HenryHoggard
commented
7 years ago I also get this error.
Closed kryptoknight13 closed 7 years ago
HenryHoggard
commented
7 years ago I also get this error.
marco-lancini
commented
7 years ago Hi @kryptoknight13, I just tried on a device running iOS 9.3 and I can't reproduce this issue.
Is the agent on the foreground when you get the telnet connection closed error?
kryptoknight13
commented
7 years ago Hey @marco-lancini , the agent was open on screen. initially, it crashed but on second agent didn't crash. In both the cases, agent wasn't pushed to foreground.
marco-lancini
commented
7 years ago So you're saying you are not experiencing this issue anymore?
kryptoknight13
commented
7 years ago no, i am still facing the same issue. if i wasn't then i won't have opened the issue at first place. :P I was telling about the agent. Still i get issue for "telnet connection closed".
also, the following error (looks like u have edited my comment):
[needle] > use binary/info/checksums
[needle][checksums] > run
[D] Setup local output folder: /Users/akanksha.bana/.needle/output
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2224
[D] [LOCAL CMD] Local Subprocess Command: /Users/akanksha.bana/Desktop/needle/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2224
[D] [AGENT] Setting up port forwarding on port 4444
[!] Problem establishing connection: IndexError - tuple index out of range .
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/framework.py", line 616, in _connection_new
self.device.connect()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 214, in connect
self._portforward_agent_start()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 149, in _portforward_agent_start
self._port_forward_agent.start()
File "/Library/Python/2.7/site-packages/sshtunnel.py", line 1221, in start
self._create_tunnels()
File "/Library/Python/2.7/site-packages/sshtunnel.py", line 1082, in _create_tunnels
msg = 'Problem setting SSH Forwarder up: {0}'.format(e.args[0])
IndexError: tuple index out of range
------------------------------------------------------------
[!] IndexError: tuple index out of range.
[V] [SSH] Disconnecting...
[V] [AGENT] Disconnecting from agent...
[D] Stopping USB port forwarding
[D] [LOCAL CMD] Stopping Local Subprocess Command [pid: 84064]
[D] [AGENT] Stopping port forwardingThis second one is an issue caused by the lack of communication with the agent, everything will fail if the core can't establish a connection. Everyting is related to the telnet connection closed issue.
I still can't reproduce the error. Have you followed all the steps listed in the Installation Guide (https://github.com/mwrlabs/needle/wiki/Installation-Guide)?
Can you try to restart needle, enable VERBOSE and DEBUG mode, and then type shell?
Can you also post the full log (from when you type python needle.py till it crashes)?
(while doing all of this, please ensure the agent is on the foreground on the device)
kryptoknight13
commented
7 years ago yes i have followed all the steps listed in the Installation Guide (https://github.com/mwrlabs/needle/wiki/Installation-Guide).
Restarted the needle. Agent while trying to run "shell", the needle agent on device crashed and got the below error.
needle$: python needle.py
__ _ _______ _______ ______ _______
| \ | |______ |______ | \ | |______
| \_| |______ |______ |_____/ |_____ |______
Needle v1.0.0 [mwr.to/needle]
[MWR InfoSecurity (@MWRLabs) - Marco Lancini (@LanciniMarco)]
[needle] > set IP 127.0.0.1
IP => 127.0.0.1
[needle] > set PORT 2222
PORT => 2222
[needle] > set PASSWORD alpine
PASSWORD => ********
[needle] > set VERBOSE true
VERBOSE => true
[needle] > set DEBUG true
DEBUG => true
[needle] > show options
Name Current Value Required Description
-------------- ------------- -------- -----------
AGENT_PORT 4444 yes Port on which the Needle Agent is listening
APP no Bundle ID of the target application (e.g., com.example.app). Leave empty to launch wizard
DEBUG True yes Enable debugging output
IP 127.0.0.1 yes IP address of the testing device (set to localhost to use USB)
OUTPUT_FOLDER /Users/akanksha.bana/.needle/output yes Full path of the output folder, where to store the output of the modules
PASSWORD ******** yes SSH Password of the testing device
PORT 2222 yes Port of the SSH agent on the testing device (needs to be != 22 to use USB)
PUB_KEY_AUTH True yes Use public key auth to authenticate to the device. Key must be present in the ssh-agent if a passphrase is used
SAVE_HISTORY True yes Persists command history across sessions
SETUP_DEVICE False yes Set to true to enable auto-configuration of the device (installation of all the tools needed)
USERNAME root yes SSH Username of the testing device
VERBOSE True yes Enable verbose output
[needle] > shell
[*] Spawning a shell...
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/akanksha.bana/Desktop/needle/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[!] Problem establishing connection: IndexError - tuple index out of range .
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/framework.py", line 616, in _connection_new
self.device.connect()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 214, in connect
self._portforward_agent_start()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 149, in _portforward_agent_start
self._port_forward_agent.start()
File "/Library/Python/2.7/site-packages/sshtunnel.py", line 1221, in start
self._create_tunnels()
File "/Library/Python/2.7/site-packages/sshtunnel.py", line 1082, in _create_tunnels
msg = 'Problem setting SSH Forwarder up: {0}'.format(e.args[0])
IndexError: tuple index out of range
------------------------------------------------------------
[!] IndexError: tuple index out of range.
[V] [SSH] Disconnecting...
[V] [AGENT] Disconnecting from agent...
[D] Stopping USB port forwarding
[D] [LOCAL CMD] Stopping Local Subprocess Command [pid: 90073]
[D] [AGENT] Stopping port forwarding
[needle] > Ok, could you run this in a terminal and post the output:
$ pip freezeAlso, have you ever used any frida-related module previously?
kryptoknight13
commented
7 years ago yes, I had used frida for needle and few different projects as well.
out put for "pip freeze":
needle$: sudo pip freeze
Password:
alembic==0.8.6
altgraph==0.10.2
backports-abc==0.4
backports.ssl-match-hostname==3.5.0.1
bdist-mpkg==0.5.0
biplist==0.9
bonjour-py==0.3
certifi==2016.8.8
cffi==1.8.3
click==6.6
colorama==0.3.7
configparser==3.5.0
construct==2.5.2
cryptography==1.5.2
dataset==0.6.4
Django==1.8
enum34==1.1.6
Flask==0.11.1
frida==7.2.12
html5lib==1.0b8
idna==2.1
Introspy-Analyzer==0.3.0
ipaddress==1.0.17
isign==1.5.60.1488182896.dev37+root
itsdangerous==0.24
Jinja2==2.8
livereload==2.4.1
lxml==3.6.4
macholib==1.5.1
Mako==1.0.4
Markdown==2.6.6
MarkupSafe==0.23
matplotlib==1.3.1
memoizer==0.0.1
mkdocs==0.15.3
mkdocs-bootstrap==0.1.1
mkdocs-bootswatch==0.4.0
mkdocs-material==0.2.4
modulegraph==0.10.4
normality==0.2.4
numpy==1.8.0rc1
paramiko==2.1.1
pbr==2.0.0
pdfkit==0.6.1
Pillow==3.4.2
prompt-toolkit==1.0.3
psutil==3.2.1
py2app==0.7.3
pyasn1==0.1.9
pycparser==2.17
pycrypto==2.6.1
Pygments==2.1.3
pyobjc-core==2.5.1
pyobjc-framework-Accounts==2.5.1
pyobjc-framework-AddressBook==2.5.1
pyobjc-framework-AppleScriptKit==2.5.1
pyobjc-framework-AppleScriptObjC==2.5.1
pyobjc-framework-Automator==2.5.1
pyobjc-framework-CFNetwork==2.5.1
pyobjc-framework-Cocoa==2.5.1
pyobjc-framework-Collaboration==2.5.1
pyobjc-framework-CoreData==2.5.1
pyobjc-framework-CoreLocation==2.5.1
pyobjc-framework-CoreText==2.5.1
pyobjc-framework-DictionaryServices==2.5.1
pyobjc-framework-EventKit==2.5.1
pyobjc-framework-ExceptionHandling==2.5.1
pyobjc-framework-FSEvents==2.5.1
pyobjc-framework-InputMethodKit==2.5.1
pyobjc-framework-InstallerPlugins==2.5.1
pyobjc-framework-InstantMessage==2.5.1
pyobjc-framework-LatentSemanticMapping==2.5.1
pyobjc-framework-LaunchServices==2.5.1
pyobjc-framework-Message==2.5.1
pyobjc-framework-OpenDirectory==2.5.1
pyobjc-framework-PreferencePanes==2.5.1
pyobjc-framework-PubSub==2.5.1
pyobjc-framework-QTKit==2.5.1
pyobjc-framework-Quartz==2.5.1
pyobjc-framework-ScreenSaver==2.5.1
pyobjc-framework-ScriptingBridge==2.5.1
pyobjc-framework-SearchKit==2.5.1
pyobjc-framework-ServiceManagement==2.5.1
pyobjc-framework-Social==2.5.1
pyobjc-framework-SyncServices==2.5.1
pyobjc-framework-SystemConfiguration==2.5.1
pyobjc-framework-WebKit==2.5.1
pyOpenSSL==0.15
pyparsing==2.0.1
PyPDF2==1.26.0
python-dateutil==1.5
python-editor==1.0.1
pytz==2013.7
PyYAML==3.11
reportlab==3.3.0
rsa==3.4.2
scipy==0.13.0b1
singledispatch==3.4.0.3
six==1.10.0
SQLAlchemy==1.0.14
sshtunnel==0.1.2
stevedore==1.21.0
termcolor==1.1.0
tornado==4.1
vboxapi==1.0
virtualenv==15.0.3
virtualenv-clone==0.2.6
virtualenvwrapper==4.7.2
wcwidth==0.1.7
webencodings==0.5
Werkzeug==0.11.10
xattr==0.6.4
xhtml2pdf==0.0.6
zope.interface==4.1.1
needle$: Ok, the problem is definitely occurring when trying to port-forward port 4444 on localhost. Do you have a firewall/something preventing the port forwarding?
