search

RedSiege / EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
https://www.christophertruncer.com/eyewitness-usage-guide/
GNU General Public License v3.0
5.02k stars 851 forks source link

Odd crash, possibly selenium #567

Closed digininja closed 6 months ago

digininja commented 2 years ago

OS Used - ALL Information (architecture, linux flavor, etc.)

└─$ lsb_release -a
No LSB modules are available.
Distributor ID: Kali
Description:    Kali GNU/Linux Rolling
Release:        2021.3
Codename:       kali-rolling

Pastebin link to error you are encountering

Don't know what caused this, was running OK before and afterwards.

Used an nmap XML file as input and there are no dodgy IPs that I can see. All screenshots are being done by IP not hostname so don't think that is to blame.

Attempting to screenshot http://1.2.3.4
Attempting to screenshot https://1.2.3.4
Attempting to screenshot http://1.2.3.5
Process Process-2:
Traceback (most recent call last):
  File "/usr/lib/python3.9/multiprocessing/process.py", line 315, in _bootstrap
    self.run()
  File "/usr/lib/python3.9/multiprocessing/process.py", line 108, in run
    self._target(*self._args, **self._kwargs)
  File "/home/abc/tools/EyeWitness/Python/EyeWitness.py", line 280, in worker_thread
    http_object, driver = capture_host(
  File "/home/abc/tools/EyeWitness/Python/modules/selenium_module.py", line 210, in capture_host
    opened = urllib.request.urlopen(req, context=context)
  File "/usr/lib/python3.9/urllib/request.py", line 214, in urlopen
    return opener.open(url, data, timeout)
  File "/usr/lib/python3.9/urllib/request.py", line 517, in open
    response = self._open(req, data)
  File "/usr/lib/python3.9/urllib/request.py", line 534, in _open
    result = self._call_chain(self.handle_open, protocol, protocol +
  File "/usr/lib/python3.9/urllib/request.py", line 494, in _call_chain
    result = func(*args)
  File "/usr/lib/python3.9/urllib/request.py", line 1389, in https_open
    return self.do_open(http.client.HTTPSConnection, req,
  File "/usr/lib/python3.9/urllib/request.py", line 1346, in do_open
    h.request(req.get_method(), req.selector, req.data, headers,
  File "/usr/lib/python3.9/http/client.py", line 1285, in request
    self._send_request(method, url, body, headers, encode_chunked)
  File "/usr/lib/python3.9/http/client.py", line 1326, in _send_request
    self.putheader(hdr, value)
  File "/usr/lib/python3.9/http/client.py", line 1262, in putheader
    if _is_illegal_header_value(values[i]):
TypeError: expected string or bytes-like object
Attempting to screenshot http://1.2.3.6
[*] Hit timeout limit when connecting to http://1.2.3.7, retrying
Attempting to screenshot https://1.2.3.8

Expected behaviour (vs. what you encountered)

Perfect software, no bugs, I expect better from Mr Chris!

Any additional information

Pork scratching ice cream rocks!

digininja commented 1 year ago

14 months on and hit the same bug again, just new line numbers this time.

Attempting to screenshot https://10.216.60.111
Process Process-6:
Traceback (most recent call last):
File "/usr/lib/python3.11/multiprocessing/process.py", line 314, in _bootstrap
self.run()
File "/usr/lib/python3.11/multiprocessing/process.py", line 108, in run
self._target(*self._args, **self._kwargs)
File "/home/abc/tools/EyeWitness/Python/./EyeWitness.py", line 292, in worker_thread
http_object, driver = capture_host(
^^^^^^^^^^^^^
File "/home/abc/tools/EyeWitness/Python/modules/selenium_module.py", line 223, in capture_host
opened = urllib.request.urlopen(req, context=context)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 216, in urlopen
return opener.open(url, data, timeout)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 519, in open
response = self._open(req, data)
^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 536, in _open
result = self._call_chain(self.handle_open, protocol, protocol +
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 496, in _call_chain
result = func(*args)
^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 1391, in https_open
return self.do_open(http.client.HTTPSConnection, req,
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3.11/urllib/request.py", line 1348, in do_open
h.request(req.get_method(), req.selector, req.data, headers,
File "/usr/lib/python3.11/http/client.py", line 1282, in request
self._send_request(method, url, body, headers, encode_chunked)
File "/usr/lib/python3.11/http/client.py", line 1323, in _send_request
self.putheader(hdr, value)
File "/usr/lib/python3.11/http/client.py", line 1259, in putheader
if _is_illegal_header_value(values[i]):
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
TypeError: expected string or bytes-like object, got 'NoneType'
Attempting to screenshot http://10.216.61.1

I've repeated the scan of just the IPs around the ones where it broke and the scan worked fine so probably some odd race condition or timeout problem that isn't being handled correctly rather than a bug in the code.

Relkci commented 6 months ago

@digininja is this still an issue after the selenium updates?

digininja commented 6 months ago

I've not seen it since 2023 so no, it is probably solved.