search

Pennyw0rth / NetExec

The Network Execution Tool
https://netexec.wiki/
BSD 2-Clause "Simplified" License
2.57k stars 263 forks source link

SMB WINRM SSH password spraying reports the same error and cannot get the correct password #348

Open Ak74-577 opened 3 weeks ago

Ak74-577 commented 3 weeks ago 
\#nxc ssh 172.23.119.0/24 --port 22 -u root -p 'Abc123!@#'
\#nxc winrm 172.23.119.0/24 -d . -u administrator -p 'Abc123!@#'
\#nxc smb 172.23.119.0/24 -d . -u administrator -p 'Abc123!@#'

[11:10:59] ERROR    Exception while calling proto_flow() on target 172.23.119.52: (sqlite3.OperationalError) near "ON": syntax error                                                   ]8;id=49900;file:///root/.local/pipx/venvs/netexec/lib/python3.10/site-packages/nxc/connection.py\connection.py]8;;\:]8;id=439117;file:///root/.local/pipx/venvs/netexec/lib/python3.10/site-packages/nxc/connection.py#168\168]8;;\
                    [SQL: INSERT INTO hosts (ip, hostname, domain, os, dc, smbv1, signing, spooler, zerologon, petitpotam) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?) ON CONFLICT (id) DO                    
                    UPDATE SET ip = excluded.ip, hostname = excluded.hostname, domain = excluded.domain, os = excluded.os, dc = excluded.dc, smbv1 = excluded.smbv1, signing =                          
                    excluded.signing, spooler = excluded.spooler, zerologon = excluded.zerologon, petitpotam = excluded.petitpotam]                                                                     
                    [parameters: ('172.23.119.52', 'DC02', '.', 'Windows 10 / Server 2019 Build 17763', None, 0, 1, None, None, None)]                                                                  
                    (Background on this error at: https://sqlalche.me/e/20/e3q8)

EDIT BY @NeffIsBack: Formating

NeffIsBack commented 3 weeks ago

What is your OS and NetExec version? Please also provide the output of your terminal encoding, you can get it like this: image

NeffIsBack commented 3 weeks ago

Do you know if the domain you are running this command against could have non ascii characters? Like öäü for example

Ak74-577 commented 2 weeks ago

Snipaste_2024-06-18_22-14-53

Ak74-577 commented 2 weeks ago

Snipaste_2024-06-18_22-17-42

Marshall-Hallenbeck commented 2 weeks ago

Weird, it looks like a different error in that newest screenshot. @Ak74-577 can you delete the workspace via rm -rf ~/.nxc/workspaces/{YOURWORKSPACENAME} and try again? The first error was a CONFLICT on the id which doesn't make any sense.