nxBender
nxBender copied to clipboard
abrasive
error when you add a custom port
When you add a port that isnt 443, it seems to fail
cameron@cameron-pc:~/nxBender$ sudo ./nxBender --server vpn.example.com -u example -p **** -d domain.local -P 4433
INFO Logging in...
INFO Starting session...
Traceback (most recent call last):
File "./nxBender", line 12, in <module>
nxbender.main()
File "/home/cameron/nxBender/__init__.py", line 55, in main
sess.run()
File "/home/cameron/nxBender/nx.py", line 52, in run
self.start_session()
File "/home/cameron/nxBender/nx.py", line 113, in start_session
key, value = line.split(' = ', 1)
ValueError: need more than 1 value to unpack
That's curious, I was using it just the other day on a nonstandard port.
This looks like it's getting something it didn't expect as part of the session configuration. The session config parsing isn't very robust. I've just pushed a change that should make things a little better, can you try it out?
I think it may be because of the new version of netextender, using the fix referenced helps me get further (https://github.com/abrasive/nxBender/pull/4)
however now getting the error when using the above fix
pppd: Unsupported protocol 'Compression Control Protocol' (0x80fd) received
using your fix, gives the below:
sudo ./nxBender --server vpn.example.com -u example -p **** -d example.local --port 4433 --show-ppp-log
INFO Logging in...
INFO Starting session...
WARNING Unexpected line in session start message: 'dnsSuffixes =example.local'
INFO Duplicated srv_options value dnsSuffix = example.local
WARNING Unexpected line in session start message: 'dnsSuffixes =example.com'
INFO Duplicated srv_options value dnsSuffix = example.local
WARNING Unexpected line in session start message: '}</script></head></html>'
INFO Duplicated srv_options value ClientIPHigh = "192.168.168.150";
INFO Dialing up tunnel...
pppd: pppd options in effect:
pppd: debug debug # (from command line)
pppd: logfd 2 # (from command line)
pppd: ktune # (from command line)
pppd: dump # (from command line)
pppd: nomp # (from command line)
pppd: noauth # (from command line)
pppd: lock # (from /etc/ppp/options)
pppd: crtscts # (from /etc/ppp/options)
pppd: local # (from command line)
pppd: asyncmap 0 # (from /etc/ppp/options)
pppd: lcp-echo-failure 2 # (from command line)
pppd: lcp-echo-interval 10 # (from command line)
pppd: hide-password # (from /etc/ppp/options)
pppd: noipdefault # (from command line)
pppd: usepeerdns # (from command line)
pppd: noccp # (from command line)
pppd: noipx # (from /etc/ppp/options)
pppd: using channel 12
pppd: Using interface ppp0
pppd: Connect: ppp0 <--> /dev/pts/19
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x87a3aebd> <pcomp> <accomp>]
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x87a3aebd> <pcomp> <accomp>]
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x87a3aebd> <pcomp> <accomp>]
pppd: sent [LCP ConfReq id=0x1 <asyncmap 0x0> <magic 0x87a3aebd> <pcomp> <accomp>]
ERROR Broken pipe
INFO Shutting down...
ERROR TLS/SSL connection has been closed (EOF) (_ssl.c:1829)
Traceback (most recent call last):
File "/home/sa_admin/nx/nxbender/ppp.py", line 71, in run
stop = self._pump()
File "/home/sa_admin/nx/nxbender/ppp.py", line 116, in _pump
stop = self.tunsock.write_from(self.pty)
File "/home/sa_admin/nx/nxbender/sslconn.py", line 77, in write_from
self.write(data)
File "/home/sa_admin/nx/nxbender/sslconn.py", line 101, in write
self.write_pump()
File "/home/sa_admin/nx/nxbender/sslconn.py", line 111, in write_pump
self.s.sendall(buf)
File "/usr/lib/python2.7/ssl.py", line 741, in sendall
v = self.send(data[count:])
File "/usr/lib/python2.7/ssl.py", line 707, in send
v = self._sslobj.write(data)
SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:1829)
I'm also having the same error as in the last comment even when using the standard port.
Thanks for the reports everyone. I think there's an incompatibility between two versions of the NX server and I'm trying to work out a) what the different behaviours are, and b) how to detect and switch between them.
I've just pushed an experimental version that adds a --use-swap switch to use the alternate authentication method identified by @retornaz, can you please try it out?
And regardless of whether it works, I've also added a --debug switch, could you post the debug output? Please make sure to sanitise personal information - your username and password will be in there, and you may wish to remove domains and IP addresses as well.
Thanks for this! I'm still having the same issue with the latest version. I don't seem to seem to see how to use the --use-swap flag though? At least it doesn't register as an additional option on the cli.
Here's my debug output with info sanitized.
sudo ./nxBender --server ***.***.edu -u *** -p *** -d *** --debug
INFO Logging in...
DEBUG Starting new HTTPS connection (1): ***.***.edu:443
DEBUG https://***.***.edu:443 "POST /cgi-bin/userLogin HTTP/1.1" 200 None
INFO Starting session...
