glaslos
commented
6 years ago you seem to have issues updating the lxml package for python
Closed exploitdkernel closed 6 years ago
glaslos
commented
6 years ago you seem to have issues updating the lxml package for python
4n6strider
commented
6 years ago Hello, After recent reinstall of MHN I am not able to run Conpot deployed from MHN server anymore. I tested both ubuntu 14 and 16 with or without update of packages before installation. I have always tried clean install of the server, conpot was the first sensor to be installed there. but I always get this error message:
/opt/conpot/env/bin# ./conpot
Traceback (most recent call last):
File "./conpot", line 6, in
exec(compile(open(file).read(), file, 'exec'))
File "/opt/conpot/env/src/conpot/bin/conpot", line 49, in
from conpot.protocols.ipmi.ipmi_server import IpmiServer
File "/opt/conpot/env/local/lib/python2.7/site-packages/gevent/builtins.py", line 96, in import
result = _import(*args, **kwargs)
File "/opt/conpot/env/src/conpot/conpot/protocols/ipmi/ipmi_server.py", line 37, in
from fakesession import FakeSession
File "/opt/conpot/env/local/lib/python2.7/site-packages/gevent/builtins.py", line 96, in import
result = _import(*args, **kwargs)
File "/opt/conpot/env/src/conpot/conpot/protocols/ipmi/fakesession.py", line 31, in
from Crypto.Cipher import AES
File "/opt/conpot/env/local/lib/python2.7/site-packages/gevent/builtins.py", line 96, in import
result = _import(*args, **kwargs)
ImportError: No module named Crypto.CipherSame is listed in conpot.out log. I have tried to install PyCrypto lib as suggested here: https://stackoverflow.com/questions/19623267/importerror-no-module-named-crypto-cipher But so far no success.
xandfury
commented
6 years ago @4n6strider Hi there. Can paste the output of the following command?
python -c "import Crypto.Cipher; print "Crypto.Cipher.__path__""Also did you sudo install the requirements?
4n6strider
commented
6 years ago @xandfury: Here you go. I have series of servers. they are the same built ubuntu 14.
python -c "import Crypto.Cipher; print "Crypto.Cipher.__path__""
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named Crypto.CipherThis is the output on server where conpot is not working.
And this is output on server, where conpot is working [but I have no idea why]:
python -c "import Crypto.Cipher; print "Crypto.Cipher.__path__""
Traceback (most recent call last):
File "<string>", line 1, in <module>
ImportError: No module named Crypto.Cipher
root@ridhil Traceback (most recent call last):
-bash: syntax error near unexpected token `most'
root@ridhil File "<string>", line 1, in <module>
-bash: syntax error near unexpected token `newline'
root@ridhil ImportError: No module named Crypto.Cipher
ImportError:: command not foundRegarding the requirements, I used mhn deploy script to install conpot [as root]:
`#!/bin/bash
if [ $# -ne 2 ]
then
echo "Wrong number of arguments supplied."
echo "Usage: $0 <server_url> <deploy_key>."
exit 1
fi
server_url=$1
deploy_key=$2
echo "deb http://en.archive.ubuntu.com/ubuntu precise main multiverse" | sudo tee -a /etc/apt/sources.list
apt-get update
apt-get install -y git libmysqlclient-dev libsmi2ldbl snmp-mibs-downloader python-dev libevent-dev libxslt1-dev libxml2-dev python-pip python-mysqldb pkg-config libvirt-dev supervisor
