jbenz / opendlp

Automatically exported from code.google.com/p/opendlp
0 stars 0 forks source link

Filesys::SmbClient::_write: fd is not of type SMBCFILEPtr at /usr/local/lib/perl/5.10.1/Filesys/SmbClient.pm line 347. #81

Closed GoogleCodeExporter closed 8 years ago

GoogleCodeExporter commented 8 years ago
What steps will reproduce the problem?
1.Latest OpenDLP VM running on Xubuntu host (Virtualbox)
2.Scanning one xp domain member, simple file sharing disabled
3.When trying to start scan, error.log produces Filesys::SmbClient::_write: fd 
is not of type SMBCFILEPtr at /usr/local/lib/perl/5.10.1/Filesys/SmbClient.pm 
line 347.

What is the expected output? What do you see instead?
Expected output is a deployed agent and completed scan,

What version of the product are you using? On what operating system?
Latest version VM 0.5.1

Please provide any additional information below.

I am using domain admin credentials within the profile.  Interestingly, the 
kickoff of the scan locks-out the admin account (yes I have verified the 
password).

Also, I can run the net use \\ip.address\ command and get the expected results.

Original issue reported on code.google.com by telliot...@gmail.com on 2 Dec 2012 at 2:03

GoogleCodeExporter commented 8 years ago
Have tried 0.5.1 VM on both xubuntu and win7 hosts.  Target is physical xpsp3 
box (domain member).

SMBCFILEPtr error hits log immediately upon trying to scan.  Locks out AD 
account on DC immediately.

Original comment by telliot...@gmail.com on 2 Dec 2012 at 6:24

GoogleCodeExporter commented 8 years ago
All firewalls are turned off.

Original comment by telliot...@gmail.com on 2 Dec 2012 at 6:24

GoogleCodeExporter commented 8 years ago
That is strange about your account being locked out. If the password is 
correct, OpenDLP should not lock out the account on the domain.

Can you run this command successfully? "net use \\ip.address\C$ password 
/u:domain\username"

I realize you said you could do "net use \\ip.address" just fine, but my 
command is a bit different.

Original comment by andrew.O...@gmail.com on 2 Dec 2012 at 9:31

GoogleCodeExporter commented 8 years ago
The command completed successfully.

Original comment by telliot...@gmail.com on 2 Dec 2012 at 9:34

GoogleCodeExporter commented 8 years ago
Go into the MySQL database and look to see what password is being stored for 
this profile.

1. From the OpenDLP VM's command line, do this: mysql -u OpenDLP -p
2. Type your MySQL password: OpenDLPpassword
3. Inside MySQL, do this: use OpenDLP;
4. Inside MySQL, do this: select profile,domain,username,password from profiles;
5. Inside MySQL: quit

Make sure the domain, username, and password are the same as what you 
successfully used in your "net use" Windows commands.

Original comment by andrew.O...@gmail.com on 2 Dec 2012 at 9:40

GoogleCodeExporter commented 8 years ago
All verified as correct.

Original comment by telliot...@gmail.com on 2 Dec 2012 at 10:41

GoogleCodeExporter commented 8 years ago
What happens if you try an agentless scan against the same system using the 
same credentials?

Original comment by andrew.O...@gmail.com on 2 Dec 2012 at 11:49

GoogleCodeExporter commented 8 years ago
"Systems to scan" has an invalid character.

Could not get profile information. Ensure the profile exists and try to deploy 
your scan again.

Original comment by telliot...@gmail.com on 3 Dec 2012 at 12:14

GoogleCodeExporter commented 8 years ago
1. What are you entering for the system?
2. Are you entering the same string for the system when doing an agent scan?

Original comment by andrew.O...@gmail.com on 3 Dec 2012 at 12:42

GoogleCodeExporter commented 8 years ago
When running an agent based scan I enter the ip of the target.  For
agentless scans, I enter \\x.x.x.x\share

Original comment by telliot...@gmail.com on 3 Dec 2012 at 12:45

GoogleCodeExporter commented 8 years ago
For agentless filesystem scans, just enter the IP address.
For agentless share scans, you'll want to use that string.

1. Are you doing an agentless filesystem scan or agentless share scan?
2. Can you take a screenshot of the entire profile you are using for the agent 
scan, then attach it here? You will probably have to take 2-3 screenshots to 
capture everything.
3. Can you take a screenshot of the entire profile you are using for the 
agentless filesystem or share scan, then attach it here? You will probably have 
to take 2-3 screenshots to capture everything.

Original comment by andrew.O...@gmail.com on 3 Dec 2012 at 12:48

GoogleCodeExporter commented 8 years ago
Close the report.  I started over from scratch this morning by blowing away the 
VM and recreating from a fresh download.  First test scan is underway.

Thanks for the quick response!!!!

Original comment by telliot...@gmail.com on 3 Dec 2012 at 2:33

GoogleCodeExporter commented 8 years ago

Original comment by andrew.O...@gmail.com on 6 Dec 2012 at 6:15