DEBUG Resetting dropped connection: ***.***.edu
DEBUG https://***.***.edu:443 "GET /cgi-bin/sslvpnclient?launchplatform=mac&neProto=3&supportipv6=no HTTP/1.1" 200 None
DEBUG srv_option 'NELaunchX1.userName' = '"***";'
DEBUG srv_option 'NELaunchX1.domainName' = '"LocalDomain";'
DEBUG srv_option 'SessionId' = 'QkMO6MFoLUdjNiCNLyakRw==;'
DEBUG srv_option 'Route' = '***.***.***.***/255.255.255.192'
DEBUG srv_option 'Route' = '***.***.***.***/255.255.255.0'
DEBUG srv_option 'Route' = '***.***.***.***/255.255.255.0'
DEBUG srv_option 'Route' = ***.***.***.***/0.0.0.0'
DEBUG srv_option 'dns1' = '***.***.***.***'
DEBUG srv_option 'dns2' = '***.***.***.***'
DEBUG srv_option 'ipv6Support' = 'no'
DEBUG srv_option 'dnsSuffix' = '***.edu'
WARNING Unexpected line in session start message: 'dnsSuffixes =***.edu'
INFO Duplicated srv_options value dnsSuffix = ***.edu
DEBUG srv_option 'dnsSuffix' = '***.edu'
DEBUG srv_option 'pppFrameEncoded' = '0;'
DEBUG srv_option 'PppPref' = 'async'
DEBUG srv_option 'TunnelAllMode' = '1;'
DEBUG srv_option 'ExitAfterDisconnect' = '0;'
DEBUG srv_option 'UninstallAfterExit' = '0;'
DEBUG srv_option 'NoProfileCreate' = '0;'
DEBUG srv_option 'AllowSavePassword' = '0;'
DEBUG srv_option 'AllowSaveUser' = '1;'
DEBUG srv_option 'AllowSavePasswordInKeychain' = '1'
DEBUG srv_option 'AllowSavePasswordInKeystore' = '1'
DEBUG srv_option 'ClientIPLower' = '"***.***.***.***";'
DEBUG srv_option 'ClientIPHigh' = '"***.***.***.***";'
WARNING Unexpected line in session start message: '}</script></head></html>'
INFO Duplicated srv_options value ClientIPHigh = "***.***.***.***";
DEBUG srv_option 'ClientIPHigh' = '"***.***.***.***";'
INFO Dialing up tunnel...
ERROR TLS/SSL connection has been closed (EOF) (_ssl.c:1829)
Traceback (most recent call last):
File "/home/runner/work/Dashboard/Dashboard/nxBender/nxbender/ppp.py", line 71, in run
stop = self._pump()
File "/home/runner/work/Dashboard/Dashboard/nxBender/nxbender/ppp.py", line 116, in _pump
stop = self.tunsock.write_from(self.pty)
File "/home/runner/work/Dashboard/Dashboard/nxBender/nxbender/sslconn.py", line 79, in write_from
self.write(data)
File "/home/runner/work/Dashboard/Dashboard/nxBender/nxbender/sslconn.py", line 103, in write
self.write_pump()
File "/home/runner/work/Dashboard/Dashboard/nxBender/nxbender/sslconn.py", line 113, in write_pump
self.s.sendall(buf)
File "/usr/lib/python2.7/ssl.py", line 741, in sendall
v = self.send(data[count:])
File "/usr/lib/python2.7/ssl.py", line 707, in send
v = self._sslobj.write(data)
SSLZeroReturnError: TLS/SSL connection has been closed (EOF) (_ssl.c:1829)
INFO Shutting down...
DEBUG Resetting dropped connection: ***.***.edu
send: 'POST /cgi-bin/userLogin HTTP/1.1\r\nHost: ***.***.edu\r\nAccept-Encoding: identity\r\nUser-Agent: Dell SonicWALL NetExtender for Linux 8.1.789\r\nX-NE-SESSIONPROMPT: true\r\nContent-Length: 66\r\nContent-Type: application/x-www-form-urlencoded\r\n\r\nusername=***&domain=***&password=***&login=true'
reply: 'HTTP/1.0 200 OK\r\n'
header: Server: SonicWALL SSLVPN Web Server
header: X-NE-tfresult: 0
header: MC-bookmarks: 1
header: Set-Cookie: swap=MzM4MWZlMzBoZXByYXN3ZQ==; path=/;
header: Connection: close
header: Content-Type: text/html; charset=UTF-8
send: 'GET /cgi-bin/sslvpnclient?launchplatform=mac&neProto=3&supportipv6=no HTTP/1.1\r\nHost: ***.***.edu\r\nAccept-Encoding: identity\r\nUser-Agent: Dell SonicWALL NetExtender for Linux 8.1.789\r\nCookie: swap=MzM4MWZlMzBoZXByYXN3ZQ==\r\n\r\n'
reply: 'HTTP/1.0 200 OK\r\n'
header: Server: SonicWALL SSLVPN Web Server
header: Set-Cookie: swap=3381fe30hepraswe; path=/;
header: Connection: close
header: Content-Type: text/html; charset=UTF-8
send: 'GET /cgi-bin/userLogout HTTP/1.1\r\nHost: ***.***.edu\r\nAccept-Encoding: identity\r\nUser-Agent: Dell SonicWALL NetExtender for Linux 8.1.789\r\nCookie: swap=3381fe30hepraswe\r\n\r\n'
reply: ''
Sorry, I hadn't committed the --use-swap code! Would you mind trying again?