I'm doing lab in Malware analysis.
The task is to investigate CVE-2015-7547 glibc vulnerability.
Google already gave proof of concept code. This code contains client in C and fake DNS server in python. When I try to run server, it throws exception:
turbolab#sandbox:~/Desktop$ sudo python CVE-2015-7547-poc.py
Traceback (most recent call last):
File "CVE-2015-7547-poc.py", line 176, in <module>
tcp_thread()
File "CVE-2015-7547-poc.py", line 101, in tcp_thread
sock_tcp.bind((IP, 53))
File "/usr/lib/python2.7/socket.py", line 224, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 98] Address already in use
IP was set to 127.0.0.1.
How to run server and connect client to it?
You could run netstat -lpn to list all listening connections, with pids (-n do not resolve names).
To test for this vulnerability
Clone the POC code git clone https://github.com/fjserna/CVE-2015-7547.git
Set your DNS server to localhost (127.0.0.1) edit /etc/resolv.conf
Run the POC DNS server
sudo python CVE-2015-7547-poc.py
Compile the client
make
Run the client
./CVE-2015-7547-client
CVE-2015-7547-client segfaults when you are vulnerable
CVE-2015-7547-client reports CVE-2015-7547-client: getaddrinfo: Name or service not known when not vulnerable.
See this Ubuntu Security Notice for more information, as well the original Google blog
Related
i can connect locally to my mongodb server with the address 0.0.0.0/0. However, when I deploy my code to the cloud I get the error deploy to google cloud function.
google cloud function with python 3.7 (beta)
atlas mongo db
python lib:
-pymongo
-dnspython
Error: function crashed. Details:
All nameservers failed to answer the query _mongodb._tcp.**-***.gcp.mongodb.net. IN SRV: Server ***.***.***.*** UDP port 53 answered SERVFAIL
Traceback (most recent call last): File "/env/local/lib/python3.7/site-packages/pymongo/uri_parser.py", line 287, in _get_dns_srv_hosts results = resolver.query('_mongodb._tcp.' + hostname, 'SRV') File "/env/local/lib/python3.7/site-packages/dns/resolver.py", line 1132, in query raise_on_no_answer, source_port) File "/env/local/lib/python3.7/site-packages/dns/resolver.py", line 947, in query raise NoNameservers(request=request, errors=errors) dns.resolver.NoNameservers: All nameservers failed to answer the query _mongodb._tcp.**mymongodb**-r091o.gcp.mongodb.net. IN SRV: Server ***.***.***.*** UDP port 53
finally after stuck 2 day, goblok banget semaleman
just change connection
from
SRV connection string (3.6+ driver)
to
Standard connection string (3.4+ driver)
mongodb://<USERNAME>:<PASSWORD>#<DATABASE>-shard-00-00-r091o.gcp.mongodb.net:27017,<COLLECTION>-shard-00-01-r091o.gcp.mongodb.net:27017,<COLLECTION>-shard-00-02-r091o.gcp.mongodb.net:27017/test?ssl=true&replicaSet=<COLLECTION>-shard-0&authSource=admin&retryWrites=true
or you can see your connection string in atlas mongodb.
idk why can`t connect with srv connection string in google cloud functions, maybe not suppot now, or just misconfiguration.
This might help somone, I've struggled with this error on Windows when I tried to connect to MongoDB with the mongodb+srv:// syntax, it worked fine if I try it through WSL or on a Linux machine.
From https://forum.omz-software.com/topic/6751/pymongo-errors-configurationerror-resolver-configuration-could-not-be-read-or-specified-no-nameservers/4
import dns.resolver
dns.resolver.default_resolver=dns.resolver.Resolver(configure=False)
dns.resolver.default_resolver.nameservers=['8.8.8.8'] # this is a google public dns server, use whatever dns server you like here
# as a test, dns.resolver.query('www.google.com') should return an answer, not an exception
Most of the time the error occurs when your network isn't configured with 8.8.8.8 DNS Adress.
Type the following command on command prompt to verify
ipconfig /all
check your IP configuration & in the config you should see the following
DNS Servers . . . . . . . . . . . : 8.8.8.8
8.8.4.4
if not you should configure your network using 8.8.8.8 as primary DNS and 8.8.4.4 as secondary.
OR
May be you are using a VPN or private DNS.In that case contact you service provider for the assistance.
Google-app-engine development server runs great yesterday, but when I try to start it today. It only shout out this Error.
I tried use lsof -i:8080 / lsof -i:8000 to make sure these ports are not taken.
I also tried use a --port arg to switch to another port.
I even removed the gae folder and installed a new one.
-- with no luck at all.
Maybe there is a obvious solution but I can't see it.
