search

mandiant / flare-wmi

Apache License 2.0
416 stars 108 forks source link

run time error on kali with python 3.5 #14

Open phaag opened 7 years ago

phaag commented 7 years ago

Hi, I have installed python-cim using the ubuntu script. I changed the version strings for python 3.4 onto 3.5. The installation was successful. When starting up I get the output below.

Any idea what needs to be changed?

Thx

DEBUG:cim.cim.CIM:_current_mapping_file: finding current mapping file
DEBUG:cim.cim.CIM:_current_mapping_file: MAPPING1.MAP: version: 0xaa88
DEBUG:cim.cim.CIM:_current_mapping_file: MAPPING2.MAP: version: 0xaa73
DEBUG:cim.cim.CIM:_current_mapping_file: MAPPING3.MAP: version: 0xaa79
DEBUG:cim.cim.CIM:_current_mapping_file: current mapping file: wbem/Repository/MAPPING1.MAP
QApplication: invalid style override passed, ignoring it.
DEBUG:PyQt5.uic.uiparser:UI version is 4.0
DEBUG:PyQt5.uic.uiparser:uiname is MainWindow
DEBUG:PyQt5.uic.uiparser:toplevel widget is QMainWindow
DEBUG:PyQt5.uic.properties:setting property geometry
DEBUG:PyQt5.uic.properties:setting property windowTitle
DEBUG:PyQt5.uic.uiparser:push QMainWindow MainWindow
DEBUG:PyQt5.uic.uiparser:push QWidget centralWidget
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout verticalLayout_2
DEBUG:PyQt5.uic.properties:setting property currentIndex
DEBUG:PyQt5.uic.uiparser:push QTabWidget contentTabWidget
DEBUG:PyQt5.uic.uiparser:push QWidget browseTab
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QHBoxLayout horizontalLayout_3
DEBUG:PyQt5.uic.properties:setting property orientation
DEBUG:PyQt5.uic.uiparser:push QSplitter splitter
DEBUG:PyQt5.uic.properties:setting property minimumSize
DEBUG:PyQt5.uic.uiparser:push QTreeView browseTreeView
DEBUG:PyQt5.uic.uiparser:pop widget QTreeView browseTreeView
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QSplitter object at 0x7f2ef6da9168>
DEBUG:PyQt5.uic.properties:setting property minimumSize
DEBUG:PyQt5.uic.uiparser:push QWidget browseDetails
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout verticalLayout_5
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout browseDetailsLayout
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout browseDetailsLayout
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout verticalLayout_5
DEBUG:PyQt5.uic.uiparser:pop widget QWidget browseDetails
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QSplitter object at 0x7f2ef6da9168>
DEBUG:PyQt5.uic.uiparser:pop widget QSplitter splitter
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QWidget object at 0x7f2ef733cf78>
DEBUG:PyQt5.uic.uiparser:pop layout QHBoxLayout horizontalLayout_3
DEBUG:PyQt5.uic.uiparser:pop widget QWidget browseTab
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QTabWidget object at 0x7f2ef733cee8>
DEBUG:PyQt5.uic.uiparser:push QWidget queryTab
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout verticalLayout_3
DEBUG:PyQt5.uic.properties:setting property frameShape
DEBUG:PyQt5.uic.properties:setting property frameShadow
DEBUG:PyQt5.uic.uiparser:push QFrame queryInputFrame
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QHBoxLayout horizontalLayout_2
DEBUG:PyQt5.uic.properties:setting property text
DEBUG:PyQt5.uic.uiparser:push QLabel label_2
DEBUG:PyQt5.uic.uiparser:pop widget QLabel label_2
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QFrame object at 0x7f2ef6da9c18>
DEBUG:PyQt5.uic.uiparser:push QLineEdit queryInputLineEdit
DEBUG:PyQt5.uic.uiparser:pop widget QLineEdit queryInputLineEdit
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QFrame object at 0x7f2ef6da9c18>
DEBUG:PyQt5.uic.properties:setting property text
DEBUG:PyQt5.uic.uiparser:push QPushButton queryInputActionButton
DEBUG:PyQt5.uic.uiparser:pop widget QPushButton queryInputActionButton
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QFrame object at 0x7f2ef6da9c18>
DEBUG:PyQt5.uic.uiparser:pop layout QHBoxLayout horizontalLayout_2
DEBUG:PyQt5.uic.uiparser:pop widget QFrame queryInputFrame
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QWidget object at 0x7f2ef6da9af8>
DEBUG:PyQt5.uic.properties:setting property sizePolicy
DEBUG:PyQt5.uic.properties:setting property frameShape
DEBUG:PyQt5.uic.properties:setting property frameShadow
DEBUG:PyQt5.uic.uiparser:push QFrame queryResultsFrame
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout verticalLayout_4
DEBUG:PyQt5.uic.properties:setting property orientation
DEBUG:PyQt5.uic.uiparser:push QSplitter splitter_2
DEBUG:PyQt5.uic.properties:setting property editTriggers
DEBUG:PyQt5.uic.uiparser:push QListView queryResultsList
DEBUG:PyQt5.uic.uiparser:pop widget QListView queryResultsList
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QSplitter object at 0x7f2eec074048>
DEBUG:PyQt5.uic.properties:setting property sizePolicy
DEBUG:PyQt5.uic.properties:setting property minimumSize
DEBUG:PyQt5.uic.properties:setting property frameShape
DEBUG:PyQt5.uic.properties:setting property frameShadow
DEBUG:PyQt5.uic.uiparser:push QFrame queryResultsViewFrame
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout verticalLayout_6
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QVBoxLayout queryResultsViewLayout
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout queryResultsViewLayout
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout verticalLayout_6
DEBUG:PyQt5.uic.uiparser:pop widget QFrame queryResultsViewFrame
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QSplitter object at 0x7f2eec074048>
DEBUG:PyQt5.uic.uiparser:pop widget QSplitter splitter_2
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QFrame object at 0x7f2ef6da9ee8>
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout verticalLayout_4
DEBUG:PyQt5.uic.uiparser:pop widget QFrame queryResultsFrame
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QWidget object at 0x7f2ef6da9af8>
DEBUG:PyQt5.uic.properties:setting property sizePolicy
DEBUG:PyQt5.uic.properties:setting property frameShape
DEBUG:PyQt5.uic.properties:setting property frameShadow
DEBUG:PyQt5.uic.uiparser:push QFrame frame_2
DEBUG:PyQt5.uic.properties:setting property pyuicMargins
DEBUG:PyQt5.uic.properties:setting property pyuicSpacing
DEBUG:PyQt5.uic.uiparser:push QHBoxLayout horizontalLayout
DEBUG:PyQt5.uic.properties:setting property text
DEBUG:PyQt5.uic.uiparser:push QPushButton queryResultsSaveButton
DEBUG:PyQt5.uic.uiparser:pop widget QPushButton queryResultsSaveButton
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QFrame object at 0x7f2eec074318>
DEBUG:PyQt5.uic.uiparser:pop layout QHBoxLayout horizontalLayout
DEBUG:PyQt5.uic.uiparser:pop widget QFrame frame_2
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QWidget object at 0x7f2ef6da9af8>
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout verticalLayout_3
DEBUG:PyQt5.uic.uiparser:pop widget QWidget queryTab
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QTabWidget object at 0x7f2ef733cee8>
DEBUG:PyQt5.uic.uiparser:pop widget QTabWidget contentTabWidget
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QWidget object at 0x7f2ef733cca8>
DEBUG:PyQt5.uic.uiparser:pop layout QVBoxLayout verticalLayout_2
DEBUG:PyQt5.uic.uiparser:pop widget QWidget centralWidget
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QMainWindow object at 0x7f2ef733cd38>
DEBUG:PyQt5.uic.properties:setting property geometry
DEBUG:PyQt5.uic.uiparser:push QMenuBar menuBar
DEBUG:PyQt5.uic.uiparser:pop widget QMenuBar menuBar
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QMainWindow object at 0x7f2ef733cd38>
DEBUG:PyQt5.uic.uiparser:push QToolBar mainToolBar
DEBUG:PyQt5.uic.uiparser:pop widget QToolBar mainToolBar
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QMainWindow object at 0x7f2ef733cd38>
DEBUG:PyQt5.uic.uiparser:push QStatusBar statusBar
DEBUG:PyQt5.uic.uiparser:pop widget QStatusBar statusBar
DEBUG:PyQt5.uic.uiparser:new topwidget <PyQt5.QtWidgets.QMainWindow object at 0x7f2ef733cd38>
DEBUG:PyQt5.uic.properties:setting property text
DEBUG:PyQt5.uic.uiparser:pop widget QMainWindow MainWindow
DEBUG:PyQt5.uic.uiparser:new topwidget None
Traceback (most recent call last):
  File "/home/kali/cim/flare-wmi/python-cim/samples/ui/tree.py", line 203, in rowCount
    return len(parentItem.children)
  File "/home/kali/cim/flare-wmi/python-cim/samples/ui/tree.py", line 99, in children
    self._children = [TreeNode(self, c) for c in self._data.children]
  File "/home/kali/cim/env/lib/python3.5/site-packages/funcy/objects.py", line 28, in __get__
    res = instance.__dict__[self.fget.__name__] = self.fget(instance)
  File "flare-wmi/python-cim/samples/ui.py", line 79, in children
    range(self._ctx.cim.data_mapping.map.header.physical_page_count)]
  File "/home/kali/cim/env/lib/python3.5/site-packages/vstruct/__init__.py", line 395, in __getattr__
    raise AttributeError()
AttributeError
Abort
williballenthin commented 7 years ago

