search

BloodHoundAD / AzureHound

Azure Data Exporter for BloodHound
GNU General Public License v3.0
561 stars 77 forks source link

Enhance documentation and error messaging for start subcommand #15

Open PenFr opened 2 years ago

PenFr commented 2 years ago

Hi, I always get a tcp error: Connection cant be established, Host denies connection.

I tried the precomipled binary and self compiled binarys on windows and linux. Even on different computers and with different login methods. Poking arround in the code it seems its trying to establish a connection to a blank host - wich obv. fails but i cant find the reason for it.

Any help would be appreciated :)

Edit: running it directly (-u "user@" -p "pwd") and not over the configfile seems to work!

ddlees commented 2 years ago

@PenFr Can you provided the exact steps you're taking to reproduce this issue and provide any logs (sensitive data redacted)?

x41x4a commented 1 year ago

@ddlees I'm seeing something similar. I'm trying to run azurehound with a certificate-based auth config as shown below. The output makes it look like it's trying to connect to an empty/null targetUrl.

Error message:

AzureHound v1.2.3
Created by the BloodHound Enterprise team - https://bloodhoundenterprise.io

2023-02-02T22:21:19Z DBG Config File: /root/.config/azurehound/config.json
2023-02-02T22:21:19Z DBG testing connections
2023-02-02T22:21:19Z TRC dialing... targetUrl=https://login.microsoftonline.com
2023-02-02T22:21:20Z TRC dialing... targetUrl=https://graph.microsoft.com
2023-02-02T22:21:21Z TRC dialing... targetUrl=https://management.azure.com
2023-02-02T22:21:25Z TRC dialing... targetUrl=
2023-02-02T22:21:25Z ERR encountered unrecoverable error error="dial tcp :443: connect: connection refused"

Example config.json:

{
  "access-types": [],
  "app": "<removed>",
  "auth": "",
  "cert": "/opt/cert.pem",
  "config": "/root/.config/azurehound/config.json",
  "graph": "",
  "instance": "",
  "json": false,
  "jwt": "",
  "key": "/opt/key.pem",
  "keypass": "<removed>",
  "log-file": "",
  "mgmt": "",
  "mgmtgroupid": [],
  "output": "",
  "password": "",
  "proxy": "",
  "refresh-token": "",
  "region": "cloud",
  "secret": "",
  "subscriptionid": [],
  "tenant": "<removed>",
  "token": "",
  "tokenid": "",
  "username": "",
  "verbosity": 0
}
ddlees commented 1 year ago

@x41x4a Are you executing azurehound list or azurehound start?

The start subcommand is specifically for BloodHound Enterprise and requires that instance provide a valid URL to a BloodHound Enterprise instance.

If you are not targeting a BloodHound Enterprise instance then you should use the list subcommand instead.

Note to self: enhance documentation and error messaging

x41x4a commented 1 year ago

@x41x4a Are you executing azurehound list or azurehound start?

The start subcommand is specifically for BloodHound Enterprise and requires that instance provide a valid URL to a BloodHound Enterprise instance.

If you are not targeting a BloodHound Enterprise instance then you should use the list subcommand instead.

Note to self: enhance documentation and error messaging

Thanks for pointing that out. That seems to have fixed it.

ddlees commented 1 year ago

Acceptance Criteria