runtime error in Docker container

[ccjon]

$ docker build -t cve-2018-15473 . ... Successfully tagged cve-2018-15473:latest $ docker run cve-2018-15473 -h

Traceback (most recent call last):
  File "sshUsernameEnumExploit.py", line 33, in <module>
    old_parse_service_accept = paramiko.auth_handler.AuthHandler._handler_table[paramiko.common.MSG_SERVICE_ACCEPT]
TypeError: 'property' object has no attribute '__getitem__'

$ git log |head

* ae8cb41 Thu Sep 13 11:09:33 2018 -0400 	 (HEAD, origin/master, origin/HEAD, master) Update README.md
*   55a59ab Wed Aug 29 10:02:34 2018 -0400 	 Merge pull request #7 from klau2005/master
|\  
| * 359ceb2 Sun Aug 26 10:16:13 2018 +0300 	 Added simple test to check if target is vulnerable to this exploit
|/  
*   776a3a3 Thu Aug 23 09:23:27 2018 -0400 	 Merge pull request #6 from KonradIT/windows-fix
|\  
| * 8871e96 Thu Aug 23 09:20:34 2018 -0400 	 Fixing spaces
| * 65ff7b4 Wed Aug 22 14:01:34 2018 -0700 	 Add windows fix
* |   14934d9 Thu Aug 23 09:16:30 2018 -0400 	 Merge pull request #5 from KonradIT/master

[ludup]

I had this too on multiple OS (OSX / Linux)

I fixed it by changing references to paramiko.auth_handler.AuthHandler._handler_table

to ...

paramiko.auth_handler.AuthHandler._client_handler_table

There are about 3 references that need changing. I think its something to do with paramiko dependency changing _handler_table to a property from a dict (I'm no python expert so forgive me if this is incorrect) but these changes allowed me to use the script.

[ilyaglow]

I think the best we can do is just use paramiko pinned to version 2.4.1.

Current implementation based on paramiko will always be a hack thing, because we need to patch private objects that paramiko's authors could change frequently without any compatibility guarantees.

Take a look at this commit f8dc16b, which I hope will be merged into master soon.