As a double check, could you try to connect to the device over Wi-Fi?
kryptoknight13
commented
7 years ago okay, restarted everything. now i could take shell but again while running the modules from "shoe modules", i get telnet error and crashing of needle agent. attaching a video for same and sharing logs as well. needle.mp4.zip
needle$: python needle.py
__ _ _______ _______ ______ _______
| \ | |______ |______ | \ | |______
| \_| |______ |______ |_____/ |_____ |______
Needle v1.0.0 [mwr.to/needle]
[MWR InfoSecurity (@MWRLabs) - Marco Lancini (@LanciniMarco)]
[needle] > set IP 127.0.0.1
IP => 127.0.0.1
[needle] > set PORT 2222
PORT => 2222
[needle] > set PASSWORD alpine
PASSWORD => ********
[needle] > set VERBOSE true
VERBOSE => true
[needle] > set DEBUG true
DEBUG => true
[needle] > show options
Name Current Value Required Description
-------------- ------------- -------- -----------
AGENT_PORT 4444 yes Port on which the Needle Agent is listening
APP no Bundle ID of the target application (e.g., com.example.app). Leave empty to launch wizard
DEBUG True yes Enable debugging output
IP 127.0.0.1 yes IP address of the testing device (set to localhost to use USB)
OUTPUT_FOLDER /Users/akanksha.bana/.needle/output yes Full path of the output folder, where to store the output of the modules
PASSWORD ******** yes SSH Password of the testing device
PORT 2222 yes Port of the SSH agent on the testing device (needs to be != 22 to use USB)
PUB_KEY_AUTH True yes Use public key auth to authenticate to the device. Key must be present in the ssh-agent if a passphrase is used
SAVE_HISTORY True yes Persists command history across sessions
SETUP_DEVICE False yes Set to true to enable auto-configuration of the device (installation of all the tools needed)
USERNAME root yes SSH Username of the testing device
VERBOSE True yes Enable verbose output
[needle] > shell
[*] Spawning a shell...
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/akanksha.bana/Desktop/needle/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...
[+] [AGENT] Successfully connected to agent (127.0.0.1:4444)...
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] [LOCAL CMD] Local Interactive Command: sshpass -p "alpine" ssh -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -p 2222 root@127.0.0.1
Warning: Permanently added '[127.0.0.1]:2222' (RSA) to the list of known hosts.
iPhone6:~ root# exit
logout
Connection to 127.0.0.1 closed.
[needle] > use binary/info/checksums
[needle][checksums] > run
[D] Setup local output folder: /Users/akanksha.bana/.needle/output
[*] Checking connection with device...
[+] Already connected to: 127.0.0.1
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [AGENT] Executing command: os_version
[D] [AGENT] Attempting to reading result
[*] Target app not selected. Launching wizard...
[D] [AGENT] Executing command: list_apps
[D] [AGENT] Attempting to reading result
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/module.py", line 111, in do_run
pre = self.module_pre()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/module.py", line 147, in module_pre
if self.app_check() is None: return None
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/framework.py", line 655, in app_check
app = self.device.select_target_app()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 196, in select_target_app
self._list_apps()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 190, in _list_apps
agent_list = self.agent.exec_command_agent(Constants.AGENT_CMD_LIST_APPS)
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 72, in exec_command_agent
return self.read_result()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 76, in read_result
return self._telnet.read_result()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 35, in read_result
self.session.read_until(mark)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 296, in read_until
return self._read_until_with_select(match, timeout)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 379, in _read_until_with_select
return self.read_very_lazy()
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 455, in read_very_lazy
raise EOFError, 'telnet connection closed'
EOFError: telnet connection closed
------------------------------------------------------------
[!] EOFError: telnet connection closed.
[needle][checksums] > firewall is present but i usually get pop-up whenever i try to play round stating "firewall is preventing XXX". but in this case, i don't see that!
marco-lancini
commented
7 years ago ok, you'll have to leave the agent in the foreground when launching the app-selection wizard. Once you have the full list of apps, then you can put the agent in background
kryptoknight13
commented
7 years ago ok, tried putting the agent to foreground, needle get stuck at following:
[needle] > use binary/info/metadata
[needle][metadata] > run
[D] Setup local output folder: /Users/akanksha.bana/.needle/output
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/akanksha.bana/Desktop/needle/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...And if i open agent again, agent crashes and get the following error:
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [AGENT] Executing command: os_version
[D] [AGENT] Attempting to reading result
[*] Target app not selected. Launching wizard...
[D] [AGENT] Executing command: list_apps
[D] [AGENT] Attempting to reading result
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/module.py", line 111, in do_run
pre = self.module_pre()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/module.py", line 147, in module_pre
if self.app_check() is None: return None
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/framework/framework.py", line 655, in app_check
app = self.device.select_target_app()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 196, in select_target_app
self._list_apps()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/device.py", line 190, in _list_apps
agent_list = self.agent.exec_command_agent(Constants.AGENT_CMD_LIST_APPS)
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 72, in exec_command_agent
return self.read_result()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 76, in read_result
return self._telnet.read_result()
File "/Users/akanksha.bana/Desktop/needle/needle/needle/core/device/agent.py", line 35, in read_result
self.session.read_until(mark)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 296, in read_until
return self._read_until_with_select(match, timeout)
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 379, in _read_until_with_select
return self.read_very_lazy()
File "/usr/local/Cellar/python/2.7.11/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 455, in read_very_lazy
raise EOFError, 'telnet connection closed'
EOFError: telnet connection closed
------------------------------------------------------------
[!] EOFError: telnet connection closed.
[needle][metadata] > Hi @HenryHoggard , I see, you also faced similar issue. Were you able to resolve it? Thanks!
poldenais
commented
7 years ago I'm getting a similar type issue when trying to run any modules.
Problem establishing connection: IndexError - tuple index out of range . [!] IndexError: tuple index out of range.
marco-lancini
commented
7 years ago Hi @poldenais, do you get the telnet connection closed error as well?
poldenais
commented
7 years ago I got it once but I get past that now Marco,
[needle] > shell [] Spawning a shell... [] Checking connection with device... [V] Connection not present, creating a new instance [V] [AGENT] Connecting to agent (127.0.0.1:4444)... [+] [AGENT] Successfully connected to agent (127.0.0.1:4444)... [V] [SSH] Connecting (127.0.0.1:2222)... [+] [SSH] Connected (127.0.0.1:2222) Warning: Permanently added '[127.0.0.1]:2222' (ECDSA) to the list of known hosts.
poldenais
commented
7 years ago this is what I get when I attempt to run something: [needle] > use storage/data/files_plist [needle][files_plist] > run [*] Checking connection with device... [V] Connection not present, creating a new instance [!] Problem establishing connection: IndexError - tuple index out of range . [!] IndexError: tuple index out of range. [V] [SSH] Disconnecting... [V] [AGENT] Disconnecting from agent... [needle][files_plist] >
marco-lancini
commented
7 years ago @poldenais: In order to debug this issue, we require more information.
Ensure VERBOSE and DEBUG mode are enabled, this will provide us with more detailed needle logs:
[needle] > set VERBOSE True
VERBOSE => True
[needle] > set DEBUG True
DEBUG => TrueOnce you have this information, please attach the log files to this thread and we can assist further.
poldenais
commented
7 years ago Marco please ignore my previous message. I've tried this again and it looks like the command is working. Thanks.
marco-lancini
commented
7 years ago @poldenais, I will need a full log, starting when you run python needle.py.
(as a future reference, please format your output using markdown)
marco-lancini
commented
7 years ago Hi, version 1.0.1 has just been released to fix issue #138:
Please upgrade the Agent from Cydia, and the Core from github. Then let me know if you're still experiencing this issue
kryptoknight13
commented
7 years ago Hey @marco-lancini: Issue for " telnet connection closed" still persists even after updating both needle and needle agent from above share links by you.
poldenais
commented
7 years ago hi @marco-lancini , the new update worked on Friday but today its stopped with the Telnet error again. I haven't updated anything so was wondering did anyone else have the same issue. I have attached the log below.
Last login: Mon Mar 20 12:53:50 on ttys002
Pauls-MacBook-Air:~ paulnash$ cd needle
Pauls-MacBook-Air:needle paulnash$ cd needle
Pauls-MacBook-Air:needle paulnash$ python needle.py
__ _ _______ _______ ______ _______
| \ | |______ |______ | \ | |______
| \_| |______ |______ |_____/ |_____ |______
Needle v1.0.1 [mwr.to/needle]
[MWR InfoSecurity (@MWRLabs) - Marco Lancini (@LanciniMarco)]
[needle] > show options
Name Current Value Required Description
-------------- ------------- -------- -----------
AGENT_PORT 4444 yes Port on which the Needle Agent is listening
APP no Bundle ID of the target application (e.g., com.example.app). Leave empty to launch wizard
DEBUG True yes Enable debugging output
IP 127.0.0.1 yes IP address of the testing device (set to localhost to use USB)
OUTPUT_FOLDER /Users/paulnash/.needle/output yes Full path of the output folder, where to store the output of the modules
PASSWORD ******** yes SSH Password of the testing device
PORT 2222 yes Port of the SSH agent on the testing device (needs to be != 22 to use USB)
PUB_KEY_AUTH True yes Use public key auth to authenticate to the device. Key must be present in the ssh-agent if a passphrase is used
SAVE_HISTORY True yes Persists command history across sessions
SETUP_DEVICE False yes Set to true to enable auto-configuration of the device (installation of all the tools needed)
USERNAME root yes SSH Username of the testing device
VERBOSE True yes Enable verbose output
[needle] > use storage/data/files_plist
[needle][files_plist] > run
[D] Setup local output folder: /Users/paulnash/.needle/output
[?] Attention! The folder chosen to store local output is not empty: /Users/paulnash/.needle/output
[?] Do you want to back it up first?
[?] Y: the content will be archived in a different location, then the folder will be emptied
[?] N: no action will be taken (destination files might be overwritten in case of filename clash)
[y/n]: n
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/paulnash/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...
[+] [AGENT] Successfully connected to agent (127.0.0.1:4444)...
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [AGENT] Executing command: os_version
[D] [AGENT] Attempting to reading result
[*] Target app not selected. Launching wizard...
[D] [AGENT] Executing command: list_apps
[D] [AGENT] Attempting to reading result
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/paulnash/needle/needle/core/framework/module.py", line 111, in do_run
pre = self.module_pre()
File "/Users/paulnash/needle/needle/core/framework/module.py", line 147, in module_pre
if self.app_check() is None: return None
File "/Users/paulnash/needle/needle/core/framework/framework.py", line 655, in app_check
app = self.device.select_target_app()
File "/Users/paulnash/needle/needle/core/device/device.py", line 196, in select_target_app
self._list_apps()
File "/Users/paulnash/needle/needle/core/device/device.py", line 190, in _list_apps
agent_list = self.agent.exec_command_agent(Constants.AGENT_CMD_LIST_APPS)
File "/Users/paulnash/needle/needle/core/device/agent.py", line 68, in exec_command_agent
return self.read_result()
File "/Users/paulnash/needle/needle/core/device/agent.py", line 72, in read_result
return self._telnet.read_result()
File "/Users/paulnash/needle/needle/core/device/agent.py", line 36, in read_result
tn = self.session.read_until(Constants.AGENT_OUTPUT_END)
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 296, in read_until
return self._read_until_with_select(match, timeout)
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 379, in _read_until_with_select
return self.read_very_lazy()
File "/usr/local/Cellar/python/2.7.13/Frameworks/Python.framework/Versions/2.7/lib/python2.7/telnetlib.py", line 455, in read_very_lazy
raise EOFError, 'telnet connection closed'
EOFError: telnet connection closed
------------------------------------------------------------
[!] EOFError: telnet connection closed.
