routersploit icon indicating copy to clipboard operation
routersploit copied to clipboard

Published 20 hours ago verified publisher icon threat9

IndexError - exploits/routers/multi/rom0.py

Open barthovski opened this issue 6 years ago • 14 comments

! ANY INCOMPLETE REPORT WILL BE CLOSED RIGHT AWAY !

1.Hi i'm using routersploit version 3.3.0 on kali linux 2018.2, with python 3.6.6

  1. I was using routersploit to scan my network and he found this vulnerabiliy " http exploits/routers/multi/rom0". i set the port and the target, but when i run the exploit, it showed the following error:

Running module... [+] Target is vulnerable [] Downloading rom-0 file... [] Extracting password from file... Traceback (most recent call last): File "/root/Documentos/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Documentos/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 60, in run password = self.extract_password(response.content) File "/root/Documentos/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 70, in extract_password result, window = LZSDecompress(data[fpos:]) File "/root/Documentos/routersploit/routersploit/libs/lzs/lzs.py", line 100, in LZSDecompress bit = reader.getBit() File "/root/Documentos/routersploit/routersploit/libs/lzs/lzs.py", line 41, in getBit return self._bits.popleft() IndexError: pop from an empty deque

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Documentos/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Documentos/routersploit/routersploit/core/exploit/utils.py", line 138, in wrapper return fn(self, *args, **kwargs) File "/root/Documentos/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.6/traceback.py", line 163, in format_exc return "".join(format_exception(*sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.6/traceback.py", line 117, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.6/traceback.py", line 497, in init capture_locals=capture_locals) File "/usr/lib/python3.6/traceback.py", line 332, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

I wasn't able to resolve this error.

barthovski avatar Jul 30 '18 15:07 barthovski

It seems the module is able to download the rom-0 file but it wasn't able to decrypt it. The latest version of the firmware of the device you're scanning is problably using an alternative encryption method.

Nevertheless, I thought that issue was fixed. At least it was working and managing errors correctly when I created this module at first. But probably someone else committed shit =)

If you want more info on the rom-0 exploit : https://github.com/0BuRner/rom-0

0BuRner avatar Jul 30 '18 17:07 0BuRner

Same error for me!!! How to slove this?

ShailendraKumarBellary avatar Aug 01 '18 16:08 ShailendraKumarBellary

yep same issue for me too how can i solve this problem?

ActualBury avatar Aug 28 '18 23:08 ActualBury

Routersploit works when there are some vulnerability found on router when we scan it in and also there should be an open ports on router (ssh) (ftp) using these we can gain username and password as u can see it! But new updated router are not vulnerability for routersploit Solution is we have create a new method to break in. Happy hacking!

On Wed, Aug 29, 2018, 4:44 AM ActualBury [email protected] wrote:

yep same issue for me too how can i solve this problem?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/threat9/routersploit/issues/495#issuecomment-416770389, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-48qDnIXuuGWl_PzkN28U2_8Sgasks5uVc7FgaJpZM4Vmq-y .

ShailendraKumarBellary avatar Aug 29 '18 03:08 ShailendraKumarBellary

Install all requirements update python It's work for me...

ShailendraKumarBellary avatar Aug 29 '18 03:08 ShailendraKumarBellary

I'm using routersploit on termux and I updated python,I installed all reqirements but nothing is changed.When I trying scan with autopwn I getting this error;

if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

ActualBury avatar Aug 30 '18 14:08 ActualBury

Few months ago .....same error for me Then I install requirements recheck every requirement ...then it worked for me Check it once clearly... could be a small prb

On Thu, Aug 30, 2018, 7:48 PM ActualBury [email protected] wrote:

I'm using routersploit on termux and I updated python,I installed all reqirements but nothing is changed.When I trying scan with autopwn I getting this error;

if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/threat9/routersploit/issues/495#issuecomment-417336036, or mute the thread https://github.com/notifications/unsubscribe-auth/AoC_-5Vu6FpS1UAWeBFgLIanOMroeacXks5uV_Q_gaJpZM4Vmq-y .

ShailendraKumarBellary avatar Aug 30 '18 14:08 ShailendraKumarBellary

@hack69 nope nothing is changed :(

ActualBury avatar Sep 09 '18 00:09 ActualBury

Can you download rom-0 file manually (its http://device.ip/rom-0) and send it here? There is decompressing issue, but I don't have that file so I cannot reproduce this bug.

lucyoa avatar Sep 09 '18 04:09 lucyoa

hey im using routersploit 3.4.0 and i had see this error [*] Running module...

[*] Starting vulnerablity check... Traceback (most recent call last): File "/root/Desktop/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Desktop/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/root/Desktop/routersploit/routersploit/modules/exploits/generic/ssh_auth_keys.py", line 4, in from routersploit.core.ssh.ssh_client import SSHClient File "/root/Desktop/routersploit/routersploit/core/ssh/ssh_client.py", line 2, in import paramiko File "/usr/lib/python3/dist-packages/paramiko/init.py", line 30, in from paramiko.transport import SecurityOptions, Transport File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 65, in from paramiko.sftp_client import SFTPClient File "/usr/lib/python3/dist-packages/paramiko/sftp_client.py", line 41, in from paramiko.sftp_file import SFTPFile File "/usr/lib/python3/dist-packages/paramiko/sftp_file.py", line 66 self._close(async=True) ^ SyntaxError: invalid syntax

