search

RedSiege / EyeWitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
https://www.christophertruncer.com/eyewitness-usage-guide/
GNU General Public License v3.0
4.98k stars 846 forks source link

--single fails if proxy can't see site #622

Open digininja opened 1 year ago

digininja commented 1 year ago

OS Used - ALL Information (architecture, linux flavor, etc.)

Kali fully up to date

Error you are encountering

The background, I was trying to test an install against a local Nessus instance so I ran this:

$ ./EyeWitness.py  --single https://localhost:8834 -d /tmp/ness

This should create a report in /tmp/ness but instead it dumped the HTML from the page to screen.

It created /tmp/ness and put the source and screenshot in it, but it didn't create the report.html file.

When the script runs I see:

################################################################################
#                                  EyeWitness                                  #
################################################################################
#           Red Siege Information Security - https://www.redsiege.com           #
################################################################################

Message: <!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2020 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" CONTENT="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--

--- SNIP ---

<hr>
<div id="footer">
<p>Generated Wed, 30 Aug 2023 08:54:10 GMT by xxx (squid/5.2)</p>
<!-- ERR_CONNECT_FAIL -->
</div>
</body></html>

The mention of squid made me realise that I'd ran this earlier in the same session so I could get EW installed:

export http_proxy=http://localhost:3128
export https_proxy=http://localhost:3128

So EW is obeying the export and trying to use the proxy, the proxy is working in a way that means it can't see the local box (long story) and so EW can't get the screenshot.

Instead of failing gracefully, it dumps the HTML from the proxy to screen but still manages to create the report directory.

I can help create a test environment for this if you need one.

Relkci commented 5 months ago

623 related; this is already in a Try: where the driver in a thread is giving a stdout. Fix might be to handle the thread differently to catch the error, or -- silence stdout inside the Try