Comments (8)
Hey, thanks for the updated info.
@Yogehi, can you have a look please?
from needle.
some updates.
org.coolstar.iostoolchain
i wasn't able to replicate the issue, but i want to try something. i made the following changes to the device/dependency_installer
module:
- previously,
org.coolstar.perl
andorg.coolstar.iostoolchain
were bundled together to be installed at the same time. i've now separated them. also, i guess the packageorg.coolstar.perl
is missing a description which is throwing errors too :/ - after separating the packages, i found that the checks for "does this repo exist" were flawed. so i fixed that.
- previously, the above packages relied on
http://coolstar.org
. i've changed it so they rely on thehttps
protocol instead. - this last change was for me personally, but i'm getting the error
W: No sandbox user '_apt' on the system, can not drop privileges
whenever i try toapt-get update
. i changed it so that ifapt-get
spits this error out, a notification within needle is shown but the error is overall ignored.
i'm HOPING something with the above fixed your issue @HanseSecure.
fsmon
not able to reproduce :( i even set my password to the same alpine-2018!
value:
[needle][dependency_installer] > run
[*] Checking connection with device...
[+] Already connected to: 127.0.0.1
[D] Creating temp folder: /var/root/needle/
[D] [REMOTE CMD] Remote Command: if [ -d /var/root/needle/ ]; then echo "yes"; else echo "no" ; fi
[*] Checking prerequisites...
[D] [REMOTE CMD] Remote Command: which apt-get
[D] [REMOTE CMD] Remote Command: which dpkg
[D] [INSTALL] Already installed: coreutils.
[D] [INSTALL] Already installed: coreutils-bin.
[*] Refreshing package list...
[D] [REMOTE CMD] Remote Command: dpkg --get-selections | grep -v "deinstall" | cut -f1
[D] [REMOTE CMD] Remote Command: cat /etc/apt/sources.list.d/cydia.list
[*] The following tools are going to be installed: ['FSMON']
[>][QUESTION] Do you want to continue? [y/N]: y
[D] [REMOTE CMD] Remote Command: which fsmon
[V] [INSTALL] Manually installing: FSMON
[*] Pushing: /root/Programs/needle/needle/libs/devicetools/fsmon -> /usr/bin/fsmon
[D] Uploading: "/root/Programs/needle/needle/libs/devicetools/fsmon" -> "/usr/bin/fsmon"
[D] [LOCAL CMD] Local Command: sshpass -p "alpine-2018!" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 -r "/root/Programs/needle/needle/libs/devicetools/fsmon" [email protected]:"/usr/bin/fsmon"
[D] [REMOTE CMD] Remote Command: chmod +x /usr/bin/fsmon
@HanseSecure would you be able to do the following for me:
ls /usr/bin -la | grep fsmon
on the iphone- run the fsmon install via
dependency_installer
with debugging enabled ls /usr/bin -la | grep fsmon
on the iphone again
i'll look into the other issues later this week. for now, here are the git changes in the develop
branch if you want to try the new stuff:
https://github.com/mwrlabs/needle/commits/develop/needle/core/device/device.py
https://github.com/mwrlabs/needle/commits/develop/needle/core/utils/constants.py
https://github.com/mwrlabs/needle/blob/develop/needle/modules/device/dependency_installer.py
from needle.
Hi! From the snippet above I can see:
cannot copy extracted data for './usr/local/bin/perl' to '/usr/local/bin/perl.dpkg-new': failed to write (No space left on device)
I'm afraid the /system
partition of the device run out of space...
from needle.
Info in the system settings shows me:
space 12,13 GB
available 8,62 GB
#Update
[on iphone] cp /usr/local/bin/perl /usr/local/bin/perl.dpkg-new
cp: cannot stat `/usr/local/bin/perl': No such file or directory
also which didnt find it. i think the error message is missleading. perl isnt installed at this stage
from needle.
