Name is required.
Email address is required.
Invalid email address
Answer is required.
Exceeding max length of 5KB

Re-running a 1.0.06beta Enterprise installer shows an error backing up the agent config

Ilguiz Latypov Oct 24, 2018 06:53PM UTC

In Static members:
In action "Backup agent.config file [Run script]" (screen "Installation location"), property "Script":
java.nio.file.InvalidPathException: Illegal char <:> at index 10: ${compiler:release.version}
at java.base/sun.nio.fs.WindowsPathParser.normalize(WindowsPathParser.java:182)
at java.base/sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:153)
at java.base/sun.nio.fs.WindowsPathParser.parse(WindowsPathParser.java:77)
at java.base/sun.nio.fs.WindowsPath.parse(WindowsPath.java:92)
at java.base/sun.nio.fs.WindowsFileSystem.getPath(WindowsFileSystem.java:229)
at java.base/java.nio.file.Path.resolve(Path.java:402)
at com.install4j.script.I4jScript_Internal_0.backupConfigFile(I4jScript_Internal_0.java:132)
at com.install4j.script.I4jScript_Internal_165.eval(I4jScript_Internal_165.java:1)
at com.install4j.script.I4jScript_Internal_165.evaluate(I4jScript_Internal_165.java:*24)
at com.install4j.runtime.installer.helper.Script.evaluate(Script.java:33)
at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:201)
at com.install4j.runtime.installer.ContextImpl.runScript(ContextImpl.java:195)
at com.install4j.runtime.beans.actions.control.RunScriptAction.execute(RunScriptAction.java:34)
at com.install4j.runtime.beans.actions.SystemInstallOrUninstallAction.install(SystemInstallOrUninstallAction.java:29)
at com.install4j.runtime.installer.ContextImpl$9.executeAction(ContextImpl.java:1701)
at com.install4j.runtime.installer.ContextImpl$9.fetchValue(ContextImpl.java:1692)
at com.install4j.runtime.installer.ContextImpl$9.fetchValue(ContextImpl.java:1689)
at com.install4j.runtime.installer.helper.comm.actions.FetchObjectAction.execute(FetchObjectAction.java:14)
at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionDirect(HelperCommunication.java:271)
at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionInt(HelperCommunication.java:246)
at com.install4j.runtime.installer.helper.comm.HelperCommunication.executeActionChecked(HelperCommunication.java:184)
at com.install4j.runtime.installer.helper.comm.HelperCommunication.fetchObjectChecked(HelperCommunication.java:167)
at com.install4j.runtime.installer.ContextImpl.performActionIntStatic(ContextImpl.java:1689)
at com.install4j.runtime.installer.InstallerContextImpl.performActionInt(InstallerContextImpl.java:159)
at com.install4j.runtime.installer.ContextImpl.performAction(ContextImpl.java:1114)
at com.install4j.runtime.installer.controller.Controller.executeAction(Controller.java:380)
at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:346)
at com.install4j.runtime.installer.controller.Controller.executeActionGroup(Controller.java:417)
at com.install4j.runtime.installer.controller.Controller.executeActions(Controller.java:351)
at com.install4j.runtime.installer.controller.Controller.handleCommand(Controller.java:207)
at com.install4j.runtime.installer.controller.Controller.start(Controller.java:106)
at com.install4j.runtime.installer.Installer.runInProcess(Installer.java:58)
at com.install4j.runtime.installer.Installer.main(Installer.java:45)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:564)
at com.exe4j.runtime.LauncherEngine.launch(LauncherEngine.java:85)
at com.exe4j.runtime.WinLauncher.main(WinLauncher.java:94)
at com.install4j.runtime.launcher.WinLauncher.main(WinLauncher.java:25)