Here is the Oh-My-God trace stack..
Traceback (most recent call last):
File "/home/henry/software/google_appengine/dev_appserver.py", line 182, in <module>
_run_file(__file__, globals())
File "/home/henry/software/google_appengine/dev_appserver.py", line 178, in _run_file
execfile(script_path, globals_)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 689, in <module>
main()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 682, in main
dev_server.start(options)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 653, in start
apis.start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 152, in start
super(APIServer, self).start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 294, in start
raise BindError('Unable to find a consistent port %s' % host)
google.appengine.tools.devappserver2.wsgi_server.BindError: Unable to find a consistent port localhost
Exception in thread Thread-4 (most likely raised during interpreter shutdown):
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
File "/usr/lib/python2.7/threading.py", line 763, in runhenry#henry-A
This can be caused by multiple entries in your hosts file for 'localhost'.
For example in file /etc/hosts:
127.0.0.1 localhost
127.0.0.1 mymachinename localhost
if you delete all mappings but one for localhost, the problem will hopefully be resolved.
127.0.0.1 mymachinename localhost
This is a known issue and as far as I understand it will be corrected in a future release.
While I never seen that before try running it on a different port or even using a different host:
dev_appserver.py /path/to/project --port 8888 --host 127.0.0.1
Where for host add your current IP address.
Similar to what was posted, I had this issue and fixed it by altering the hosts file. The issue was with IPv6 addresses redirecting to localhost:
In my hosts file I had
127.0.0.1 localhost
::1 localhost
fe80::1%lo0 localhost
And I commented out the IPv6 addresses to give
127.0.0.1 localhost
#::1 localhost
#fe80::1%lo0 localhost
I'm not sure this is a viable permanent solution as I imagine it's important to have the IPv6 numerical addresses for localhost to be in the hosts file but it works for now until a proper fix is released.
I suppose there is a bug in the google app engine.
I debuged appengine/tools/devappserver2/wsgi_server.py, and here is the facts:
1. it runs fine when internet is disconnected
2. it shows such error when internet is on.
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 0, socket.AI_PASSIVE)
In this piece of code, if you connect internet, addrinfo will only have the address in public internet. even you assign port and host in command line. Then you have no chance to bind this socket to localhost, since the address you bind is the public address you are using now.
In order to solve it, I just change the code into
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 1, socket.AI_PASSIVE)
It works well now, I didn't check the code about socket.getaddrinfo, however, I suppose that it functions as ignoring the lookup address or not according to the integer 0 or 1.
Btw, I am using MacOs, there could be system dependency problem as well, if this is the case, then socket package should redesign somehow.
dev_appserver.py . --port 4000
this fixed it for me.
I solved this issue by passing an explicit api port to dev_appserver.py:
dev_appserver.py path/to/project --api_port 3000
I was unable to solve the issue by editing the hosts file or passing --port / --host to dev_appserver.py.
I didn't identify the root cause.
In my case just restarting the terminal worked.
Google-app-engine development server runs great yesterday, but when I try to start it today. It only shout out this Error.
I tried use lsof -i:8080 / lsof -i:8000 to make sure these ports are not taken.
I also tried use a --port arg to switch to another port.
I even removed the gae folder and installed a new one.
-- with no luck at all.
Maybe there is a obvious solution but I can't see it.
Here is the Oh-My-God trace stack..
Traceback (most recent call last):
File "/home/henry/software/google_appengine/dev_appserver.py", line 182, in <module>
_run_file(__file__, globals())
File "/home/henry/software/google_appengine/dev_appserver.py", line 178, in _run_file
execfile(script_path, globals_)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 689, in <module>
main()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 682, in main
dev_server.start(options)
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/devappserver2.py", line 653, in start
apis.start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/api_server.py", line 152, in start
super(APIServer, self).start()
File "/home/henry/software/google_appengine/google/appengine/tools/devappserver2/wsgi_server.py", line 294, in start
raise BindError('Unable to find a consistent port %s' % host)
google.appengine.tools.devappserver2.wsgi_server.BindError: Unable to find a consistent port localhost
Exception in thread Thread-4 (most likely raised during interpreter shutdown):
Traceback (most recent call last):
File "/usr/lib/python2.7/threading.py", line 810, in __bootstrap_inner
File "/usr/lib/python2.7/threading.py", line 763, in runhenry#henry-A
This can be caused by multiple entries in your hosts file for 'localhost'.
For example in file /etc/hosts:
127.0.0.1 localhost
127.0.0.1 mymachinename localhost
if you delete all mappings but one for localhost, the problem will hopefully be resolved.
127.0.0.1 mymachinename localhost
This is a known issue and as far as I understand it will be corrected in a future release.
