Update project #3
Conversation
|
whoaoooo blast from the past. i wonder how we can even merge this stuff in now. |
|
Well, its mergable, but I am trying to fix some more python dependencies, because I am getting an error. I am trying to fix it up, and updating my fork at the same time; then you can merge, or it can remain as my own fork. Since you are here, do you know of a modern alternative? Maybe sensepost/mallet? |
* Error handling for import of http_plugin_manager continues on error but in __main__ script attempts to use http_plugin_manager that may not be imported. This change checks if http_plugin_manager is imported * Added more verbose error messages to aid debugging. Co-authored-by: Josh Dukes <[email protected]>
Pillow, IPy installed through APT
Tokarak
force-pushed
the
master
branch
2 times, most recently
from
e12135b to
4861ba2
Compare
'Import Image' was long ago deprecated, and now is invalid syntax. Updated all cases referenced by mallory.py.
|
This point marks correct non-gui operation. |
|
As much as I love a good blast from the past, it might be best to let this one die. It's been over a decade since IG ceased to exist, and we never bothered for python3 compatibility when mallory was written |
|
Then I need an alternative tool. I am also debugging the gui, and thats good for my education if nothing else. |
|
Turns out, I didn't think to start a mallory session before starting the gui 🥲. Consider this project resurrected and mergeable, unless some functionality is broken. |
|
@Tokarak I have to agree with @cweedon. Intrepidus Group as a company was a great great place, but many of the folks who worked on this project are not longer working for the org that has acquired IG. That being said, seeing activity here is really near and dear to my heart, as the guts of mallory and its v0 was my main project during my first year as an infosec professional. I would recommend that you fork this project out and continue to work on it in an org all of your own. Unless someone who still works at NCC wants to resueruct this project and manage this GH org. I would also offer that me and you sync up on a google hangout/zoom so i can brain dump LOTs of mallory stuff. It should make your digging more productive. What timezone are you in? |
|
@RajUmadas It looks like nobody has write access to this repo; I will close this pr and continue any developments on my fork. I would love to learn more about this project, but you should at least know I am just a kid on half term break who is doing all of this to cheat in a mobile game; If that's ok with you, you can contact me on [email protected]. |
Fixs the same bug as previous commit which went unnoticed.
The old script depended too heavily on it running smoothly - unlikely, when run on a modern Linux distribution. This script now only installs the dependencies and gives helpful information to the user; updating the repo should be done manually through git pull. Overall: easier to debug, safer to run, less junk files generated.
|
@RajUmadas does the Mallory program require root privileges? In both mallory.py and launchgui.py? Is the program safe to run as root, or should I add the deprecated gksudo to the dependencies? |
Removed a "try" clause when modifying iptables.
It would previously always show "no". Thanks to Matt: https://groups.google.com/g/mallory-proxy/c/PF2MwXOpcEg/m/cOKhN3n0kR8J
Credit: RajUmadas on the CarveSystems/Mallory fork ivision-research/Mallory@3ec5110
If mallory crashes, launchgui would start while-True-ing error messages; This should also make clear the annoying scenario new users face when they try to run the gui without mallory. That should go in the README someday soon.
With IntrepidusGroup mysteriously disappearing into thin air, the gitbucket mirror is down. This mainly updates those links to Github. Other changes include:
I doubt this will get merged, so I urge anyone reading this to use my fork of the script instead of the one which will be cloned by git when you install.
It is better to use no script at all, as the install structure is somewhat messy; have a look at what apt installs in the file (don't forget the one line where pip is used), and clone this repo manually. This also allows you to find equivalent packages in other distributions (eg Arch).
The latest Ubuntu LTS (20.04 Focal at the time of writing) lacks some of the required packages. I managed to successfully install the dependencies on 18.04 Bionic. Check which packages are available on https://packages.ubuntu.com.