search

threat9 / routersploit

Exploitation Framework for Embedded Devices
Other
12.1k stars 2.31k forks source link

IndexError - exploits/routers/multi/rom0.py #495

Open barthovski opened 6 years ago

barthovski commented 6 years ago

! ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY !

1.Hi i'm using routersploit version 3.3.0 on kali linux 2018.2, with python 3.6.6

  1. I was using routersploit to scan my network and he found this vulnerabiliy " http exploits/routers/multi/rom0". i set the port and the target, but when i run the exploit, it showed the following error:

Running module... [+] Target is vulnerable [] Downloading rom-0 file... [] Extracting password from file... Traceback (most recent call last): File "/root/Documentos/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Documentos/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 60, in run password = self.extract_password(response.content) File "/root/Documentos/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 70, in extract_password result, window = LZSDecompress(data[fpos:]) File "/root/Documentos/routersploit/routersploit/libs/lzs/lzs.py", line 100, in LZSDecompress bit = reader.getBit() File "/root/Documentos/routersploit/routersploit/libs/lzs/lzs.py", line 41, in getBit return self._bits.popleft() IndexError: pop from an empty deque

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Documentos/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Documentos/routersploit/routersploit/core/exploit/utils.py", line 138, in wrapper return fn(self, *args, *kwargs) File "/root/Documentos/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.6/traceback.py", line 163, in format_exc return "".join(format_exception(sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.6/traceback.py", line 117, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.6/traceback.py", line 497, in init capture_locals=capture_locals) File "/usr/lib/python3.6/traceback.py", line 332, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

I wasn't able to resolve this error.

0BuRner commented 6 years ago

It seems the module is able to download the rom-0 file but it wasn't able to decrypt it. The latest version of the firmware of the device you're scanning is problably using an alternative encryption method.

Nevertheless, I thought that issue was fixed. At least it was working and managing errors correctly when I created this module at first. But probably someone else committed shit =)

If you want more info on the rom-0 exploit : https://github.com/0BuRner/rom-0

ShailendraKumarBellary commented 6 years ago

Same error for me!!! How to slove this?

ActualBury commented 6 years ago

yep same issue for me too how can i solve this problem?

ShailendraKumarBellary commented 6 years ago

Routersploit works when there are some vulnerability found on router when we scan it in and also there should be an open ports on router (ssh) (ftp) using these we can gain username and password as u can see it! But new updated router are not vulnerability for routersploit Solution is we have create a new method to break in. Happy hacking!

On Wed, Aug 29, 2018, 4:44 AM ActualBury notifications@github.com wrote:

yep same issue for me too how can i solve this problem?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/threat9/routersploit/issues/495#issuecomment-416770389, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-48qDnIXuuGWl_PzkN28U2_8Sgasks5uVc7FgaJpZM4Vmq-y .

ShailendraKumarBellary commented 6 years ago

Install all requirements update python It's work for me...

ActualBury commented 6 years ago

I'm using routersploit on termux and I updated python,I installed all reqirements but nothing is changed.When I trying scan with autopwn I getting this error;

if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

ShailendraKumarBellary commented 6 years ago

Few months ago .....same error for me Then I install requirements recheck every requirement ...then it worked for me Check it once clearly... could be a small prb

On Thu, Aug 30, 2018, 7:48 PM ActualBury notifications@github.com wrote:

I'm using routersploit on termux and I updated python,I installed all reqirements but nothing is changed.When I trying scan with autopwn I getting this error;

if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/threat9/routersploit/issues/495#issuecomment-417336036, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-5Vu6FpS1UAWeBFgLIanOMroeacXks5uV_Q_gaJpZM4Vmq-y .

ActualBury commented 5 years ago

@hack69 nope nothing is changed :(

lucyoa commented 5 years ago

Can you download rom-0 file manually (its http://device.ip/rom-0) and send it here? There is decompressing issue, but I don't have that file so I cannot reproduce this bug.

TharukaDananjaya commented 5 years ago

hey im using routersploit 3.4.0 and i had see this error [*] Running module...

