Closed init5-SF closed 3 years ago
How we can help?!!
On Thu, 13 May 2021, 11:33 PM init5-msft, @.***> wrote:
Hello,
Describe the bug I am testing both the stand alone binary and the crackmapexec installation (using apt install)
To Reproduce
Running the binary (./cme) throws this no matter the parameters:
└─# ./cme
Traceback (most recent call last):
File "/opt/./cme/_bootstrap/init.py", line 74, in import_string
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/cme/init.py", line 1, in
from gevent import monkey
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/init.py", line 86, in
from gevent._hub_local import get_hub
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_hub_local.py", line 101, in
import_c_accel(globals(), 'gevent.__hub_local')
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_util.py", line 115, in import_c_accel
mod = importlib.import_module(cname)
File "/usr/lib/python3.9/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
ModuleNotFoundError: No module named 'gevent._gevent_c_hub_local'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/opt/./cme/_bootstrap/init.py", line 74, in import_string
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/cme/init.py", line 1, in
from gevent import monkey
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/init.py", line 86, in
from gevent._hub_local import get_hub
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_hub_local.py", line 101, in
import_c_accel(globals(), 'gevent.__hub_local')
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_util.py", line 115, in import_c_accel
mod = importlib.import_module(cname)
File "/usr/lib/python3.9/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
ModuleNotFoundError: No module named 'gevent._gevent_c_hub_local'
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/lib/python3.9/runpy.py", line 197, in _run_module_as_main
return _run_code(code, main_globals, None,
File "/usr/lib/python3.9/runpy.py", line 87, in _run_code
exec(code, run_globals)
File "/opt/./cme/main.py", line 3, in
File "/opt/./cme/_bootstrap/init.py", line 233, in bootstrap
File "/opt/./cme/_bootstrap/init.py", line 79, in import_string
File "/opt/./cme/_bootstrap/init.py", line 79, in import_string
File "/opt/./cme/_bootstrap/init.py", line 57, in import_string
File "/usr/lib/python3.9/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "
", line 1030, in _gcd_import File "
", line 1007, in _find_and_load File "
", line 986, in _find_and_load_unlocked File "
", line 680, in _load_unlocked File "
", line 790, in exec_module File "
", line 228, in _call_with_frames_removed File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/cme/init.py", line 1, in
from gevent import monkey
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/init.py", line 86, in
from gevent._hub_local import get_hub
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_hub_local.py", line 101, in
import_c_accel(globals(), 'gevent.__hub_local')
File "/root/.shiv/cme_e41a85cab985f88d51c428f4c4336972a223c722d2c45c2aaefeefa03f421c5a/site-packages/gevent/_util.py", line 115, in import_c_accel
mod = importlib.import_module(cname)
File "/usr/lib/python3.9/importlib/init.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
ModuleNotFoundError: No module named 'gevent._gevent_c_hub_local'
Running the installed version works fine with password/hash authentication, but breaks once the --kerberos option is used:
└─# proxychains -q crackmapexec smb 172.20.20.20 --kerberos 1 ⨯
SMB 172.16.66.168 445 DC01 [*] Windows 10.0 Build 17763 x64 (name:DC01) (domain:corp.com) (signing:True) (SMBv1:False)
Traceback (most recent call last):
File "/usr/lib/python3/dist-packages/impacket/krb5/kerberosv5.py", line 60, in sendReceive
s.connect(sa)
ConnectionRefusedError: [Errno 111] Connection refused
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/crackmapexec", line 33, in
sys.exit(load_entry_point('crackmapexec==5.1.4.dev0', 'console_scripts', 'crackmapexec')())
File "/usr/lib/python3/dist-packages/cme/crackmapexec.py", line 272, in main
asyncio.run(
File "/usr/lib/python3.9/asyncio/runners.py", line 44, in run
return loop.run_until_complete(main)
File "/usr/lib/python3.9/asyncio/base_events.py", line 642, in run_until_complete
return future.result()
File "/usr/lib/python3/dist-packages/cme/crackmapexec.py", line 102, in start_threadpool
await asyncio.gather(*jobs)
File "/usr/lib/python3/dist-packages/cme/crackmapexec.py", line 68, in run_protocol
await asyncio.wait_for(
File "/usr/lib/python3.9/asyncio/tasks.py", line 442, in wait_for
return await fut
File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run
result = self.fn(*self.args, **self.kwargs)
File "/usr/lib/python3/dist-packages/cme/protocols/smb.py", line 121, in init
connection.__init__(self, args, db, host)
File "/usr/lib/python3/dist-packages/cme/connection.py", line 59, in init
self.proto_flow()
File "/usr/lib/python3/dist-packages/cme/connection.py", line 95, in proto_flow
if self.login() or (self.username == '' and self.password == ''):
File "/usr/lib/python3/dist-packages/cme/connection.py", line 158, in login
if self.kerberos_login(self.aesKey, self.kdcHost): return True
File "/usr/lib/python3/dist-packages/cme/protocols/smb.py", line 271, in kerberos_login
self.conn.kerberosLogin('', '', self.domain, self.lmhash, self.nthash, aesKey, kdcHost)
File "/usr/lib/python3/dist-packages/impacket/smbconnection.py", line 348, in kerberosLogin
return self._SMBConnection.kerberosLogin(user, password, domain, lmhash, nthash, aesKey, kdcHost, TGT,
File "/usr/lib/python3/dist-packages/impacket/smb3.py", line 678, in kerberosLogin
tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
File "/usr/lib/python3/dist-packages/impacket/krb5/kerberosv5.py", line 425, in getKerberosTGS
r = sendReceive(message, domain, kdcHost)
File "/usr/lib/python3/dist-packages/impacket/krb5/kerberosv5.py", line 62, in sendReceive
raise socket.error("Connection error (%s:%s)" % (targetHost, 88), e)
OSError: [Errno Connection error (COMPLYEDGE.COM:88)] [Errno 111] Connection refused
The kerberos ticket is in place and is working fine with all Impacket's tools
Stand alone CME binary version: v5.1.1dev Installed crackmapexec version: 5.1.6dev OS: Linux kali 5.9.0-kali1-amd64 #1 https://github.com/byt3bl33d3r/CrackMapExec/issues/1 SMP Debian 5.9.1-1kali2 (2020-10-29) x86_64 GNU/Linux
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/byt3bl33d3r/CrackMapExec/issues/466, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARRRMK5XURYHS57FE6NOOMLTNROV3ANCNFSM443NYLMQ .
Just tried on more thing, removed the binary and uninstalled the installed version (apt remove) then installed it again using the recommended pipx approach, still works on with password or hash, but with --kerberos it throws this:
Traceback (most recent call last):
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 60, in sendReceive
s.connect(sa)
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/gevent/_socketcommon.py", line 628, in connect
raise _SocketError(result, strerror(result))
ConnectionRefusedError: [Errno 111] Connection refused
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "src/gevent/greenlet.py", line 906, in gevent._gevent_cgreenlet.Greenlet.run
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 121, in __init__
connection.__init__(self, args, db, host)
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 47, in __init__
self.proto_flow()
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 82, in proto_flow
self.login()
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 145, in login
if self.kerberos_login(self.aesKey, self.kdcHost): return True
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 270, in kerberos_login
self.conn.kerberosLogin('', '', self.domain, self.lmhash, self.nthash, aesKey, kdcHost)
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smbconnection.py", line 348, in kerberosLogin
return self._SMBConnection.kerberosLogin(user, password, domain, lmhash, nthash, aesKey, kdcHost, TGT,
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smb3.py", line 678, in kerberosLogin
tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey)
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 425, in getKerberosTGS
r = sendReceive(message, domain, kdcHost)
File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 62, in sendReceive
raise socket.error("Connection error (%s:%s)" % (targetHost, 88), e)
OSError: [Errno Connection error (COMPLYEDGE.COM:88)] [Errno 111] Connection refused
2021-05-13T23:51:59Z <Greenlet at 0x7fc58d6536a0: smb(Namespace(threads=100, timeout=None, jitter=None, , <protocol.database object at 0x7fc58d659280>, '172.10.10.10')> failed with OSError
But where am I going to Del this (apt Remove) I don't understand bro
On Thu, 13 May 2021, 11:55 PM init5-msft, @.***> wrote:
Just tried on more thing, removed the binary and uninstalled the installed version (apt remove) then installed it again using the recommended pipx approach, still works on with password or hash, but with --kerberos it throws this:
