search

RhinoSecurityLabs / pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
https://rhinosecuritylabs.com/aws/pacu-open-source-aws-exploitation-framework/
BSD 3-Clause "New" or "Revised" License
4.37k stars 694 forks source link

ebs__download_snapshots fails when computing `out_dir.relative_to('.')` #444

Open niooss-ledger opened 3 months ago

niooss-ledger commented 3 months ago

Hello, I tried downloading an EBS snapshot using Pacu 1.6.0 and got an error after all the data was downloaded:

Pacu (mysession:xxx) > run ebs__download_snapshots --region eu-west-1 --snapshot-id snap-01[[REDACTED]]
  Running module ebs__download_snapshots...
Output Path: /root/.local/share/pacu/mysession/downloads/ebs/snapshots/snap-01[[REDACTED]].img
Truncating file to 8.0 GB
Saved block 16369 of 16369
[2024-07-08 09:40:57] Pacu encountered an error while running the previous command. Check /root/.local/share/pacu/mysession/error_log.txt for technical details. [LOG LEVEL: MINIMAL]

    <class 'ValueError'>: '/root/.local/share/pacu/mysession/downloads/ebs/snapshots' is not in the subpath of '' OR one path is relative and the other is absolute.

The error log file (/root/.local/share/pacu/mysession/error_log.txt) contains this call trace:

[2024-07-08 09:40:57] (mysession): 
Traceback (most recent call last):
  File "/usr/local/lib/python3.11/dist-packages/pacu/main.py", line 1827, in run_gui
    self.idle()
  File "/usr/local/lib/python3.11/dist-packages/pacu/main.py", line 1681, in idle
    self.parse_command(command)
  File "/usr/local/lib/python3.11/dist-packages/pacu/main.py", line 600, in parse_command
    self.parse_exec_module_command(command)
  File "/usr/local/lib/python3.11/dist-packages/pacu/main.py", line 786, in parse_exec_module_command
    self.exec_module(command)
  File "/usr/local/lib/python3.11/dist-packages/pacu/main.py", line 1003, in exec_module
    summary_data = module.main(command[2:], self)
                   ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/local/lib/python3.11/dist-packages/pacu/modules/ebs__download_snapshots/main.py", line 94, in main
    out_dir=str(out_dir.relative_to('.')),
                ^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3.11/pathlib.py", line 731, in relative_to
    raise ValueError("{!r} is not in the subpath of {!r}"
<class 'ValueError'>: '/root/.local/share/pacu/mysession/downloads/ebs/snapshots' is not in the subpath of '' OR one path is relative and the other is absolute.

The issue is that out_dir is not relative to the current directory, in https://github.com/RhinoSecurityLabs/pacu/blob/470b96a34fd2fd8c45033f6fcfed27ddb7bbbce9/pacu/modules/ebs__download_snapshots/main.py#L93-L98

(In my use-case, out_dir was "/root/.local/share/pacu/mysession/downloads/ebs/snapshots/").

The call to .relative_to('.') was added in commit https://github.com/RhinoSecurityLabs/pacu/commit/e5c3f36449031d6c1572a27ac9ab3f2cb6503d21 ("ebs__download_snapshots fixes and improvements") from PR https://github.com/RhinoSecurityLabs/pacu/pull/232 and it seems that at the time, the download directory was ./sessions/$SESSION/downloads/ebs/ instead of ~/.local/share/pacu/.... I believe this call to .relative_to('.') should now be removed. What do you think?