search

byt3bl33d3r / CrackMapExec

A swiss army knife for pentesting networks
BSD 2-Clause "Simplified" License
8.36k stars 1.64k forks source link

Error while launching Empire with CrackMapExec #192

Closed str4n63r closed 4 years ago

str4n63r commented 7 years ago

Steps Performed -- Created Empire Rest API call on a custom port and updated .~/cme.conf accordingly

Command string used -- crackmapexec smb 10.0.0.1 -d domain -u admin -p password --server-port=445 -M empire_exec -o LISTENER=http1

CME verbose output (using the --verbose flag)

Traceback (most recent call last): File "/usr/local/bin/crackmapexec", line 11, in load_entry_point('crackmapexec==4.0.0.dev0', 'console_scripts', 'crackmapexec')() File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/crackmapexec.py", line 151, in main module = loader.init_module(props['path']) File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/loaders/module_loader.py", line 96, in init_module module.options(context, module_options) File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/modules/empire_exec.py", line 50, in options self.empire_launcher = r.json()['multi/launcher']['Output'] KeyError: 'multi/launcher'

OS -- Kali Linux 2016 R2 (32-Bit)

Detailed issue explanation -- Received above error while launching empire_exec module from CME

Help appreciated. Thanks in advance.

byt3bl33d3r commented 7 years ago

@str4n63r what empire version are you using?

str4n63r commented 7 years ago

@byt3bl33d3r Latest pull from Github

It's v2.0

schniggie commented 7 years ago

Having the same issue:

sudo crackmapexec smb IPs.txt -u User -H 12345678902bbbe760ea1f1234567890 -M empire_exec -o LISTENER=CME

Result:

Traceback (most recent call last):
  File "/usr/bin/crackmapexec", line 11, in <module>
    load_entry_point('crackmapexec==3.1.5', 'console_scripts', 'crackmapexec')()
  File "/usr/lib/python2.7/dist-packages/cme/crackmapexec.py", line 219, in main
    module, context, server = loader.init_module(modules[m]['path'])
  File "/usr/lib/python2.7/dist-packages/cme/moduleloader.py", line 82, in init_module
    module.options(context, module_options)
  File "/usr/lib/python2.7/dist-packages/cme/modules/empire_exec.py", line 46, in options
    self.empire_launcher = r.json()['launcher']['Output']
KeyError: 'launcher'

CME is from current Kali-rolling and Empire is from Github today.

dinvisible1 commented 6 years ago

edited: however if ran from /usr/bin/crackmapexec it works with out any errors

same issue with out the Empire part,

root@kali:/opt/CrackMapExec# cme Traceback (most recent call last): File "/usr/local/bin/cme", line 11, in load_entry_point('crackmapexec==4.0.0.dev0', 'console_scripts', 'cme')() File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/crackmapexec.py", line 33, in main args = gen_cli_args() File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/cli.py", line 67, in gen_cli_args protocol_object = p_loader.load_protocol(protocols[protocol]['path']) File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/loaders/protocol_loader.py", line 12, in load_protocol protocol = imp.load_source('protocol', protocol_path) File "/usr/local/lib/python2.7/dist-packages/crackmapexec-4.0.0.dev0-py2.7.egg/cme/protocols/smb.py", line 30, in from pywerview.cli.helpers import File "/usr/local/lib/python2.7/dist-packages/gevent-1.2.2-py2.7-linux-x86_64.egg/gevent/builtins.py", line 93, in import result = _import(args, **kwargs) ImportError: No module named pywerview.cli.helpers

CME is from current Kali-rolling

swarleysez commented 6 years ago

Any update to this? Using CME 3.1.5 from Kali repo and Empire 2.0. Using the absolute path (/usr/bin/crackmapexec) doesn't work for me.

0xSeanG commented 6 years ago

Having the same issue:

CME Version: 3.1.5 Codename: 'Smidge'

Rolling Kali confirmed current 30NOV17 (apt-get update, apt-get upgrade, apt-get dist-upgrade)

Errors: 

