Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
Other
3.84k
stars
698
forks
source link
Execution fails if FIPS algorithms are enforced #119
Describe the bug
When "Use FIPS compliant algorithms for encryption, hashing, and signing" is enabled on the system (you can check this with the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy, and if Enabled = 1), Seatbelt throws the following exception:
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
To Reproduce
Steps to reproduce the behavior. Please include any applicable artifacts that we could use to replicate the issue(e.g. files, registry keys, screenshots, etc.)
Enable the GPO "Use FIPS compliant algorithms for encryption, hashing, and signing"
Run Seatbealt running all modules
Expected behavior
Seatbelt should run successfully
Observed behavior
Errors with
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
parzel
commented
1 year ago
Describe the bug When "Use FIPS compliant algorithms for encryption, hashing, and signing" is enabled on the system (you can check this with the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy, and if Enabled = 1), Seatbelt throws the following exception:
To Reproduce Steps to reproduce the behavior. Please include any applicable artifacts that we could use to replicate the issue(e.g. files, registry keys, screenshots, etc.)
Expected behavior Seatbelt should run successfully
Observed behavior Errors with
Additional Context See https://github.com/GhostPack/Rubeus/pull/66/files