[needle][files_plist] > Hi @poldenais, can you confirm that the needle agent has been on the foreground (i.e., app visible on screen) for the entire time?
poldenais
commented
7 years ago HI @marco-lancini , yes the needle agent is in the foreground and it actually closes then once the command is run on the desktop.
kryptoknight13
commented
7 years ago Hi @marco-lancini Looks like @poldenais is facing exactly the same error/issue which I am facing.
marco-lancini
commented
7 years ago @poldenais: I see you are using a Macbook, can you connect the device to Xcode and analyze the logs? Also, you said on Friday it was working fine: have you installed any new application today?
poldenais
commented
7 years ago @marco-lancini No I haven't changed anything since Friday. a Colleague here was getting the same telnet issue today after it working fine on Friday for him. Im just wondering if it was reported by anyone else yet.
Below is the Xcode log for when the Needle Agent crashes.
Incident Identifier: 249CE5E9-6748-4AB5-9CE9-C1DFCDC6033F
CrashReporter Key: 8bd76bfee7619ff0b72f19cd098f6083acb8d65f
Hardware Model: iPad5,3
Process: NeedleAgent [3212]
Path: /Applications/NeedleAgent.app/NeedleAgent
Identifier: mwr.needle.agent
Version: 1 (1.0.1)
Code Type: ARM-64 (Native)
Role: Foreground
Parent Process: launchd [1]
Coalition: mwr.needle.agent [772]
Date/Time: 2017-03-20 13:11:56.6825 +0000
Launch Time: 2017-03-20 13:03:48.6455 +0000
OS Version: iPhone OS 10.2 (14C92)
Report Version: 104
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Triggered by Thread: 4
Application Specific Information:
abort() called
Filtered syslog:
None found
Last Exception Backtrace:
(0x18c4c91b8 0x18af0055c 0x18c3aceac 0x18c3acd1c 0x100036e58 0x10003695c 0x100037304 0x1000371f8 0x1000364f8 0x100086b94 0x18b3521fc 0x18b3521bc 0x18b3603dc 0x18b3559a4 0x18b36234c 0x18b3620ac 0x18b55b2a0 0x18b55ad8c)
Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0:
0 libsystem_kernel.dylib 0x000000018b479188 0x18b478000 + 4488
1 libsystem_kernel.dylib 0x000000018b478ff8 0x18b478000 + 4088
2 CoreFoundation 0x000000018c4765d0 0x18c399000 + 906704
3 CoreFoundation 0x000000018c4741ec 0x18c399000 + 897516
4 CoreFoundation 0x000000018c3a22b8 0x18c399000 + 37560
5 GraphicsServices 0x000000018de56198 0x18de4a000 + 49560
6 UIKit 0x00000001923e27fc 0x192368000 + 501756
7 UIKit 0x00000001923dd534 0x192368000 + 480564
8 NeedleAgent 0x0000000100036918 0x100030000 + 26904
9 libdyld.dylib 0x000000018b3855b8 0x18b381000 + 17848
Thread 1 name: com.apple.uikit.eventfetch-thread
Thread 1:
0 libsystem_kernel.dylib 0x000000018b479188 0x18b478000 + 4488
1 libsystem_kernel.dylib 0x000000018b478ff8 0x18b478000 + 4088
2 CoreFoundation 0x000000018c4765d0 0x18c399000 + 906704
3 CoreFoundation 0x000000018c4741ec 0x18c399000 + 897516
4 CoreFoundation 0x000000018c3a22b8 0x18c399000 + 37560
5 Foundation 0x000000018cedf26c 0x18ced3000 + 49772
6 Foundation 0x000000018ceffdd0 0x18ced3000 + 183760
7 UIKit 0x0000000192d56c38 0x192368000 + 10415160
8 Foundation 0x000000018cfdce68 0x18ced3000 + 1089128
9 libsystem_pthread.dylib 0x000000018b55d850 0x18b55a000 + 14416
10 libsystem_pthread.dylib 0x000000018b55d760 0x18b55a000 + 14176
11 libsystem_pthread.dylib 0x000000018b55ad94 0x18b55a000 + 3476
Thread 2:
0 libsystem_pthread.dylib 0x000000018b55ad88 0x18b55a000 + 3464
Thread 3:
0 libsystem_kernel.dylib 0x000000018b497a88 0x18b478000 + 129672
1 libsystem_pthread.dylib 0x000000018b55b344 0x18b55a000 + 4932
2 libsystem_pthread.dylib 0x000000018b55ad8c 0x18b55a000 + 3468
Thread 4 name: Dispatch queue: socketQueue
Thread 4 Crashed:
0 libsystem_kernel.dylib 0x000000018b497014 0x18b478000 + 126996
1 libsystem_pthread.dylib 0x000000018b55f450 0x18b55a000 + 21584
2 libsystem_c.dylib 0x000000018b40b400 0x18b3a8000 + 406528
3 libc++abi.dylib 0x000000018aed52d4 0x18aed4000 + 4820
4 libc++abi.dylib 0x000000018aef2cc0 0x18aed4000 + 126144
5 libobjc.A.dylib 0x000000018af00844 0x18aef8000 + 34884
6 libc++abi.dylib 0x000000018aeef66c 0x18aed4000 + 112236
7 libc++abi.dylib 0x000000018aeeef84 0x18aed4000 + 110468
8 libobjc.A.dylib 0x000000018af00690 0x18aef8000 + 34448
9 CoreFoundation 0x000000018c3aceac 0x18c399000 + 81580
10 CoreFoundation 0x000000018c3acd1c 0x18c399000 + 81180
11 NeedleAgent 0x0000000100036e58 0x100030000 + 28248
12 NeedleAgent 0x000000010003695c 0x100030000 + 26972
13 NeedleAgent 0x0000000100037304 0x100030000 + 29444
14 NeedleAgent 0x00000001000371f8 0x100030000 + 29176
15 NeedleAgent 0x00000001000364f8 0x100030000 + 25848
16 CocoaAsyncSocket 0x0000000100086b94 0x100074000 + 76692
17 libdispatch.dylib 0x000000018b3521fc 0x18b351000 + 4604
18 libdispatch.dylib 0x000000018b3521bc 0x18b351000 + 4540
19 libdispatch.dylib 0x000000018b3603dc 0x18b351000 + 62428
20 libdispatch.dylib 0x000000018b3559a4 0x18b351000 + 18852
21 libdispatch.dylib 0x000000018b36234c 0x18b351000 + 70476
22 libdispatch.dylib 0x000000018b3620ac 0x18b351000 + 69804
23 libsystem_pthread.dylib 0x000000018b55b2a0 0x18b55a000 + 4768
24 libsystem_pthread.dylib 0x000000018b55ad8c 0x18b55a000 + 3468
Thread 5 name: com.apple.NSURLConnectionLoader
Thread 5:
0 libsystem_kernel.dylib 0x000000018b479188 0x18b478000 + 4488
1 libsystem_kernel.dylib 0x000000018b478ff8 0x18b478000 + 4088
2 CoreFoundation 0x000000018c4765d0 0x18c399000 + 906704
3 CoreFoundation 0x000000018c4741ec 0x18c399000 + 897516
4 CoreFoundation 0x000000018c3a22b8 0x18c399000 + 37560
5 CFNetwork 0x000000018cba78f0 0x18cac8000 + 915696
6 Foundation 0x000000018cfdce68 0x18ced3000 + 1089128
7 libsystem_pthread.dylib 0x000000018b55d850 0x18b55a000 + 14416
8 libsystem_pthread.dylib 0x000000018b55d760 0x18b55a000 + 14176
9 libsystem_pthread.dylib 0x000000018b55ad94 0x18b55a000 + 3476
Thread 6:
0 libsystem_kernel.dylib 0x000000018b497a88 0x18b478000 + 129672
1 libsystem_pthread.dylib 0x000000018b55b344 0x18b55a000 + 4932
2 libsystem_pthread.dylib 0x000000018b55ad8c 0x18b55a000 + 3468
Thread 7:
0 libsystem_pthread.dylib 0x000000018b55ad88 0x18b55a000 + 3464
Thread 8 name: com.apple.CFSocket.private
Thread 8:
0 libsystem_kernel.dylib 0x000000018b49723c 0x18b478000 + 127548
1 CoreFoundation 0x000000018c47d468 0x18c399000 + 935016
2 libsystem_pthread.dylib 0x000000018b55d850 0x18b55a000 + 14416
3 libsystem_pthread.dylib 0x000000018b55d760 0x18b55a000 + 14176
4 libsystem_pthread.dylib 0x000000018b55ad94 0x18b55a000 + 3476
Thread 4 crashed with ARM Thread State (64-bit):
x0: 0x0000000000000000 x1: 0x0000000000000000 x2: 0x0000000000000000 x3: 0x00000001740fef37
x4: 0x000000018aef3bc3 x5: 0x000000016dfd9380 x6: 0x000000000000006e x7: 0xffffffffffffffec
x8: 0x000000000c000000 x9: 0x0000000004000000 x10: 0x000000000000000b x11: 0x0000000000000010
x12: 0x000000018b422772 x13: 0x0000000000000000 x14: 0x0000030000000300 x15: 0x0000000000000000
x16: 0x0000000000000148 x17: 0x0000000000000000 x18: 0x0000000000000000 x19: 0x0000000000000006
x20: 0x000000016dfdb000 x21: 0x000000016dfd9380 x22: 0x0000000174015940 x23: 0x0000000000000001
x24: 0x0000000192ef5d4d x25: 0x0000000174264740 x26: 0xa00000000322e393 x27: 0xa00000000302e373
x28: 0x0000000000000000 fp: 0x000000016dfd92e0 lr: 0x000000018b55f450
sp: 0x000000016dfd92c0 pc: 0x000000018b497014 cpsr: 0x00000000
Binary Images:
0x100030000 - 0x10003bfff NeedleAgent arm64 <dee2270132df39df92308bdeea46aa78> /Applications/NeedleAgent.app/NeedleAgent
0x100068000 - 0x10006bfff MobileSubstrate.dylib arm64 <3134cfb2f722310ea2c742ae4dc131ab> /Library/MobileSubstrate/MobileSubstrate.dylib
0x100074000 - 0x1000a3fff CocoaAsyncSocket arm64 <7cde30401c1d387a95735157fb8863b0> /Applications/NeedleAgent.app/Frameworks/CocoaAsyncSocket.framework/CocoaAsyncSocket
