Closed VakarisZ closed 1 year ago
SMB exploiter throws errors when no credentials are configured.
The logic of SMB exploiter is flawed, because line 166 is:
return remote_full_path, SelectedCredentials(user, password, lm_hash, ntlm_hash), timestamp
But the user, password, lm_hash can be undefined.
Fix the logic. Maybe don't return the credentials at all, only set them in self.successful_credentials?
self.successful_credentials
Duplicate of #2599
mssalvatore
commented
1 year ago mssalvatore
commented
1 year ago
Describe the bug
SMB exploiter throws errors when no credentials are configured.
The logic of SMB exploiter is flawed, because line 166 is:
But the user, password, lm_hash can be undefined.
Solution
Fix the logic. Maybe don't return the credentials at all, only set them in
self.successful_credentials?