search

Dec0ne / KrbRelayUp

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
1.51k stars 202 forks source link

System.Runtime.InteropServices.COMException (0x80070721): A security package specific error occurred. #31

Open konghv opened 1 year ago

konghv commented 1 year ago

Hello Did anyone fix this issue?

PS C:\Users\normaluser\Desktop\kbrrelayUp_Debug\Debug> .\KrbRelayUp.exe relay -Domain local.domain -CreateNewComputerAccount -ComputerName fake6$ -ComputerPassword 123456$ KrbRelayUp - Relaying you to SYSTEM

[+] Rewriting function table [+] Rewriting PEB [+] Init COM server [+] Computer account "fake6$" added with password "123456$" [+] Register COM server [+] Forcing SYSTEM authentication [+] Got Krb Auth from NT/SYSTEM. Relying to LDAP now... [+] LDAP session established [-] LDAP connection failed System.Runtime.InteropServices.COMException (0x80070721): A security package specific error occurred.

A security package specific error occurred.

at KrbRelayUp.Relay.Ole32.CoGetInstanceFromIStorage(COSERVERINFO pServerInfo, Guid& pclsid, Object pUnkOuter, CLSCTX dwClsCtx, IStorage pstg, UInt32 cmq, MULTI_QI[] rgmqResults) at KrbRelayUp.Relay.Relay.Run() in C:\Users\admin.DESKTOP-8OHJG6I\Desktop\TMP\KrbRelayUp-main\KrbRelayUp\Relay\Relay.cs:line 159

bestrocker221 commented 1 year ago

Having same problem

wwwGeneral commented 1 year ago

Same here, I believe I have default configuration

strishin commented 9 months ago

Has anyone found a solution for this problem?

wwwGeneral commented 9 months ago

Has anyone found a solution for this problem?

It seems that KrbRelayUp.exe have been fixed in october 2022 with the possibility of create LDAP bind with DCOM. (tell me if i'm wrong) Source: https://twitter.com/_Imm0/status/1583187655222706177 (the whole discussion)

jannlemm0913 commented 5 months ago

For anyone playing around with the code and encountering this error: I get this error when I try to use an SPN with a specified port in it. Has most likely nothing to do with the issue encountered in the posts above, but if you google the error code, you might find this post.

Startr4ck commented 3 months ago

Has anyone found a solution for this problem?

It seems that KrbRelayUp.exe have been fixed in october 2022 with the possibility of create LDAP bind with DCOM. (tell me if i'm wrong) Source: https://twitter.com/_Imm0/status/1583187655222706177 (the whole discussion) Yes,After 2022.11.8 Patch . KrbRelayUp dead ,anyone read this can give up now.