search

sethsec / celerystalk

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.
https://sethsec.github.io/celerystalk/
MIT License
398 stars 69 forks source link

Kombu version 4.4.0 does not support redis-py v2.10.6, breaks celerystalk scan #79

Closed Thurnun closed 5 years ago

Thurnun commented 5 years ago

Hello Sethsec!

Ran ./update-tools.sh to update Celerystalk tools. Created new workspace, imported Nmap scan, ran ./celerystalk scan .

Produced the following result:

root@kali:/opt/celerystalk# ./celerystalk scan

celerystalk - An asynchronous network enumeration/vulnerability scanner v1.1 Run all your tools against all your hosts (IPs/virtual hosts/subdomains) by @sethsec Build: 163

Submitted [12] tasks for Submitted [12] tasks for Submitted [1] tasks for Submitted [1] tasks for Submitted [1] tasks for Submitted [12] tasks for Submitted [12] tasks for Submitted [1] tasks for Submitted [1] tasks for Submitted [1] tasks for Submitted [1] tasks for Submitted [12] tasks for Submitted [1] tasks for Submitted [1] tasks for Traceback (most recent call last): File "./celerystalk", line 963, in main(arguments) File "./celerystalk", line 915, in main lib.scan.process_db_vhosts(workspace, arguments["--simulation"],dont_scan_ips=arguments["--noIP"],config_file=config_file) File "/opt/celerystalk/lib/scan.py", line 65, in process_db_vhosts send_commands_to_celery(populated_command_tuple,output_base_dir,simulation) File "/opt/celerystalk/lib/scan.py", line 246, in send_commands_to_celery celery_path), File "/usr/local/lib/python2.7/dist-packages/celery/canvas.py", line 530, in call return self.apply_async(args, kwargs) File "/usr/local/lib/python2.7/dist-packages/celery/canvas.py", line 557, in apply_async dict(self.options, options) if options else self.options)) File "/usr/local/lib/python2.7/dist-packages/celery/canvas.py", line 584, in run first_task.apply_async(options) File "/usr/local/lib/python2.7/dist-packages/celery/canvas.py", line 218, in apply_async return _apply(args, kwargs, options) File "/usr/local/lib/python2.7/dist-packages/celery/app/task.py", line 535, in apply_async options File "/usr/local/lib/python2.7/dist-packages/celery/app/base.py", line 745, in send_task amqp.send_task_message(P, name, message, options) File "/usr/local/lib/python2.7/dist-packages/celery/app/amqp.py", line 552, in send_task_message properties File "/usr/local/lib/python2.7/dist-packages/kombu/messaging.py", line 181, in publish exchange_name, declare, File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 510, in _ensured return fun(args, kwargs) File "/usr/local/lib/python2.7/dist-packages/kombu/messaging.py", line 187, in _publish channel = self.channel File "/usr/local/lib/python2.7/dist-packages/kombu/messaging.py", line 209, in _get_channel channel = self._channel = channel() File "/usr/local/lib/python2.7/dist-packages/kombu/utils/functional.py", line 44, in call value = self.value = self.contract() File "/usr/local/lib/python2.7/dist-packages/kombu/messaging.py", line 224, in channel = ChannelPromise(lambda: connection.default_channel) File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 852, in default_channel self.ensure_connection(conn_opts) File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 422, in ensure_connection callback, timeout=timeout) File "/usr/local/lib/python2.7/dist-packages/kombu/utils/functional.py", line 341, in retry_over_time return fun(args, kwargs) File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 275, in connect return self.connection File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 823, in connection self._connection = self._establish_connection() File "/usr/local/lib/python2.7/dist-packages/kombu/connection.py", line 778, in _establish_connection conn = self.transport.establish_connection() File "/usr/local/lib/python2.7/dist-packages/kombu/transport/virtual/base.py", line 941, in establish_connection self._avail_channels.append(self.create_channel(self)) File "/usr/local/lib/python2.7/dist-packages/kombu/transport/virtual/base.py", line 923, in create_channel channel = self.Channel(connection) File "/usr/local/lib/python2.7/dist-packages/kombu/transport/redis.py", line 496, in init self.Client = self._get_client() File "/usr/local/lib/python2.7/dist-packages/kombu/transport/redis.py", line 957, in _get_client 'You have {0.version}'.format(redis)) kombu.exceptions.VersionMismatch: Redis transport requires redis-py versions 3.2.0 or later. You have 2.10.6**

Did some digging, found this:

https://github.com/celery/celery/issues/5369 https://github.com/celery/kombu/issues/1016

From the looks of it when I ran ./update-tools.sh it updated celery to version 4.3.0. Version 4.3.0 of celery requires kombu 4.4.0, which does not support redis-py version 2.10.6, which is specified in requirements.txt.

Making the following changes to requirements.txt fixes the issue. celery==4.2.x kombu==4.2.x

sethsec commented 5 years ago

Thanks for the research @Thurnun! As it turns out, I was able to just remove the version pinning on redis and it works with the latest redis. Let me know if that works for you as well.