search

WithSecureLabs / needle

The iOS Security Testing Framework
https://mobiletools.mwrinfosecurity.com/
Other
1.34k stars 284 forks source link

Shell command fails to establish connection properly #24

Closed NitinJami closed 8 years ago

NitinJami commented 8 years ago

Issue

Expected behaviour

drop a remote shell on the device

Actual behaviour

Exception raised. Related to "cryptography" library.

Steps to reproduce

  1. run shell inside needle

    needle error logs

Ensure verbose and debug mode are enabled:

[needle] > set VERBOSE True
VERBOSE => True
[needle] > set DEBUG True
DEBUG => True
[needle] > shell
[*] Spawning a shell...
[*] Checking connection with device...
[V] Connection not present, creating a new instance
[V] Setting up USB port forwarding on port 2222
[D] [LOCAL CMD] Local Subprocess Command: /Users/nitin/Documents/scripts/needle/needle/libs/usbmuxd/tcprelay.py -t 22:2222
[V] Setting up SSH connection...
[!] Problem establishing connection: Exception - Could not open a connection to 127.0.0.1. ValueError - Multibackend cannot be initialized with no backends. If you are seeing this error when trying to use default_backend() please try uninstalling and reinstalling cryptography. .
------------------------------------------------------------
Traceback (most recent call last):
  File "/Users/nitin/Documents/scripts/needle/needle/core/framework/framework.py", line 633, in _connection_new
    self._spawn_device()
  File "/Users/nitin/Documents/scripts/needle/needle/core/framework/framework.py", line 628, in _spawn_device
    self.device = Framework.device = Device(IP, PORT, USERNAME, PASSWORD, self.TOOLS_LOCAL)
  File "/Users/nitin/Documents/scripts/needle/needle/core/device/device.py", line 63, in __init__
    self.connect()
  File "/Users/nitin/Documents/scripts/needle/needle/core/device/device.py", line 218, in connect
    self._connect_ssh()
  File "/Users/nitin/Documents/scripts/needle/needle/core/device/device.py", line 101, in _connect_ssh
    raise Exception('Could not open a connection to %s. %s - %s' % (self._ip, type(e).__name__, e.message))
Exception: Could not open a connection to 127.0.0.1. ValueError - Multibackend cannot be initialized with no backends. If you are seeing this error when trying to use default_backend() please try uninstalling and reinstalling cryptography.
------------------------------------------------------------
[!] Exception: Could not open a connection to 127.0.0.1. ValueError - Multibackend cannot be initialized with no backends. If you are seeing this error when trying to use default_backend() please try uninstalling and reinstalling cryptography.

Environment

OS X 10.11.6

Python 2.7.10

Python Packages (pip freeze)

altgraph==0.10.2
bdist-mpkg==0.5.0
bonjour-py==0.3
cffi==1.8.3
colorama==0.3.7
cryptography==1.5
drozer==2.3.4
enum34==1.1.6
frida==7.1.9
idna==2.1
ipaddress==1.0.17
macholib==1.5.1
matplotlib==1.3.1
modulegraph==0.10.4
nassl==0.13.5
numpy==1.8.0rc1
paramiko==2.0.2
prompt-toolkit==1.0.0
protobuf==2.4.1
py2app==0.7.3
pyasn1==0.1.9
pycparser==2.14
Pygments==2.1.3
pyobjc-core==2.5.1
pyobjc-framework-Accounts==2.5.1
pyobjc-framework-AddressBook==2.5.1
pyobjc-framework-AppleScriptKit==2.5.1
pyobjc-framework-AppleScriptObjC==2.5.1
pyobjc-framework-Automator==2.5.1
pyobjc-framework-CFNetwork==2.5.1
pyobjc-framework-Cocoa==2.5.1
pyobjc-framework-Collaboration==2.5.1
pyobjc-framework-CoreData==2.5.1
pyobjc-framework-CoreLocation==2.5.1
pyobjc-framework-CoreText==2.5.1
pyobjc-framework-DictionaryServices==2.5.1
pyobjc-framework-EventKit==2.5.1
pyobjc-framework-ExceptionHandling==2.5.1
pyobjc-framework-FSEvents==2.5.1
pyobjc-framework-InputMethodKit==2.5.1
pyobjc-framework-InstallerPlugins==2.5.1
pyobjc-framework-InstantMessage==2.5.1
pyobjc-framework-LatentSemanticMapping==2.5.1
pyobjc-framework-LaunchServices==2.5.1
pyobjc-framework-Message==2.5.1
pyobjc-framework-OpenDirectory==2.5.1
pyobjc-framework-PreferencePanes==2.5.1
pyobjc-framework-PubSub==2.5.1
pyobjc-framework-QTKit==2.5.1
pyobjc-framework-Quartz==2.5.1
pyobjc-framework-ScreenSaver==2.5.1
pyobjc-framework-ScriptingBridge==2.5.1
pyobjc-framework-SearchKit==2.5.1
pyobjc-framework-ServiceManagement==2.5.1
pyobjc-framework-Social==2.5.1
pyobjc-framework-SyncServices==2.5.1
pyobjc-framework-SystemConfiguration==2.5.1
pyobjc-framework-WebKit==2.5.1
pyOpenSSL==0.13.1
pyparsing==2.0.1
python-dateutil==1.5
pytz==2013.7
readline==6.2.4.1
scipy==0.13.0b1
six==1.10.0
sshtunnel==0.1.0
SSLyze==0.13.5
Twisted==10.2.0
wcwidth==0.1.6
xattr==0.6.4
zope.interface==4.1.1

iOS 9.3.3

Notes

Looks like a monkey patch is available from here: [https://github.com/pyca/cryptography/issues/2039]

marco-lancini commented 8 years ago

Hi @NitinJami, it is not an issue within Needle, but in one of the dependencies. I would suggest to try and reinstall paramiko