Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSHException: Channel closed. #81

Closed
qustavo opened this issue May 9, 2016 · 4 comments
Closed

SSHException: Channel closed. #81

qustavo opened this issue May 9, 2016 · 4 comments
Labels
bug
Milestone
Bad Blood 2.2.0

Comments

@qustavo
Copy link

qustavo commented May 9, 2016

exploits/juniper/screenos_backdoor crash after Succesful authentication:

rsf (Juniper ScreenOS Backdoor) > run
[*] Running module...
[+] SSH - Successful authentication
> help
[-] Traceback (most recent call last):
  File "/home/gchain/routersploit/routersploit/interpreter.py", line 292, in command_run
    self.current_module.run()
  File "/home/gchain/routersploit/routersploit/modules/exploits/juniper/screenos_backdoor.py", line 51, in run
    stdin, stdout, stderr = ssh.exec_command(cmd.strip())
  File "/home/gchain/.venv/py2/lib/python2.7/site-packages/paramiko/client.py", line 418, in exec_command
    chan.exec_command(command)
  File "/home/gchain/.venv/py2/lib/python2.7/site-packages/paramiko/channel.py", line 60, in _check
    return func(self, *args, **kwds)
  File "/home/gchain/.venv/py2/lib/python2.7/site-packages/paramiko/channel.py", line 234, in exec_command
    self._wait_for_event()
  File "/home/gchain/.venv/py2/lib/python2.7/site-packages/paramiko/channel.py", line 1103, in _wait_for_event
    raise e
SSHException: Channel closed
@lucyoa
Copy link
Contributor

lucyoa commented May 9, 2016

@gchaincl I pushed fix with this commit: a098d4c
please check if it works properly

@qustavo
Copy link
Author

qustavo commented May 9, 2016

It does, but it looks like the exploit is not working, or the router is patched:

rsf (Juniper ScreenOS Backdoor) > run
[*] Running module...
[+] SSH - Successful authentication


                                                                      Copyright (c) 2016 Dell | SonicWALL, Inc.                             



Using username 'admin'.
                       Password:
                                Access denied
Password:
Access denied
Password:% Session terminated.

Exiting...

@lucyoa
Copy link
Contributor

lucyoa commented May 9, 2016

@gchaincl this exploit targets Juniper ScreenOS devices. It seems you have SonicWALL.

Does RouterSploit still show that device is vulnerable? Issue seems to lie in paramiko package that does not throw AuthenticationException for some reasons. Weird SonicWALL ssh implementation?

@qustavo
Copy link
Author

qustavo commented May 9, 2016

Seems like that's a different issue, closing this.
Thanks!

@qustavo qustavo closed this as completed May 9, 2016
@fwkz fwkz added the bug label May 11, 2016
@fwkz fwkz added this to the Bad Blood 2.2.0 milestone May 11, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
Bad Blood 2.2.0
Development

No branches or pull requests
3 participants
@qustavo @fwkz @lucyoa