Hacktoberfest: Python 3 compatibility issues

[cclauss]

91 days until Python 2 end of life. https://www.python.org/doc/sunset-python-2

flake8 testing of https://github.com/axi0mX/ipwndfu on Python 3.7.1

$ flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics

./utilities.py:14:61: E999 SyntaxError: invalid syntax
    print 'ERROR: Bad AES key given to aes_decrypt. Exiting.'
                                                            ^
./steaks4uce.py:113:70: E999 SyntaxError: invalid syntax
  print '*** based on steaks4uce exploit (heap overflow) by pod2g ***'
                                                                     ^
./image3_24Kpwn.py:43:20: F821 undefined name 'xrange'
        for pos in xrange(shellcode_address - 0x84000000, len(img3)):
                   ^
./checkm8.py:29:101: E999 SyntaxError: invalid syntax
    print 'ERROR: This exploit requires libusb1 backend, but another backend is being used. Exiting.'
                                                                                                    ^
./usbexec.py:121:71: E999 SyntaxError: invalid syntax
        print 'ERROR: usbexec.execute: invalid argument at position %s' % i
                                                                      ^
./limera1n.py:145:105: E999 SyntaxError: invalid syntax
        print 'ERROR: This exploit requires libusb1 backend, but another backend is being used. Exiting.'
                                                                                                        ^
./recovery.py:19:77: E999 SyntaxError: invalid syntax
    print 'ERROR: No Apple device in Recovery Mode 0x1281 detected. Exiting.'
                                                                            ^
./alloc8.py:71:68: E999 SyntaxError: invalid syntax
	    print 'ERROR: SecureROM version %s is not supported by alloc8.' % version
                                                                   ^
./dfuexec.py:105:109: E999 SyntaxError: invalid syntax
            print 'ERROR: Device is not in pwned DFU Mode. Use -p flag to exploit device and then try again.'
                                                                                                            ^
./SHAtter.py:17:87: E999 SyntaxError: invalid syntax
    print '*** based on SHAtter exploit (segment overflow) by posixninja and pod2g ***'
                                                                                      ^
./dfu.py:22:101: E999 SyntaxError: invalid syntax
      print 'ERROR: No Apple device in DFU Mode 0x1227 detected after %0.2f second timeout. Exiting.' % timeout
                                                                                                    ^
./libusbfinder/__init__.py:84:78: E999 SyntaxError: invalid syntax
                print 'WARNING: SHA256 hash of existing dylib does not match.'
                                                                             ^
./usb/_interop.py:47:15: F821 undefined name 'reduce'
    _reduce = reduce
              ^
11    E999 SyntaxError: invalid syntax
2     F821 undefined name 'xrange'
13

E901,E999,F821,F822,F823 are the "showstopper" flake8 issues that can halt the runtime with a SyntaxError, NameError, etc. These 5 are different from most other flake8 issues which are merely "style violations" -- useful for readability but they do not effect runtime safety.

• F821: undefined name name
• F822: undefined name name in __all__
• F823: local variable name referenced before assignment
• E901: SyntaxError or IndentationError
• E999: SyntaxError -- failed to compile a file into an Abstract Syntax Tree

[0x06060606]

use python 2

[cclauss]

91 days until Python 2 end of life. https://www.python.org/doc/sunset-python-2

[0x06060606]

unsupported, not un-usable :)

[cclauss]

Unsupported == attack vector.

[0x06060606]

Attack Vector for something you're using locally, not attackable unless pre-exposed, to leverage a vulnerability. weird but ok.

[cclauss]

Count the number of Python modules that enable the creation of network connections it is a substantial surface area.

[0x06060606]

Of course but sadly, this doesn’t, so it’s not really needed in my opinion right away.

[DaJakerBoss]

This early in the game with this tool isn't really a good time to be bringing up the transition. Yes, python3 is 100% a necessary and beneficial switch but as it stands right now with this tool in what is basically an alpha, it's just not necessary. Another dev introduced the iPhone X bootrom exploit attack entirely in C with no libusb, so it's not impossible that eventually this tool ends up being implemented in another better language.

[DaJakerBoss]

Also, it should be noted this tool was written like, 5 years ago for exploits to the fuckin iPhone 3GS. Python 2 was alive then. checkm8 has been written right into that same tool. Is that a good thing? Probably not, but as the starbucks barista talking very loudly behind the counter just said, "it works"

[EWouters]

Bumping with #88 as is has a similar discussion. #95 is along these lines as well.