Giters

dirkjanm / mitm6

pwning IPv4 via IPv6

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Troubleshooting Unhandled Error: list index out of range

W9HAX opened this issue · comments

commented

Hi, running into an issue on the new Kali instance where mitm6 (from source and pip) are spitting out unhandled errors. I've attempted to ensure all the requirements are installed, adequate versions, and compared to other machines where things seem to be working.

Any thoughts or pointers as to what might be happening, I'm exhausting my ideas. --debug and -v flags don't seem to return any additional data of value.

Linux kali 5.2.0-kali3-amd64 #1 SMP Debian 5.2.17-1kali2 (2019-10-17) x86_64 GNU/Linux

Starting mitm6 using the following configuration:
Primary adapter: eth0 [28:92:xx:xx:70:5a]
IPv4 address: 192.168.xx.68
IPv6 address: fe80::xxxx:xxxx:xxxx:705a
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify at least one domain with -d
Unhandled Error
Traceback (most recent call last):
  File "/usr/local/bin/mitm6", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/python3.7/dist-packages/mitm6/mitm6.py", line 377, in main
    reactor.run()
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 1283, in run
    self.mainLoop()
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 1292, in mainLoop
    self.runUntilCurrent()
--- <exception caught here> ---
  File "/usr/local/lib/python3.7/dist-packages/twisted/internet/base.py", line 886, in runUntilCurrent
    f(*a, **kw)
  File "/usr/local/lib/python3.7/dist-packages/mitm6/mitm6.py", line 275, in parsepacket
    print('IPv6 address %s is now assigned to %s' % (p[DHCP6OptIA_NA].ianaopts[0].addr, pcdict[p.src]))
builtins.IndexError: list index out of range

PIP install logs for reference and version info.

Collecting mitm6
  Using cached https://files.pythonhosted.org/packages/b3/4a/41f2b53f280ae0323c608887ae63c6496a10d4351c6adaee41c26eda4d70/mitm6-0.2.2-py3-none-any.whl
Processing /root/.cache/pip/wheels/95/bf/51/905b3e84ec4ca910ce4ae92173c7334623105a265bdd1d9438/scapy-2.4.3-py2.py3-none-any.whl
Processing /root/.cache/pip/wheels/23/8f/f3/7054578f04c904f70757c5c85a6e2823baa69d42365526e93d/netifaces-0.10.9-cp37-cp37m-linux_x86_64.whl
Collecting twisted
  Using cached https://files.pythonhosted.org/packages/06/28/2a433e147de68c8416aa0179c45e67b67161f5c0f24aaaf1723f6229f574/Twisted-19.10.0-cp37-cp37m-manylinux1_x86_64.whl
Collecting hyperlink>=17.1.1
  Using cached https://files.pythonhosted.org/packages/7f/91/e916ca10a2de1cb7101a9b24da546fb90ee14629e23160086cf3361c4fb8/hyperlink-19.0.0-py2.py3-none-any.whl
Requirement already satisfied: attrs>=17.4.0 in /usr/lib/python3/dist-packages (from twisted->mitm6) (18.2.0)
Collecting PyHamcrest>=1.9.0
  Using cached https://files.pythonhosted.org/packages/9a/d5/d37fd731b7d0e91afcc84577edeccf4638b4f9b82f5ffe2f8b62e2ddc609/PyHamcrest-1.9.0-py2.py3-none-any.whl
Collecting incremental>=16.10.1
  Using cached https://files.pythonhosted.org/packages/f5/1d/c98a587dc06e107115cf4a58b49de20b19222c83d75335a192052af4c4b7/incremental-17.5.0-py2.py3-none-any.whl
Collecting constantly>=15.1
  Using cached https://files.pythonhosted.org/packages/b9/65/48c1909d0c0aeae6c10213340ce682db01b48ea900a7d9fce7a7910ff318/constantly-15.1.0-py2.py3-none-any.whl
Collecting zope.interface>=4.4.2
  Using cached https://files.pythonhosted.org/packages/40/e7/7e1060c2826d6b8c25bebbd1c96177f4b85ecfe3e2478d31acf9eaca3a11/zope.interface-4.7.1-cp37-cp37m-manylinux2010_x86_64.whl
Collecting Automat>=0.3.0
  Using cached https://files.pythonhosted.org/packages/e5/11/756922e977bb296a79ccf38e8d45cafee446733157d59bcd751d3aee57f5/Automat-0.8.0-py2.py3-none-any.whl
Collecting idna>=2.5
  Using cached https://files.pythonhosted.org/packages/14/2c/cd551d81dbe15200be1cf41cd03869a46fe7226e7450af7a6545bfc474c9/idna-2.8-py2.py3-none-any.whl
Collecting six
  Using cached https://files.pythonhosted.org/packages/65/26/32b8464df2a97e6dd1b656ed26b2c194606c16fe163c695a992b36c11cdf/six-1.13.0-py2.py3-none-any.whl
Collecting setuptools
  Using cached https://files.pythonhosted.org/packages/54/28/c45d8b54c1339f9644b87663945e54a8503cfef59cf0f65b3ff5dd17cf64/setuptools-42.0.2-py2.py3-none-any.whl
Installing collected packages: scapy, netifaces, idna, hyperlink, six, setuptools, PyHamcrest, incremental, constantly, zope.interface, Automat, twisted, mitm6
Successfully installed Automat-0.8.0 PyHamcrest-1.9.0 constantly-15.1.0 hyperlink-19.0.0 idna-2.8 incremental-17.5.0 mitm6-0.2.2 netifaces-0.10.9 scapy-2.4.3 setuptools-42.0.2 six-1.13.0 twisted-19.10.0 zope.interface-4.7.1
commented

