Closed galloche closed 5 years ago
I wonder what's the state of the project. The .test
calls (it's also in shellshock.py) seems to be a legacy call from python2. There is also many errors when trying to compare str to bytes objects (which also let me believe there was a python2->3 conversion, that's not yet done).
I tried fixing everything in a fork, but now I've got the request factory always returning 200 even though the server is returning 404. So, yeah, I wonder what's the state of the project.
Indeed it was still in the middle of refactoring... and life happened :( i ll be able to work back on this from next week so I ll correct it as soon as possible Thanks for the feedback
The test issue should be fixed Regarding @PierrePaul comment, would you mind telling me where you encountered problems with str to bytes ?
I think there is another problem after these corrections. The installation didn't work with : root@kali-gg:~/Documents/Sitadel# pip install . Processing /root/Documents/Sitadel Sitadel requires Python '>=3.5' but the running Python is 2.7.15
So i installed with pip3 for python3.7. root@kali-gg:~/Documents/Sitadel# pip3 install . Processing /root/Documents/Sitadel ... Installation is OK
But when i ran sitadel i got these errors :
root@kali-gg:~/Documents/Sitadel# python sitadel.py --help
Traceback (most recent call last):
File "sitadel.py", line 14, in
AND
root@kali-gg:~/Documents/Sitadel# python3.7 sitadel.py --help
Traceback (most recent call last):
File "sitadel.py", line 17, in
What is the good way to install and use sitadel ? I am on KALI : 4.19.0-kali1-amd64.
Calling sitadel with python3.7
was a good move.
python3.7 sitadel.py --help
It's strange that scrapy is missing. Can you try running this (again) :
pip3 install .
?
You could also run pip3 freeze
and look if scrapy
is in there :
pip3 freeze | grep -i scrapy
My results :
root@kali-gg:~/Documents/Sitadel# pip3 install . Processing /root/Documents/Sitadel Requirement already satisfied: colorama in /usr/lib/python3/dist-packages (from Sitadel==0.1.0) (0.3.7) Requirement already satisfied: pyyaml in /usr/lib/python3/dist-packages (from Sitadel==0.1.0) (3.13) Requirement already satisfied: requests in /usr/lib/python3/dist-packages (from Sitadel==0.1.0) (2.20.0) Requirement already satisfied: scrapy in /usr/local/lib/python3.6/dist-packages (from Sitadel==0.1.0) (1.5.2) Requirement already satisfied: urllib3 in /usr/lib/python3/dist-packages (from Sitadel==0.1.0) (1.24) Requirement already satisfied: Twisted>=13.1.0 in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (18.9.0) Requirement already satisfied: lxml in /usr/lib/python3/dist-packages (from scrapy->Sitadel==0.1.0) (4.2.5) Requirement already satisfied: cssselect>=0.9 in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (1.0.3) Requirement already satisfied: w3lib>=1.17.0 in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (1.20.0) Requirement already satisfied: six>=1.5.2 in /usr/lib/python3/dist-packages (from scrapy->Sitadel==0.1.0) (1.12.0) Requirement already satisfied: PyDispatcher>=2.0.5 in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (2.0.5) Requirement already satisfied: pyOpenSSL in /usr/lib/python3/dist-packages (from scrapy->Sitadel==0.1.0) (18.0.0) Requirement already satisfied: service-identity in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (18.1.0) Requirement already satisfied: parsel>=1.1 in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (1.5.1) Requirement already satisfied: queuelib in /usr/local/lib/python3.6/dist-packages (from scrapy->Sitadel==0.1.0) (1.5.0) Requirement already satisfied: Automat>=0.3.0 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (0.7.0) Requirement already satisfied: PyHamcrest>=1.9.0 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (1.9.0) Requirement already satisfied: zope.interface>=4.4.2 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (4.6.0) Requirement already satisfied: attrs>=17.4.0 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (18.2.0) Requirement already satisfied: incremental>=16.10.1 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (17.5.0) Requirement already satisfied: hyperlink>=17.1.1 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (18.0.0) Requirement already satisfied: constantly>=15.1 in /usr/local/lib/python3.6/dist-packages (from Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (15.1.0) Requirement already satisfied: cryptography in /usr/lib/python3/dist-packages (from service-identity->scrapy->Sitadel==0.1.0) (2.3) Requirement already satisfied: pyasn1-modules in /usr/local/lib/python3.6/dist-packages (from service-identity->scrapy->Sitadel==0.1.0) (0.2.4) Requirement already satisfied: pyasn1 in /usr/lib/python3/dist-packages (from service-identity->scrapy->Sitadel==0.1.0) (0.4.2) Requirement already satisfied: setuptools in /usr/lib/python3/dist-packages (from PyHamcrest>=1.9.0->Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (40.6.3) Requirement already satisfied: idna>=2.5 in /usr/lib/python3/dist-packages (from hyperlink>=17.1.1->Twisted>=13.1.0->scrapy->Sitadel==0.1.0) (2.6) Building wheels for collected packages: Sitadel Running setup.py bdist_wheel for Sitadel ... done Stored in directory: /tmp/pip-ephem-wheel-cache-a0egugja/wheels/5a/af/5a/9f9a98c5df2f46b02ea2bd953af8258033e28f5e2007fad559 Successfully built Sitadel Installing collected packages: Sitadel Found existing installation: Sitadel 0.1.0 Uninstalling Sitadel-0.1.0: Successfully uninstalled Sitadel-0.1.0 Successfully installed Sitadel-0.1.0
root@kali-gg:~/Documents/Sitadel# pip3 freeze | grep -i scrapy Scrapy==1.5.2
Seems all is OK.
Great, then do pip3 --version
. I have a feeling your pip3 is not linked to your python3.7
.
You should expect something that looks like this :
pip 18.1 from /usr/local/lib/python3.7/dist-packages/pip (python 3.7)
pip3 --version pip 18.1 from /usr/lib/python3/dist-packages/pip (python 3.6)
grap.... It's seems to work with this version of python. Thank you for yor help :) I'm running a full scan to check if there are others errors.
@PierrePaul thanks for the answers @galloche Ideally use the docker image to avoid all this version hell ;)
Hello, I'm trying to use Sitadel. But during the "Checking cross site scripting" analysis, the error "AttributeError: 'Output' object has no attribute 'test'" occured.
Below the complete error : [i] Checking cross site scripting... Traceback (most recent call last): File "sitadel.py", line 93, in
Sitadel().main()
File "sitadel.py", line 88, in main
self.ma.attacks(args.attack, self.url, discovered_urls)
File "/root/Documents/Sitadel/lib/utils/manager.py", line 29, in attacks
Attacks(url, crawled_urls).run(plugins)
File "/root/Documents/Sitadel/lib/modules/attacks/init.py", line 45, in run
raise (e)
File "/root/Documents/Sitadel/lib/modules/attacks/init.py", line 39, in run
attacks = ([(p(), p().process(self.start_url, self.crawled_urls)) for p in AttackPlugin.plugins])
File "/root/Documents/Sitadel/lib/modules/attacks/init.py", line 39, in
attacks = ([(p(), p().process(self.start_url, self.crawled_urls)) for p in AttackPlugin.plugins])
File "/root/Documents/Sitadel/lib/modules/attacks/vulns/anonymous.py", line 13, in process
output.test('Scanning anonymous cipher vuln...')
AttributeError: 'Output' object has no attribute 'test'
Can you help me ?
Thanks