IndexError: list index out of range

[alm1931]

Hello! I'm trying to run Legion 0.3.7 on Kali Linux, but it is crashing with the following errors upon scanning a host:

Traceback (most recent call last):
File "/usr/share/legion/app/importers/NmapImporter.py", line 283, in run
scrProcessorResults = scr.scriptSelector(db_host)
File "/usr/share/legion/parsers/Script.py", line 122, in scriptSelector
cveResults = self.getCves()
File "/usr/share/legion/parsers/Script.py", line 96, in getCves
cvesResults = self.processVulnersScriptOutput(cveOutput)
File "/usr/share/legion/parsers/Script.py", line 66, in processVulnersScriptOutput
resultCpeDetails['version'] = resultCpeData[4]
IndexError: list index out of range
zsh: IOT instruction legion

Thanks!

[Jerin-004]

Just reinstall the app, it would work fine.
use this command --> sudo apt reinstall legion

[Snoopy34d]

First off, great program! However, I too am getting a similar situation, running Kali Linux.

Reinstalling doesn't appear to make any difference, but I get a few syntax errors:
(decided to bold instead of code quote as it keeps the formatting)

david@kalilaptop:~$ sudo apt reinstall legion
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not upgraded.
Need to get 0 B/2,028 kB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ... 553729 files and directories currently installed.)
Preparing to unpack .../legion_0.3.8-0kali5_all.deb ...
Unpacking legion (0.3.8-0kali5) over (0.3.8-0kali5) ...
Setting up legion (0.3.8-0kali5) ...
/usr/share/legion/ui/models/cvemodels.py:55: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__cves) is 0:
/usr/share/legion/ui/models/hostmodels.py:43: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__hosts) is 0:
/usr/share/legion/ui/models/processmodels.py:43: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__processes) is 0:
/usr/share/legion/ui/models/scriptmodels.py:44: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__scripts) is 0:
/usr/share/legion/ui/models/servicemodels.py:40: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__services) is 0:
/usr/share/legion/ui/models/servicemodels.py:184: SyntaxWarning: "is not" with a literal. Did you mean "!="?
if not len(self.__serviceNames) is 0:
Processing triggers for kali-menu (2022.4.1) ...

A couple of thing:

• Kali menu launches Legion 0.3.7-1622656779

• Network scans in this version all crash

• Have upgraded to NMAP 7.93 using the instructions on the front page (no change)

• Kali menu still launches Legion 0.3.7 even though it says it upgraded to Legion 0.3.8?

• Installed Legion 0.3.9-1665098899 using the traditional method listed.

• This can only be launched by sudo ./startLegion.sh and the Kali menu and command line 'legion' launch 0.3.7

• Legion 0.3.9 crashes out altogether after entering an IP address to scan and clicking Submit with the following:

david@kalilaptop:~/legion$ {"time": "2022-10-08 12:34:58,582", "name": "runStagedNmap called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 740}}
Traceback (most recent call last):
File "/home/david/legion/ui/view.py", line 463, in callAddHosts
self.controller.addHosts(targetHosts=hostListEntry,
File "/home/david/legion/app/timing.py", line 36, in wrap
result = f(*args, **kw)
File "/home/david/legion/controller/controller.py", line 239, in addHosts
self.runStagedNmap(targetHosts, runHostDiscovery)
File "/home/david/legion/controller/controller.py", line 760, in runStagedNmap
stageOpValues = stageDataSplit[1]
IndexError: list index out of range
./startLegion.sh: line 38: 90552 Aborted /usr/bin/env python3 legion.py

Is there any reason 0.3.7 is still there instead of 0.3.8?
I'm assuming 0.3.9 will slowly roll out to the kali repositories and become the default install?

[sscottgvit]

@Snoopy34d 0.3.7 in the app info under the Kali release was a typo- it was indeed 0.3.8. Release 0.3.9 is in the process of being packaged by Kali and should be available soon. Release 0.3.10 is coming this next week and will follow in kali within a couple weeks as well.

