Error when trying to scan hosts #85
Comments
|
Same error, did you find any solution? |
|
The problem here is you cant reach interact.sh as oob DNS Provider because of your corporate Firewall / Proxy. |
|
Thank you for your answer, infact it's my firewall i added the no_proxy exception for interact.sh but now I'm receiving timeout "Max retries exceeded". Nmap scan report for 46.101.25.250 PORT STATE SERVICE But I'm trying to figure out why is necessary to contact this server "interact.sh" ??? |
|
i am facing same problem During handling of the above exception, another exception occurred: Traceback (most recent call last): |
Greetings axel3rd, I have apply an exception in to my proxy adding "interact.sh" it may could help you, but in my case after do that I discovered that my company is blocking that connection. |
|
Interact.sh is on listed on dangerous sides via Proxy / Firewall / ISP. So this tool will not work in professional IT Infrastructures. Btw. if this tool works in you environment by default, you have bigger problems then Log4J. You should close the door before you handle the backholes ;D |
With #80 (Implemented in internal fork, need time to implemented it here properly), this tool can be used in a professional IT infra.
Agree ; and in a professional IT, like other complementary tool (like Qualys, ...), any client scanner hostname/ip should be temporary whitelisted in security appliance (FW, ...) to be able to interact "driectly" with endpoints. |
|
So Sir, take my like. |
|
Testable from https://github.com/axel3rd/log4j-scan (doc), and vote for #95 😁 |
|
As @alessandronva and @xtaran mentioned, the cause is due to the DNS callback provider (interact.sh) is block-listed on your network |
Greetings,
I'm receiving this output when I tried to scan an specific host with log4j.
This is the command that I used.
python3 log4j-scan.py -u http://ip-address
My python version: Python 3.8.10
I also installed the requirements
The error output:
[•] CVE-2021-44228 - Apache Log4j RCE Scanner
[•] Scanner provided by FullHunt.io - The Next-Gen Attack Surface Management Platform.
[•] Secure your External Attack Surface with FullHunt.io.
[•] Initiating DNS callback server (interact.sh).
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 662, in urlopen
self._prepare_proxy(conn)
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 950, in _prepare_proxy
conn.connect()
File "/usr/lib/python3/dist-packages/urllib3/connection.py", line 322, in connect
self._tunnel()
File "/usr/lib/python3.8/http/client.py", line 901, in _tunnel
raise OSError("Tunnel connection failed: %d %s" % (code,
OSError: Tunnel connection failed: 403 Forbidden
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/lib/python3/dist-packages/urllib3/connectionpool.py", line 719, in urlopen
retries = retries.increment(
File "/usr/lib/python3/dist-packages/urllib3/util/retry.py", line 436, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='interact.sh', port=443): Max retries exceeded with url: /register (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 403 Forbidden')))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "log4j-scan.py", line 386, in
main()
File "log4j-scan.py", line 356, in main
dns_callback = Interactsh()
File "log4j-scan.py", line 215, in init
self.register()
File "log4j-scan.py", line 223, in register
res = self.session.post(
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 581, in post
return self.request('POST', url, data=data, json=json, **kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 533, in request
resp = self.send(prep, **send_kwargs)
File "/usr/lib/python3/dist-packages/requests/sessions.py", line 646, in send
r = adapter.send(request, **kwargs)
File "/usr/lib/python3/dist-packages/requests/adapters.py", line 510, in send
raise ProxyError(e, request=request)
requests.exceptions.ProxyError: HTTPSConnectionPool(host='interact.sh', port=443): Max retries exceeded with url: /register (Caused by ProxyError('Cannot connect to proxy.', OSError('Tunnel connection failed: 403 Forbidden')))
The text was updated successfully, but these errors were encountered: