Comments (18)
ah nevermind the AttributeError.
It was the problem with the msfrpc, not DeepExploit xD
from machine_learning_security.
btw should I create a requirements.txt for the python3 libraries?
from machine_learning_security.
Hi, @fanntom
Maybe, this causes are no corresponding exploit modules in the "exploit_list.csv".
So, you delete all file in the DeepExploit/data/
folder, please retry DeepExploit.
Then, DeepExploit creates these files according to the your Metasploit's environment.
from machine_learning_security.
Thank you @13o-bbr-bbq for the reply.
I will try that out and I will comment on this thread about the results.
from machine_learning_security.
Alright here's a followup about the result.
The solution you mentioned did solve the problem.
Thank you very much!
Now I'm looking at a
Exception in thread Thread-19:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/usr/lib/python3.6/threading.py", line 864, in run
self._target(self._args, **self._kwargs)
File "DeepExploit.py", line 1604, in
job = lambda: worker.run(exploit_tree, target_tree, saver, env.save_file)
File "DeepExploit.py", line 1161, in run
self.environment.run(exploit_tree, target_tree)
File "DeepExploit.py", line 1101, in run
frames)
File "DeepExploit.py", line 678, in execute_exploit
job_id_list = self.client.get_job_list()
File "DeepExploit.py", line 150, in get_job_list
jobs = self.call('job.list', [])
File "DeepExploit.py", line 65, in call
resp = self.client.getresponse()
File "/usr/lib/python3.6/http/client.py", line 1331, in getresponse
response.begin()
File "/usr/lib/python3.6/http/client.py", line 297, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.6/http/client.py", line 266, in _read_status
raise RemoteDisconnected("Remote end closed connection without"
http.client.RemoteDisconnected: Remote end closed connection without response
but i think this is a problem with the msfrpc end.
And I don't know if this is an error but im seeing some
[] MsfRPC: Not Authenticated
during the saving train data part.
from machine_learning_security.
And when i run it in the test mode, I get this error:
root@kali:~/machine_learning_security/DeepExploit# python3 DeepExploit.py -t 192.168.74.135 -m test
Using TensorFlow backend.
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
██████╗ ███████╗███████╗██████╗
██╔══██╗██╔════╝██╔════╝██╔══██╗
██║ ██║█████╗ █████╗ ██████╔╝
██║ ██║██╔══╝ ██╔══╝ ██╔═══╝
██████╔╝███████╗███████╗██║
╚═════╝ ╚══════╝╚══════╝╚═╝
███████╗██╗ ██╗██████╗ ██╗ ██████╗ ██╗████████╗
██╔════╝╚██╗██╔╝██╔══██╗██║ ██╔═══██╗██║╚══██╔══╝
█████╗ ╚███╔╝ ██████╔╝██║ ██║ ██║██║ ██║
██╔══╝ ██╔██╗ ██╔═══╝ ██║ ██║ ██║██║ ██║
███████╗██╔╝ ██╗██║ ███████╗╚██████╔╝██║ ██║
╚══════╝╚═╝ ╚═╝╚═╝ ╚══════╝ ╚═════╝ ╚═╝ ╚═╝ (beta)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Traceback (most recent call last):
File "DeepExploit.py", line 1532, in
env = Metasploit(rhost)
File "DeepExploit.py", line 270, in init
self.set_state_os()
File "DeepExploit.py", line 310, in set_state_os
os_raw = ret.get(b'data').decode('utf-8')
AttributeError: 'NoneType' object has no attribute 'decode'
from machine_learning_security.
In the msfconsole window i get this:
#<Thread:0x00007f6d5945ac40@/usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:93 run> terminated with exception (report_on_exception is true):
Traceback (most recent call last):
22: from /usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:111:in block in spawn' 21: from /usr/share/metasploit-framework/lib/msf/core/db_manager/connection.rb:6:in
active'
20: from /usr/share/metasploit-framework/lib/msf/core/db_manager/connection.rb:123:in connection_established?' 19: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:292:in
with_connection'
18: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in connection' 17: from /usr/lib/ruby/2.5.0/monitor.rb:226:in
mon_synchronize'
16: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in block in connection' 15: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in
checkout'
14: from /usr/lib/ruby/2.5.0/monitor.rb:226:in mon_synchronize' 13: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in
block in checkout'
12: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:424:in acquire_connection' 11: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:397:in
reap'
10: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:397:in each' 9: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:398:in
block in reap'
8: from /usr/lib/ruby/2.5.0/monitor.rb:226:in mon_synchronize' 7: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:400:in
block (2 levels) in reap'
6: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:281:in reset!' 5: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:258:in
clear_cache!'
4: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:197:in clear' 3: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:197:in
each_value'
2: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:198:in block in clear' 1: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:215:in
dealloc'
/usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/postgresql_adapter.rb:215:in `exec': ERROR: prepared statement "a9" does not exist (PG::InvalidSqlStatementName)
from machine_learning_security.
Hi Fanntom, how exactly did you fix the msfrpc errors? I'm getting MFGRCP Not Authenticated though the msfrpc is started with the same values as in config.ini
from machine_learning_security.
@pieterhouwen in which phase does that error popup?
from machine_learning_security.
In the training phase when it's saving to the database (at the end)
from machine_learning_security.
@pieterhouwen hmmm i get that error as well. I'll look into the issue myself. @13o-bbr-bbq can you check if the MsfRCP error occurs in your environment as well please?
from machine_learning_security.
@fanntom @pieterhouwen
I'm getting MSFRPC Not Authenticated
In the training phase when it's saving to the database (at the end)
It's error message is also displayed in my environment. But, the trained data is saved normally.
