c3c
commented
4 days ago Try clearing cache files ($TMP/*.cache) first and run again. If you run into the same issue again, please include a stack trace and I will reopen.
Open CaledoniaProject opened 4 days ago
c3c
commented
4 days ago Try clearing cache files ($TMP/*.cache) first and run again. If you run into the same issue again, please include a stack trace and I will reopen.
CaledoniaProject
commented
4 days ago I don't have /tmp/*.cache, it's a fresh run
[*] Server: Bxxxx
[*] Time of snapshot: xxxx
[*] Mapping offset: xxxx
[*] Object count: xxxx
[+] Parsing properties: 0
[+] Parsing classes: 0
[+] Parsing object offsets: xxxx
[+] Restored pre-processed information from data cache
Traceback (most recent call last):
File "PATH/ADExplorerSnapshot.py/ADExplorerSnapshot.py", line 2, in <module>
adexpsnapshot.main()
File "PATH/ADExplorerSnapshot.py/adexpsnapshot/__init__.py", line 1151, in main
ades.outputBloodHound()
File "PATH/ADExplorerSnapshot.py/adexpsnapshot/__init__.py", line 141, in outputBloodHound
self.process()
File "PATH/ADExplorerSnapshot.py/adexpsnapshot/__init__.py", line 244, in process
self.domainname = ADUtils.ldap2domain(self.rootdomain)
File "/opt/homebrew/lib/python3.10/site-packages/bloodhound/ad/utils.py", line 125, in ldap2domain
return re.sub(',DC=', '.', ldap[ldap.find('DC='):], flags=re.I)[3:]
AttributeError: 'NoneType' object has no attribute 'find'The stack trace you show says "Restored pre-processed information from data cache", meaning it did retrieve (or attempted to) retrieve data from cache. Adexplorersnapshot.py creates a cache during preprocessing of data.
If the issue does persist after removing the cache file, the snapshot file has a different format than expected by this tool (because for some reason it sees 0 properties / 0 classes), and it would be good to understand the environment the snapshot was taken in. As well as the version of adexplorer.exe + architecture.
Can't run with homebrew python3.10