While I never seen that before try running it on a different port or even using a different host:
dev_appserver.py /path/to/project --port 8888 --host 127.0.0.1
Where for host add your current IP address.
Similar to what was posted, I had this issue and fixed it by altering the hosts file. The issue was with IPv6 addresses redirecting to localhost:
In my hosts file I had
127.0.0.1 localhost
::1 localhost
fe80::1%lo0 localhost
And I commented out the IPv6 addresses to give
127.0.0.1 localhost
#::1 localhost
#fe80::1%lo0 localhost
I'm not sure this is a viable permanent solution as I imagine it's important to have the IPv6 numerical addresses for localhost to be in the hosts file but it works for now until a proper fix is released.
I suppose there is a bug in the google app engine.
I debuged appengine/tools/devappserver2/wsgi_server.py, and here is the facts:
1. it runs fine when internet is disconnected
2. it shows such error when internet is on.
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 0, socket.AI_PASSIVE)
In this piece of code, if you connect internet, addrinfo will only have the address in public internet. even you assign port and host in command line. Then you have no chance to bind this socket to localhost, since the address you bind is the public address you are using now.
In order to solve it, I just change the code into
280 addrinfo = socket.getaddrinfo(host, port, socket.AF_UNSPEC,
281 socket.SOCK_STREAM, 1, socket.AI_PASSIVE)
It works well now, I didn't check the code about socket.getaddrinfo, however, I suppose that it functions as ignoring the lookup address or not according to the integer 0 or 1.
Btw, I am using MacOs, there could be system dependency problem as well, if this is the case, then socket package should redesign somehow.
dev_appserver.py . --port 4000
this fixed it for me.
I solved this issue by passing an explicit api port to dev_appserver.py:
dev_appserver.py path/to/project --api_port 3000
I was unable to solve the issue by editing the hosts file or passing --port / --host to dev_appserver.py.
I didn't identify the root cause.
In my case just restarting the terminal worked.
I have created an FTP client using ftplib. I am running the server on one of my Ubuntu virtual machine and client on another. I want to connect to the server using ftplib and I'm doing it in the following way:
host = "IP address of the server"
port = "Port number of the server"
ftpc = FTP()
ftpc.connect(host, port)
I'm getting the following error!
Traceback (most recent call last):
File "./client.py", line 54, in <module>
ftpc.connect(host, port)
File "/usr/lib/python2.7/ftplib.py", line 132, in connect
self.sock = socket.create_connection((self.host, self.port), self.timeout)
File "/usr/lib/python2.7/socket.py", line 571, in create_connection
raise err
socket.error: [Errno 111] Connection refused
When I went through the docs of python, I could see ftplib used only with domain names as in FTP("domain name"). Can I use IP address instead of domain name? In my case I am unable to comprehend the error. It would be great if anyone can help me out.
Also if I use port 21 on my server, I'm getting socket error: Connection refused. How do I use port 21 for my FTP server?
Thank You.
It seems like you are trying to connect to SFTP server using ftplib which is giving you the Connection Refused error. Try using pysftp instead of ftplib and see if it works.
On the virtual machine, test by typing ftp and sftp commands on the console. You will get to know on which server the machine is running i.e ftp or sftp.
To solve the problem, I install and config vsftpd:
sudo apt install vsftpd (if not exist)
sudo vim /etc/vsftpd.conf
set "listen=YES"
I have mongodb running on a remote server. I can ssh to the remote server and connect to mongodb from the shell on the remote machine. However i have to connect to that mongodb instance from my python script.
However, im unable to connect to mongodb directly from the shell on my local machine running linux using the command:
mongo <remote_ip>:27017
or through pymongo using
connection = pymongo.Connection("<remote_ip>", 27017)
I get the below error when using pymongo:
Traceback (most recent call last):
File "<input>", line 1, in <module>
File "/usr/local/lib/python2.6/dist-packages/pymongo-1.11-py2.6-linux-i686.egg/pymongo/connection.py", line 370, in __init__
self.__find_master()
File "/usr/local/lib/python2.6/dist-packages/pymongo-1.11-py2.6-linux-i686.egg/pymongo/connection.py", line 605, in __find_master
raise AutoReconnect("could not find master/primary")
AutoReconnect: could not find master/primary
What could be causing this problem ?. Does it mean mongo is running on a port other than 27017 and if so how can i find out which port it is running on ?
Please Help
Thank You
You can use netstat -a -p on the machine running mongodb to see what port it's attached to. (netstat -a lists all connections and -p provides the name of the program owning the connection.) Also make sure the remote computer is allowing external connections on that port (the connections aren't being blocked by a firewall) and that mongodb is accepting remote connections.