legion icon indicating copy to clipboard operation
legion copied to clipboard

Published 20 hours ago verified publisher icon GoVanguard

IndexError: list index out of range

Open alm1931 opened this issue 2 years ago • 18 comments

Hello! I'm trying to run Legion 0.3.7 on Kali Linux, but it is crashing with the following errors upon scanning a host:

Traceback (most recent call last): File "/usr/share/legion/app/importers/NmapImporter.py", line 283, in run scrProcessorResults = scr.scriptSelector(db_host) File "/usr/share/legion/parsers/Script.py", line 122, in scriptSelector cveResults = self.getCves() File "/usr/share/legion/parsers/Script.py", line 96, in getCves cvesResults = self.processVulnersScriptOutput(cveOutput) File "/usr/share/legion/parsers/Script.py", line 66, in processVulnersScriptOutput resultCpeDetails['version'] = resultCpeData[4] IndexError: list index out of range zsh: IOT instruction legion

Thanks!

alm1931 avatar Jun 25 '22 12:06 alm1931

Just reinstall the app, it would work fine. use this command --> sudo apt reinstall legion

Jerin-004 avatar Jul 18 '22 14:07 Jerin-004

First off, great program! However, I too am getting a similar situation, running Kali Linux.

Reinstalling doesn't appear to make any difference, but I get a few syntax errors: (decided to bold instead of code quote as it keeps the formatting)

david@kalilaptop:~$ sudo apt reinstall legion Reading package lists... Done Building dependency tree... Done Reading state information... Done 0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded. Need to get 0 B/2,028 kB of archives. After this operation, 0 B of additional disk space will be used. (Reading database ... 553729 files and directories currently installed.) Preparing to unpack .../legion_0.3.8-0kali5_all.deb ... Unpacking legion (0.3.8-0kali5) over (0.3.8-0kali5) ... Setting up legion (0.3.8-0kali5) ... /usr/share/legion/ui/models/cvemodels.py:55: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__cves) is 0: /usr/share/legion/ui/models/hostmodels.py:43: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__hosts) is 0: /usr/share/legion/ui/models/processmodels.py:43: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__processes) is 0: /usr/share/legion/ui/models/scriptmodels.py:44: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__scripts) is 0: /usr/share/legion/ui/models/servicemodels.py:40: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__services) is 0: /usr/share/legion/ui/models/servicemodels.py:184: SyntaxWarning: "is not" with a literal. Did you mean "!="? if not len(self.__serviceNames) is 0: Processing triggers for kali-menu (2022.4.1) ...

A couple of thing:

  • Kali menu launches Legion 0.3.7-1622656779

  • Network scans in this version all crash

  • Have upgraded to NMAP 7.93 using the instructions on the front page (no change)

  • Kali menu still launches Legion 0.3.7 even though it says it upgraded to Legion 0.3.8?

  • Installed Legion 0.3.9-1665098899 using the traditional method listed.

  • This can only be launched by sudo ./startLegion.sh and the Kali menu and command line 'legion' launch 0.3.7

  • Legion 0.3.9 crashes out altogether after entering an IP address to scan and clicking Submit with the following:

david@kalilaptop:~/legion$ {"time": "2022-10-08 12:34:58,582", "name": "runStagedNmap called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 740}} Traceback (most recent call last): File "/home/david/legion/ui/view.py", line 463, in callAddHosts self.controller.addHosts(targetHosts=hostListEntry, File "/home/david/legion/app/timing.py", line 36, in wrap result = f(*args, **kw) File "/home/david/legion/controller/controller.py", line 239, in addHosts self.runStagedNmap(targetHosts, runHostDiscovery) File "/home/david/legion/controller/controller.py", line 760, in runStagedNmap stageOpValues = stageDataSplit[1] IndexError: list index out of range ./startLegion.sh: line 38: 90552 Aborted /usr/bin/env python3 legion.py

Is there any reason 0.3.7 is still there instead of 0.3.8? I'm assuming 0.3.9 will slowly roll out to the kali repositories and become the default install?

