anouarbensaad/vulnx

Error while exploiting

filebe777 opened this issue · 5 comments

# Coded By Anouar Ben Saad - @anouarbensaad      

http://www

[Target] => http://

−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[] looking for cms
[+] CMS : Joomla
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[
] Exploits Scan
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[~] Exploits Scan
[?] com_jce FAIL
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/utils.py", line 941, in check_header_validity
if not pat.match(value):
TypeError: expected string or bytes-like object

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/share/vulnx/vulnx.py", line 157, in
detection()
File "/usr/share/vulnx/vulnx.py", line 113, in detection
instance.instanciate()
File "/usr/share/vulnx/modules/detector.py", line 146, in instanciate
instance.exploit()
File "/usr/share/vulnx/modules/executor/Joomla.py", line 30, in exploit
return joox.jooexploits()
File "/usr/share/vulnx/modules/exploits/joomla_exploits.py", line 490, in jooexploits
self.exploit_state(self.com_media())
File "/usr/share/vulnx/modules/exploits/joomla_exploits.py", line 54, in com_media
requests.post(endpoint, data=data, headers=self.headers,verify=False).text
File "/usr/lib/python3/dist-packages/requests/api.py", line 116, in post
return request('post', url, data=data, json=json, **kwargs)
File "/usr/lib/python3/dist-packages/requests/api.py", line 60, in request
return session.request(method=method, url=url, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 519, in request
prep = self.prepare_request(req)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 452, in prepare_request
p.prepare(
File "/usr/lib/python3/dist-packages/requests/models.py", line 314, in prepare
self.prepare_headers(headers)
File "/usr/lib/python3/dist-packages/requests/models.py", line 448, in prepare_headers
check_header_validity(header)
File "/usr/lib/python3/dist-packages/requests/utils.py", line 944, in check_header_validity
raise InvalidHeader("Value for header {%s: %s} must be of type str or "
requests.exceptions.InvalidHeader: Value for header {content-type: ['form-data']} must be of type str or bytes, not <class 'list'>

Same error. How to fix it?

−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[] looking for cms
[+] CMS : Wordpress
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[
] Exploits Scan
Traceback (most recent call last):
File "/usr/share/vulnx/vulnx.py", line 157, in
detection()
File "/usr/share/vulnx/vulnx.py", line 113, in detection
instance.instanciate()
File "/usr/share/vulnx/modules/detector.py", line 146, in instanciate
instance.exploit()
File "/usr/share/vulnx/modules/executor/Wordpress.py", line 30, in exploit
return wpx.wpexploits()
File "/usr/share/vulnx/modules/exploits/wordpress_exploits.py", line 635, in wpexploits
self.exploit_state(self.wp_wysija())
File "/usr/share/vulnx/modules/exploits/wordpress_exploits.py", line 497, in wp_wysija
shell = open('shell/VulnX.php', 'rb')
FileNotFoundError: [Errno 2] No such file or directory: 'shell/VulnX.php'

I have exactly the same mistake.
Has anyone here already made progress and can tell us how to fix the bug?


[] looking for cms
[+] CMS : Joomla
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[
] Exploits Scan
−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−
[~] Exploits Scan
[?] com_jce FAIL
Traceback (most recent call last):
File "/home/gr3ym1nd/.local/lib/python3.8/site-packages/requests/utils.py", line 792, in check_header_validity
if not pat.match(value):
TypeError: expected string or bytes-like object

same here.

same. Known fix ?