message(e))
ConnectionError: Error 111 connecting to 127.0.0.1:6379. Connexion refusée.

If you are on a Linux host, run lsof -nPi and verify that the redis-server process is running and listening on port 6379. Also netstat -tulpn will show you all listening processes and their ports. This should verify that redis is indeed active and on the right port.

Only other thing I can think of is that maybe you have redis password protected? But that would throw a different exception.

Sorry I can't be of much help here, this is sort of outside of the scope of Omnibus itself as it's more Redis / networking issues.

deadbits commented 5 years ago

Also, what do you mean by " I try to open and redirect Redis' port" ? you shouldn't need to redirect any ports. Simply install redis on your local system and run it. By default it'll open a socket on 127.0.0.1:6379 and that is all you should need.

DocKali commented 5 years ago

You were right, the problem came from redis. I uninstall and reinstall it and your tool run without problem now. Thank you for your help @deadbits !

deadbits commented 5 years ago

In the example below you can see I connect to Redis and start a session with the "session" command, then every time I use the "new" command it adds the artifact name to that Redis cache. To even create a new session, Redis must be running and listening on the host:port you have defined within etc/omnibus.conf , which defaults to 127.0.0.1:6379

image

deadbits commented 5 years ago

Anytime! Glad I could help On Aug 9, 2018, 9:27 AM -0400, DocKali notifications@github.com, wrote:

Closed #13. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub, or mute the thread.