It looks like one of the data layout mapping objects is not being initialized correctly, though I can't quite tell why from the stack trace. Have you been able to get any of the command line tools working with this same repository?

Is there any possibility that you could share the repository with me? This will make it much easier to triage the issue. Otherwise, perhaps we can find a way to trace down what's going wrong via a discussion here.

phaag commented 7 years ago

Thx for getting back to me. I am using kali rolling with python 3.5. Actually any repo will do it to reproduce - also the test ones: My command line:

env/bin/python flare-wmi/python-cim/samples/ui.py win7 flare-wmi/python-cim/tests/repos/win7/wmikatz/

show_filtertoconsumerbindings.py seem to work on cmd line, but 

show_CCM_RecentlyUsedApps.py win7 flare-wmi/python-cim/tests/repos/win7/wmikatz

also crashes:

...
DEBUG:cim.cim.Index:_lookup_keys: index lookup: NS_301D/CD_: page: 0x3c
DEBUG:cim.cim.Index:_lookup_keys: index lookup: NS_301D/CD_: page: 0xf7
DEBUG:cim.cim.Index:_lookup_keys: index lookup: NS_301D/CD_: page: 0x54
Traceback (most recent call last):
  File "flare-wmi/python-cim/samples/show_CCM_RecentlyUsedApps.py", line 20, in main
    for RUA in ns.class_("CCM_RecentlyUsedApps").instances:
  File "/home/kali/cim/env/lib/python3.5/site-packages/cim/objects.py", line 1382, in class_
    raise IndexError()
IndexError

Thx for your effort

dummys commented 5 years ago

hey, same error here Archlinux python 3.7