apt-get install -y zlib1g-dev # needed for Ubuntu 14.04
pip install --upgrade distribute
pip install virtualenv
CONPOT_HOME=/opt/conpot
mkdir -p $CONPOT_HOME
cd $CONPOT_HOME
virtualenv env
. env/bin/activate
pip install -U setuptools
pip install -e git+https://github.com/threatstream/hpfeeds.git#egg=hpfeeds-dev
pip install -e git+https://github.com/mushorg/conpot.git#egg=conpot-dev
pip install -e git+https://github.com/mushorg/modbus-tk.git#egg=modbus-tk
# Register sensor with MHN server.
wget $server_url/static/registration.txt -O registration.sh
chmod 755 registration.sh
# Note: this will export the HPF_* variables
. ./registration.sh $server_url $deploy_key "conpot"
cat > conpot.cfg <<EOF
[common]
sensorid = default
[session]
timeout = 30
[daemon]
;user = conpot
;group = conpot
[json]
enabled = False
filename = /var/log/conpot.json
[sqlite]
enabled = False
[mysql]
enabled = False
[syslog]
enabled = False
device = /dev/log
host = localhost
port = 514
facility = local0
socket = dev ; udp (sends to host:port), dev (sends to device)
[hpfriends]
enabled = True
host = $HPF_HOST
port = $HPF_PORT
ident = $HPF_IDENT
secret = $HPF_SECRET
channels = ["conpot.events", ]
[taxii]
enabled = False
host = taxiitest.mitre.org
port = 80
inbox_path = /services/inbox/default/
use_https = False
include_contact_info = False
contact_name = ...
contact_email = ...
[fetch_public_ip]
enabled = True
urls = ["http://www.telize.com/ip", "http://icanhazip.com/", "http://ifconfig.me/ip"]
[change_mac_addr]
enabled = False
iface = eth0
addr = 00:de:ad:be:ef:00
EOF
# setup supervisor
cat > /etc/supervisor/conf.d/conpot.conf <<EOF
[program:conpot]
command=/opt/conpot/env/bin/conpot --template default -c /opt/conpot/conpot.cfg -l /var/log/conpot.log
directory=/opt/conpot
stdout_logfile=/var/log/conpot.out
stderr_logfile=/var/log/conpot.err
autostart=true
autorestart=true
redirect_stderr=true
stopsignal=QUIT
EOF
supervisorctl update`@4n6strider Your issue is not conpot related. It is a result of multiple python environments. There is no one-easy way around this PyCrypto is not installed. Or atleast not available to the python interpreter. Try the following :
# 1
python -m pip install PyCrypto
# 2
sudo -H pip install PyCryptoIn any case, before proceeding to the next stage, please ensure that
python -c "import Crypto.Cipher; print "Crypto.Cipher.__path__""returns somthing like : ['/usr/local/lib/python2.7/dist-packages/Crypto/Cipher']
It doesn't need to be identical, but similar. Also note that since you need to run conpot on python2.7, there is no use of running pip3 commands.
4n6strider
commented
6 years ago @xandfury Thank you. I tried to restage one host and first thinkg I did was to install that PyCryptolib, confirmed with that command of yours.
Then I get still the same error:
ImportError: No module named Crypto.Cipher
Traceback (most recent call last):
File "/opt/conpot/env/bin/conpot", line 6, in
Is there any way to modify the import statements directly in the code?
xandfury
commented
6 years ago @4n6strider Conpot's code is perfectly fine. Like I said, PyCrypto is not available to the python interpreter that you are using. Even if you change the imports, there is no gaurantee conpot will not break.
This line: /opt/conpot/env/bin/conpot incdicates that you might be using virtualenv called env. Try source /opt/conpot/env/bin/activate first. If you get (env) prefixed to your prompt, my assumption would be correct.
Then try intsalling the lib. Unfortunately this is something you will need to figure out on your own.
xandfury
commented
6 years ago Hey @4n6strider. We have recently added pycrypto to our requirements. If MHN collects conpot form master, a re-install would automatically solve your problem.
@exploitdkernel @4n6strider I am closing this issue, assuming your problems have been resolved. Feel free to re-open the issue in case you feel otherwise :-)
I am getting an error, after installing "python setup.py install" and I also did all the -r requirements. When I go to run conpot in the terminal I receive the error:
and that's it. If someone could point to why it's happening that would be great, Thanks!