search

grimlockx / ADCSKiller

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
https://hexastrike.com
MIT License
696 stars 68 forks source link

certipy parse error #3

Open mkannan22 opened 1 year ago

mkannan22 commented 1 year ago

[+] Parsing certipy output XX_Certipy.json [-] Error reading Certipy JSON file: [Errno 2] No such file or directory: 'XX_Certipy.json'

tried with python3.10 and python3.11 on kali ─# certipy -h Certipy v4.4.0 - by Oliver Lyak (ly4k)

Coercer -h

  / ____/___  ___  _____________  _____
 / /   / __ \/ _ \/ ___/ ___/ _ \/ ___/
/ /___/ /_/ /  __/ /  / /__/  __/ /      v2.4-blackhat-edition
\____/\____/\___/_/   \___/\___/_/       by @podalirius_

usage: Coercer [-h] [-v] {scan,coerce,fuzz} ...

ex command ran python3.11 adcskiller.py -u test-p test-d test.org -dc-ip test -L test

grimlockx commented 1 year ago

Hi! Thanks for reaching out. I also experienced this error when the specified domain controller IP with the "-dc-ip" parameter was unreachable. As a result, the tool was unable to create the Certipy report. If you can run "certipy find -u username@domain -p password -dc-ip IP -vulnerable -stdout" without any issues, it's possible that the required write permissions for generating the report are not available. I will be releasing a new version in the next few days, which will include improved error handling as well as ESC3 and ESCf4.

mkannan22 commented 1 year ago

Good call. Working through next python error now.

Certipy v4.4.0 - by Oliver Lyak (ly4k)

[-] Got error: module 'collections' has no attribute 'MutableMapping' Traceback (most recent call last): File "/usr/local/lib/python3.11/dist-packages/certipy_ad-4.4.0-py3.11.egg/certipy/entry.py", line 60, in main actionsoptions.action File "/usr/local/lib/python3.11/dist-packages/certipy_ad-4.4.0-py3.11.egg/certipy/commands/parsers/find.py", line 10, in entry from certipy.commands import find File "/usr/local/lib/python3.11/dist-packages/certipy_ad-4.4.0-py3.11.egg/certipy/commands/find.py", line 26, in from certipy.lib.ldap import LDAPConnection, LDAPEntry File "/usr/local/lib/python3.11/dist-packages/certipy_ad-4.4.0-py3.11.egg/certipy/lib/ldap.py", line 4, in import ldap3 File "/usr/local/lib/python3.11/dist-packages/ldap3/init.py", line 254, in from .core.server import Server File "/usr/local/lib/python3.11/dist-packages/ldap3/core/server.py", line 35, in from ..protocol.rfc4512 import SchemaInfo, DsaInfo File "/usr/local/lib/python3.11/dist-packages/ldap3/protocol/rfc4512.py", line 33, in from ..utils.conv import escape_bytes, json_hook, check_json_dict, format_json, check_escape File "/usr/local/lib/python3.11/dist-packages/ldap3/utils/conv.py", line 30, in from ..utils.ciDict import CaseInsensitiveDict File "/usr/local/lib/python3.11/dist-packages/ldap3/utils/ciDict.py", line 31, in class CaseInsensitiveDict(collections.MutableMapping): ^^^^^^^^^^^^^^^^^^^^^^^^^^ AttributeError: module 'collections' has no attribute 'MutableMapping'

mkannan22 commented 1 year ago

Now seeing the following error in new environment:

[+] Found vulnerabilities: ['ESC6', 'ESC8']

Traceback (most recent call last): File "/home/kali/Github/Certipy/Coercer/ADCSKiller/adcskiller.py", line 377, in exploit.fetch_certipy_results() File "/home/kali/Github/Certipy/Coercer/ADCSKiller/adcskiller.py", line 249, in fetch_certipy_results for template in templates.values(): AttributeError: 'str' object has no attribute 'values'

sinfulz commented 11 months ago

Now seeing the following error in new environment:

[+] Found vulnerabilities: ['ESC6', 'ESC8']

Traceback (most recent call last): File "/home/kali/Github/Certipy/Coercer/ADCSKiller/adcskiller.py", line 377, in exploit.fetch_certipy_results() File "/home/kali/Github/Certipy/Coercer/ADCSKiller/adcskiller.py", line 249, in fetch_certipy_results for template in templates.values(): AttributeError: 'str' object has no attribute 'values'

Did you ever work out the fix?