Snoopy34d avatar Oct 08 '22 01:10 Snoopy34d

@Snoopy34d 0.3.7 in the app info under the Kali release was a typo- it was indeed 0.3.8. Release 0.3.9 is in the process of being packaged by Kali and should be available soon. Release 0.3.10 is coming this next week and will follow in kali within a couple weeks as well.

sscottgvit avatar Oct 13 '22 01:10 sscottgvit

Have the same issue - reinstall is not solving the problem

QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root' {"time": "2022-10-17 11:35:09,639", "name": "Creating temporary project at application start...", "level": "INFO", "data": {"logger_name": "legion-startup"}, "context": {"module": "legion", "filename": "legion.py", "line": 144}} {"time": "2022-10-17 11:35:09,747", "name": "Wordlist was created/opened: /root/.local/share/legion/tmp/legion-mmwir60w-tool-output/legion-usernames.txt", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "auxiliary", "filename": "auxiliary.py", "line": 115}} {"time": "2022-10-17 11:35:09,748", "name": "Wordlist was created/opened: /root/.local/share/legion/tmp/legion-mmwir60w-tool-output/legion-passwords.txt", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "auxiliary", "filename": "auxiliary.py", "line": 115}} {"time": "2022-10-17 11:35:10,047", "name": "Loading settings file..", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "settings", "filename": "settings.py", "line": 37}} {"time": "2022-10-17 11:35:10,393", "name": "Legion started successfully.", "level": "INFO", "data": {"logger_name": "legion-startup"}, "context": {"module": "legion", "filename": "legion.py", "line": 163}} {"time": "2022-10-17 11:35:24,876", "name": "runStagedNmap called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 740}} Traceback (most recent call last): File "/usr/share/legion/ui/view.py", line 463, in callAddHosts self.controller.addHosts(targetHosts=hostListEntry, File "/usr/share/legion/app/timing.py", line 36, in wrap result = f(*args, **kw) File "/usr/share/legion/controller/controller.py", line 239, in addHosts self.runStagedNmap(targetHosts, runHostDiscovery) File "/usr/share/legion/controller/controller.py", line 760, in runStagedNmap stageOpValues = stageDataSplit[1] IndexError: list index out of range zsh: IOT instruction sudo legion

Elinas-of-Alba avatar Oct 17 '22 09:10 Elinas-of-Alba

@alm1931 @Snoopy34d @Elinas-of-Alba I fixed this issue by configs on my machine.

  1. Run legion
  2. Open Help -> Config
  3. Replace the StagedNmapSettings section with the following parameters:
[StagedNmapSettings]
stage1-ports="PORTS|T:80,81,443,4443,8080,8081,8082"
stage2-ports="PORTS|T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
stage3-ports="NSE|vulners"
stage4-ports="PORTS|T:23,21,22,110,111,2049,3389,8080,U:500,5060"
stage5-ports="PORTS|T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048,2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
stage6-ports="PORTS|T:30000-65535"

Happy hacking!

yuske avatar Oct 17 '22 21:10 yuske

@yuske - thank you!! Just updated to 0.3.9 (kali version) and was still getting the instant crash on a scan.

Made these amendments to the config and it works perfectly again - Awesome!

Snoopy34d avatar Oct 18 '22 01:10 Snoopy34d

@Snoopy34d 0.3.10 will include a mechanism to detect an existing config under the user local, rename, and replace when breaking changes are made. It didn't occur to us that under the kali distribution a local config is created once if it doesn't exist and therefore doesn't get updated by reinstallation, updated, etc.

sscottgvit avatar Oct 19 '22 13:10 sscottgvit

@Snoopy34d - Sorry for the late reply! It works perfectly! Thank you very much Thanks to @sscottgvit for implementing the config replacement!

Ok - it works to add the IP range but now it crashes in all stages: "time": "2022-10-20 14:29:16,522", "name": "Queuing: nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24 -oA /root/.local/share/legion/tmp/legion-7i77hysj-running/nmap/20221020142916285749-nmapstage1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 674}} {"time": "2022-10-20 14:29:16,752", "name": "runCommand called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 691}} {"time": "2022-10-20 14:29:16,754", "name": "runCommand connected for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 694}} qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1110, resource id: 10594196, major code: 40 (TranslateCoords), minor code: 0 nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24 -oA /root/.local/share/legion/tmp/legion-7i77hysj-running/nmap/20221020142916285749-nmapstage1 {"time": "2022-10-20 14:29:17,261", "name": "Process 1 exited with code 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 844}} {"time": "2022-10-20 14:29:18,299", "name": "Process 1 Crashed!", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 807}} Close Tab: 0

