search

fox-it / aclpwn.py

Active Directory ACL exploitation with BloodHound
MIT License
681 stars 106 forks source link

Failed to establish secure connection to 'EOF occurred in violation of protocol (_ssl.c:1123) #8

Open BroadbentT opened 3 years ago

BroadbentT commented 3 years ago

Running as root on Kali linux 2019 full dist-upgrade, running neo4j bolt and bloodhound.

Followed your update regarding the drivers:

python -m pip install 'neo4j-driver==1.7.0' --force-reinstall python -m pip install 'neo4j==1.7.0' --force-reinstall python -m pip install -U ldap3
python -m pip install aclpwn

However. when I run the correct command I get the following error message. I think it has something to do with this (driver = GraphDatabase.driver(uri="bolt://localhost:7687", auth=("neo4j", "12345"), encrypted=False)) the encrypted=False bit, but do not know where to change this!!

Regards Tez.

ceback (most recent call last): File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 854, in _secure s = ssl_context.wrap_socket(s, server_hostname=host if HAS_SNI and host else None) File "/usr/lib/python3.9/ssl.py", line 500, in wrap_socket return self.sslsocket_class._create( File "/usr/lib/python3.9/ssl.py", line 1040, in _create self.do_handshake() File "/usr/lib/python3.9/ssl.py", line 1309, in do_handshake self._sslobj.do_handshake() ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:1123)

The above exception was the direct cause of the following exception:

Traceback (most recent call last): File "/usr/local/bin/aclpwn", line 8, in sys.exit(main()) File "/usr/local/lib/python3.9/dist-packages/aclpwn/init.py", line 93, in main database.init_driver(args.database, args.database_user, args.database_password) File "/usr/local/lib/python3.9/dist-packages/aclpwn/database.py", line 14, in init_driver driver = GraphDatabase.driver(uri, auth=(user, password)) File "/usr/local/lib/python3.9/dist-packages/neo4j/init.py", line 108, in driver return Driver(uri, config) File "/usr/local/lib/python3.9/dist-packages/neo4j/init.py", line 147, in new return subclass(uri, config) File "/usr/local/lib/python3.9/dist-packages/neo4j/init.py", line 217, in new pool.release(pool.acquire()) File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 715, in acquire return self.acquire_direct(self.address) File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 608, in acquire_direct connection = self.connector(address, error_handler=self.connection_error_handler) File "/usr/local/lib/python3.9/dist-packages/neo4j/init.py", line 214, in connector return connect(address, dict(config, kwargs)) File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 972, in connect raise last_error File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 963, in connect s, der_encoded_server_certificate = _secure(s, host, security_plan.ssl_context, **config) File "/usr/local/lib/python3.9/dist-packages/neobolt/direct.py", line 859, in _secure raise error neobolt.exceptions.SecurityError: Failed to establish secure connection to 'EOF occurred in violation of protocol (_ssl.c:1123)'

andyfeili commented 3 years ago

it is in database.py, line 14

bvirgilioamnh commented 2 years ago

Were you ever able to resolve this? We're running into the same thing.

BroadbentT commented 2 years ago

Please use the previews version of neo4j driver. pip install neo4j-driver==1.6.2 and this is now supported with the --dns-timeout parameter