search

ahhh / Reverse_DNS_Shell

A python reverse shell that uses DNS as the c2 channel
GNU General Public License v2.0
499 stars 173 forks source link

TypeError: encrypt() cannot be called after decrypt() #5

Open AgeOfMarcus opened 6 years ago

AgeOfMarcus commented 6 years ago

When running the server, and trying to connect with the client to localhost, I get the following result when a command is sent/received:

Traceback (most recent call last): File "./reverse_dns_shell_client.py", line 168, in <module> main() File "./reverse_dns_shell_client.py", line 164, in main start(opts.host) File "./reverse_dns_shell_client.py", line 133, in start stdoutput = runCmd(cmd) File "./reverse_dns_shell_client.py", line 105, in runCmd output = processOutput(stdoutput) File "./reverse_dns_shell_client.py", line 76, in processOutput eStdoutput = encrypt(stdoutput) File "./reverse_dns_shell_client.py", line 34, in encrypt encoded = EncodeAES(cipher, string) File "./reverse_dns_shell_client.py", line 27, in <lambda> EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s))) File "/usr/local/lib/python2.7/dist-packages/Crypto/Cipher/_mode_cbc.py", line 157, in encrypt raise TypeError("encrypt() cannot be called after decrypt()") TypeError: encrypt() cannot be called after decrypt()

isGt93 commented 2 years ago

I had the same problem, how did you solve it?

elefr3n commented 2 years ago

I had the same problem, how did you solve it?

Apparently how the script uses the crypto object is not compatible with pycryptodome, I SOLVED IT editing the client and server encrypt() and decrypt() functions with "return string", namely without encrypt/decrypt the values. I know is not the best way because now communication is in text plain, but it's working.

ahhh commented 1 year ago

Hmmm late to the party but we should probably update the crypto libs if the basic encrypt / decrypt isn't working... For the record this was a POC I don't use this in production or on pentests, so if someone wants to take the lead on updating it I'm all for it

Malshift commented 1 year ago

Move the cipher object into the decrypt and encrypt functions. ✌️ 

# encrypt with AES, encode with base64
EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

def encrypt(string):
  cipher = AES.new(secret, AES.MODE_CBC, iv)
  encoded = EncodeAES(cipher, string)
  return encoded

def decrypt(string):
  cipher = AES.new(secret, AES.MODE_CBC, iv)
  decoded = DecodeAES(cipher, string)
  return decoded