[Elinas-of-Alba]

Have the same issue - reinstall is not solving the problem

QStandardPaths: XDG_RUNTIME_DIR not set, defaulting to '/tmp/runtime-root'
{"time": "2022-10-17 11:35:09,639", "name": "Creating temporary project at application start...", "level": "INFO", "data": {"logger_name": "legion-startup"}, "context": {"module": "legion", "filename": "legion.py", "line": 144}}
{"time": "2022-10-17 11:35:09,747", "name": "Wordlist was created/opened: /root/.local/share/legion/tmp/legion-mmwir60w-tool-output/legion-usernames.txt", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "auxiliary", "filename": "auxiliary.py", "line": 115}}
{"time": "2022-10-17 11:35:09,748", "name": "Wordlist was created/opened: /root/.local/share/legion/tmp/legion-mmwir60w-tool-output/legion-passwords.txt", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "auxiliary", "filename": "auxiliary.py", "line": 115}}
{"time": "2022-10-17 11:35:10,047", "name": "Loading settings file..", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "settings", "filename": "settings.py", "line": 37}}
{"time": "2022-10-17 11:35:10,393", "name": "Legion started successfully.", "level": "INFO", "data": {"logger_name": "legion-startup"}, "context": {"module": "legion", "filename": "legion.py", "line": 163}}
{"time": "2022-10-17 11:35:24,876", "name": "runStagedNmap called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 740}}
Traceback (most recent call last):
File "/usr/share/legion/ui/view.py", line 463, in callAddHosts
self.controller.addHosts(targetHosts=hostListEntry,
File "/usr/share/legion/app/timing.py", line 36, in wrap
result = f(*args, **kw)
File "/usr/share/legion/controller/controller.py", line 239, in addHosts
self.runStagedNmap(targetHosts, runHostDiscovery)
File "/usr/share/legion/controller/controller.py", line 760, in runStagedNmap
stageOpValues = stageDataSplit[1]
IndexError: list index out of range
zsh: IOT instruction sudo legion

[yuske]

@alm1931 @Snoopy34d @Elinas-of-Alba I fixed this issue by configs on my machine.

1. Run legion
2. Open Help -> Config
3. Replace the StagedNmapSettings section with the following parameters:

[StagedNmapSettings]
stage1-ports="PORTS|T:80,81,443,4443,8080,8081,8082"
stage2-ports="PORTS|T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
stage3-ports="NSE|vulners"
stage4-ports="PORTS|T:23,21,22,110,111,2049,3389,8080,U:500,5060"
stage5-ports="PORTS|T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048,2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
stage6-ports="PORTS|T:30000-65535"

Happy hacking!

[Snoopy34d]

@yuske - thank you!! Just updated to 0.3.9 (kali version) and was still getting the instant crash on a scan.

Made these amendments to the config and it works perfectly again - Awesome!

[sscottgvit]

@Snoopy34d 0.3.10 will include a mechanism to detect an existing config under the user local, rename, and replace when breaking changes are made. It didn't occur to us that under the kali distribution a local config is created once if it doesn't exist and therefore doesn't get updated by reinstallation, updated, etc.

[Elinas-of-Alba]

@Snoopy34d - Sorry for the late reply! It works perfectly! Thank you very much
Thanks to @sscottgvit for implementing the config replacement!

Ok - it works to add the IP range but now it crashes in all stages:
"time": "2022-10-20 14:29:16,522", "name": "Queuing: nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24 -oA /root/.local/share/legion/tmp/legion-7i77hysj-running/nmap/20221020142916285749-nmapstage1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 674}}
{"time": "2022-10-20 14:29:16,752", "name": "runCommand called for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 691}}
{"time": "2022-10-20 14:29:16,754", "name": "runCommand connected for stage 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 694}}
qt.qpa.xcb: QXcbConnection: XCB error: 3 (BadWindow), sequence: 1110, resource id: 10594196, major code: 40 (TranslateCoords), minor code: 0
nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24 -oA /root/.local/share/legion/tmp/legion-7i77hysj-running/nmap/20221020142916285749-nmapstage1
{"time": "2022-10-20 14:29:17,261", "name": "Process 1 exited with code 1", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 844}}
{"time": "2022-10-20 14:29:18,299", "name": "Process 1 Crashed!", "level": "INFO", "data": {"logger_name": "legion"}, "context": {"module": "controller", "filename": "controller.py", "line": 807}}
Close Tab: 0

[sscottgvit]

@Elinas-of-Alba What nmap version do you have?

