Closed random-robbie closed 6 years ago
requests 2.18.4 produces this
Installing collected packages: requests
Found existing installation: requests 2.18.1
Uninstalling requests-2.18.1:
Successfully uninstalled requests-2.18.1
Successfully installed requests-2.18.4
root@f9c625bde903:/# scan http://angular-intro-plus.iamdenny.com/example/index.html
Traceback (most recent call last):
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 664, in _build_master
ws.require(__requires__)
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 981, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 872, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (requests 2.18.4 (/usr/local/lib/python3.7/site-packages), Requirement.parse('requests==2.18.1'), {'acstis'})
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/bin/acstis", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3142, in <module>
@_call_aside
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3126, in _call_aside
f(*args, **kwargs)
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 3155, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 666, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 679, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/local/lib/python3.7/site-packages/pkg_resources/__init__.py", line 867, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'requests==2.18.1' distribution was not found and is required by acstis
root@f9c625bde903:/#
not sure how to satisfy both requirements here for both verions
Hmm pretty weird. I actually thought it was possible to have multiple versions of modules installed at the same time (if installed using pip
).
Anyway, it should now be fixed in commit 5d8af8cd8e9d767b03e35a7c428d8503cdf11d56 if all the unit-tests pass. Could you confirm if it works for you?
git clone -b develop https://github.com/tijme/angularjs-csti-scanner.git
root@0f7c7feafe62:/angularjs-csti-scanner# acstis -c -vp -iic -d "https://support.rockstargames.com"
Segmentation fault (core dumped)
Hmm, pretty weird that you're getting a segmentation fault. Do you have the possibility to post the core dump?
Anyway, I see you're using Python 3.7. ACSTIS is not supporting Python 3.7 (alpha) yet but I'll add it to the unit-tests to see if it works.
Another thing, if you're cloning the GIT repo you need to call acstis.py
instead of acstis
(unless you did a python setup.py install
.
I'll take a look and see if I can reproduce the issue.
I can lower the version of python no problems.
i do run the python setup.py install to ensure everything is installed.
I will lower it down to 3.4 to see if that has any affect.
Lowering my version to 3.4 and running dev has worked I just need to find a site that has an XSS to test
I just tested it too, seems to work on Python versions lower than 3.7. 👍
I also got a segfault on pip install with 3.7 for some module
Python 3.7 is not supported yet.
One line summary of the issue here.
Expected behavior
acstis -c -d "https://finnwea.com/" -vp
Actual behavior
Steps to reproduce the behavior
python 3.7 on debian stretch.
installed via