CME 5.0.2.dev0 path should be string error on file of passwords

[leejamison]

When I first installed CME it worked flawlessly when I used it for SMB testing. Somehow it appears it got upgraded (or something did) and I'm unsure of how to fix it.

Steps to produce:

1. Run CME with crackmapexec smb -u john -p ~/master-passwords.txt *IP_HERE*
2. Receive the following error message

Traceback (most recent call last): File "/usr/local/bin/crackmapexec", line 11, in <module> load_entry_point('crackmapexec==5.0.2.dev0', 'console_scripts', 'crackmapexec')() File "/usr/local/lib/python3.8/dist-packages/crackmapexec-5.0.2.dev0-py3.8.egg/cme/crackmapexec.py", line 77, in main if os.path.exists(passw): File "/usr/lib/python3.8/genericpath.py", line 19, in exists os.stat(path) TypeError: stat: path should be string, bytes, os.PathLike or integer, not _io.TextIOWrapper

OS: Linux kali 5.6.0-kali2-amd64 #1 SMP Debian 5.6.14-1kali1 (2020-05-25) x86_64 GNU/Linux Python3 version installed: 3.8.3

Please help! Let me know if there's any more system info you need from me

[mpgn]

This is simple, you didn't read the documentation

https://mpgn.gitbook.io/crackmapexec/smb-protocol/password-spraying

crackmapexec smb IP_HERE -u john -p ~/master-passwords.txt

[leejamison]

Ah, that worked. I see where the confusion happened..haven't used CME in a while and forgot the syntax and just used cme smb --help which indicates in the terminal that the target goes after the other switches

kali@kali:~$ cme smb --help usage: cme smb [-h] [-id CRED_ID [CRED_ID ...]] [-u USERNAME [USERNAME ...]] [-p PASSWORD [PASSWORD ...]] [-k] [--aesKey] [--kdcHost] [--gfail-limit LIMIT | --ufail-limit LIMIT | --fail-limit LIMIT] [-M MODULE] [-o MODULE_OPTION [MODULE_OPTION ...]] [-L] [--options] [--server {https,http}] [--server-host HOST] [--server-port PORT] [-H HASH [HASH ...]] [--no-bruteforce] [-d DOMAIN | --local-auth] [--port {139,445}] [--share SHARE] [--gen-relay-list OUTPUT_FILE] [--continue-on-success] [--sam | --lsa | --ntds [{vss,drsuapi}]] [--shares] [--sessions] [--disks] [--loggedon-users] [--users [USER]] [--groups [GROUP]] [--local-groups [GROUP]] [--pass-pol] [--rid-brute [MAX_RID]] [--wmi QUERY] [--wmi-namespace NAMESPACE] [--spider SHARE] [--spider-folder FOLDER] [--content] [--exclude-dirs DIR_LIST] [--pattern PATTERN [PATTERN ...] | --regex REGEX [REGEX ...]] [--depth DEPTH] [--only-files] [--put-file FILE FILE] [--get-file FILE FILE] [--exec-method {mmcexec,atexec,wmiexec,smbexec}] [--force-ps32] [--no-output] [-x COMMAND | -X PS_COMMAND] [--obfs] [--clear-obfscripts] [target [target ...]]

So it appears it was a case of a contradiction between the help function indicating the format and the documentation indicating another. Thank you for your help :)

[mpgn]

True, I will update that :)

[leejamison]

Glad to help! Always feels good to contribute to great projects. CME is a lifesaver :)