search

x90skysn3k / brutespray

Bruteforcing from various scanner output - Automatically attempts default creds on found services.
MIT License
1.96k stars 381 forks source link

TypeError: execv() arg 2 must contain only strings + line wrapping issue? #20

Closed tokyoneon closed 6 years ago

tokyoneon commented 6 years ago

I'm experiencing some strange line wrapping issues while using interactive mode (with an unmodified brutespray.py):

./brutespray.py --file tokyoneon.gnmap -i

Gnmap:

    > cat tokyoneon.gnmap 
# Nmap 7.70 scan initiated Thu Apr 12 2018 as: nmap -sVTU -p21,22,137,161 -oG tokyoneon.gnmap 192.168.1.103
Host: 192.168.1.103 ()  Status: Up
Host: 192.168.1.103 ()  Ports: 21/open/tcp//ftp//vsftpd 3.0.3/, 22/open/tcp//ssh//OpenSSH 7.2p2 Ubuntu 4ubuntu2.4 (Ubuntu Linux; protocol 2.0)/, 137/closed/tcp//netbios-ns///, 161/closed/tcp//snmp///, 21/closed/udp//ftp///, 22/closed/udp//ssh///, 137/open/udp//netbios-ns//Samba nmbd netbios-ns (workgroup: WORKGROUP)/, 161/open/udp//snmp//SNMPv1 server; net-snmp SNMPv3 server (public)/
# Nmap done at Thu Apr 12 2018 -- 1 IP address (1 host up) scanned in 0.60 seconds

debug1 debug2

Error:

Brute-Forcing...     
Process Process-1:
Traceback (most recent call last):
  File "/usr/lib/python2.7/multiprocessing/process.py", line 267, in _bootstrap
    self.run()
  File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
    self._target(*self._args, **self._kwargs)
  File "./brutespray.py.orig", line 287, in brute
    p = subprocess.Popen(['medusa', '-H', fname, uarg, userlist, parg, passlist, '-M', service, '-t', args.threads, '-n', port, '-T', args.hosts, cont, aarg, auth], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, bufsize=-1)
  File "/usr/lib/python2.7/subprocess.py", line 394, in __init__
    errread, errwrite)
  File "/usr/lib/python2.7/subprocess.py", line 1047, in _execute_child
    raise child_exception
TypeError: execv() arg 2 must contain only strings
tokyoneon commented 6 years ago

Also, I tried messaging @x90skysn3k and @jrobles-r7 on Twitter regarding the article I'm working on (unrelated to this Git issue).

tokyoneon commented 6 years ago

Actually, it's happening with normal commands as well. 

> ./brutespray.py --file /root/Desktop/brutespray.gnmap --username user --service ssh
Created by: Shane Young/@x90skysn3k && Jacob Robles/@shellfail
Starting to brute, please make sure to use the right amount of threads(-t) and parallel hosts(-T)...  
Output will be written to the folder: ./brutespray-output/ \

Brute-Forcing...     
Process Process-1:
Traceback (most recent call last):
  File "/usr/lib/python2.7/multiprocessing/process.py", line 267, in _bootstrap
    self.run()
  File "/usr/lib/python2.7/multiprocessing/process.py", line 114, in run
    self._target(*self._args, **self._kwargs)
  File "./brutespray.py", line 252, in brute
    p = subprocess.Popen(['medusa', '-H', fname, uarg, userlist, parg, passlist, '-M', service, '-t', args.threads, '-n', port, '-T', args.hosts, cont, aarg, auth], stdout=subprocess.PIPE, stderr=subprocess.STDOUT, bufsize=-1)
  File "/usr/lib/python2.7/subprocess.py", line 394, in __init__
    errread, errwrite)
  File "/usr/lib/python2.7/subprocess.py", line 1047, in _execute_child
    raise child_exception
TypeError: execv() arg 2 must contain only strings

Wish we could get to the bottom of the inconsistencies I've been experiencing. It's pretty frustrating. Are you not able to replicate?

tokyoneon commented 6 years ago

I think the issue stems from a change @x90skysn3k made during this commit, because I downloaded the previous verison and brutespray is working again.