0x1000f8000 - 0x100127fff dyld arm64 <f54ed85a94253887886a8028e20ed8ba> /usr/lib/dyld
0x1001c4000 - 0x1001c7fff SubstrateLoader.dylib arm64 <54645dc0321231d88a022fd67a793278> /Library/Frameworks/CydiaSubstrate.framework/Libraries/SubstrateLoader.dylib
0x18ae7c000 - 0x18ae7dfff libSystem.B.dylib arm64 <6c1de96c8fe5363cab2ef76f891c6e22> /usr/lib/libSystem.B.dylib
0x18ae7e000 - 0x18aed3fff libc++.1.dylib arm64 <b2db8b1d09283b7bafe1b2933adc5dfd> /usr/lib/libc++.1.dylib
0x18aed4000 - 0x18aef4fff libc++abi.dylib arm64 <e3419bbaface31b5970c6c8d430be26d> /usr/lib/libc++abi.dylib
0x18aef8000 - 0x18b2d1fff libobjc.A.dylib arm64 <538f809dcd7c35ceb59d99802248f045> /usr/lib/libobjc.A.dylib
0x18b2d2000 - 0x18b2d6fff libcache.dylib arm64 <f09cab6893c631218f817e61b3d77fcb> /usr/lib/system/libcache.dylib
0x18b2d7000 - 0x18b2e2fff libcommonCrypto.dylib arm64 <e071643355cd3f67bae19045c7f9f340> /usr/lib/system/libcommonCrypto.dylib
0x18b2e3000 - 0x18b2e6fff libcompiler_rt.dylib arm64 <8209cb28df5d3b48894899019fcbb344> /usr/lib/system/libcompiler_rt.dylib
0x18b2e7000 - 0x18b2eefff libcopyfile.dylib arm64 <567f33ef4d8f3e48a5afac933ccd389f> /usr/lib/system/libcopyfile.dylib
0x18b2ef000 - 0x18b350fff libcorecrypto.dylib arm64 <056a6c201d3d3696b59f0b264ba9b972> /usr/lib/system/libcorecrypto.dylib
0x18b351000 - 0x18b380fff libdispatch.dylib arm64 <fb1d0baf642337d1bea0af309586df97> /usr/lib/system/libdispatch.dylib
0x18b381000 - 0x18b385fff libdyld.dylib arm64 <6ebb575f616935cbbef02f2c031490d1> /usr/lib/system/libdyld.dylib
0x18b386000 - 0x18b386fff liblaunch.dylib arm64 <ceb57f62c49e38d8a8d33309db668bd3> /usr/lib/system/liblaunch.dylib
0x18b387000 - 0x18b38cfff libmacho.dylib arm64 <20627f9f062c3ee8873e3ab3bc3fda8c> /usr/lib/system/libmacho.dylib
0x18b38d000 - 0x18b38efff libremovefile.dylib arm64 <43110ffd953537e28981c6dead2c0b1f> /usr/lib/system/libremovefile.dylib
0x18b38f000 - 0x18b3a6fff libsystem_asl.dylib arm64 <e52a49b27e963d2bb90332a5b0895f8d> /usr/lib/system/libsystem_asl.dylib
0x18b3a7000 - 0x18b3a7fff libsystem_blocks.dylib arm64 <480fe954b3f63f16af8acfd6dc34e2da> /usr/lib/system/libsystem_blocks.dylib
0x18b3a8000 - 0x18b426fff libsystem_c.dylib arm64 <8a5a190d70563f3c8d4ce16cab74f599> /usr/lib/system/libsystem_c.dylib
0x18b427000 - 0x18b42bfff libsystem_configuration.dylib arm64 <7628c33e4c383a78b0e33cf403e6f019> /usr/lib/system/libsystem_configuration.dylib
0x18b42c000 - 0x18b431fff libsystem_containermanager.dylib arm64 <9de64e7545ab359fb9cefc695aa510f0> /usr/lib/system/libsystem_containermanager.dylib
0x18b432000 - 0x18b433fff libsystem_coreservices.dylib arm64 <e61211f8f4c9399595fbd921e8589a8b> /usr/lib/system/libsystem_coreservices.dylib
0x18b434000 - 0x18b44cfff libsystem_coretls.dylib arm64 <14fa1ba4b14b338181c2ef87b214695e> /usr/lib/system/libsystem_coretls.dylib
0x18b44d000 - 0x18b453fff libsystem_dnssd.dylib arm64 <7d745bdfb72e3119bad43c36f60a5a8a> /usr/lib/system/libsystem_dnssd.dylib
0x18b454000 - 0x18b477fff libsystem_info.dylib arm64 <6546bc8b4fa23df898bf2471e801d50b> /usr/lib/system/libsystem_info.dylib
0x18b478000 - 0x18b49cfff libsystem_kernel.dylib arm64 <9ec307fcdd2f3f728f37ec6e0186df20> /usr/lib/system/libsystem_kernel.dylib
0x18b49d000 - 0x18b4c9fff libsystem_m.dylib arm64 <ba786894a7213d37baa99aafc0ee5493> /usr/lib/system/libsystem_m.dylib
0x18b4ca000 - 0x18b4e5fff libsystem_malloc.dylib arm64 <c57ecb4ada5c3930a580b3d07583058a> /usr/lib/system/libsystem_malloc.dylib
0x18b4e6000 - 0x18b53dfff libsystem_network.dylib arm64 <efa018a4cb4936e3b77b9194d390efc4> /usr/lib/system/libsystem_network.dylib
0x18b53e000 - 0x18b547fff libsystem_networkextension.dylib arm64 <34c2d9c2986f32dd996e4e439d94c9c5> /usr/lib/system/libsystem_networkextension.dylib
0x18b548000 - 0x18b552fff libsystem_notify.dylib arm64 <605beaf21db73cc3ae98a65e8c11f7d0> /usr/lib/system/libsystem_notify.dylib
0x18b553000 - 0x18b559fff libsystem_platform.dylib arm64 <518e18adfdfc316e9b4d519f6e4b6a47> /usr/lib/system/libsystem_platform.dylib
0x18b55a000 - 0x18b563fff libsystem_pthread.dylib arm64 <d8480fc3a35d3475b0d12553c761d8cb> /usr/lib/system/libsystem_pthread.dylib
0x18b564000 - 0x18b567fff libsystem_sandbox.dylib arm64 <89419e71367637d590768d37ca10d9a3> /usr/lib/system/libsystem_sandbox.dylib
0x18b568000 - 0x18b56ffff libsystem_symptoms.dylib arm64 <832499573c1730b48f6ff8e7c06fae15> /usr/lib/system/libsystem_symptoms.dylib
0x18b570000 - 0x18b58efff libsystem_trace.dylib arm64 <27778d14d3cb3239a6bb52a2461cd543> /usr/lib/system/libsystem_trace.dylib
0x18b58f000 - 0x18b594fff libunwind.dylib arm64 <7a7545249f7d3a69a162acb73ec4f17a> /usr/lib/system/libunwind.dylib
0x18b595000 - 0x18b595fff libvminterpose.dylib arm64 <21d158555a6233b19c53df16cafb6974> /usr/lib/system/libvminterpose.dylib
0x18b596000 - 0x18b5bcfff libxpc.dylib arm64 <8f1330e254b83bd3a973af6933b91836> /usr/lib/system/libxpc.dylib
0x18b5bd000 - 0x18b7d7fff libicucore.A.dylib arm64 <35fc5fa2aab8326897081ab8416c497c> /usr/lib/libicucore.A.dylib
0x18b7d8000 - 0x18b7e8fff libz.1.dylib arm64 <b3ab59ff330f3225a53b4e8e95440d77> /usr/lib/libz.1.dylib
0x18c399000 - 0x18c71dfff CoreFoundation arm64 <dd9791d198ef32eea1335b8ebc9b3d55> /System/Library/Frameworks/CoreFoundation.framework/CoreFoundation
0x18c71e000 - 0x18c72efff libbsm.0.dylib arm64 <788093e9b6b738cea7045bfec4bef1d8> /usr/lib/libbsm.0.dylib
0x18c72f000 - 0x18c72ffff libenergytrace.dylib arm64 <3bcefd094fa83b26807a1c6c92933cd2> /usr/lib/libenergytrace.dylib
0x18c730000 - 0x18c7abfff IOKit arm64 <e0a6f4f0810b3f75813eda2afebd591c> /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x18c7ac000 - 0x18c7ccfff libMobileGestalt.dylib arm64 <1e9e78da74143c54bb1e50aa7e285a0f> /usr/lib/libMobileGestalt.dylib
0x18c7cd000 - 0x18c8b7fff libxml2.2.dylib arm64 <b3fc55542fe33491877c661cf410b164> /usr/lib/libxml2.2.dylib
0x18c8b8000 - 0x18c946fff Security arm64 <88e5d6eb0de13ff6b7904f1b0e43a88e> /System/Library/Frameworks/Security.framework/Security
0x18c947000 - 0x18c9b1fff SystemConfiguration arm64 <d907035d1ff936e5986035f50a77f5d3> /System/Library/Frameworks/SystemConfiguration.framework/SystemConfiguration
0x18c9b2000 - 0x18cac7fff libsqlite3.dylib arm64 <87863a80836a3d659e5485f5029c3ed4> /usr/lib/libsqlite3.dylib
0x18cac8000 - 0x18ce61fff CFNetwork arm64 <d63319a4fe2738dfb695ceb729f9b972> /System/Library/Frameworks/CFNetwork.framework/CFNetwork
0x18ce62000 - 0x18ce72fff libbz2.1.0.dylib arm64 <0d14fa7337f43079bad2a4cfc6d66b70> /usr/lib/libbz2.1.0.dylib
0x18ce73000 - 0x18ce8bfff liblzma.5.dylib arm64 <b90cea0595ff3f8599d9788e1d2cb454> /usr/lib/liblzma.5.dylib
0x18ce8c000 - 0x18cea6fff libCRFSuite.dylib arm64 <ac663b865b6b38429a40878701aa484a> /usr/lib/libCRFSuite.dylib
0x18cea7000 - 0x18ced0fff libarchive.2.dylib arm64 <667b9f199ef63c89b05bf1ea9a3ffe13> /usr/lib/libarchive.2.dylib
0x18ced1000 - 0x18ced2fff liblangid.dylib arm64 <a74f4f8a2d533e1f926044f052cc5b7d> /usr/lib/liblangid.dylib
0x18ced3000 - 0x18d1a1fff Foundation arm64 <7d40355e685036cc803455e5cbf6245f> /System/Library/Frameworks/Foundation.framework/Foundation
0x18d1a2000 - 0x18d24efff libBLAS.dylib arm64 <fa29c2ad87a73ccea2885d9182faee53> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libBLAS.dylib
0x18d24f000 - 0x18d591fff libLAPACK.dylib arm64 <6df40b0afcbb35a48d63e2fa8ec03b1b> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libLAPACK.dylib
0x18d592000 - 0x18d834fff vImage arm64 <8b797590cf983693b4c3b6b83dc4ba29> /System/Library/Frameworks/Accelerate.framework/Frameworks/vImage.framework/vImage
0x18d835000 - 0x18d857fff libvMisc.dylib arm64 <5bcbb491c0a03816a7634797852c21ad> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libvMisc.dylib
0x18d858000 - 0x18d86cfff libLinearAlgebra.dylib arm64 <1adeb99764f63e9e8ef1225bb7a5120d> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libLinearAlgebra.dylib