~/CrackMapExec/cme# crackmapexec [IP] -u "USER" -p "PASS" -d "DOMAIN" -M empire_exec -o LISTENER=listener
Traceback (most recent call last):
  File "/usr/local/bin/crackmapexec", line 11, in <module>
    sys.exit(main())
  File "/usr/local/lib/python2.7/dist-packages/cme/crackmapexec.py", line 219, in main
    module, context, server = loader.init_module(modules[m]['path'])
  File "/usr/local/lib/python2.7/dist-packages/cme/moduleloader.py", line 82, in init_module
    module.options(context, module_options)
  File "/usr/local/lib/python2.7/dist-packages/cme/modules/empire_exec.py", line 42, in options
    token = r.json()['token']
  File "/usr/lib/python2.7/dist-packages/requests/models.py", line 894, in json
    return complexjson.loads(self.text, **kwargs)
  File "/usr/lib/python2.7/dist-packages/simplejson/__init__.py", line 517, in loads
    return _default_decoder.decode(s)
  File "/usr/lib/python2.7/dist-packages/simplejson/decoder.py", line 370, in decode
    obj, end = self.raw_decode(s)
  File "/usr/lib/python2.7/dist-packages/simplejson/decoder.py", line 400, in raw_decode
    return self.scan_once(s, idx=_w(s, idx).end())
simplejson.errors.JSONDecodeError: Expecting value: line 1 column 1 (char 0)
Bal33p commented 6 years ago

Same Here. Mac High Sierra 10.13.3 Version 3.1.5 'Smidge' lan1ak3as-mbp:Applications ***$ sudo cme smb [IP] -u [UNAME] -p [PW] -M empire_exec -o LISTENER=empire Traceback (most recent call last): File "/usr/local/bin/cme", line 11, in sys.exit(main()) File "/Users//Library/Python/2.7/lib/python/site-packages/cme/crackmapexec.py", line 219, in main module, context, server = loader.init_module(modules[m]['path']) File "/Users//Library/Python/2.7/lib/python/site-packages/cme/moduleloader.py", line 82, in init_module module.options(context, module_options) File "/Users//Library/Python/2.7/lib/python/site-packages/cme/modules/empire_exec.py", line 46, in options self.empire_launcher = r.json()['launcher']['Output'] KeyError: 'launcher'

byt3bl33d3r commented 6 years ago

I'll take a look at this now. This is probably happening cause Empire changed it's API again.

kylesmithit commented 6 years ago

Thank you @byt3bl33d3r for your dedication in keeping up with the API!

intrudir commented 5 years ago

Hi, same exact issue as all those above. Still no fix?

After running: crackmapexec 10.10.10.100 -u User -p Password -M empire_exec -o LISTENER=meterpreter

the error I get: Traceback (most recent call last): File "/usr/bin/crackmapexec", line 11, in load_entry_point('crackmapexec==3.1.5', 'console_scripts', 'crackmapexec')() File "/usr/lib/python2.7/dist-packages/cme/crackmapexec.py", line 219, in main module, context, server = loader.init_module(modules[m]['path']) File "/usr/lib/python2.7/dist-packages/cme/moduleloader.py", line 82, in init_module module.options(context, module_options) File "/usr/lib/python2.7/dist-packages/cme/modules/empire_exec.py", line 46, in options self.empire_launcher = r.json()['launcher']['Output'] KeyError: 'launcher'

On the empire side, I get this: 127.0.0.1 - - [03/Oct/2018 11:03:47] "POST /api/stagers?token=[token] HTTP/1.1" 404 -

the listener is indeed listening, double checked the settings on the listener. I do notice that I can't even nc to the IP:port of the listener. COnnection refused. So its as if the listener isnt really listening for some reason. And yes, I am using the --rest api switch, and have configured the user / pass in cme.conf

I am on HackTheBox network. Is it that the listeners dont work when going through tun0?

hausec commented 5 years ago

Also having this issue. Running it from /usr/bin doesn't work either.

holyshift commented 5 years ago

in Kali for KeyError: 'launcher', i had the same issue here is what i did : 1 - open /usr/lib/python2.7/dist-packages/cme/modules/empire_exec.py 2- in ligne 44 replace "launcher" with an empire stager like "windows/dll" for exemple 3- in line 46 : replace "self.empire_launcher = r.json()['launcher']['Output']" ===> self.empire_launcher = r.json()['windows/dll']['Output'] try launching CME now, good luck

hausec commented 5 years ago

in Kali for KeyError: 'launcher', i had the same issue here is what i did : 1 - open /usr/lib/python2.7/dist-packages/cme/modules/empire_exec.py 2- in ligne 44 replace "launcher" with an empire stager like "windows/dll" for exemple 3- in line 46 : replace "self.empire_launcher = r.json()['launcher']['Output']" ===> self.empire_launcher = r.json()['windows/dll']['Output'] try launching CME now, good luck

That worked. Thanks!

mpgn commented 4 years ago

Someone have tested with this project ? https://github.com/BC-SECURITY/Empire/

mpgn commented 4 years ago

Closing, follow issue (empire and metasploit module ) #357