blackhatethicalhacking / subterfuge

Automatically exported from code.google.com/p/subterfuge
GNU General Public License v3.0
0 stars 1 forks source link

Not getting data #90

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
What steps will reproduce the problem?
Running subterfuge with its different modules. 

What is the expected output? What do you see instead?
Expecting to get data from the users on the network but getting nothing and 
errors.

What version of the product are you using? On what operating system?
4.3 beta on backtrack 5 r3.

Please provide any additional information below.

Upon beginning subterfuge I click on start to get the credentials of the users 
that are on the network but I don't get anything even though when I check with 
wireshark it shows that there are users logging in to websites. (and in 
wireshark the packets being seen are all encrypted.)

When I try to do a HTTP code injection I get this error:

TemplateDoesNotExist at /config/httpinjection/

config.ext

Request Method:     POST
Request URL:    http://localhost/config/httpinjection/
Django Version:     1.3.1
Exception Type:     TemplateDoesNotExist
Exception Value:    

config.ext

Exception Location: 
    /usr/local/lib/python2.6/dist-packages/django/template/loader.py in 
find_template, line 138
Python Executable:  /usr/bin/python
Python Version:     2.6.5
Python Path:    

['/usr/share/subterfuge',
 '/usr/local/lib/python2.6/dist-packages/requests-0.13.6-py2.6.egg',
 '/usr/local/lib/python2.6/dist-packages/grequests-0.1.0-py2.6.egg',
 '/usr/local/lib/python2.6/dist-packages/gevent-0.13.7-py2.6-linux-i686.egg',
 '/usr/local/lib/python2.6/dist-packages/greenlet-0.4.0-py2.6-linux-i686.egg',
 '/usr/local/lib/python2.6/dist-packages/Twisted-12.0.0-py2.6-linux-i686.egg',
 '/usr/local/lib/python2.6/dist-packages/BBQSQL-1.1-py2.6.egg',
 '/usr/local/lib/python2.6/dist-packages/argparse-1.1-py2.6.egg',
 '/usr/lib/python2.6',
 '/usr/lib/python2.6/plat-linux2',
 '/usr/lib/python2.6/lib-tk',
 '/usr/lib/python2.6/lib-old',
 '/usr/lib/python2.6/lib-dynload',
 '/usr/lib/python2.6/dist-packages',
 '/usr/lib/python2.6/dist-packages/PIL',
 '/usr/lib/pymodules/python2.6',
 '/usr/lib/pymodules/python2.6/gtk-2.0',
 '/usr/lib/python2.6/dist-packages/wx-2.8-gtk2-unicode',
 '/usr/local/lib/python2.6/dist-packages']

Server time:    Fri, 15 Mar 2013 10:20:47 -0500
Template-loader postmortem

Django tried loading these templates, in this order:

    Using loader django.template.loaders.filesystem.Loader:
        /usr/share/subterfuge/templates/config.ext (File does not exist)
    Using loader django.template.loaders.app_directories.Loader:

Traceback Switch to copy-and-paste view

    /usr/local/lib/python2.6/dist-packages/django/core/handlers/base.py in get_response

                                response = callback(request, *callback_args, **callback_kwargs)

        ...
    ▶ Local vars
    /usr/share/subterfuge/main/views.py in conf

               "status"    :   status,

        ...
    ▶ Local vars
    /usr/local/lib/python2.6/dist-packages/django/shortcuts/__init__.py in render_to_response

            return HttpResponse(loader.render_to_string(*args, **kwargs), **httpresponse_kwargs)

        ...
    ▶ Local vars
    /usr/local/lib/python2.6/dist-packages/django/template/loader.py in render_to_string

                t = get_template(template_name)

        ...
    ▶ Local vars
    /usr/local/lib/python2.6/dist-packages/django/template/loader.py in get_template

            template, origin = find_template(template_name)

        ...
    ▶ Local vars
    /usr/local/lib/python2.6/dist-packages/django/template/loader.py in find_template

            raise TemplateDoesNotExist(name)

        ...
    ▶ Local vars

Request information
GET

No GET data
POST
Variable    Value
status  

u'yes'

vector  

u'browser_autopwn'

payload     

u'frameinjection'

custominject    

u'get lost!!!!!!!!!'