0x18d86d000 - 0x18d87efff libSparseBLAS.dylib arm64 <515a7b8f5c433b709c1f6d205b9a73d2> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libSparseBLAS.dylib
0x18d87f000 - 0x18d8f7fff libvDSP.dylib arm64 <80294f738c053c4991fa3ab4e867218e> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libvDSP.dylib
0x18d8f8000 - 0x18d8f8fff vecLib arm64 <15dc1eafe1f8377d9cab3ba5c7e488be> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/vecLib
0x18d8f9000 - 0x18d8f9fff Accelerate arm64 <32a527bb13a63e37bf50c725b008e9d5> /System/Library/Frameworks/Accelerate.framework/Accelerate
0x18d8fa000 - 0x18de49fff CoreGraphics arm64 <52f191594f523f41880280896948b786> /System/Library/Frameworks/CoreGraphics.framework/CoreGraphics
0x18de4a000 - 0x18de5efff GraphicsServices arm64 <7c0dd118a4bc37dc8fab6449abde7ff9> /System/Library/PrivateFrameworks/GraphicsServices.framework/GraphicsServices
0x18de5f000 - 0x18deaafff AppSupport arm64 <bdaad3a71677315bb126c4a73a1bcb9e> /System/Library/PrivateFrameworks/AppSupport.framework/AppSupport
0x18deab000 - 0x18dfcefff MobileCoreServices arm64 <e035420bfabe3f28bc6eef0a144ac1d1> /System/Library/Frameworks/MobileCoreServices.framework/MobileCoreServices
0x18dfcf000 - 0x18e027fff BaseBoard arm64 <210cb4a9a0073c7b9e0b3d437cc1aa4b> /System/Library/PrivateFrameworks/BaseBoard.framework/BaseBoard
0x18e028000 - 0x18e033fff AssertionServices arm64 <7ca242e983fd3c0f805d51fca8a4c46a> /System/Library/PrivateFrameworks/AssertionServices.framework/AssertionServices
0x18e034000 - 0x18e060fff BackBoardServices arm64 <c333604ae8123e3cbb46fe26f233beb9> /System/Library/PrivateFrameworks/BackBoardServices.framework/BackBoardServices
0x18e065000 - 0x18e0b4fff FrontBoardServices arm64 <00b3c2ff89f53d3dba0069b6bb5a56bd> /System/Library/PrivateFrameworks/FrontBoardServices.framework/FrontBoardServices
0x18e0b8000 - 0x18e0ebfff SpringBoardServices arm64 <d2c3d08eff3f3119a6f4eb1a0a180305> /System/Library/PrivateFrameworks/SpringBoardServices.framework/SpringBoardServices
0x18e0ec000 - 0x18e100fff MobileKeyBag arm64 <a78d40cc257231978e752c5a81cd1356> /System/Library/PrivateFrameworks/MobileKeyBag.framework/MobileKeyBag
0x18e101000 - 0x18e109fff IOSurface arm64 <9a22349e905539a0a1598af6d7fe9cc9> /System/Library/PrivateFrameworks/IOSurface.framework/IOSurface
0x18e10a000 - 0x18e115fff liblockdown.dylib arm64 <ab36b2ace988302c89207cb290ff4a76> /usr/lib/liblockdown.dylib
0x18e116000 - 0x18e12cfff CrashReporterSupport arm64 <326017f8d07d3e7cb338dda00fa888f7> /System/Library/PrivateFrameworks/CrashReporterSupport.framework/CrashReporterSupport
0x18e12d000 - 0x18e12ffff IOSurfaceAccelerator arm64 <7b7c2b7ea506374cb3902b7408d5d4bf> /System/Library/PrivateFrameworks/IOSurfaceAccelerator.framework/IOSurfaceAccelerator
0x18e130000 - 0x18e170fff AppleJPEG arm64 <b2fd4ef37aaf38f58311e33ea1683082> /System/Library/PrivateFrameworks/AppleJPEG.framework/AppleJPEG
0x18e171000 - 0x18e703fff ImageIO arm64 <f5ddfe623d4f3a338ae75c666ea10815> /System/Library/Frameworks/ImageIO.framework/ImageIO
0x18e704000 - 0x18e70afff TCC arm64 <c9f168508185369591dfcd1c1cf9b6a3> /System/Library/PrivateFrameworks/TCC.framework/TCC
0x18e70b000 - 0x18e70ffff AggregateDictionary arm64 <4be0041fb69b358cada4eeabbf22adf3> /System/Library/PrivateFrameworks/AggregateDictionary.framework/AggregateDictionary
0x18e710000 - 0x18e71cfff PowerLog arm64 <e5003d8e49d0390c8a67da790407e704> /System/Library/PrivateFrameworks/PowerLog.framework/PowerLog
0x18e71d000 - 0x18e785fff libTelephonyUtilDynamic.dylib arm64 <4a1e447a97f43b91a92ee731c2a4286b> /usr/lib/libTelephonyUtilDynamic.dylib
0x18e786000 - 0x18e798fff CommonUtilities arm64 <486d816afdc431aaa2ef67b229cf4e96> /System/Library/PrivateFrameworks/CommonUtilities.framework/CommonUtilities
0x18e799000 - 0x18e7adfff libcompression.dylib arm64 <c764915fa0ec384f8a1759e63235b5a9> /usr/lib/libcompression.dylib
0x18ea4d000 - 0x18ea52fff libCoreVMClient.dylib arm64 <3a28c232b17430839305f9d17745e247> /System/Library/Frameworks/OpenGLES.framework/libCoreVMClient.dylib
0x18ea53000 - 0x18ea58fff IOAccelerator arm64 <f4d5cd421bd03a52b40c991fd1c73806> /System/Library/PrivateFrameworks/IOAccelerator.framework/IOAccelerator
0x18ea59000 - 0x18ea5afff libCVMSPluginSupport.dylib arm64 <7110757134ea3599b3d739db2ea6f48a> /System/Library/Frameworks/OpenGLES.framework/libCVMSPluginSupport.dylib
0x18ea5b000 - 0x18ea5efff libCoreFSCache.dylib arm64 <2147b40a3d713d53b221e8f40ca5ac7f> /System/Library/Frameworks/OpenGLES.framework/libCoreFSCache.dylib
0x18ea5f000 - 0x18eaa2fff libGLImage.dylib arm64 <c2e2de9ee34236558c89d7fe9bc0116c> /System/Library/Frameworks/OpenGLES.framework/libGLImage.dylib
0x18eaa3000 - 0x18eaadfff libGFXShared.dylib arm64 <058e54d10e9838c5bea32a75f199c2db> /System/Library/Frameworks/OpenGLES.framework/libGFXShared.dylib
0x18eaae000 - 0x18eab6fff IOMobileFramebuffer arm64 <811101a668313da993fa3881ac7cddef> /System/Library/PrivateFrameworks/IOMobileFramebuffer.framework/IOMobileFramebuffer
0x18eab7000 - 0x18eab7fff libmetal_timestamp.dylib arm64 <2bbf481d5e4a35aea434cd15f9d6a182> /System/Library/PrivateFrameworks/GPUCompiler.framework/libmetal_timestamp.dylib
0x18eab8000 - 0x18eb16fff Metal arm64 <ff1261ae94e03c19964dda0546e189fd> /System/Library/Frameworks/Metal.framework/Metal
0x18eb17000 - 0x18eb21fff OpenGLES arm64 <52e0ecb1f2c23cc4a26345d035127679> /System/Library/Frameworks/OpenGLES.framework/OpenGLES
0x18eb22000 - 0x18eb46fff CoreVideo arm64 <581f5f9967923c4983c1373dfa23195b> /System/Library/Frameworks/CoreVideo.framework/CoreVideo
0x18eb88000 - 0x18ec7afff libiconv.2.dylib arm64 <c85933d9062f32ac885047aadb359e88> /usr/lib/libiconv.2.dylib
0x18ec7b000 - 0x18edcbfff CoreAudio arm64 <8ff5628b7e9b36efb6b746e6ea3e9088> /System/Library/Frameworks/CoreAudio.framework/CoreAudio
0x18edcc000 - 0x18edcffff UserFS arm64 <13d40ea4a3e032b199465cddc45c8479> /System/Library/PrivateFrameworks/UserFS.framework/UserFS
0x18edd0000 - 0x18eedefff CoreMedia arm64 <98e944101d7b3745ae7bc0e43a8b59cb> /System/Library/Frameworks/CoreMedia.framework/CoreMedia
0x18eedf000 - 0x18eee5fff libcupolicy.dylib arm64 <e88ddf38bf5a3f2583b7f1c9b1af4e76> /usr/lib/libcupolicy.dylib
0x18eee6000 - 0x18ef73fff CoreTelephony arm64 <c5ef9b84bce0312e96b3faed5e424110> /System/Library/Frameworks/CoreTelephony.framework/CoreTelephony
0x18ef74000 - 0x18f081fff libFontParser.dylib arm64 <2784cc1e874a395bb3ea2f7c3382c62f> /System/Library/PrivateFrameworks/FontServices.framework/libFontParser.dylib
0x18f082000 - 0x18f111fff VideoToolbox arm64 <d0baea0326d13f66ae8623f19aa1ac76> /System/Library/Frameworks/VideoToolbox.framework/VideoToolbox
0x18f112000 - 0x18f112fff FontServices arm64 <a4b99cf7d62630aeb2f8c8e865a8fe34> /System/Library/PrivateFrameworks/FontServices.framework/FontServices
0x18f113000 - 0x18f260fff CoreText arm64 <9d73af39afa63ea68673374a3862426b> /System/Library/Frameworks/CoreText.framework/CoreText
0x18f2ac000 - 0x18f70cfff AudioToolbox arm64 <3ea60e00d2383ae498996690ab1fdbdd> /System/Library/Frameworks/AudioToolbox.framework/AudioToolbox
0x18f70d000 - 0x18f8e5fff QuartzCore arm64 <6dc61ad83fc03f799792d1cb950622f7> /System/Library/Frameworks/QuartzCore.framework/QuartzCore
0x18f8ed000 - 0x18f8fdfff libcmph.dylib arm64 <7f719c3d948530c78be18a40b3ea59aa> /usr/lib/libcmph.dylib
0x18f91f000 - 0x18fa12fff LanguageModeling arm64 <8483753bf96f3484b448a47883cd5ab4> /System/Library/PrivateFrameworks/LanguageModeling.framework/LanguageModeling
0x18fafb000 - 0x18fb11fff libmarisa.dylib arm64 <f0eea40d2c0a33a58d7cd2c9b52da4b7> /usr/lib/libmarisa.dylib
0x18fb12000 - 0x18fbe2fff ProofReader arm64 <1596b3e0c7c43398ac19ac08a5460868> /System/Library/PrivateFrameworks/ProofReader.framework/ProofReader