This seems to be something that is missing in the packet. Is this error thrown for all victim hosts or just for a few? In the first case it is likely related to a change in scapy, in the second it could be related to some missing options in some DHCPv6 requests that this host is sending.

commented

Interesting; the device is on a client network atm; I'll see if I can capture some traffic and scrub it to help pinpoint the issue.

I've also got another device (tested working) that I'll swap on onsite and report back.

Thanks for the quick reply/insights!

commented

No problem. If the other device does work make sure they are on the same scapy version, other packages are unlikely to affect this.

commented

Confirmed on both: more coming in the next day or two when I can get back onsite.

# pip list | grep scapy
scapy                        2.4.3
commented

Attempted with another device in the target environment. Same issues. Seems to be environmental.

This is a client's site so I can't provide the traffic capture; closing issue until/if I can replicate in another environment. Thanks for the comments/mitm6 abilities!

commented

@Snizz Did you ever figure out what the issue was? I'm getting a similar error

Starting mitm6 using the following configuration:
Primary adapter: eno1
IPv4 address: 10.x.x.x.x
IPv6 address: fe80::aa60:b6ff:fe2b:9330
Warning: Not filtering on any domain, mitm6 will reply to all DNS queries.
Unless this is what you want, specify at least one domain with -d
Unhandled Error
Traceback (most recent call last):
File "/usr/local/bin/mitm6", line 11, in
load_entry_point('mitm6==0.2.2', 'console_scripts', 'mitm6')()
File "build/bdist.linux-x86_64/egg/mitm6/mitm6.py", line 377, in main
reactor.run()
File "/usr/lib/python2.7/dist-packages/twisted/internet/base.py", line 1267, in run
self.mainLoop()
File "/usr/lib/python2.7/dist-packages/twisted/internet/base.py", line 1276, in mainLoop
self.runUntilCurrent()
--- ---
File "/usr/lib/python2.7/dist-packages/twisted/internet/base.py", line 875, in runUntilCurrent
f(*a, **kw)
File "build/bdist.linux-x86_64/egg/mitm6/mitm6.py", line 275, in parsepacket
print('IPv6 address %s is now assigned to %s' % (p[DHCP6OptIA_NA].ianaopts[0].addr, pcdict[p.src]))
exceptions.IndexError: list index out of range

commented

So just wanted to follow up on this issue. Turned out the issue was a HP printer and once Ipv6 was turned off on that device i was no longer getting this error. Maybe the IPv6 stack on that printer was setup incorrectly or in a way that mitm6 didn't like. I would recommend anyone else running into this to try to blacklist hosts you see one by one till you find the one breaking your script. tcpdump for ipv6 traffic might help.