search

iagox86 / dnscat2

BSD 3-Clause "New" or "Revised" License
3.43k stars 601 forks source link

Handle error conditions better #135

Open kost opened 5 years ago

kost commented 5 years ago

Display stack trace, but do not fail and exit (losing shells can be nightmare)

For example, dnscat2 server fails with following error messages on long running servers:

Caught an error: DNS packet was truncated (or we messed up parsing it)! /pentest/dnscat2/server/libs/dnser.rb:179:in unpack' /pentest/dnscat2/server/libs/dnser.rb:634:inparse' /pentest/dnscat2/server/libs/dnser.rb:849:in block (2 levels) in on_request' /pentest/dnscat2/server/libs/dnser.rb:843:inloop' /pentest/dnscat2/server/libs/dnser.rb:843:in `block in on_request'

Protocol exception caught in dnscat DNS module (for more information, check window 'dns1'):

Caught an error: undefined method serialize' for nil:NilClass /pentest/dnscat2/server/libs/dnser.rb:678:inblock in serialize' /pentest/dnscat2/server/libs/dnser.rb:677:in each' /pentest/dnscat2/server/libs/dnser.rb:677:inserialize' /pentest/dnscat2/server/libs/dnser.rb:819:in reply!' /pentest/dnscat2/server/libs/dnser.rb:775:inerror!' /pentest/dnscat2/server/tunnel_drivers/driver_dns.rb:357:in rescue in block in initialize' /pentest/dnscat2/server/tunnel_drivers/driver_dns.rb:293:inblock in initialize' /pentest/dnscat2/server/libs/dnser.rb:879:in block (2 levels) in on_request' /pentest/dnscat2/server/libs/dnser.rb:843:inloop' /pentest/dnscat2/server/libs/dnser.rb:843:in block in on_request' /pentest/dnscat2/server/libs/dnser.rb:883:inrescue in block (2 levels) in on_request': undefined method response_template' for #<DNSer::Transaction:0x0000000000dd6a58> (NoMethodError) Did you mean? respond_to? from /pentest/dnscat2/server/libs/dnser.rb:878:inblock (2 levels) in on_request' from /pentest/dnscat2/server/libs/dnser.rb:843:in loop' from /pentest/dnscat2/server/libs/dnser.rb:843:inblock in on_request'

iagox86 commented 5 years ago

I totally agree. I've started re-writing the client in rust, with solid error handling (and testing) built in. Unfortunately, it's a bit of a long project.

On Wed, Dec 5, 2018 at 6:35 AM kost notifications@github.com wrote:

Display stack trace, but do not fail and exit (losing shells can be nightmare)

For example, dnscat2 server fails with following error messages on long running servers:

Caught an error: DNS packet was truncated (or we messed up parsing it)! /pentest/dnscat2/server/libs/dnser.rb:179:in unpack' /pentest/dnscat2/server/libs/dnser.rb:634:in parse' /pentest/dnscat2/server/libs/dnser.rb:849:in block (2 levels) in on_request' /pentest/dnscat2/server/libs/dnser.rb:843:in loop' /pentest/dnscat2/server/libs/dnser.rb:843:in `block in on_request'

Protocol exception caught in dnscat DNS module (for more information, check window 'dns1'):

Caught an error: undefined method serialize' for nil:NilClass /pentest/dnscat2/server/libs/dnser.rb:678:in block in serialize' /pentest/dnscat2/server/libs/dnser.rb:677:in each' /pentest/dnscat2/server/libs/dnser.rb:677:in serialize' /pentest/dnscat2/server/libs/dnser.rb:819:in reply!' /pentest/dnscat2/server/libs/dnser.rb:775:in error!' /pentest/dnscat2/server/tunnel_drivers/driver_dns.rb:357:in rescue in block in initialize' /pentest/dnscat2/server/tunnel_drivers/driver_dns.rb:293:in block in initialize' /pentest/dnscat2/server/libs/dnser.rb:879:in block (2 levels) in on_request' /pentest/dnscat2/server/libs/dnser.rb:843:in loop' /pentest/dnscat2/server/libs/dnser.rb:843:in block in on_request' /pentest/dnscat2/server/libs/dnser.rb:883:in rescue in block (2 levels) in on_request': undefined method response_template' for

(NoMethodError) Did you mean?

respond_to? from /pentest/dnscat2/server/libs/dnser.rb:878:in block (2 levels) in on_request' from /pentest/dnscat2/server/libs/dnser.rb:843:in loop' from /pentest/dnscat2/server/libs/dnser.rb:843:in block in on_request'

You can view, comment on, or merge this pull request online at:

https://github.com/iagox86/dnscat2/pull/135 Commit Summary

  • Handle error conditions better

File Changes

Patch Links:

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/iagox86/dnscat2/pull/135, or mute the thread https://github.com/notifications/unsubscribe-auth/AAgITKdXlw5W9KYltpyVZbLbZPm8bYQeks5u19nCgaJpZM4ZC2uQ .

kost commented 5 years ago

Regarding client in C, i have few patches to retry connection. They are bit hacky, but I will make pull request anyway, so feel free to decide what you want with it.

iagox86 commented 5 years ago

Cool! I was thinking of forking them into new processes, so if the client exits the main app would stick around. But that would require shared state, which is kind of non-trivial, so I haven't done it.

On Thu, Dec 6, 2018 at 7:27 AM kost notifications@github.com wrote:

Regarding client in C, i have few patches to retry connection. They are bit hacky, but I will make pull request anyway, so feel free to decide what you want with it.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/iagox86/dnscat2/pull/135#issuecomment-444910078, or mute the thread https://github.com/notifications/unsubscribe-auth/AAgITL_9jxaztF0zVnLhbu1JTsd2FYLGks5u2TdOgaJpZM4ZC2uQ .