search

byt3bl33d3r / CrackMapExec

A swiss army knife for pentesting networks
BSD 2-Clause "Simplified" License
8.45k stars 1.64k forks source link

cme smb error: IsADirectoryError: [Errno 21] Is a directory: '10.10.10.149' #406

Closed metasploit-ruined-my-life closed 4 years ago

metasploit-ruined-my-life commented 4 years ago

the issue template is not suits with my problem. i'm gonna explain straightforward.

1- installation was really tough part on me. i think there's no need to explain that part. my final route was wiki installation page / kali-parrot section. so my version is latest.

2- linux version: 5.7.0-kali1-amd64 (devel@kali.org) (gcc version 9.3.0 (Debian 9.3.0-14), GNU ld (GNU Binutils for Debian) 2.34) #1 SMP Debian 5.7.6-1kali2 (2020-07-01)

3- i'm trying to solve a htb box. cme code at official htb walkthrough is: image

4- when i try to execute same code i get:

root@kali:~/Downloads# cme smb 10.10.10.149 -u hazard -p stealth1agent --rid-brute Traceback (most recent call last): File "/usr/local/bin/cme", line 33, in sys.exit(load_entry_point('crackmapexec==5.1.0.dev0', 'console_scripts', 'cme')()) File "/usr/local/lib/python3.8/dist-packages/crackmapexec-5.1.0.dev0-py3.8.egg/cme/crackmapexec.py", line 102, in main target_file_type = identify_target_file(target) File "/usr/local/lib/python3.8/dist-packages/crackmapexec-5.1.0.dev0-py3.8.egg/cme/helpers/misc.py", line 9, in identify_target_file with open(target_file, 'r') as target_file_handle: IsADirectoryError: [Errno 21] Is a directory: '10.10.10.149'

5- when i'm writing this issue, i find a way. if i change query to cme smb 10.10.10.149/32 -u hazard -p stealth1agent --rid-brute i get this output:

root@kali:~/Downloads# cme smb 10.10.10.149/32 -u hazard -p stealth1agent --rid-brute SMB 10.10.10.149 445 SUPPORTDESK [*] Windows 10.0 Build 17763 x64 (name:SUPPORTDESK) (domain:SupportDesk) (signing:False) (SMBv1:False) SMB 10.10.10.149 445 SUPPORTDESK [+] SupportDesk\hazard:stealth1agent SMB 10.10.10.149 445 SUPPORTDESK [+] Brute forcing RIDs SMB 10.10.10.149 445 SUPPORTDESK 500: SUPPORTDESK\Administrator (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 501: SUPPORTDESK\Guest (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 503: SUPPORTDESK\DefaultAccount (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 504: SUPPORTDESK\WDAGUtilityAccount (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 513: SUPPORTDESK\None (SidTypeGroup) SMB 10.10.10.149 445 SUPPORTDESK 1008: SUPPORTDESK\Hazard (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 1009: SUPPORTDESK\support (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 1012: SUPPORTDESK\Chase (SidTypeUser) SMB 10.10.10.149 445 SUPPORTDESK 1013: SUPPORTDESK\Jason (SidTypeUser)

6- adding subnet part is really itchy because if i put /64, i get zero output. i couln't find anything if it's intended usage of cme. i'd like to learn if it's intended or i'd like to report it if it's a bug.

thank you

edit:

7- adding subnet is not giving correct id-pass output as htb walkthrough. can't run without subnet because of main issue: image

root@kali:~/Downloads# cme smb 10.10.10.149/32 -u su.txt -p sp.txt SMB 10.10.10.149 445 SUPPORTDESK [] Windows 10.0 Build 17763 x64 (name:SUPPORTDESK) (domain:SupportDesk) (signing:False) (SMBv1:False) SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Administrator:stealth1agent STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Administrator:$uperP@ssword STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Administrator:Q4)sJu\Y8qzA3?d STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Guest:stealth1agent STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Guest:$uperP@ssword STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\Guest:Q4)sJu\Y8qzA3?d STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\DefaultAccount:stealth1agent STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\DefaultAccount:$uperP@ssword STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\DefaultAccount:Q4)sJu\Y8qzA3?d STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\WDAGUtilityAccount:stealth1agent STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\WDAGUtilityAccount:$uperP@ssword STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\WDAGUtilityAccount:Q4)sJu\Y8qzA3?d STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\None:stealth1agent STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\None:$uperP@ssword STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [-] SUPPORTDESK\None:Q4)sJu\Y8qzA3?d STATUS_LOGON_FAILURE SMB 10.10.10.149 445 SUPPORTDESK [+] SUPPORTDESK\Hazard:stealth1agent

mpgn commented 4 years ago

You probably have a file or directory called "10.10.10.149" in the cme directory.

image

metasploit-ruined-my-life commented 4 years ago

You probably have a file or directory called "10.10.10.149" in the cme directory.

image

shame on me.. i didn't even thought of cme would start from git clone folder instead installed directory. my git clone at downloads directory caused it. i actually burnt about 6 hours for solving this issue until your reply.. thank you so much for your answer. i'm closing issue.