Fix python meterpreter network method exceptions for OSX #651
Conversation
adfoster-r7
force-pushed
the
fix-python-meterpreter-osx-network-method-exceptions
branch
2 times, most recently
from
4670631
to
cc35943
Compare
| Running unit tests: | ||
|
|
||
| ``` | ||
| python -m unittest discover -v ./tests |
There was a problem hiding this comment.
I prefer pytest, but I thought only depending on the inbuilt testing library would be easier for contributors
adfoster-r7
force-pushed
the
fix-python-meterpreter-osx-network-method-exceptions
branch
from
cc35943
to
f684570
Compare
| if 'flags_str' in iface_info: | ||
| iface_tlv += tlv_pack(TLV_TYPE_INTERFACE_FLAGS, iface_info['flags_str']) |
There was a problem hiding this comment.
OSX was returning the integer flag value here, whilst linux was returning the string flag names. Now the implementations return both separately
There was a problem hiding this comment.
This seems to be introducing new data into the TLV, is there value for both vs just shifting to a more consistent type retuned in flags?
There was a problem hiding this comment.
TLV_TYPE_INTERFACE_FLAGS has always been a string:
TLV_TYPE_INTERFACE_FLAGS = TLV_META_TYPE_STRING | 1403
Previously the OSX code path was was extracting out the integer value for flags instead of a string like in the Linux codepath, i.e. in the osx code path attempted to write out 8836 instead of "UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST" from the below ifconfig output
en5: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
This is now updated to send the string flag names for both OSX and Linux
There was a problem hiding this comment.
Got it, stdapi_net_config_get_interfaces_via_netlink was returning flags as a set of strings names and stdapi_net_config_get_interfaces_via_osx_ifconfig was returning flags as numeric values now
Now both return flags as numeric values and flags_str as string names and only flags_str is being placed in the response as a TLV_TYPE_INTERFACE_FLAGS packet.
| @@ -2271,19 +2272,20 @@ def stdapi_net_config_get_interfaces_via_osx_ifconfig(): | |||
| proc_h = subprocess.Popen('/sbin/ifconfig', stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |||
| if proc_h.wait(): | |||
| raise Exception('ifconfig exited with non-zero status') | |||
| output = proc_h.stdout.read() | |||
| output = str(proc_h.stdout.read()) | |||
There was a problem hiding this comment.
Required in newer versions of Python - when the later code attempts to split this result with for line in output.split('\n') the following exception is raised:
[-] method stdapi_net_config_get_interfaces resulted in an error
Traceback (most recent call last):
File "<string>", line 1725, in create_response
File "ext_server_stdapi.py", line 2191, in stdapi_net_config_get_interfaces
interfaces = stdapi_net_config_get_interfaces_via_osx_ifconfig()
File "ext_server_stdapi.py", line 2293, in stdapi_net_config_get_interfaces_via_osx_ifconfig
for line in output.split('\n'):
TypeError: a bytes-like object is required, not 'str'
| @@ -2524,7 +2526,7 @@ def stdapi_net_config_get_routes_via_osx_netstat(): | |||
| continue | |||
| if destination == 'default': | |||
| destination = all_nets | |||
| if re.match('link#\d+', gateway) or re.match('([0-9a-f]{1,2}:){5}[0-9a-f]{1,2}', gateway): | |||
| if re.match('link#\\d+', gateway) or re.match('([0-9a-f]{1,2}:){5}[0-9a-f]{1,2}', gateway): | |||
There was a problem hiding this comment.
Fixes:
test_stdapi_net_config_get_interfaces_via_osx_ifconfig (test_ext_server_stdapi.TestExtServerStdApi.test_stdapi_net_config_get_interfaces_via_osx_ifconfig) ... :2529: DeprecationWarning: invalid escape sequence '\d'
| @@ -2487,7 +2489,7 @@ def stdapi_net_config_get_routes_via_osx_netstat(): | |||
| proc_h = subprocess.Popen(['/usr/sbin/netstat', '-rn'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) | |||
There was a problem hiding this comment.
Looks like there's a file descriptor leak here, will put up a separate PR for this
$ python3 -m unittest discover -v ./tests
test_stdapi_net_config_get_interfaces (test_ext_server_stdapi.TestExtServerStdApi.test_stdapi_net_config_get_interfaces) ... <string>:2183: ResourceWarning: unclosed file <_io.BufferedReader name=3>
Object allocated at (most recent call last):
File "/usr/local/Cellar/python@3.11/3.11.2_1/Frameworks/Python.framework/Versions/3.11/lib/python3.11/subprocess.py", lineno 1014
self.stdout = io.open(c2pread, 'rb', bufsize)
<string>:2183: ResourceWarning: unclosed file <_io.BufferedReader name=5>
Object allocated at (most recent call last):
File "/usr/local/Cellar/python@3.11/3.11.2_1/Frameworks/Python.framework/Versions/3.11/lib/python3.11/subprocess.py", lineno 1019
self.stderr = io.open(errread, 'rb', bufsize)
f684570
to
c494d9e
Compare
| def test_stdapi_net_config_get_interfaces(self): | ||
| request = bytes() | ||
| response = bytes() | ||
| self.assertErrorSuccess("stdapi_net_config_get_interfaces", request, response) |
There was a problem hiding this comment.
I'll skip verifying the exact bytes for now, this was just an MVP "make sure it doesn't explode" test for now
adfoster-r7
force-pushed
the
fix-python-meterpreter-osx-network-method-exceptions
branch
19 times, most recently
from
ae7f5fb
to
66740e7
Compare
adfoster-r7
force-pushed
the
fix-python-meterpreter-osx-network-method-exceptions
branch
from
66740e7
to
a1166ac
Compare
Fixes python meterpreter network method exceptions for OSX, and adds unit tests / CI automation
Fixes the following errors in test/meterpreter that I originally spotted running on CI