Was the trained data saved normally in your environment?
It is a bug that "MSFRPC Not Authenticated" is output, so I will fix it.
from machine_learning_security.
Yup, it saved the data alright, but now I'm getting other errors:
[*] Restore learned data.
[+] Executing start: local_thread1
Exception in thread Thread-1:
Traceback (most recent call last):
File "/usr/lib/python3.6/threading.py", line 916, in _bootstrap_inner
self.run()
File "/usr/lib/python3.6/threading.py", line 864, in run
self._target(*self._args, **self._kwargs)
File "DeepExploit.py", line 1613, in
job = lambda: worker.run(exploit_tree, target_tree)
File "DeepExploit.py", line 1176, in run
self.environment.run(exploit_tree, target_tree)
File "DeepExploit.py", line 1042, in run
target_list = exploit_tree[exploit[8:]]['target_list']
KeyError: 'windows/scada/advantech_webaccess_webvrpcs_bof'
Are these exploit-specific errors?
The msfconsole window shows nothing
from machine_learning_security.
Hi, @pieterhouwen
Maybe, this causes are no corresponding exploit modules in the "exploit_list.csv".
So, you delete all file in the DeepExploit/data/ folder, please retry DeepExploit.
Then, DeepExploit creates these files according to the your Metasploit's environment.
from machine_learning_security.
That fixed it, but when using the test option I get the following output on the msfconsole side: (I trained and tested twice):
Traceback (most recent call last):
28: from /usr/share/metasploit-framework/lib/msf/core/thread_manager.rb:100:in block in spawn' 27: from /usr/share/metasploit-framework/lib/rex/thread_factory.rb:22:in
block in spawn'
26: from /usr/share/metasploit-framework/lib/rex/job.rb:40:in block in start' 25: from /usr/share/metasploit-framework/lib/rex/job.rb:39:in
ensure in block in start'
24: from /usr/share/metasploit-framework/lib/msf/core/exploit_driver.rb:153:in block in run' 23: from /usr/share/metasploit-framework/lib/msf/core/exploit_driver.rb:249:in
job_cleanup_proc'
22: from /usr/share/metasploit-framework/lib/msf/core/event_dispatcher.rb:186:in method_missing' 21: from /usr/share/metasploit-framework/lib/msf/core/event_dispatcher.rb:186:in
each'
20: from /usr/share/metasploit-framework/lib/msf/core/event_dispatcher.rb:188:in block in method_missing' 19: from /usr/share/metasploit-framework/lib/msf/core/framework.rb:332:in
on_module_complete'
18: from /usr/share/metasploit-framework/lib/msf/core/framework.rb:309:in module_event' 17: from /usr/share/metasploit-framework/lib/msf/core/module.rb:221:in
workspace'
16: from /usr/share/metasploit-framework/lib/msf/core/db_manager/workspace.rb:24:in workspace' 15: from /usr/share/metasploit-framework/lib/msf/core/db_manager/workspace.rb:18:in
find_workspace'
14: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:292:in with_connection' 13: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:262:in
connection'
12: from /usr/lib/ruby/2.5.0/monitor.rb:226:in mon_synchronize' 11: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:263:in
block in connection'
10: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:348:in checkout' 9: from /usr/lib/ruby/2.5.0/monitor.rb:226:in
mon_synchronize'
8: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:349:in block in checkout' 7: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:425:in
acquire_connection'
6: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:133:in poll' 5: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:145:in
synchronize'
4: from /usr/lib/ruby/2.5.0/monitor.rb:226:in mon_synchronize' 3: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:135:in
block in poll'
2: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:180:in wait_poll' 1: from /usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:180:in
loop'
/usr/share/metasploit-framework/vendor/bundle/ruby/2.5.0/gems/activerecord-4.2.10/lib/active_record/connection_adapters/abstract/connection_pool.rb:189:in `block in wait_poll': could not obtain a database connection within 5.000 seconds (waited 5.900 seconds) (ActiveRecord::ConnectionTimeoutError)
from machine_learning_security.
Hi, @pieterhouwen
Maybe, it is connection error between client and Metasploit.
Could you check your "config.ini"?
- config.ini
[Common]
server_host : "Your IP address of Metasploit"
server_port : "Your port number of Metasploit"
...snip...
[Metasploit]
lhost : "Your IP address of Metasploit"
from machine_learning_security.
Hi, @fanntom
Thanks for advice.
I'll create the requirements.txt
soon.
from machine_learning_security.
I've created the requirement.txt
.
Please, try it.
from machine_learning_security.
Related Issues (20)
- DeepExploit issues HOT 1
- pip3 install tensorflow error & auto killed HOT 1
- Could not find a version that satisfies the requirement tensorflow>=1.8.0 HOT 1
- python3 DeepExploit.py -h & SyntaxError: invalid syntax
- Problem with string matching HOT 1
- range of targets and modules
- Retry "auth.login" call. reason: [Errno 60] Operation timed out HOT 1
- Illegal instruction HOT 1
- int is not allowed for map key? HOT 3
- DeepExploit issue HOT 2
- Lots Of Bug HOT 3
- Msf5 exploitation
- Starting a Business
- how to s solve this question? HOT 4
- No ports found in host that has opened ports HOT 1
- Retry "auth.login" call. reason: [Errno 111] Connection refused HOT 3
- Installation Environment
- 'utf-8' codec can't decode byte 0xb5 in position 182: invalid start byte
- Retry "auth.login" call. reason: [Errno 110] Connection timed out HOT 1
- can only concatenate str (not "bytes") to str Failed: console.read type:<class 'TypeError'>
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from machine_learning_security.