drozer icon indicating copy to clipboard operation
drozer copied to clipboard
verified publisher icon WithSecureLabs

[Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

Open rgiotxy opened this issue 4 years ago • 0 comments

Hi, I'm new here and I'm trying to connect my Samsung Galaxy A51 to my Windows 7 x64 in order to run some script that relies on Drozer.

Steps to reproduce

  1. I've successfully installed Python 2.7.18, Java SE Developer Kit 1.7.0_80, Android Debug Bridge 1.0.41 (31.0.2-7242960) and Drozer 2.4.4 on my Windows 7 x64 computer.
  2. I've successfully added Python 2.7.18, Java SE Developer Kit 1.7.0_80, Android Debug Bridge 1.0.41 (31.0.2-7242960) and Drozer 2.4.4 to System > Advanced Proprieties > Environment Variables > System Variables > Path.
  3. I've successfully installed packages attrs 21.2.0, Automat 20.2.0, cffi 1.14.5, constantly 15.1.0, cryptography 3.3.2, drozer 2.4.3, enum34 1.1.10, hyperlink 21.0.0, idna 2.10, incremental 21.3.0, ipaddress 1.0.23, pip 20.3.4, protobuf 3.17.2, pyasn1 0.4.8, pyasn1-modules 0.2.8, pycparser 2.20, PyHamcrest 1.10.1, pyOpenSSL 20.0.1, PyYAML 5.4.1, service-identity 21.1.0, setuptools 44.1.1, six 1.16.0, Twisted 20.3.0, typing 3.10.0.0, wheel 0.36.2 and zope.interface 5.4.0 to Python 2.7.18.
  4. I've successfully connected my mobile to my PC via factory-provided USB cable and programmed it so that "USB controlled by" is set to "This phone" (I actually tried setting it to "Connected device" first, but it failed and I was forced to settle for "This phone"), "Use USB for" is set to "Transferring files" and "USB debugging" is toggled on (permission for my PC to debug my phone granted, as confirmed by command adb devices returning List of devices attached > RQ8N300XYDH device).
  5. I've successfully installed Drozer Agent 2.3.4 to my Samsung Galaxy A51 mobile phone (OS Android 10).
  6. I've successfully run command adb forward tcp:31415 tcp:31415 as instructed, returning 31415.
  7. I've attempted to run drozer console connect --server 192.168.0.17 (where 192.168.0.17 is my phone's IP address according to Settings > About Phone > Status > IP address), but after roughly 30s, I get a return message
C:\Program Files\Python27\lib\site-packages\OpenSSL\crypto.py:14: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
  from cryptography import utils, x509
There was a problem connecting to the drozer Server.

Things to check:

 - is the drozer Server running?
 - have you set up appropriate adb port forwards?
 - have you specified the correct hostname and port with --server?
 - is the server protected with SSL (add an --ssl switch)?
 - is the agent protected with a password (add a --password switch)?

Debug Information:
[Errno 10060] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond

observations:

  1. The Python error message appears immediately, but variations thereof occur every time I run anything on Python 2.7.18; as long as it says support […] will be removed in the next release rather than this version of Python is not supported, I don't believe that's the root of my problem. In any case, that's it for about 30s, then the rest of the error message (starting with "There was a problem connecting to the drozer Server.") appears. I believe it's trying to connect and failing; I have no idea why.
  2. If by "drozer Server" you mean the computer programme, "Python drozer-2.4.4" (installed via a file drozer-2.4.4.win32.msi I downloaded from https://labs.f-secure.com/tools/drozer/), then yes, it is running. If by "drozer Server" you mean the drozer 2.4.3 package in Python (installed by running python -m pip install drozer on an elevated Command Prompt), then yes, it's running, though it is not the same version number as the Drozer computer programme aforementioned. If by "drozer Server" you mean the "drozer Agent 2.3.4" app on my mobile (installed by downloading a package drozer-agent-2.3.4.apk from https://github.com/FSecureLABS/drozer/releases/download/2.3.4/drozer-agent-2.3.4.apk into the platform-tools folder and executing adb install drozer-agent-2.3.4.apk on an elevated Command Prompt), then yes, it's running, though the version number is not the same as either of the above. I've attempted "closing" the app and clearing my RAM memory, then launching it again, turning the "Embedded Server" option off and on again, and running drozer console connect --server 192.168.0.17 anew, but the only change is it only took 25s to return the error message this time (also, the app now records an error message of its own, "IO Error. Resetting connection." > "Stopped." > "Starting Server…" > "Attempting to bind to port 31415…" > "Waiting for connections…"; the latter three messages are the same ones it had been showing before, though, which are still recorded above the error message).
  3. I believe "set[ting] up appropriate adb port forwards" would be that adb forward tcp:31415 tcp:31415 command, right? Did I not execute it correctly?
  4. The "correct hostname and port" would be my mobile's IP address, right? Which is a function of the network, BTW. I've attempted switching networks, which changed the phone's IP address, but the result (replacing the old IP in the command line with the new one) is still the same.
  5. According to the app, SSL is disabled.
  6. In the app settings, there's an option "Password", but the field is empty, and the instructions and tutorials didn't say anything about it being mandatory, so I left it blank (as it was when the app was first installed).
  7. Google has nothing on Errno 10060 regarding Drozer.

Expected behaviour

According to the instructions and tutorials, I should be presented with a Drozer command prompt that looks like selecting f75640f67144d9a3 (unknown sdk 4.1.1). I would then be able to run commands on the Drozer console, and the programme would be able to perform DAST (or SAST) on my mobile.

Actual behaviour

I get an error message [Errno 10060] because the Drozer on my PC failed to connect to the Drozer Agent on my phone, and therefore cannot start up the Drozer console.

Environment

Operating system: Windows 7 x64

Java Version: Java SE Developer Kit 1.7.0_80

Android Version: 10

Drozer Version: 2.4.4 (Windows); 2.4.3 (Python); 2.3.4 (Android)

Install Method: Installed from .msi package (Windows); python -m pip install drozer (Python); adb install drozer-agent-2.3.4.apk (Android)

Drozer Config

No idea. How do I access this file?

Drozer Error Logs

C:\Program Files\Python27\lib\site-packages\OpenSSL\crypto.py:14: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
  from cryptography import utils, x509
There was a problem connecting to the drozer Server.

Things to check:

 - is the drozer Server running?
 - have you set up appropriate adb port forwards?
 - have you specified the correct hostname and port with --server?
 - is the server protected with SSL (add an --ssl switch)?
 - is the agent protected with a password (add a --password switch)?

Debug Information:
timed out

ADB Logs

Running

adb logcat -c
adb logcat > drozer_error.log

causes the Command Prompt to stop responding.

rgiotxy avatar Jun 03 '21 12:06 rgiotxy