search

allfro / pymetasploit

A full-fledged msfrpc library for Metasploit framework.
297 stars 141 forks source link

Fixes to be applied when using Python 3 #9

Open strangeloveBsc opened 7 years ago

strangeloveBsc commented 7 years ago

httplib does not exist in python3, httplib2 does not have a HTTPConnection class but uses HTTPConnectionWithTimeout. So one option would be refactoring some code to use httplib2 or use http.client instead (so does httplib2) or changing msfrpc.py line 3 to: from http.client import HTTPConnection, HTTPSConnection

Using http.client throws a failing certificate-validation in the way which I managed to circumvent using some ugly monkeypatching.

Last issue so far:

client = MsfRpcClient("actual_password")
Traceback (most recent call last):
  File "/usr/local/lib/python3.5/dist-packages/metasploit/msfrpc.py", line 316, in login
    if r['result'] == 'success':
KeyError: 'result'

Will fail now since Python3 discriminates between strings and Bytes. Fixed by using: try:


if r[b'result'] == b'success':
    self.sessionid = r[b'token']
    except KeyError:
        raise MsfRpcError('Login failed.')

EDIT: The String / Byte thingie will repeat quite a few times. Maybe I'll send you a pull request after I'm done…

Mikaayenson commented 7 years ago

Will there be a pull request?

26huitailang commented 5 years ago

Still no PR. However, @strangeloveBsc 's method is quite useful that I can change this to py3 version quickly.

Like0x commented 5 years ago

Just now, I found PyMetasploit for Python 3, thank you very much. https://github.com/iCarossio/PyMetasploit_Python3 and it is originated from the author: allfro module modification, I write my code properly now.

26huitailang commented 5 years ago

@CoffeeorteaH I wanted to tell you that I forked this and changed to py3 version before. But you've found one.

Like0x commented 5 years ago

@26huitailang Thank you. I just tried your module and ICarossio module, and the following error occurred. I don't know why, can you help me solve it? I'm using the MAC OS Install through pip3 install [folder]

Sessions avaiables : 
1
2
3
4
5
Traceback (most recent call last):
  File "/Users/PycharmProjects/pymetasploit3/exam.py", line 21, in <module>
    print(shell.read())
  File "/usr/local/lib/python3.6/site-packages/metasploit/msfrpc.py", line 1845, in read
    return self.rpc.call(MsfRpcMethod.SessionShellRead, self.id)['data']
  File "/usr/local/lib/python3.6/site-packages/metasploit/msfrpc.py", line 244, in call
    raise MsfRpcError(result['error_message'])
metasploit.msfrpc.MsfRpcError: Session Disconnected: NameError undefined local variable or method `data' for #<Msf::RPC::RPC_Session:0x007fa581cda3b0>
26huitailang commented 5 years ago

@CoffeeorteaH Sorry, I don't use the shell part. I just use the exploit and payload part. I put the source code in my project directly as a package. When there is sth wrong, you can fix or locate the problem as quickly as possible.