update
Okay i switched to another IPhone 5 iOS 10.3.3 and noticed the following:
solved 'issues'
-
Frida Repos:
worked on that IPhone, so it's not an issue of needle ;-) -
Space
Moved several folders from the system partition to the private one (thanks symlinks ;-) and the above error warning (space) vanished
new issues
package org.coolstar.iostoolchain
[D] Adding repo to cydia.list: http://coolstar.org/publicrepo/
[D] [REMOTE CMD] Remote Command: echo "deb http://coolstar.org/publicrepo/ ./" >> /etc/apt/sources.list.d/cydia.list
[D] [REMOTE CMD] Remote Command: apt-get update
[D] [REMOTE CMD] Remote Command: apt-get install -y --force-yes org.coolstar.iostoolchain
[!] E: Broken packages
fsmon
[V] [INSTALL] Manually installing: FSMON
[*] Pushing: /home/hansemann/Software/needle/needle/libs/devicetools/fsmon -> /usr/bin/fsmon
[D] Uploading: "/home/hansemann/Software/needle/needle/libs/devicetools/fsmon" -> "/usr/bin/fsmon"
[D] [LOCAL CMD] Local Command: sshpass -p "alpine-2018!" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 -r "/home/hansemann/Software/needle/needle/libs/devicetools/fsmon" [email protected]:"/usr/bin/fsmon"
[D] [REMOTE CMD] Remote Command: chmod +x /usr/bin/fsmon
[!] chmod: cannot access `/usr/bin/fsmon': No such file or directory
clutch
V] [INSTALL] Manually installing: CLUTCH
[D] [REMOTE CMD] Remote Command: curl -ksL "http://cydia.iphonecake.com/Clutch2.0.4.deb" -o /var/root/clutch.deb
[D] [REMOTE CMD] Remote Command: dpkg -i /var/root/clutch.deb && rm -f /var/root/clutch.deb
[D] [REMOTE CMD] Remote Command: killall -HUP SpringBoard
[D] [REMOTE CMD] Remote Command: which pbwatcher
[V] [INSTALL] Manually installing: PBWATCHER
[*] Pushing: /home/hansemann/Software/needle/needle/libs/devicetools/pbwatcher -> /usr/bin/pbwatcher
[D] Uploading: "/home/hansemann/Software/needle/needle/libs/devicetools/pbwatcher" -> "/usr/bin/pbwatcher"
[D] [LOCAL CMD] Local Command: sshpass -p "alpine-2018!" scp -o UserKnownHostsFile=/dev/null -o StrictHostKeyChecking=no -P 2222 -r "/home/hansemann/Software/needle/needle/libs/devicetools/pbwatcher" [email protected]:"/usr/bin/pbwatcher"
[D] [REMOTE CMD] Remote Command: chmod +x /usr/bin/pbwatcher
[!] chmod: cannot access `/usr/bin/pbwatcher': No such file or directory
additonal info
i noticed that the org.coolstar.scp-sftp-dropbear package of the dependency_installer seems to install a 64bit version of scp/ssh which also leads to trouble. Fixed this through install native openssh from the cydia store
Could you please tell me some modules which use the above packages (failed to install) ? Modules in binary/info just work fine.
Best Regards
btw you really do a amazing job with you projects ;-)
https://twitter.com/HanseSecure/status/1069842872395022338
from needle.
I'll look at it tomorrow. Was too busy today :( should be easy to remediate
from needle.
Hey @Yogehi
Thanks for the help. Will test the dev git && report your suggestion next week.
Regards
Flo
from needle.
Hey @Yogehi
Thanks for your help. Decided to try it on a fresh new Kali and it works.
Thanks
Regards
Flo
from needle.
Related Issues (20)
- Problem establishing connection HOT 15
- No Valid Connections
- Unable to SSH with wifi or USB using Needle HOT 1
- prereq for installation HOT 3
- [!] IOError: [Errno 2] No such file or directory: '/var/root/.needle/tmp/plist' HOT 8
- [!] HandlerSSHTunnelForwarderError: An error occurred while opening tunnels. HOT 1
- [!] Exception: An error occurred and it was not possible to restore it (3 attempts failed) and [!] [Errno 54] Connection reset by peer HOT 6
- lipo: can't open input file: /private/var/containers/Bundle/Application/....app(No such file or directory)
- dependency_installer breaks on invalid GPG signature
- Documentation/wiki dead link
- Dependencies installer Not Working
- Installing Dependencies - Ran Out Of Allocation Pools Error
- Many modules dont work with chimera jail break HOT 1
- Mac&Kali: SSH Connection Dropped. No handlers could be found for logger "paramiko.transport" HOT 4
- Downloading agent file without Cydia HOT 2
- NeedleAgent installation fails/doesn't show up HOT 2
- Cydia repository is down HOT 6
- I GET THIS?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from needle.