0x18fbe3000 - 0x18fbedfff MediaAccessibility arm64 <7b482ef272bf34fcb742c2afd236b626> /System/Library/Frameworks/MediaAccessibility.framework/MediaAccessibility
0x18fbee000 - 0x18fbfefff MobileAsset arm64 <66b4c8da5b103557b258b9bac8d37772> /System/Library/PrivateFrameworks/MobileAsset.framework/MobileAsset
0x18fbff000 - 0x18fc70fff ColorSync arm64 <d4fa34368b923aaa8679c1bb8433b9b5> /System/Library/PrivateFrameworks/ColorSync.framework/ColorSync
0x18fc71000 - 0x18fce1fff MetalPerformanceShaders arm64 <251f089c067b30d4922d67dc463d2300> /System/Library/Frameworks/MetalPerformanceShaders.framework/MetalPerformanceShaders
0x18fce2000 - 0x190111fff FaceCore arm64 <04c8c7b7a36d3d98a96817f4365b3439> /System/Library/PrivateFrameworks/FaceCore.framework/FaceCore
0x19018e000 - 0x190358fff CoreImage arm64 <8c3df52ae00634d0ac530ceea391edac> /System/Library/Frameworks/CoreImage.framework/CoreImage
0x190359000 - 0x1903a5fff TextInput arm64 <25840bba5f6e347290d6f9e13dc2adf7> /System/Library/PrivateFrameworks/TextInput.framework/TextInput
0x1903a6000 - 0x1903b6fff libAccessibility.dylib arm64 <f9f8b21c43c33c20a44455087fb58d36> /usr/lib/libAccessibility.dylib
0x1903c6000 - 0x190d1cfff JavaScriptCore arm64 <8f81ebee9a4c3d42903b89e5e73a54a7> /System/Library/Frameworks/JavaScriptCore.framework/JavaScriptCore
0x190f3b000 - 0x19202efff WebCore arm64 <ef6c9957757b3733a0e5d447fe4455aa> /System/Library/PrivateFrameworks/WebCore.framework/WebCore
0x19202f000 - 0x192058fff libxslt.1.dylib arm64 <28d75f17d5b03dfd8717fea9677e1720> /usr/lib/libxslt.1.dylib
0x192059000 - 0x19213efff WebKitLegacy arm64 <2c47baeea50b32f6bab25105cfc7df1f> /System/Library/PrivateFrameworks/WebKitLegacy.framework/WebKitLegacy
0x19213f000 - 0x192207fff CoreUI arm64 <c5f28ba5feee3fa68d7d42174e006ad5> /System/Library/PrivateFrameworks/CoreUI.framework/CoreUI
0x192208000 - 0x19222ffff DictionaryServices arm64 <95116730515a356b990751cd0513b912> /System/Library/PrivateFrameworks/DictionaryServices.framework/DictionaryServices
0x192230000 - 0x192231fff HangTracer arm64 <d433b5e6e9d93fbeb761be625f893433> /System/Library/PrivateFrameworks/HangTracer.framework/HangTracer
0x192232000 - 0x192282fff PhysicsKit arm64 <abbda49ec9cb3e67934ed6ca38a54986> /System/Library/PrivateFrameworks/PhysicsKit.framework/PhysicsKit
0x192283000 - 0x19235bfff UIFoundation arm64 <bf83b49e8565319c87a0d11769135836> /System/Library/PrivateFrameworks/UIFoundation.framework/UIFoundation
0x192368000 - 0x1930f4fff UIKit arm64 <1804405f7b2a3e77a349b53163b09cdb> /System/Library/Frameworks/UIKit.framework/UIKit
0x193144000 - 0x193165fff NetworkStatistics arm64 <a0b0f25f321b35fba72fcdddcc334766> /System/Library/PrivateFrameworks/NetworkStatistics.framework/NetworkStatistics
0x1931f0000 - 0x19334dfff CoreMotion arm64 <32e6ecff39443a1687ad3f188b97b09f> /System/Library/Frameworks/CoreMotion.framework/CoreMotion
0x19337c000 - 0x193389fff CoreAUC arm64 <671a13f17b6d3f7da0b81595e1957bc5> /System/Library/PrivateFrameworks/CoreAUC.framework/CoreAUC
0x19338a000 - 0x19392bfff MediaToolbox arm64 <6a968276d7153a80b6059d561045f83d> /System/Library/Frameworks/MediaToolbox.framework/MediaToolbox
0x19392c000 - 0x193ad7fff Celestial arm64 <4b71ffa1c45d346887475b45f842fb12> /System/Library/PrivateFrameworks/Celestial.framework/Celestial
0x19453a000 - 0x19453ffff ConstantClasses arm64 <9d635c1173f83a22b1d1b1e53c16f6bb> /System/Library/PrivateFrameworks/ConstantClasses.framework/ConstantClasses
0x195443000 - 0x195457fff UserManagement arm64 <26bc451e92fd3d18a4f237c34798385a> /System/Library/PrivateFrameworks/UserManagement.framework/UserManagement
0x197b46000 - 0x197b79fff DataDetectorsCore arm64 <36ddb64003543f17a4ae5f50cf5ca896> /System/Library/PrivateFrameworks/DataDetectorsCore.framework/DataDetectorsCore
0x198cca000 - 0x198d42fff libnetwork.dylib arm64 <5a78675ccd2f3b50ba5ae3e5ef088969> /usr/lib/libnetwork.dylib
0x199823000 - 0x199855fff Pegasus arm64 <16f175f3c4b5343fbba9f33a019df587> /System/Library/PrivateFrameworks/Pegasus.framework/Pegasus
0x19cb3f000 - 0x19cb9bfff CoreBrightness arm64 <85ad1b8cc94739a6a1e65cfb56900997> /System/Library/PrivateFrameworks/CoreBrightness.framework/CoreBrightness
0x19dc2f000 - 0x19dc81fff libstdc++.6.dylib arm64 <eabed2bf79e137e6acc7efaff2dc7cf2> /usr/lib/libstdc++.6.dylib
0x1a0a37000 - 0x1a0a4bfff libCGInterfaces.dylib arm64 <a94effd0df4d3bb691067ae3ae270125> /System/Library/Frameworks/Accelerate.framework/Frameworks/vImage.framework/Libraries/libCGInterfaces.dylib
0x1a191c000 - 0x1a192afff AppleFSCompression arm64 <a1afd6c88f183b0896626b220de4d2c2> /System/Library/PrivateFrameworks/AppleFSCompression.framework/AppleFSCompression
0x1a25db000 - 0x1a2601fff CoreServicesInternal arm64 <3a007d98794d3e3a9d1f377b2c3619ee> /System/Library/PrivateFrameworks/CoreServicesInternal.framework/CoreServicesInternal
0x1a2cc4000 - 0x1a2cd0fff libGSFontCache.dylib arm64 <e35b6863bb623df5b8e7735a66f76e50> /System/Library/PrivateFrameworks/FontServices.framework/libGSFontCache.dylib
0x1a2cd1000 - 0x1a2d02fff libTrueTypeScaler.dylib arm64 <de847921d0693dc48e78f8847117768a> /System/Library/PrivateFrameworks/FontServices.framework/libTrueTypeScaler.dylib
0x1a5313000 - 0x1a54eefff libFosl_dynamic.dylib arm64 <0aa33a84bd8630f29c6fc401fa0ffd5e> /usr/lib/libFosl_dynamic.dylib
0x1a5905000 - 0x1a5934fff libpcap.A.dylib arm64 <983b5efbde5d30238673d8b74a8a2653> /usr/lib/libpcap.A.dylib
0x1a596d000 - 0x1a596ffff libsp.dylib arm64 <2d0cf7d8b299372f91d6c54b2f5bcc21> /usr/lib/libsp.dylib
0x1a5ce6000 - 0x1a5d09fff UserNotifications arm64 <0dd7c46e70d23483a26b02bfed7be22f> /System/Library/Frameworks/UserNotifications.framework/UserNotifications
0x1a621f000 - 0x1a63a9fff TextureIO arm64 <c54172604d14378eb9ca8a71942a9a7e> /System/Library/PrivateFrameworks/TextureIO.framework/TextureIO
0x1a78cb000 - 0x1a78ddfff libBNNS.dylib arm64 <4fe669ed8f7e3fd6aa4687faa52c18e9> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libBNNS.dylib
0x1a78de000 - 0x1a78e3fff libQuadrature.dylib arm64 <b42c49db566e3e5f9577adbfcf2e0a42> /System/Library/Frameworks/Accelerate.framework/Frameworks/vecLib.framework/libQuadrature.dylib
0x1a7c36000 - 0x1a7c47fff CoreEmoji arm64 <a5aa53b703bf3c669425672d599a24f9> /System/Library/PrivateFrameworks/CoreEmoji.framework/CoreEmoji
0x1a8209000 - 0x1a82d1fff NLP arm64 <41213ee6dc4c3221876add1679d24b72> /System/Library/PrivateFrameworks/NLP.framework/NLP
0x1a92e3000 - 0x1a935afff libate.dylib arm64 <afb1757e1bdd3804b372511c4c3ba662> /usr/lib/libate.dylib
0x1a935b000 - 0x1a935bfff libcoretls.dylib arm64 <3798381066cd3288b95a25164d224a06> /usr/lib/libcoretls.dylib
0x1a935c000 - 0x1a935dfff libcoretls_cfhelpers.dylib arm64 <f528dac189a931439165cffb8579f5ef> /usr/lib/libcoretls_cfhelpers.dylib
EOF@poldenais, might be challenging to debug remotely :S anything appearing in the syslog?
poldenais
commented
7 years ago hi @kryptoknight13 it's a Yalu jailbreak I am using on the iPad device (10.2), what JB are you using?
kryptoknight13
commented
7 years ago Hi @poldenais : I am using 9.1 Jailbreak on iPhone 6. Your's is a semi-jailbreak or full jailbreak?
poldenais
commented
7 years ago @kryptoknight13 it's a Semi jailbreak. I was just wondering was it the same. thx
marco-lancini
commented
7 years ago Hi, @poldenais and @kryptoknight13. Version 1.0.2 has just been released to fix issues #137 and #141:
Please upgrade the Agent from Cydia, and the Core from github. Then let me know if you're still experiencing this issue
poldenais
commented
7 years ago hi @marco-lancini , I seem to be still having issues but that could something to do with my setup. below is the log when I try to run a command. thanks.