[Elinas-of-Alba]

@sscottgvit
nmap -v
Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 11:07 CEST
Read data files from: /snap/nmap/2721/usr/bin/../share/nmap
WARNING: No targets were specified, so 0 hosts scanned.
Nmap done: 0 IP addresses (0 hosts up) scanned in 0.08 seconds

Installed in snap as suggested in an other issue report

[sscottgvit]

@Elinas-of-Alba Interesting. Can you try the following in a root terminal:

nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24

Once done, if it doesn't crash, can you then run
echo $?

and let me know the result?

[Elinas-of-Alba]

──(root㉿Kali-EoA)-[~]
└─# nmap -T4 -sV -p T:80,81,443,4443,8080,8081,8082 192.168.178.0/24
Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 16:24 CEST
dnet: Failed to open device wlan0
QUITTING!

Interesting - without root it works.
──(elinas㉿Kali-EoA)-[~]
└─$ nmap 192.168.178.1
Starting Nmap 7.93 ( https://nmap.org ) at 2022-10-21 16:27 CEST
Nmap scan report for fritz.box (192.168.178.1)
Host is up (0.014s latency).
Not shown: 994 closed tcp ports (conn-refused)
PORT STATE SERVICE

[sscottgvit]

@Elinas-of-Alba Very odd. For the heck of it can you try:
sudo snap connect nmap:network-control

Then try nmap again as root?

[Elinas-of-Alba]

Ok fixed it. The problem is that snap doesn't connect to the network manager with root privileges. Solution - removed snap and things are working perfect now. Thanks for your quick support!!

[cs-hack4]

@sscottgvit how can i solve this

Traceback (most recent call last):
File "/usr/share/legion/ui/view.py", line 463, in callAddHosts
self.controller.addHosts(targetHosts=hostListEntry,
File "/usr/share/legion/app/timing.py", line 36, in wrap
result = f(*args, **kw)
File "/usr/share/legion/controller/controller.py", line 239, in addHosts
self.runStagedNmap(targetHosts, runHostDiscovery)
File "/usr/share/legion/controller/controller.py", line 760, in runStagedNmap
stageOpValues = stageDataSplit[1]
IndexError: list index out of range
zsh: IOT instruction legion

please help me !!!!!

[BetaMaxHeadroom]

Thank you so much. This seems to have resolved my issue.

[0xK3on]

@alm1931 @Snoopy34d @Elinas-of-Alba I fixed this issue by configs on my machine.

1. Run legion

2. Open Help -> Config

3. Replace the StagedNmapSettings section with the following parameters:

[StagedNmapSettings]
stage1-ports="PORTS|T:80,81,443,4443,8080,8081,8082"
stage2-ports="PORTS|T:25,135,137,139,445,1433,3306,5432,U:137,161,162,1434"
stage3-ports="NSE|vulners"
stage4-ports="PORTS|T:23,21,22,110,111,2049,3389,8080,U:500,5060"
stage5-ports="PORTS|T:0-20,24,26-79,81-109,112-134,136,138,140-442,444,446-1432,1434-2048,2050-3305,3307-3388,3390-5431,5433-8079,8081-29999"
stage6-ports="PORTS|T:30000-65535"

Happy hacking!

Thank you

[martinkenney]

Hi All

Having the same issue described here on version 0.3.9-1665098899. It seems to be either related to the BIND version of a server im scanning or the large return of the stage3 results. I can scan other systems that have port 53 open but different program and it does not crash.

Return of the one that crashes is
53/tcp open domain syb-ack ttl 63 ISC BIND 9.11.4-P2 (RedHat Enterprise Linux 7)
and a bunch of returns for vulners:

Return of one that does not crash is
53/tcp open domain syn-ack ttl 64 Unbound
and no returns for vulners:

I can import other nmap scans that have returns for other things with no issues, just this one system and BIND version.

Thank You