0

I am currently helping my university's cyber security program by creating a simple Capture the Flag style python script to be used for the final exam. I created the script and everything is working great when run natively on Windows. The issue that I am having is that since the course is dealing with ethical hacking, many of the students will be accessing the Windows machine via a reverse shell or meterpreter on their local Kali linux machine. When I try to run the script through the meterpreter or reverse shell, I am having an EOF error as soon as my script asks for input, without waitingfor a user to type.

I tried to recreate a simple script in order to demonstrate the issue:

test.py:

    print "This is a test"
    answer = raw_input("Type anything")
    print answer

When I run the command through the meterpreter or reverse shell, the output is as follows

    > test.py
    This is a test
    Type anythingTraceback (most recent call last):
    File "test.py", line 2, in <module>
    answer = raw_input("Type anything")
    EOFError: EOF when reading a line

I have tried this with both input and raw_input and both have the same EOFError. I've tried searching through similar posts, but none seem to address the issue.

My belief is that the reverse shell or meterpreter are causing the issue, but I can not find any information on how to remotely execute a python script on the target machine while using the meterpreter or reverse shell.

I appreciate any help or insight, as I am honestly quite stumped!

Improve this question
4
  • 3
    As an aside, you are using python 2.x which was end-of-life years ago. You'd do your cyber security program a favor by moving to the latest python. Commented Jun 27, 2022 at 21:57
  • @tdelaney - it needs to run on the host windows xp machine, so unfortunately 2.7 is the highest version available to me for that particular challenge. I use 3.9 for all my other programming though. Commented Jun 27, 2022 at 22:00
  • @tdelaney I am pretty sure support for windows XP is ended in 2014 so the system should be upgraded or air gapped. As for the problem it looks like you are missing a loop see the bottom answer here stackoverflow.com/questions/42891603/… Commented Jul 3, 2022 at 8:09
  • 1
    To be clear: all of this output happens immediately, without actually waiting for user input? This sounds like something external to the Python process has closed its standard input. You might want to try superuser.com or Information Security. Commented Jul 5, 2022 at 7:20

1 Answer 1

Reset to default
0

One of the problems you may have due to the working style of raw_input() (or input() in Python 3) is the way these functions interact with the terminal when run under a non-interactive environment, such as a reverse shell or meterpreter session.

Under the typical interaction, this will prompt for user input when running a Python script in a usual terminal or interactive shell. This is not the case for reverse shells or meterpreter sessions, which do not have the same kind of input handling that a standard terminal would possess; therefore, the script is likely going to error with a EOFError. This normally implies you will encounter an EOFError at the point in the Python code where the program is at a standstill for the lack of inputs by the user, as a result of absence of an interactive terminal.

Solution: Use sys.stdin for Input Handling

import sys

print("This is a test")
print("Type anything:", end=" ")

answer = sys.stdin.readline().strip()
print(answer)
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.