search

DanMcInerney / icebreaker

Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
MIT License
1.18k stars 158 forks source link

RID Cycling fails #21

Open pwn-star opened 5 years ago

pwn-star commented 5 years ago

[] Checking for usernames. This may take a bit... [] Example command that will run: python2 /home/tester/Documents/icebreaker/submodules/ridenum/ridenum.py 10.3.10.43 500 50000 | tee -a logs/ridenum.log Traceback (most recent call last): File "./icebreaker.py", line 1602, in main(report, args) File "./icebreaker.py", line 1538, in main prev_creds, prev_users, domains = smb_reverse_brute(loop, hosts, args, passwords, prev_creds, prev_users, DCs) File "./icebreaker.py", line 618, in smb_reverse_brute ip_users, prev_users = get_usernames(ridenum_output, prev_users) File "./icebreaker.py", line 449, in get_usernames out_lines = host.splitlines() AttributeError: 'NoneType' object has no attribute 'splitlines'

pwn-star commented 5 years ago

output from ridenum.log:

[] Finished dumping users, saved to 10.3.10.43_users.txt. [] Attempting lsaquery first...This will enumerate the base domain SID [] Successfully enumerated base domain SID. Printing information: Domain Name: WORKGROUP Domain Sid: (NULL SID) [] Moving on to extract via RID cycling attack.. [] Enumerating user accounts.. This could take a little while. [] RIDENUM has finished enumerating user accounts... [] Attempting lsaquery first...This will enumerate the base domain SID [] Successfully enumerated base domain SID. Printing information: Domain Name: WORKGROUP Domain Sid: (NULL SID) [] Moving on to extract via RID cycling attack.. [] Enumerating user accounts.. This could take a little while. [] RIDENUM has finished enumerating user accounts... [] Attempting lsaquery first...This will enumerate the base domain SID [] Successfully enumerated base domain SID. Printing information: Domain Name: WORKGROUP Domain Sid: (NULL SID) [] Moving on to extract via RID cycling attack.. [] Enumerating user accounts.. This could take a little while. [] RIDENUM has finished enumerating user accounts... [] Attempting lsaquery first...This will enumerate the base domain SID [] Successfully enumerated base domain SID. Printing information: Domain Name: KBOX Domain Sid: (NULL SID) [] Moving on to extract via RID cycling attack.. [] Enumerating user accounts.. This could take a little while. [] RIDENUM has finished enumerating user accounts... [] Attempting lsaquery first...This will enumerate the base domain SID [] Successfully enumerated base domain SID. Printing information: Domain Name: WORKGROUP Domain Sid: (NULL SID) [] Moving on to extract via RID cycling attack.. [] Enumerating user accounts.. This could take a little while. [] RIDENUM has finished enumerating user accounts...