[*] Starting vulnerablity check... Traceback (most recent call last): File "/root/Desktop/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Desktop/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/root/Desktop/routersploit/routersploit/modules/exploits/generic/ssh_auth_keys.py", line 4, in from routersploit.core.ssh.ssh_client import SSHClient File "/root/Desktop/routersploit/routersploit/core/ssh/ssh_client.py", line 2, in import paramiko File "/usr/lib/python3/dist-packages/paramiko/init.py", line 30, in from paramiko.transport import SecurityOptions, Transport File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 65, in from paramiko.sftp_client import SFTPClient File "/usr/lib/python3/dist-packages/paramiko/sftp_client.py", line 41, in from paramiko.sftp_file import SFTPFile File "/usr/lib/python3/dist-packages/paramiko/sftp_file.py", line 66 self._close(async=True) ^ SyntaxError: invalid syntax

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Desktop/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, *kwargs) File "/root/Desktop/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

how to fix it help me thank you

zPrototype commented 5 years ago

Got the same error as many others here and wanted to ask if there is a fix for this? Error is down below its an IndexError and a TypeError

rsf (RomPager ROM-0) > check [+] Target is vulnerable rsf (RomPager ROM-0) > run [] Running module... [+] Target is vulnerable [] Downloading rom-0 file... [*] Extracting password from file... Traceback (most recent call last): File "/home/lucas/routersploit/routersploit/interpreter.py", line 369, in command_run self.current_module.run() File "/home/lucas/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 60, in run password = self.extract_password(response.content) File "/home/lucas/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 70, in extract_password result, window = LZSDecompress(data[fpos:]) File "/home/lucas/routersploit/routersploit/libs/lzs/lzs.py", line 131, in LZSDecompress char = window[-offset] File "/home/lucas/routersploit/routersploit/libs/lzs/lzs.py", line 86, in getitem return self.data[n] IndexError: deque index out of range

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/home/lucas/routersploit/routersploit/interpreter.py", line 117, in start command_handler(args) File "/home/lucas/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, *kwargs) File "/home/lucas/routersploit/routersploit/interpreter.py", line 374, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

jepunband commented 5 years ago

Hi any fix for this on termux?

[*] Starting vulnerablity check... Traceback (most recent call last): File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/data/data/com.termux/files/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/data/data/com.termux/files/home/routersploit/routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure_v2.py", line 3, in from Crypto.Cipher import AES File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Cipher/init.py", line 27, in from Crypto.Cipher._mode_ecb import _create_ecb_cipher File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Cipher/_mode_ecb.py", line 29, in from Crypto.Util._raw_api import (load_pycryptodome_raw_lib, File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/_raw_api.py", line 34, in from Crypto.Util.py3compat import byte_string ImportError: cannot import name 'byte_string' from 'Crypto.Util.py3compat' (/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/py3compat.py)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 369, in command_run self.current_module.run() File "/data/data/com.termux/files/home/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 122, in import_exploit "Use key multiple times for completion.".format(humanize_path(path), err) routersploit.core.exploit.exceptions.RoutersploitException: Error during loading 'routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure_v2'

Error: cannot import name 'byte_string' from 'Crypto.Util.py3compat' (/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/py3compat.py)

It should be valid path to the module. Use key multiple times for completion.

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "./rsf.py", line 26, in routersploit() File "./rsf.py", line 22, in routersploit rsf.start() File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 117, in start command_handler(args) File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, *kwargs) File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 374, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(sys.exc_info(), limit=limit, chain=chain)) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 497, in init _seen=_seen) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int' $

emadammar commented 5 years ago

[*] Starting vulnerablity check... Traceback (most recent call last): File "/root/Desktop/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Desktop/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/root/Desktop/routersploit/routersploit/modules/exploits/generic/ssh_auth_keys.py", line 4, in from routersploit.core.ssh.ssh_client import SSHClient File "/root/Desktop/routersploit/routersploit/core/ssh/ssh_client.py", line 2, in import paramiko File "/usr/lib/python3/dist-packages/paramiko/init.py", line 30, in from paramiko.transport import SecurityOptions, Transport File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 65, in from paramiko.sftp_client import SFTPClient File "/usr/lib/python3/dist-packages/paramiko/sftp_client.py", line 41, in from paramiko.sftp_file import SFTPFile File "/usr/lib/python3/dist-packages/paramiko/sftp_file.py", line 66 self._close(async=True) ^ SyntaxError: invalid syntax

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Desktop/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, *kwargs) File "/root/Desktop/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

Spartan-767 commented 5 years ago

Find the answer here: https://github.com/threat9/routersploit/issues/577#issuecomment-481432455