FILES

No FILES data
COOKIES

No cookie data
META
Variable    Value
wsgi.version    

(1, 0)

WINDOWID    

'39845891'

wsgi.multiprocess   

False

RUN_MAIN    

'true'

HTTP_REFERER    

'http://localhost/config/httpinjection/'

GNOME_DESKTOP_SESSION_ID    

'this-is-deprecated'

SERVER_PROTOCOL     

'HTTP/1.1'

SERVER_SOFTWARE     

'WSGIServer/0.1 Python/2.6.5'

SCRIPT_NAME     

u''

LESSOPEN    

'| /usr/bin/lesspipe %s'

HUSHLOGIN   

'FALSE'

REQUEST_METHOD  

'POST'

LOGNAME     

'root'

USER    

'root'

PATH    

'/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/etc/al
ternatives/gem-bin:/etc/alternatives/gem-bin'

QUERY_STRING    

''

GNOME_KEYRING_CONTROL   

'/tmp/keyring-BAHHve'

DISPLAY     

':0.0'

SSH_AGENT_PID   

'1121'

LANG    

'en_US.UTF-8'

TERM    

'xterm'

SHELL   

'/bin/bash'

TZ  

'America/Chicago'

XDG_SESSION_COOKIE  

'1682483bf208546739f9c24350c71f4e-1363354820.30286-1822329567'

SERVER_NAME     

'localhost'

SESSION_MANAGER     

'local/bt:@/tmp/.ICE-unix/1130,unix/bt:/tmp/.ICE-unix/1130'

SHLVL   

'4'

wsgi.url_scheme     

'http'

WINDOWPATH  

'8'

ORBIT_SOCKETDIR     

'/tmp/orbit-root'

SERVER_PORT     

'80'

HOME    

'/root'

CONTENT_LENGTH  

'115'

CONTENT_TYPE    

'application/x-www-form-urlencoded'

SSH_AUTH_SOCK   

'/tmp/keyring-BAHHve/ssh'

wsgi.input  

<socket._fileobject object at 0x917602c>

HTTP_USER_AGENT     

'Mozilla/5.0 (X11; Linux i686; rv:14.0) Gecko/20100101 Firefox/14.0.1'

HTTP_HOST   

'localhost'

wsgi.multithread    

True

HTTP_CONNECTION     

'keep-alive'

DBUS_SESSION_BUS_ADDRESS    

'unix:abstract=/tmp/dbus-3IlBH50ibu,guid=311e88ae79769116f1b1cdc6514324c4'

_   

'/usr/share/subterfuge/manage.py'

XAUTHORITY  

'/root/.Xauthority'

HTTP_ACCEPT     

'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8'

wsgi.file_wrapper   

''

LESSCLOSE   

'/usr/bin/lesspipe %s %s'

GTK_MODULES     

'canberra-gtk-module'

GATEWAY_INTERFACE   

'CGI/1.1'

wsgi.run_once   

False

wsgi.errors     

<open file '<stderr>', mode 'w' at 0xb74390d0>

REMOTE_ADDR     

'127.0.0.1'

HTTP_ACCEPT_LANGUAGE    

'en-us,en;q=0.5'

HISTCONTROL     

'ignoreboth'

XDG_DATA_DIRS   

'/usr/share/gnome:/usr/local/share/:/usr/share/'

PWD     

'/root'

DJANGO_SETTINGS_MODULE  

'subterfuge.settings'

COLORTERM   

'gnome-terminal'

MAIL    

'/var/mail/root'

LS_COLORS   

'rs=0:di=01;34:ln=01;36:hl=44;37:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33
;01:or=40;31;01:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*
.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.zip=01
;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.bz2=01;31:*.bz=01;31:*.tbz2=01;3
1:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=0
1;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.b
mp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35
:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx
=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:
*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01
;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.fl
v=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.axv=01;35:*.
anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=00;36:*.au=00;36:*.flac=00;36:*.mid=00;3
6:*.midi=00;36:*.mka=00;36:*.mp3=00;36:*.mpc=00;36:*.ogg=00;36:*.ra=00;36:*.wav=
00;36:*.axa=00;36:*.oga=00;36:*.spx=00;36:*.xspf=00;36:'

REMOTE_HOST     

''

HTTP_ACCEPT_ENCODING    

'gzip, deflate'

PATH_INFO   

u'/config/httpinjection/'

Settings
Using settings module subterfuge.settings
Setting     Value
USE_L10N    

True

USE_THOUSAND_SEPARATOR  

False

LANGUAGE_CODE   

'en-us'