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Desktop/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, **kwargs) File "/root/Desktop/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(*sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

how to fix it help me thank you

TharukaDananjaya avatar Dec 07 '18 20:12 TharukaDananjaya

Got the same error as many others here and wanted to ask if there is a fix for this? Error is down below its an IndexError and a TypeError

rsf (RomPager ROM-0) > check [+] Target is vulnerable rsf (RomPager ROM-0) > run [] Running module... [+] Target is vulnerable [] Downloading rom-0 file... [*] Extracting password from file... Traceback (most recent call last): File "/home/lucas/routersploit/routersploit/interpreter.py", line 369, in command_run self.current_module.run() File "/home/lucas/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 60, in run password = self.extract_password(response.content) File "/home/lucas/routersploit/routersploit/modules/exploits/routers/multi/rom0.py", line 70, in extract_password result, window = LZSDecompress(data[fpos:]) File "/home/lucas/routersploit/routersploit/libs/lzs/lzs.py", line 131, in LZSDecompress char = window[-offset] File "/home/lucas/routersploit/routersploit/libs/lzs/lzs.py", line 86, in getitem return self.data[n] IndexError: deque index out of range

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/home/lucas/routersploit/routersploit/interpreter.py", line 117, in start command_handler(args) File "/home/lucas/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, **kwargs) File "/home/lucas/routersploit/routersploit/interpreter.py", line 374, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(*sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

zPrototype avatar Feb 13 '19 16:02 zPrototype

Hi any fix for this on termux?

[*] Starting vulnerablity check... Traceback (most recent call last): File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/data/data/com.termux/files/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/data/data/com.termux/files/home/routersploit/routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure_v2.py", line 3, in from Crypto.Cipher import AES File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Cipher/init.py", line 27, in from Crypto.Cipher._mode_ecb import _create_ecb_cipher File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Cipher/_mode_ecb.py", line 29, in from Crypto.Util._raw_api import (load_pycryptodome_raw_lib, File "/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/_raw_api.py", line 34, in from Crypto.Util.py3compat import byte_string ImportError: cannot import name 'byte_string' from 'Crypto.Util.py3compat' (/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/py3compat.py)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 369, in command_run self.current_module.run() File "/data/data/com.termux/files/home/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 122, in import_exploit "Use key multiple times for completion.".format(humanize_path(path), err) routersploit.core.exploit.exceptions.RoutersploitException: Error during loading 'routersploit/modules/exploits/routers/technicolor/tc7200_password_disclosure_v2'

Error: cannot import name 'byte_string' from 'Crypto.Util.py3compat' (/data/data/com.termux/files/usr/lib/python3.7/site-packages/Crypto/Util/py3compat.py)

It should be valid path to the module. Use key multiple times for completion.

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "./rsf.py", line 26, in routersploit() File "./rsf.py", line 22, in routersploit rsf.start() File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 117, in start command_handler(args) File "/data/data/com.termux/files/home/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, **kwargs) File "/data/data/com.termux/files/home/routersploit/routersploit/interpreter.py", line 374, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(*sys.exc_info(), limit=limit, chain=chain)) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 497, in init _seen=_seen) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/data/data/com.termux/files/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int' $

jepunband avatar Feb 15 '19 03:02 jepunband

[*] Starting vulnerablity check... Traceback (most recent call last): File "/root/Desktop/routersploit/routersploit/interpreter.py", line 334, in command_run self.current_module.run() File "/root/Desktop/routersploit/routersploit/modules/scanners/autopwn.py", line 51, in run for module in utils.iter_modules(directory): File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 136, in iter_modules yield import_exploit(path) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 107, in import_exploit module = importlib.import_module(path) File "/usr/lib/python3.7/importlib/init.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1006, in _gcd_import File "", line 983, in _find_and_load File "", line 967, in _find_and_load_unlocked File "", line 677, in _load_unlocked File "", line 728, in exec_module File "", line 219, in _call_with_frames_removed File "/root/Desktop/routersploit/routersploit/modules/exploits/generic/ssh_auth_keys.py", line 4, in from routersploit.core.ssh.ssh_client import SSHClient File "/root/Desktop/routersploit/routersploit/core/ssh/ssh_client.py", line 2, in import paramiko File "/usr/lib/python3/dist-packages/paramiko/init.py", line 30, in from paramiko.transport import SecurityOptions, Transport File "/usr/lib/python3/dist-packages/paramiko/transport.py", line 65, in from paramiko.sftp_client import SFTPClient File "/usr/lib/python3/dist-packages/paramiko/sftp_client.py", line 41, in from paramiko.sftp_file import SFTPFile File "/usr/lib/python3/dist-packages/paramiko/sftp_file.py", line 66 self._close(async=True) ^ SyntaxError: invalid syntax

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "rsf.py", line 26, in routersploit() File "rsf.py", line 22, in routersploit rsf.start() File "/root/Desktop/routersploit/routersploit/interpreter.py", line 116, in start command_handler(args) File "/root/Desktop/routersploit/routersploit/core/exploit/utils.py", line 175, in wrapper return fn(self, *args, **kwargs) File "/root/Desktop/routersploit/routersploit/interpreter.py", line 339, in command_run print_error(traceback.format_exc(sys.exc_info())) File "/usr/lib/python3.7/traceback.py", line 167, in format_exc return "".join(format_exception(*sys.exc_info(), limit=limit, chain=chain)) File "/usr/lib/python3.7/traceback.py", line 121, in format_exception type(value), value, tb, limit=limit).format(chain=chain)) File "/usr/lib/python3.7/traceback.py", line 508, in init capture_locals=capture_locals) File "/usr/lib/python3.7/traceback.py", line 337, in extract if limit >= 0: TypeError: '>=' not supported between instances of 'tuple' and 'int'

emadammar avatar Mar 22 '19 03:03 emadammar

Find the answer here: https://github.com/threat9/routersploit/issues/577#issuecomment-481432455

Spartan-767 avatar Jun 07 '19 13:06 Spartan-767