Closed jcdenton1984 closed 1 year ago
I run CME as described in the documentation with a user and password specified against a Windows machine. Via the -x or -X option a command should be executed. This does not work however. Here is a debug from that execution:
crackmapexec --debug smb 192.168.XXX.202 -u user -p 'password' -X whoami [20:29:29] DEBUG Passed args: Namespace(threads=100, timeout=None, jitter=None, no_progress=False, verbose=False, debug=True, crackmapexec.py:87 version=False, protocol='smb', target=['192.168.XXX.202'], cred_id=[], username=['user'], password=['password'], kerberos=False, no_bruteforce=False, continue_on_success=False, use_kcache=False, log=None, aesKey=None, kdcHost=None, gfail_limit=None, ufail_limit=None, fail_limit=None, module=None, module_options=[], list_modules=False, show_module_options=False, server='https', server_host='0.0.0.0', server_port=None, connectback_host=None, hash=[], domain=None, local_auth=False, port=445, share='C$', smb_server_port=445, gen_relay_list=None, smb_timeout=2, laps=None, sam=False, lsa=False, ntds=None, dpapi=None, mkfile=None, pvk=None, enabled=False, userntds=None, shares=False, filter_shares=None, sessions=False, disks=False, loggedon_users_filter=None, loggedon_users=False, users=None, groups=None, computers=None, local_groups=None, pass_pol=False, rid_brute=None, wmi=None, wmi_namespace='root\\cimv2', spider=None, spider_folder='.', content=False, exclude_dirs='', pattern=None, regex=None, depth=None, only_files=False, put_file=None, get_file=None, append_host=False, exec_method=None, codec='utf-8', force_ps32=False, no_output=False, execute=None, ps_execute='whoami', obfs=False, amsi_bypass=None, clear_obfscripts=False) DEBUG Protocol: smb crackmapexec.py:143 DEBUG Protocol Path: /home/jc/.local/pipx/venvs/crackmapexec/lib/python3.11/site-packages/cme/protocols/smb.py crackmapexec.py:146 DEBUG Protocol DB Path: /home/jc/.local/pipx/venvs/crackmapexec/lib/python3.11/site-packages/cme/protocols/smb/database.py crackmapexec.py:148 DEBUG Protocol Object: <class 'protocol.smb'> crackmapexec.py:151 DEBUG Protocol DB Object: <class 'protocol.database'> crackmapexec.py:153 DEBUG DB Path: /home/jc/.cme/workspaces/default/smb.db crackmapexec.py:156 [20:29:30] DEBUG Using selector: EpollSelector selector_events.py:54 DEBUG Creating ThreadPoolExecutor crackmapexec.py:44 DEBUG Creating thread for <class 'protocol.smb'> crackmapexec.py:47 DEBUG Kicking off proto_flow connection.py:125 INFO Error creating SMBv1 connection to 192.168.XXX.202: Error occurs while reading from remote(104) smb.py:590 DEBUG Update Hosts: [{'id': 3, 'ip': '192.168.XXX.202', 'hostname': 'DOMAIN', 'domain': 'DOMAIN', 'os': 'Windows 10.0 Build 20348', database.py:258 'dc': None, 'smbv1': False, 'signing': False, 'spooler': None, 'zerologon': None, 'petitpotam': None}] DEBUG add_host() - Host IDs Updated: [3] database.py:268 DEBUG Error logging off system: Error occurs while reading from remote(104) smb.py:256 SMB 192.168.XXX.202 445 DOMAIN [*] Windows 10.0 Build 20348 x64 (name:DOMAIN) (domain:DOMAIN) (signing:False) (SMBv1:False) INFO SMB 192.168.XXX.202 445 DOMAIN [*] Windows 10.0 Build 20348 x64 (name:DOMAIN) (domain:DOMAIN) logger.py:159 (signing:False) (SMBv1:False) INFO Error creating SMBv1 connection to 192.168.XXX.202: Error occurs while reading from remote(104) smb.py:590 [20:29:31] DEBUG Adding credential: DOMAIN/user:password smb.py:464 DEBUG Adding credentials: [{'id': 1, 'domain': 'DOMAIN', 'username': 'user', 'password': 'password', 'credtype': database.py:327 'plaintext', 'pillaged_from_hostid': None}] DEBUG smb hosts() - results: [(3, '192.168.XXX.202', 'DOMAIN', 'DOMAIN', 'Windows 10.0 Build 20348', None, False, False, None, database.py:498 None, None)] SMB 192.168.XXX.202 445 DOMAIN [+] DOMAIN\user:password INFO SMB 192.168.XXX.202 445 DOMAIN [+] DOMAIN\user:password logger.py:159 DEBUG Calling ps_execute()
I attached a screenshot showing the command execution without debug.
Expected behavior would be that the command gets executed and the result is then printed at the very end.
I am using version 6.0 on a Kali Linux system. I installed it as described in the documentation like this:
I made sure to run this by adapting the PATH variable.
The official repo as moved to https://github.com/mpgn/CrackMapExec, please open the issue on this repo :)
I run CME as described in the documentation with a user and password specified against a Windows machine. Via the -x or -X option a command should be executed. This does not work however. Here is a debug from that execution:
I attached a screenshot showing the command execution without debug.
Expected behavior would be that the command gets executed and the result is then printed at the very end.
I am using version 6.0 on a Kali Linux system. I installed it as described in the documentation like this:
~ python3 -m pip install pipx
~ git clone https://github.com/mpgn/CrackMapExec
~ cd CrackMapExec
~ pipx install .
I made sure to run this by adapting the PATH variable.![CME-Error](https://github.com/Porchetta-Industries/CrackMapExec/assets/134957957/c457b252-c6a3-440e-bdab-37c8edbf6a19)