Pauls-MacBook-Air:needle paulnash$ python needle.py
__ _ _______ _______ ______ _______
| \ | |______ |______ | \ | |______
| \_| |______ |______ |_____/ |_____ |______
Needle v1.0.2 [mwr.to/needle]
[MWR InfoSecurity (@MWRLabs) - Marco Lancini (@LanciniMarco)]
[needle] > set VERBOSE true
VERBOSE => true
[needle] > set DEBUG true
DEBUG => true
[needle] > use storage/data/files_plist
[needle][files_plist] > run
[D] Setup local output folder: /Users/paulnash/.needle/output
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/paulnash/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
2017-03-21 16:14:24,386| ERROR | Exception: Error reading SSH protocol banner
2017-03-21 16:14:24,388| ERROR | Traceback (most recent call last):
2017-03-21 16:14:24,388| ERROR | File "/usr/local/lib/python2.7/site-packages/paramiko/transport.py", line 1749, in run
2017-03-21 16:14:24,389| ERROR | self._check_banner()
2017-03-21 16:14:24,389| ERROR | File "/usr/local/lib/python2.7/site-packages/paramiko/transport.py", line 1897, in _check_banner
2017-03-21 16:14:24,389| ERROR | raise SSHException('Error reading SSH protocol banner' + str(e))
2017-03-21 16:14:24,389| ERROR | SSHException: Error reading SSH protocol banner
2017-03-21 16:14:24,389| ERROR |
2017-03-21 16:14:24,400| ERROR | Could not connect to gateway 127.0.0.1:2222 : Error reading SSH protocol banner
[!] Problem establishing connection: BaseSSHTunnelForwarderError - .
------------------------------------------------------------
Traceback (most recent call last):
File "/Users/paulnash/needle/needle/core/framework/framework.py", line 616, in _connection_new
self.device.connect()
File "/Users/paulnash/needle/needle/core/device/device.py", line 214, in connect
self._portforward_agent_start()
File "/Users/paulnash/needle/needle/core/device/device.py", line 149, in _portforward_agent_start
self._port_forward_agent.start()
File "/usr/local/lib/python2.7/site-packages/sshtunnel.py", line 1224, in start
reason='Could not establish session to SSH gateway')
File "/usr/local/lib/python2.7/site-packages/sshtunnel.py", line 1036, in _raise
raise exception(reason)
BaseSSHTunnelForwarderError: Could not establish session to SSH gateway
------------------------------------------------------------
[!] BaseSSHTunnelForwarderError: Could not establish session to SSH gateway.
[V] [SSH] Disconnecting...
[V] [AGENT] Disconnecting from agent...
[D] Stopping USB port forwarding
[D] [LOCAL CMD] Stopping Local Subprocess Command [pid: 697]
[D] [AGENT] Stopping port forwarding
[needle][files_plist] > Hi @poldenais, yep that's definitely something related to your environment :)
poldenais
commented
7 years ago @marco-lancini Marco did you get the agent install on iOS 10.2 by any chance? I have the Yalu JB on it but it recommends not installing OpenSSH and using a Daemon dropper instead to SSH into the iPad device. I can get my Mac to SSH connect to the device now but I think this is where I could be running into problems now with the Needle Agent. any suggestions? thx
marco-lancini
commented
7 years ago @poldenais: yes, one of my testing devices is running iOS 10.2
needle doesn't rely on SSH for iOS 10, but on the dropbear daemon dropped by the yalu jb. The only package that needle will install is a scp module for dropbear:
https://github.com/mwrlabs/needle/blob/master/needle/core/utils/constants.py#L159
Of course, as outlined by the creators of the jailbreak, the dropbear daemon listens only on localhost. If you want to make it listen on every interface (to enable access over Wi-Fi) you'll have to perform these steps:
/Library/LaunchDaemons/dropbear.plist and change the port argument from 127.0.0.1:22 to 0.0.0.0:22launchctl unload /Library/LaunchDaemons/dropbear.plistlaunchctl load /Library/LaunchDaemons/dropbear.plistpoldenais
commented
7 years ago hi @marco-lancini for some reason Im still hitting an error. The agent is sitting in the foreground and once I run a Command the agent closes and the command pauses.
__ _ _______ _______ ______ _______
| \ | |______ |______ | \ | |______
| \_| |______ |______ |_____/ |_____ |______
Needle v1.0.2 [mwr.to/needle]
[MWR InfoSecurity (@MWRLabs) - Marco Lancini (@LanciniMarco)]
[needle] > show options
Name Current Value Required Description
-------------- ------------- -------- -----------
AGENT_PORT 4444 yes Port on which the Needle Agent is listening
APP no Bundle ID of the target application (e.g., com.example.app). Leave empty to launch wizard
DEBUG False yes Enable debugging output
IP 127.0.0.1 yes IP address of the testing device (set to localhost to use USB)
OUTPUT_FOLDER /Users/paulnash/.needle/output yes Full path of the output folder, where to store the output of the modules
PASSWORD ******** yes SSH Password of the testing device
PORT 2222 yes Port of the SSH agent on the testing device (needs to be != 22 to use USB)
PUB_KEY_AUTH True yes Use public key auth to authenticate to the device. Key must be present in the ssh-agent if a passphrase is used
SAVE_HISTORY True yes Persists command history across sessions
SETUP_DEVICE False yes Set to true to enable auto-configuration of the device (installation of all the tools needed)
USERNAME root yes SSH Username of the testing device
VERBOSE True yes Enable verbose output
[needle] > set DEBUG true
DEBUG => true
[needle] > use storage/data/files_plist
[needle][files_plist] > run
[D] Setup local output folder: /Users/paulnash/.needle/output
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[D] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/paulnash/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[D] [AGENT] Setting up port forwarding on port 4444
[V] [AGENT] Connecting to agent (127.0.0.1:4444)...
[+] [AGENT] Successfully connected to agent (127.0.0.1:4444)...
[V] [SSH] Connecting (127.0.0.1:2222)...
[+] [SSH] Connected (127.0.0.1:2222)
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[D] [AGENT] Executing command: os_version
[D] [AGENT] Parsing result
[*] Target app not selected. Launching wizard...
[D] [AGENT] Executing command: list_apps
[D] [AGENT] Parsing resulthi @marco-lancini : after updating needle framework and needle-agent from the said links: https://github.com/mwrlabs/needle/releases/tag/v1.0.2 https://github.com/mwrlabs/needle-agent/releases/tag/v1.0.2
, I am experiencing the same issue as mention by @poldenais in above comment. The needle agent closes/crashes(i see few crash log in xcode) and command pause at "[D] [AGENT] Parsing result".
