ValueError when connecting via loopback

[calebstewart]

Bug Description

This is normally only a testing problem, as practically, you aren't often connecting to localhost. That being said, when connecting to a bind shell on the local machine, pwncat is unable to use localhost. Getting the peer name from the socket apparently results in a different return value for the loopback device vice a normal IP address.

You can use 127.0.0.1, and it works just fine. This should be relatively easy to test/fix. I just need to figure out what exactly the expected return value is for a loopback device.

pwncat version

Provide the output of pwncat --version or a commit hash if working from
a development branch.

$ pwncat --version
0.4.3

Target System (aka "victim")

My local machine, which is an Arch Linux host.

Steps to Reproduce

Steps to reproduce the behavior:

1. Start a listener with ncat -e /bin/bash -klnvp 4444
2. Attempt to connect to the listener with pwncat localhost 4444
3. See error

Expected Behavior

A connection is established in the same way as using 127.0.0.1 in place of localhost.

[Mitul16]

I have seen this before.
This happens when we create the bind shell using IPv6 protocol or AF_INET6 address family
And thus we do not get (host, port) pair tuple as the return value which is what pwncat expects.

[Mitul16]

Using the port 1337, you may receive something similar to ('::1', 1337, 0, 0) instead of ('127.0.0.1', 1337)

[calebstewart]

Per the Python socket documentation

This should be relatively easy to fix. The flow info and scope ID aren't important in this context so I'm pretty sure we can safely ignore them.

[Mitul16]

Is this any helpful?

[Mitul16]

I did thought about fixing it 😁 , but I thought who is using IPv6 anyway.
And the current implementation for parsing the host and port using an IPv6 address will throw an error as well.