Elinas-of-Alba avatar Oct 20 '22 12:10 Elinas-of-Alba

@Elinas-of-Alba What nmap version do you have?

sscottgvit avatar Oct 20 '22 20:10 sscottgvit

@sscottgvit nmap -v Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 11:07 CEST Read data files from: /snap/nmap/2721/usr/bin/../share/nmap WARNING: No targets were specified, so 0 hosts scanned. Nmap done: 0 IP addresses (0 hosts up) scanned in 0.08 seconds

Installed in snap as suggested in an other issue report

Elinas-of-Alba avatar Oct 21 '22 09:10 Elinas-of-Alba

@Elinas-of-Alba Interesting. Can you try the following in a root terminal:

nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24

Once done, if it doesn't crash, can you then run echo $?

and let me know the result?

sscottgvit avatar Oct 21 '22 12:10 sscottgvit

──(root㉿Kali-EoA)-[~] └─# nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24 Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 16:24 CEST dnet: Failed to open device wlan0 QUITTING!

Interesting - without root it works. ──(elinas㉿Kali-EoA)-[~] └─$ nmap 192.168.178.1
Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 16:27 CEST Nmap scan report for fritz.box (192.168.178.1) Host is up (0.014s latency). Not shown: 994 closed tcp ports (conn-refused) PORT STATE SERVICE

Elinas-of-Alba avatar Oct 21 '22 14:10 Elinas-of-Alba

@Elinas-of-Alba Very odd. For the heck of it can you try: sudo snap connect nmap:network-control

Then try nmap again as root?

sscottgvit avatar Oct 21 '22 14:10 sscottgvit

Ok fixed it. The problem is that snap doesn't connect to the network manager with root privileges. Solution - removed snap and things are working perfect now. Thanks for your quick support!!

Elinas-of-Alba avatar Oct 21 '22 15:10 Elinas-of-Alba

@sscottgvit how can i solve this

Traceback (most recent call last): File "/usr/share/legion/ui/view.py", line 463, in callAddHosts self.controller.addHosts(targetHosts=hostListEntry, File "/usr/share/legion/app/timing.py", line 36, in wrap result = f(*args, **kw) File "/usr/share/legion/controller/controller.py", line 239, in addHosts self.runStagedNmap(targetHosts, runHostDiscovery) File "/usr/share/legion/controller/controller.py", line 760, in runStagedNmap stageOpValues = stageDataSplit[1] IndexError: list index out of range zsh: IOT instruction legion

please help me !!!!!

cs-hack4 avatar Oct 21 '22 16:10 cs-hack4

Thank you so much. This seems to have resolved my issue.

BetaMaxHeadroom avatar Dec 06 '22 17:12 BetaMaxHeadroom

@alm1931 @Snoopy34d @Elinas-of-Alba I fixed this issue by configs on my machine.

1. Run legion

2. Open Help -> Config

3. Replace the StagedNmapSettings section with the following parameters:

[StagedNmapSettings]
stage1-ports="PORTS|T:80,81,443,4443,8080,8081,8082"
stage2-ports="PORTS|T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
stage3-ports="NSE|vulners"
stage4-ports="PORTS|T:23,21,22,110,111,2049,3389,8080,U:500,5060"
stage5-ports="PORTS|T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048,2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
stage6-ports="PORTS|T:30000-65535"

Happy hacking!

Thank you

0xK3on avatar Jan 21 '23 00:01 0xK3on

Hi All

Having the same issue described here on version 0.3.9-1665098899. It seems to be either related to the BIND version of a server im scanning or the large return of the stage3 results. I can scan other systems that have port 53 open but different program and it does not crash.

Return of the one that crashes is 53/tcp open domain syb-ack ttl 63 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7) and a bunch of returns for vulners:

Return of one that does not crash is 53/tcp open domain syn-ack ttl 64 Unbound and no returns for vulners:

I can import other nmap scans that have returns for other things with no issues, just this one system and BIND version.

Thank You

martinkenney avatar May 23 '23 23:05 martinkenney