ROOT_URLCONF    

'subterfuge.urls'

MANAGERS    

()

DEFAULT_CHARSET     

'utf-8'

STATIC_ROOT     

''

TEST_DATABASE_CHARSET   

None

MESSAGE_STORAGE     

'django.contrib.messages.storage.user_messages.LegacyFallbackStorage'

DATABASE_HOST   

''

IGNORABLE_404_STARTS    

('/cgi-bin/', '/_vti_bin', '/_vti_inf')

SEND_BROKEN_LINK_EMAILS     

False

URL_VALIDATOR_USER_AGENT    

'Django/1.3.1 (http://www.djangoproject.com)'

STATICFILES_FINDERS     

('django.contrib.staticfiles.finders.FileSystemFinder',
 'django.contrib.staticfiles.finders.AppDirectoriesFinder')

SESSION_COOKIE_DOMAIN   

None

SESSION_COOKIE_NAME     

'sessionid'

COMMENTS_MODERATORS_GROUP   

None

TIME_INPUT_FORMATS  

('%H:%M:%S', '%H:%M')

DATABASES   

{'default': {'ENGINE': 'django.db.backends.sqlite3',
             'HOST': '',
             'NAME': '/usr/share/subterfuge/../subterfuge/db',
             'OPTIONS': {},
             'PASSWORD': '********************',
             'PORT': '',
             'TEST_CHARSET': None,
             'TEST_COLLATION': None,
             'TEST_MIRROR': None,
             'TEST_NAME': None,
             'TIME_ZONE': 'America/Chicago',
             'USER': ''}}

TEST_DATABASE_NAME  

None

FILE_UPLOAD_PERMISSIONS     

None

FILE_UPLOAD_HANDLERS    

('django.core.files.uploadhandler.MemoryFileUploadHandler',
 'django.core.files.uploadhandler.TemporaryFileUploadHandler')

DEFAULT_CONTENT_TYPE    

'text/html'

APPEND_SLASH    

True

FIRST_DAY_OF_WEEK   

0

DATABASE_ROUTERS    

[]

YEAR_MONTH_FORMAT   

'F Y'

STATICFILES_STORAGE     

'django.contrib.staticfiles.storage.StaticFilesStorage'

CACHES  

{'default': {'BACKEND': 'django.core.cache.backends.locmem.LocMemCache',
             'LOCATION': ''}}

SERVER_EMAIL    

'root@localhost'

SESSION_COOKIE_PATH     

'/'

USE_X_FORWARDED_HOST    

False

IGNORABLE_404_ENDS  

('mail.pl', 'mailform.pl', 'mail.cgi', 'mailform.cgi', 'favicon.ico', '.php')

MIDDLEWARE_CLASSES  

('django.middleware.common.CommonMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware')

USE_I18N    

True

THOUSAND_SEPARATOR  

','

SECRET_KEY  

'********************'

LANGUAGE_COOKIE_NAME    

'django_language'

FILE_UPLOAD_TEMP_DIR    

None

TRANSACTIONS_MANAGED    

False

LOGGING_CONFIG  

'django.utils.log.dictConfig'

TEMPLATE_LOADERS    

('django.template.loaders.filesystem.Loader',
 'django.template.loaders.app_directories.Loader')

TEMPLATE_DEBUG  

True

AUTHENTICATION_BACKENDS     

('django.contrib.auth.backends.ModelBackend',)

TEST_DATABASE_COLLATION     

None

FORCE_SCRIPT_NAME   

None

CACHE_BACKEND   

'locmem://'

SESSION_COOKIE_SECURE   

False

CSRF_COOKIE_DOMAIN  

None

FILE_CHARSET    

'utf-8'

DEBUG   

True

SESSION_FILE_PATH   

None

DEFAULT_FILE_STORAGE    

'django.core.files.storage.FileSystemStorage'

INSTALLED_APPS  

['django.contrib.auth',
 'django.contrib.contenttypes',
 'django.contrib.sessions',
 'django.contrib.sites',
 'django.contrib.messages',
 'django.contrib.staticfiles',
 'subterfuge.main',
 'subterfuge.cease',
 'subterfuge.modules']