Traceback (most recent call last): File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 60, in sendReceive s.connect(sa) File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/gevent/_socketcommon.py", line 628, in connect raise _SocketError(result, strerror(result)) ConnectionRefusedError: [Errno 111] Connection refused
During handling of the above exception, another exception occurred:
Traceback (most recent call last): File "src/gevent/greenlet.py", line 906, in gevent._gevent_cgreenlet.Greenlet.run File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 121, in init connection.init(self, args, db, host) File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 47, in init self.proto_flow() File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 82, in proto_flow self.login() File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 145, in login if self.kerberos_login(self.aesKey, self.kdcHost): return True File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 270, in kerberos_login self.conn.kerberosLogin('', '', self.domain, self.lmhash, self.nthash, aesKey, kdcHost) File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smbconnection.py", line 348, in kerberosLogin return self._SMBConnection.kerberosLogin(user, password, domain, lmhash, nthash, aesKey, kdcHost, TGT, File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smb3.py", line 678, in kerberosLogin tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey) File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 425, in getKerberosTGS r = sendReceive(message, domain, kdcHost) File "/root/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/krb5/kerberosv5.py", line 62, in sendReceive raise socket.error("Connection error (%s:%s)" % (targetHost, 88), e) OSError: [Errno Connection error (COMPLYEDGE.COM:88)] [Errno 111] Connection refused 2021-05-13T23:51:59Z <Greenlet at 0x7fc58d6536a0: smb(Namespace(threads=100, timeout=None, jitter=None, , <protocol.database object at 0x7fc58d659280>, '172.10.10.10')> failed with OSError
— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/byt3bl33d3r/CrackMapExec/issues/466#issuecomment-840900503, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARRRMK65CVSPA4RHMHYQNGTTNRRINANCNFSM443NYLMQ .
@iloiote I'm sorry, I don't understand your question. DO you have the same issue like me or you're trying to help?
Just I need to know what do you want bacause I don't know
On Fri, 14 May 2021, 12:00 AM init5-msft, @.***> wrote:
@iloiote https://github.com/iloiote I'm sorry, I don't understand your question. DO you have the same issue like me or you're trying to help?
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/byt3bl33d3r/CrackMapExec/issues/466#issuecomment-840901923, or unsubscribe https://github.com/notifications/unsubscribe-auth/ARRRMK2AW5PKI5NHLBZAWSTTNRRZ5ANCNFSM443NYLMQ .
Try with the FQDN name instead of the IP
I just realized that the tool I installed using pipx is broken as well, it just showed the weird behavior after I rebooted.
└─# proxychains -q crackmapexec smb 172.20.20.20 -u john -H 5ad27ee8000951e0669fab25f73f9d8a 2 ⨯
SMB 172.16.66.187 445 SQL8 [*] Windows 10.0 Build 17763 (name:SQL8) (domain:bank.local) (signing:False) (SMBv1:False)
SMB 172.16.66.187 445 SQL8 [-] bank.local\-----BEGIN RSA PRIVATE KEY-----:5ad27ee8000951e0669fab25f73f9d8a STATUS_LOGON_FAILURE
SMB 172.16.66.187 445 SQL8 [-] bank.local\MIIEpQIBAAKCAQEApDD/vFcPlFAHQyy/3ZDJwlm1X3mgeEUoAr5PfxJzX/TRf2A+:5ad27ee8000951e0669fab25f73f9d8a STATUS_LOGON_FAILURE
SMB 172.16.66.187 445 SQL8 [-] bank.local\AYlQOgZxBaoOC9CTwJ+7jSkJvjAUq7P5IDZFcLb+hEXUt8DxG37+zm8AwmRLVysF:5ad27ee8000951e0669fab25f73f9d8a STATUS_LOGON_FAILURE
SMB 172.16.66.187 445 SQL8 [-] bank.local\S/qMRgznQ2JnvuvbhTam6YowbcgQXcCx+a6wAhL/4o4/STwg0Xbm9Hek7sevbWqa:5ad27ee8000951e0669fab25f73f9d8a STATUS_LOGON_FAILURE
Absolutely no idea whats happening at this point
5ad27ee8000951e0669fab25f73f9d8a is a file ;)
Hello,
Describe the bug I am testing both the stand alone binary and the crackmapexec installation (using apt install)
To Reproduce
Running the binary (./cme) throws this no matter the parameters:
Running the installed version works fine with password/hash authentication, but breaks once the --kerberos option is used:
The kerberos ticket is in place and is working fine with all Impacket's tools
Stand alone CME binary version: v5.1.1dev Installed crackmapexec version: 5.1.6dev OS: Linux kali 5.9.0-kali1-amd64 #1 SMP Debian 5.9.1-1kali2 (2020-10-29) x86_64 GNU/Linux