Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bug Report: Unhandled exception "ValueError: unknown url type: '/'" (#085d604a) #970

Closed
commixreporter opened this issue Oct 18, 2024 · 1 comment
Closed

Bug Report: Unhandled exception "ValueError: unknown url type: '/'" (#085d604a) #970

commixreporter opened this issue Oct 18, 2024 · 1 comment
Assignees
@stasinopoulos
Labels
bug verified
Milestone
4.0-stable

Comments

@commixreporter
Copy link 

Commix version: 4.0-dev#100
Python version: 3.12.6
Operating system: posix
Command line: commix.py -u ************************************************************** -p ******* 

Traceback (most recent call last):
  File \"commix.py", line 36, in <module>
    main()
  File \"commix.py", line 31, in main
    import src.core.main
  File \"main.py", line 899, in <module>
    main(filename, url, http_request_method)
  File \"main.py", line 560, in main
    controller.do_check(url, http_request_method, filename)
  File \"controller.py", line 743, in do_check
    perform_checks(url, http_request_method, filename)
  File \"controller.py", line 706, in perform_checks
    data_checks(url, http_request_method, filename, timesec)
  File \"controller.py", line 627, in data_checks
    if get_request(url, http_request_method, filename, timesec) is None:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"controller.py", line 590, in get_request
    do_injection(found_url, settings.HTTPMETHOD.GET, header_name, url, http_request_method, filename, timesec)
  File \"controller.py", line 561, in do_injection
    injection_proccess(url, check_parameter, http_request_method, filename, timesec)
  File \"controller.py", line 402, in injection_proccess
    timebased_command_injection_technique(url, timesec, filename, http_request_method, url_time_response)
  File \"controller.py", line 255, in timebased_command_injection_technique
    if tb_handler.exploitation(url, timesec, filename, http_request_method, url_time_response, injection_type, technique) != False:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"tb_handler.py", line 66, in exploitation
    if tb_injection_handler(url, timesec, filename, http_request_method, url_time_response, injection_type, technique, tmp_path) == False:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"tb_handler.py", line 29, in tb_injection_handler
    return handler.do_time_relative_proccess(url, timesec, filename, http_request_method, url_time_response, injection_type, technique, tmp_path)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"handler.py", line 414, in do_time_relative_proccess
    if pseudo_terminal_shell(injector, separator, maxlen, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, technique, no_result, timesec, payload, OUTPUT_TEXTFILE, url_time_response) == None:
       ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"handler.py", line 99, in pseudo_terminal_shell
    go_back, go_back_again = shell_options.check_option(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, technique, go_back, no_result, timesec, go_back_again, payload, OUTPUT_TEXTFILE)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"shell_options.py", line 179, in check_option
    go_back, go_back_again = reverse_tcp_config(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, os_shell_option, go_back, go_back_again, timesec, payload, OUTPUT_TEXTFILE, technique)
                             ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"shell_options.py", line 152, in reverse_tcp_config
    execute_shell(separator, TAG, cmd, prefix, suffix, whitespace, http_request_method, url, vuln_parameter, alter_shell, filename, os_shell_option, timesec, payload, OUTPUT_TEXTFILE, technique)
  File \"shell_options.py", line 76, in execute_shell
    shell = injector.injection_results(response, TAG, cmd, technique, url, OUTPUT_TEXTFILE, timesec)
            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"cb_injector.py", line 40, in injection_results
    return injector.injection_results(response, TAG, cmd, technique, url, OUTPUT_TEXTFILE, timesec)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"injector.py", line 511, in injection_results
    response = checks.get_response(output)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"checks.py", line 119, in get_response
    request = _urllib.request.Request(output)
              ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File \"request.py", line 318, in __init__
    self.full_url = url
    ^^^^^^^^^^^^^
  File \"request.py", line 344, in full_url
    self._parse()
  File \"request.py", line 373, in _parse
    raise ValueError("unknown url type: %r" % self.full_url)
ValueError: unknown url type: '/'
@stasinopoulos stasinopoulos self-assigned this Oct 22, 2024
@stasinopoulos stasinopoulos added this to the 4.0-stable milestone Oct 22, 2024
@github-actions GitHub Actions
Copy link

This issue has been automatically locked due to inactivity.
Please file a new issue if you are encountering a similar or related problem.

This action has been performed automatically by a bot.

@github-actions github-actions bot locked and limited conversation to collaborators Nov 24, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@stasinopoulos stasinopoulos

Labels
bug verified
Projects
None yet
Milestone
4.0-stable
Development

No branches or pull requests
2 participants
@stasinopoulos @commixreporter