LANGUAGES   

(('ar', 'Arabic'),
 ('az', 'Azerbaijani'),
 ('bg', 'Bulgarian'),
 ('bn', 'Bengali'),
 ('bs', 'Bosnian'),
 ('ca', 'Catalan'),
 ('cs', 'Czech'),
 ('cy', 'Welsh'),
 ('da', 'Danish'),
 ('de', 'German'),
 ('el', 'Greek'),
 ('en', 'English'),
 ('en-gb', 'British English'),
 ('es', 'Spanish'),
 ('es-ar', 'Argentinian Spanish'),
 ('es-mx', 'Mexican Spanish'),
 ('es-ni', 'Nicaraguan Spanish'),
 ('et', 'Estonian'),
 ('eu', 'Basque'),
 ('fa', 'Persian'),
 ('fi', 'Finnish'),
 ('fr', 'French'),
 ('fy-nl', 'Frisian'),
 ('ga', 'Irish'),
 ('gl', 'Galician'),
 ('he', 'Hebrew'),
 ('hi', 'Hindi'),
 ('hr', 'Croatian'),
 ('hu', 'Hungarian'),
 ('id', 'Indonesian'),
 ('is', 'Icelandic'),
 ('it', 'Italian'),
 ('ja', 'Japanese'),
 ('ka', 'Georgian'),
 ('km', 'Khmer'),
 ('kn', 'Kannada'),
 ('ko', 'Korean'),
 ('lt', 'Lithuanian'),
 ('lv', 'Latvian'),
 ('mk', 'Macedonian'),
 ('ml', 'Malayalam'),
 ('mn', 'Mongolian'),
 ('nl', 'Dutch'),
 ('no', 'Norwegian'),
 ('nb', 'Norwegian Bokmal'),
 ('nn', 'Norwegian Nynorsk'),
 ('pa', 'Punjabi'),
 ('pl', 'Polish'),
 ('pt', 'Portuguese'),
 ('pt-br', 'Brazilian Portuguese'),
 ('ro', 'Romanian'),
 ('ru', 'Russian'),
 ('sk', 'Slovak'),
 ('sl', 'Slovenian'),
 ('sq', 'Albanian'),
 ('sr', 'Serbian'),
 ('sr-latn', 'Serbian Latin'),
 ('sv', 'Swedish'),
 ('ta', 'Tamil'),
 ('te', 'Telugu'),
 ('th', 'Thai'),
 ('tr', 'Turkish'),
 ('uk', 'Ukrainian'),
 ('ur', 'Urdu'),
 ('vi', 'Vietnamese'),
 ('zh-cn', 'Simplified Chinese'),
 ('zh-tw', 'Traditional Chinese'))

DATABASE_ENGINE     

''

DATABASE_NAME   

''

COMMENTS_FIRST_FEW  

0

PREPEND_WWW     

False

SESSION_COOKIE_HTTPONLY     

False

DATABASE_PORT   

''

DEBUG_PROPAGATE_EXCEPTIONS  

False

MONTH_DAY_FORMAT    

'F j'

LOGIN_URL   

'/accounts/login/'

SESSION_EXPIRE_AT_BROWSER_CLOSE     

False

TIME_FORMAT     

'P'

DATE_INPUT_FORMATS  

('%Y-%m-%d',
 '%m/%d/%Y',
 '%m/%d/%y',
 '%b %d %Y',
 '%b %d, %Y',
 '%d %b %Y',
 '%d %b, %Y',
 '%B %d %Y',
 '%B %d, %Y',
 '%d %B %Y',
 '%d %B, %Y')

CSRF_COOKIE_NAME    

'csrftoken'

EMAIL_HOST_PASSWORD     

'********************'

PASSWORD_RESET_TIMEOUT_DAYS     

'********************'

CACHE_MIDDLEWARE_ALIAS  

'default'

SESSION_SAVE_EVERY_REQUEST  

False

ADMIN_MEDIA_PREFIX  

'/static/admin/'

NUMBER_GROUPING     

0

SESSION_ENGINE  

'django.contrib.sessions.backends.db'

CSRF_FAILURE_VIEW   

'django.views.csrf.csrf_failure'

COMMENTS_SKETCHY_USERS_GROUP    

None

LOGIN_REDIRECT_URL  

'/accounts/profile/'

LOGGING     

{'disable_existing_loggers': False,
 'handlers': {'mail_admins': {'class': 'django.utils.log.AdminEmailHandler',
                              'level': 'ERROR'}},
 'loggers': {'django.request': {'handlers': ['mail_admins'],
                                'level': 'ERROR',
                                'propagate': True}},
 'version': 1}