Pasting the crash logs, not sure if that would be of much use:
Incident Identifier: 912C2EC1-07F5-4DE8-A145-14FE8BF86191 CrashReporter Key: 82f3611c061709c82f19820ed905033633a7d58b Hardware Model: iPhone7,2 Process: NeedleAgent [1398] Path: /private/var/db/stash/_.UsNTUa/Applications/NeedleAgent.app/NeedleAgent Identifier: mwr.needle.agent Version: 1 (1.0.1) Code Type: ARM-64 (Native) Parent Process: launchd [1]
Date/Time: 2017-03-23 13:35:39.39 +0530 Launch Time: 2017-03-23 13:32:48.48 +0530 OS Version: iOS 9.1 (13B143) Report Version: 105
Exception Type: EXC_CRASH (SIGABRT) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Triggered by Thread: 4
Filtered syslog: None found
Last Exception Backtrace: 0 CoreFoundation 0x1851d0f48 exceptionPreprocess + 124 1 libobjc.A.dylib 0x199d83f80 objc_exception_throw + 56 2 CoreFoundation 0x1850bf7c8 -[NSPlaceholderDictionary initWithObjects:forKeys:count:] + 324 3 CoreFoundation 0x1850bf660 +[NSDictionary dictionaryWithObjects:forKeys:count:] + 64 4 NeedleAgent 0x1000f6eb0 0x1000f0000 + 28336 5 NeedleAgent 0x1000f69b0 0x1000f0000 + 27056 6 NeedleAgent 0x1000f730c 0x1000f0000 + 29452 7 NeedleAgent 0x1000f7200 0x1000f0000 + 29184 8 NeedleAgent 0x1000f654c 0x1000f0000 + 25932 9 CocoaAsyncSocket 0x100142b94 0x100130000 + 76692 10 libdispatch.dylib 0x19a5a16e8 _dispatch_call_block_and_release + 24 11 libdispatch.dylib 0x19a5a16a8 _dispatch_client_callout + 16 12 libdispatch.dylib 0x19a5ad6ec _dispatch_queue_drain + 864 13 libdispatch.dylib 0x19a5a51ac _dispatch_queue_invoke + 464 14 libdispatch.dylib 0x19a5af5bc _dispatch_root_queue_drain + 728 15 libdispatch.dylib 0x19a5af2dc _dispatch_worker_thread3 + 112 16 libsystem_pthread.dylib 0x19a7b5470 _pthread_wqthread + 1092 17 libsystem_pthread.dylib 0x19a7b5020 start_wqthread + 4
Global Trace Buffer (reverse chronological seconds): 78.122049 CFNetwork 0x0000000184975034 TCP Conn 0x12ee78af0 started 170.817608 AppleJPEG 0x000000018c4da348 [0x12f849a00] Created session
Thread 0 name: Dispatch queue: com.apple.main-thread Thread 0: 0 libsystem_kernel.dylib 0x000000019a6d4a40 mach_msg_trap + 8 1 libsystem_kernel.dylib 0x000000019a6d48bc mach_msg + 72 2 CoreFoundation 0x0000000185188108 CFRunLoopServiceMachPort + 196 3 CoreFoundation 0x0000000185185e0c CFRunLoopRun + 1032 4 CoreFoundation 0x00000001850b4ca0 CFRunLoopRunSpecific + 384 5 GraphicsServices 0x00000001902f0088 GSEventRunModal + 180 6 UIKit 0x000000018a7ccffc UIApplicationMain + 204 7 NeedleAgent 0x00000001000f696c 0x1000f0000 + 26988 8 libdyld.dylib 0x000000019a5d28b8 start + 4
Thread 1 name: Dispatch queue: com.apple.libdispatch-manager Thread 1: 0 libsystem_kernel.dylib 0x000000019a6f04fc kevent_qos + 8 1 libdispatch.dylib 0x000000019a5b4a04 _dispatch_mgr_invoke + 232 2 libdispatch.dylib 0x000000019a5a3874 _dispatch_source_invoke + 0
Thread 2 name: com.apple.NSURLConnectionLoader Thread 2: 0 libsystem_kernel.dylib 0x000000019a6d4a40 mach_msg_trap + 8 1 libsystem_kernel.dylib 0x000000019a6d48bc mach_msg + 72 2 CoreFoundation 0x0000000185188108 CFRunLoopServiceMachPort + 196 3 CoreFoundation 0x0000000185185e0c CFRunLoopRun + 1032 4 CoreFoundation 0x00000001850b4ca0 CFRunLoopRunSpecific + 384 5 CFNetwork 0x000000018494db84 +[NSURLConnection(Loader) _resourceLoadLoop:] + 412 6 Foundation 0x0000000186113c80 NSThreadstart__ + 1000 7 libsystem_pthread.dylib 0x000000019a7b7b28 _pthread_body + 156 8 libsystem_pthread.dylib 0x000000019a7b7a8c _pthread_body + 0 9 libsystem_pthread.dylib 0x000000019a7b5028 thread_start + 4
Thread 3 name: com.apple.CFSocket.private Thread 3: 0 libsystem_kernel.dylib 0x000000019a6ef368 select + 8 1 CoreFoundation 0x000000018518e670 CFSocketManager + 648 2 libsystem_pthread.dylib 0x000000019a7b7b28 _pthread_body + 156 3 libsystem_pthread.dylib 0x000000019a7b7a8c _pthread_body + 0 4 libsystem_pthread.dylib 0x000000019a7b5028 thread_start + 4
Thread 4 name: Dispatch queue: socketQueue Thread 4 Crashed: 0 libsystem_kernel.dylib 0x000000019a6ef140 pthread_kill + 8 1 libsystem_pthread.dylib 0x000000019a7b8ef8 pthread_kill + 112 2 libsystem_c.dylib 0x000000019a662b78 abort + 140 3 libc++abi.dylib 0x00000001993f93f4 cxa_bad_cast + 0 4 libc++abi.dylib 0x0000000199415e98 default_unexpected_handler() + 0 5 libobjc.A.dylib 0x0000000199d84248 _objc_terminate() + 124 6 libc++abi.dylib 0x0000000199412f44 std::terminate(void (*)()) + 16 7 libc++abi.dylib 0x000000019941285c cxxabiv1::exception_cleanup_func(_Unwind_Reason_Code, _Unwind_Exception) + 0 8 libobjc.A.dylib 0x0000000199d84094 _objc_exception_destructor(void) + 0 9 CoreFoundation 0x00000001850bf7c8 -[__NSPlaceholderDictionary initWithObjects:forKeys:count:] + 324 10 CoreFoundation 0x00000001850bf660 +[NSDictionary dictionaryWithObjects:forKeys:count:] + 64 11 NeedleAgent 0x00000001000f6eb0 0x1000f0000 + 28336 12 NeedleAgent 0x00000001000f69b0 0x1000f0000 + 27056 13 NeedleAgent 0x00000001000f730c 0x1000f0000 + 29452 14 NeedleAgent 0x00000001000f7200 0x1000f0000 + 29184 15 NeedleAgent 0x00000001000f654c 0x1000f0000 + 25932 16 CocoaAsyncSocket 0x0000000100142b94 0x100130000 + 76692 17 libdispatch.dylib 0x000000019a5a16e8 _dispatch_call_block_and_release + 24 18 libdispatch.dylib 0x000000019a5a16a8 _dispatch_client_callout + 16 19 libdispatch.dylib 0x000000019a5ad6ec _dispatch_queue_drain + 864 20 libdispatch.dylib 0x000000019a5a51ac _dispatch_queue_invoke + 464 21 libdispatch.dylib 0x000000019a5af5bc _dispatch_root_queue_drain + 728 22 libdispatch.dylib 0x000000019a5af2dc _dispatch_worker_thread3 + 112 23 libsystem_pthread.dylib 0x000000019a7b5470 _pthread_wqthread + 1092 24 libsystem_pthread.dylib 0x000000019a7b5020 start_wqthread + 4
Thread 5: 0 libsystem_kernel.dylib 0x000000019a6efb6c __workq_kernreturn + 8 1 libsystem_pthread.dylib 0x000000019a7b5530 _pthread_wqthread + 1284 2 libsystem_pthread.dylib 0x000000019a7b5020 start_wqthread + 4
Thread 4 crashed with ARM Thread State (64-bit): x0: 0x0000000000000000 x1: 0x0000000000000000 x2: 0x0000000000000000 x3: 0x000000012edd0127 x4: 0x0000000199416e02 x5: 0x000000016e0853f0 x6: 0x000000000000006e x7: 0x0000000000000f80 x8: 0x000000000c000000 x9: 0x0000000004000000 x10: 0x0000000000000002 x11: 0x0000000000000010 x12: 0x0000000000000000 x13: 0x0000000000000002 x14: 0x00000000ffffffff x15: 0x00000000fffffff7 x16: 0x0000000000000148 x17: 0x0000000000000000 x18: 0x0000000000000000 x19: 0x0000000000000006 x20: 0x000000016e087000 x21: 0x000000016e0853f0 x22: 0x000000012eead1c0 x23: 0x000000018b17305d x24: 0x000000012ee9ddf0 x25: 0x000000012eead090 x26: 0x0000000000000000 x27: 0xa0000312e312e355 x28: 0x000000012ee9dca0 fp: 0x000000016e085350 lr: 0x000000019a7b8ef8 sp: 0x000000016e085330 pc: 0x000000019a6ef140 cpsr: 0x00000000
Binary Images:
0x1000f0000 - 0x1000fbfff NeedleAgent arm64 <321878bc69693c9385b3d66a2253d676> /var/db/stash/.UsNTUa/Applications/NeedleAgent.app/NeedleAgent
0x100114000 - 0x100117fff MobileSubstrate.dylib arm64 <3134cfb2f722310ea2c742ae4dc131ab> /Library/MobileSubstrate/MobileSubstrate.dylib
0x100130000 - 0x10015ffff CocoaAsyncSocket arm64 <7cde30401c1d387a95735157fb8863b0> /var/db/stash/.UsNTUa/Applications/NeedleAgent.app/Frameworks/CocoaAsyncSocket.framework/CocoaAsyncSocket
0x100400000 - 0x100403fff SubstrateLoader.dylib arm64 <54645dc0321231d88a022fd67a793278> /Library/Frameworks/CydiaSubstrate.framework/Libraries/SubstrateLoader.dylib
0x100434000 - 0x100447fff Activator.dylib arm64 <732c5a987d52308a952e0d3f3440c77b> /Library/MobileSubstrate/DynamicLibraries/Activator.dylib
0x1004c8000 - 0x1004cffff librocketbootstrap.dylib arm64 <32890c4f316e307a918a53552e347b46> /usr/lib/librocketbootstrap.dylib
0x1004d8000 - 0x1004effff libsubstrate.dylib arm64
marco-lancini
commented
7 years ago Hi @poldenais, @kryptoknight13: to debug this I'll need a complete list of all apps and substrate tweaks installed on your devices. Then please open a new issue as this is no longer related to telnet.
Can I also ask you to format your output in markdown please? (https://guides.github.com/features/mastering-markdown/)
locpv-ibl
commented
5 years ago I got this error message when I used:
IP => 112.16.11.21
[needle] > set PORT 22
PORT => 22
[needle] > set APP i.enterprise
APP => i.enterprise
[needle] > EOF
[+] Resource file successfully loaded
[needle] > use hooking/frida/script_touch-id-bypass
[needle][script_touch-id-bypass] > run
[?] Attention! The folder chosen to store local output is not empty: /home/phanvanloc/.needle/output
[?] Do you want to back it up first?
[?] Y: the content will be archived in a different location, then the folder will be emptied
[?] N: no action will be taken (destination files might be overwritten in case of filename clash)
[y/n]: y
[V] Archiving local output folder: /home/phanvanloc/.needle/output --> /home/phanvanloc/.needle/backup/needle-output_2018-12-03-19:03:11
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[V] [AGENT] Connecting to agent (112.16.11.21:4444)...
[+] [AGENT] Successfully connected to agent (112.16.11.21:4444)...
[V] [SSH] Connecting (112.16.11.21:22)...
[+] [SSH] Connected (112.16.11.21:22)
[+] Target app: i.enterprise
[*] Retrieving app's metadata...
[*] Pulling: /private/var/containers/Bundle/Application/878B0224-4E29-4E00-BE4D-7C43E55453C6/i.enterprise.app/Info.plist -> /home/phanvanloc/.needle/tmp/plist
[*] Setting up local port forwarding to enable communications with the Frida server...
**2018-12-03 19:03:16,669| ERROR | Problem setting SSH Forwarder up: Couldn't open tunnel 127.0.0.1:27042 <> 127.0.0.1:27042 might be in use or destination not reachable
[!] HandlerSSHTunnelForwarderError: An error occurred while opening tunnels.**I need some help! pls
locpv-ibl
commented
5 years ago I solved my problem by installing use device/dependency_installer set ALL to be True.
Issue
After updating the Needle Framework with latest updates on repository, i observe "Telnet connection closed" while trying to run any module.
Expected behaviour
Wizard should be displayed in order to select the app.
Actual behaviour
Steps to reproduce
IP -> 127.0.0.1, PORT->2224, PASSWORD->default pwd, VERBOSE->true, DEBUG->true)use binary/info/checksumsEnvironment
Workstation Operating System
OSX 10.11.6
Python Version
Python 2.7.11
Python Packages (
pip freeze)pip
Device iOS Version
9.1