Ilguiz Latypov Oct 24, 2018 06:53PM UTC
$ cat enterpriseAgent/1.0.05beta-869/agent.config
{
"enterprise_server" : {
"url" : "https://localhost:8072",
"https_client_configuration" : {
"keystore" : {
"location" : "D:/burpsuite_enterprise/data/data/keystores/agent.keystore",
"password" : "keystorepassword"
},
"truststore" : {
"location" : "D:/burpsuite_enterprise/data/data/keystores/agent.keystore",
"password" : "keystorepassword"
}
},
"fingerprint" : "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxizqFfT6OGe4o5VY55NEX9jLl4sfB55dCCaKLKhEVc6cwELNPyuOSBg128WFZCTKVvIZx6G/73BngMJbjugzrLVx9YxlEAVb8nfheDzXgIdfxMPxHU9Tkdox+281id+6Hlt1ESqlTUoITAt6Q8/33wxB15T/7fu57Xi/evLkbp+OGYLAl8xGrAThmmvuowdeqnvf8f/nBqcovSro44PzXbPWiOM+gKs/rRJ/c8Asbju8JqjLEv+h41cWXYedYm69uPg6v8qGKEqIAJb5wV86vfkDR98EO+Z9bOCnOB3Lr+pFWydIdH88JazO2wmcK4Y1FwDIh2R2Zc6BTYqkx5CYCQIDAQAB"
},
"burp_download_path" : "D:/burpsuite_enterprise/burp",
"port" : 8095
}
latypil@MLISCCLDA0143 /cygdrive/d/burpsuite_enterprise
$ cat enterpriseAgent/1.0.06beta/agent.config
{
"enterprise_server":
{
"url":"https://${installer:enterprise_server_address}:8072",
"https_client_configuration":
{
"keystore":
{
"location":"${installer:escapedDataDir}/data/keystores/agent.keystore",
"password":"keystorepassword"
},
"truststore":
{
"location":"${installer:escapedDataDir}/data/keystores/agent.keystore",
"password":"keystorepassword"
}
}
},
"linux_preference_store_path": "${installer:escapedDataDir}",
"port": ${compiler:default_agent_port},
"burp_download_path": "${installer:escapedInstallationDir}/burp",
"data_path": "${installer:escapedDataDir}",
"version": 1
}

Andrew Whitehead Oct 25, 2018 09:04AM UTC Support Center agent

Hi Ilguiz,

Could you please let me know a little more about your installation? Which version of Windows are you using? What actions did you take before re-running the 1.0.06beta installer? I can see you have had problems upgrading from 1.0.05beta also, was that the same installation?

In the mean time, to get you back up and running I’d recommend performing a clean install. If you’re using the embedded database you should be able to re-use your data directory so there is no data loss.


Ilguiz Latypov Oct 30, 2018 02:46PM UTC
Windows Server 2008 R2 Service Pack 1. It is managed by active directory policies, and I am not sure which of the local admin rights my domain account has on it. It appears to have received some additional lockdown recently, as well as a forced Symantec Enterprise agent. The installer takes a few minutes to start and to proceed at the end of the "Extracting files..." phase (and I wonder if Symantec takes time to scan it).

I followed the message from Portswigger on deactivating 1.0.05 before installing 1.0.06 on top of it. (I might have tried running 1.0.07 first without reading much into the message, so I canceled that and ran the 1.0.06 install).

The clean install fails with the StackOverflowError (plus, due to an annoying bug in Windows Remote Desktop, my re-connecting to the session gets disconnected immediately, which may or may not be related to my running the installer as a local Administrator. I figured I could work this around using a remote qwinsta /server:SERVERNAME to find the session ID against my user name, then using rwinsta /server:SERVERNAME SESSIONID to kill my session).

Exception:

java.lang.StackOverflowError
at java.prefs/java.util.prefs.WindowsPreferencesFactory.userRoot(WindowsPreferencesFactory.java:42)
at java.prefs/java.util.prefs.Preferences.userRoot(Preferences.java:457)
at java.prefs/java.util.prefs.AbstractPreferences$1.run(AbstractPreferences.java:1070)
at java.prefs/java.util.prefs.AbstractPreferences$1.run(AbstractPreferences.java:1068)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.prefs/java.util.prefs.AbstractPreferences.isUserNode(AbstractPreferences.java:1067)
at java.prefs/java.util.prefs.WindowsPreferences.rootNativeHandle(WindowsPreferences.java:1119)
at java.prefs/java.util.prefs.WindowsPreferences.<init>(WindowsPreferences.java:461)
at java.prefs/java.util.prefs.WindowsPreferences.getUserRoot(WindowsPreferences.java:102)
at java.prefs/java.util.prefs.WindowsPreferencesFactory.userRoot(WindowsPreferencesFactory.java:42)
at java.prefs/java.util.prefs.Preferences.userRoot(Preferences.java:457)
at java.prefs/java.util.prefs.AbstractPreferences$1.run(AbstractPreferences.java:1070)
at java.prefs/java.util.prefs.AbstractPreferences$1.run(AbstractPreferences.java:1068)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.prefs/java.util.prefs.AbstractPreferences.isUserNode(AbstractPreferences.java:1067)

Ilguiz Latypov Nov 07, 2018 03:04PM UTC
I worked around the session kicking issue that seems related to a Windows Server bug,

https://serverfault.com/questions/700280/the-desktop-window-manager-has-exited-with-code-0x40010004

but the StackOverflowError (separated into another Portswigger report) keeps popping on clean installations in my locked-down machine. Next time if I get my hands on the Enterprise license, I will try a Linux VM.

https://support.portswigger.net/customer/en/portal/questions/17412178-stackoverflowerror-running-the-1-6beta-enterprise-installer

Post Your public answer

Your name
Your email address
Answer