CACHE_MIDDLEWARE_KEY_PREFIX     

''

LOCALE_PATHS    

()

TEMPLATE_STRING_IF_INVALID  

''

COMMENTS_ALLOW_PROFANITIES  

False

LOGOUT_URL  

'/accounts/logout/'

EMAIL_USE_TLS   

False

TEMPLATE_DIRS   

('/usr/share/subterfuge/../subterfuge/templates',)

FIXTURE_DIRS    

()

EMAIL_HOST  

'localhost'

DATE_FORMAT     

'N j, Y'

MEDIA_ROOT  

'/usr/share/subterfuge/../subterfuge/main'

ADMINS  

()

FORMAT_MODULE_PATH  

None

DEFAULT_FROM_EMAIL  

'webmaster@localhost'

STATICFILES_DIRS    

('/usr/share/subterfuge/../subterfuge/templates',)

MEDIA_URL   

'/main/'

DATETIME_FORMAT     

'N j, Y, P'

EMAIL_SUBJECT_PREFIX    

'[Django] '

SITE_ID     

1

DISALLOWED_USER_AGENTS  

()

ALLOWED_INCLUDE_ROOTS   

()

DECIMAL_SEPARATOR   

'.'

SHORT_DATE_FORMAT   

'm/d/Y'

DATABASE_USER   

''

TEST_RUNNER     

'django.test.simple.DjangoTestSuiteRunner'

TIME_ZONE   

'America/Chicago'

FILE_UPLOAD_MAX_MEMORY_SIZE     

2621440

EMAIL_BACKEND   

'django.core.mail.backends.smtp.EmailBackend'

DEFAULT_TABLESPACE  

''

TEMPLATE_CONTEXT_PROCESSORS     

('django.contrib.auth.context_processors.auth',
 'django.core.context_processors.debug',
 'django.core.context_processors.i18n',
 'django.core.context_processors.media',
 'django.core.context_processors.static',
 'django.contrib.messages.context_processors.messages')

SESSION_COOKIE_AGE  

1209600

SETTINGS_MODULE     

'subterfuge.settings'

USE_ETAGS   

False

LANGUAGES_BIDI  

('he', 'ar', 'fa')

DEFAULT_INDEX_TABLESPACE    

''

INTERNAL_IPS    

()

STATIC_URL  

'/static/'

EMAIL_PORT  

25

SHORT_DATETIME_FORMAT   

'm/d/Y P'

ABSOLUTE_URL_OVERRIDES  

{}

DATABASE_OPTIONS    

{}

CACHE_MIDDLEWARE_SECONDS    

600

BANNED_IPS  

()

DATETIME_INPUT_FORMATS  

('%Y-%m-%d %H:%M:%S',
 '%Y-%m-%d %H:%M',
 '%Y-%m-%d',
 '%m/%d/%Y %H:%M:%S',
 '%m/%d/%Y %H:%M',
 '%m/%d/%Y',
 '%m/%d/%y %H:%M:%S',
 '%m/%d/%y %H:%M',
 '%m/%d/%y')

DATABASE_PASSWORD   

'********************'

ADMIN_FOR   

()

COMMENTS_BANNED_USERS_GROUP     

None

EMAIL_HOST_USER     

''

PROFANITIES_LIST    

'********************'

You're seeing this error because you have DEBUG = True in your Django settings 
file. Change that to False, and Django will display a standard 500 page.

When I try to DOS the network I get an error. (see picture for details)

Nothing happens when I try to do a session hijack by clicking on the module, 
applying it and clicking start. 

Original issue reported on code.google.com by sonja.sa...@gmail.com on 15 Mar 2013 at 4:02

Attachments:

GoogleCodeExporter commented 9 years ago
This issue is caused by an uncaught exception sent to Django, and probably 
involves a system configuration that we were unable to anticipate prior to 
release. It's our fault. Hang tight and we'll do our best to push out a fix.

Original comment by Mtoussain@gmail.com on 15 Mar 2013 at 10:08

GoogleCodeExporter commented 9 years ago
Ok thanks, but what about the credential harvester and session hijack ? 

Original comment by sonja.sa...@gmail.com on 16 Mar 2013 at 3:23

GoogleCodeExporter commented 9 years ago

Original comment by topher.s...@gmail.com on 21 Mar 2013 at 12:54