Reverse_DNS_Shell icon indicating copy to clipboard operation
Reverse_DNS_Shell copied to clipboard

Published 20 hours ago verified publisher icon ahhh

TypeError: encrypt() cannot be called after decrypt()

Open AgeOfMarcus opened this issue 6 years ago • 4 comments

When running the server, and trying to connect with the client to localhost, I get the following result when a command is sent/received:

Traceback (most recent call last): File "./reverse_dns_shell_client.py", line 168, in <module> main() File "./reverse_dns_shell_client.py", line 164, in main start(opts.host) File "./reverse_dns_shell_client.py", line 133, in start stdoutput = runCmd(cmd) File "./reverse_dns_shell_client.py", line 105, in runCmd output = processOutput(stdoutput) File "./reverse_dns_shell_client.py", line 76, in processOutput eStdoutput = encrypt(stdoutput) File "./reverse_dns_shell_client.py", line 34, in encrypt encoded = EncodeAES(cipher, string) File "./reverse_dns_shell_client.py", line 27, in <lambda> EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s))) File "/usr/local/lib/python2.7/dist-packages/Crypto/Cipher/_mode_cbc.py", line 157, in encrypt raise TypeError("encrypt() cannot be called after decrypt()") TypeError: encrypt() cannot be called after decrypt()

AgeOfMarcus avatar Aug 05 '18 16:08 AgeOfMarcus

I had the same problem, how did you solve it?

isGt93 avatar May 20 '22 06:05 isGt93

I had the same problem, how did you solve it?

Apparently how the script uses the crypto object is not compatible with pycryptodome, I SOLVED IT editing the client and server encrypt() and decrypt() functions with "return string", namely without encrypt/decrypt the values. I know is not the best way because now communication is in text plain, but it's working.

elefr3n avatar Sep 09 '22 07:09 elefr3n

Hmmm late to the party but we should probably update the crypto libs if the basic encrypt / decrypt isn't working... For the record this was a POC I don't use this in production or on pentests, so if someone wants to take the lead on updating it I'm all for it

ahhh avatar Apr 25 '23 00:04 ahhh

Move the cipher object into the decrypt and encrypt functions. ✌️

# encrypt with AES, encode with base64
EncodeAES = lambda c, s: base64.b64encode(c.encrypt(pad(s)))
DecodeAES = lambda c, e: c.decrypt(base64.b64decode(e)).rstrip(PADDING)

def encrypt(string):
  cipher = AES.new(secret, AES.MODE_CBC, iv)
  encoded = EncodeAES(cipher, string)
  return encoded

def decrypt(string):
  cipher = AES.new(secret, AES.MODE_CBC, iv)
  decoded = DecodeAES(cipher, string)
  return decoded

Malshift avatar Jul 17 '23 17:07 Malshift