search

jborean93 / pypsrp

PowerShell Remoting Protocol for Python
MIT License
326 stars 49 forks source link

spnego.exceptions.BadMICError #90

Closed sehot closed 4 years ago

sehot commented 4 years ago

Hi i'm getting this error :

spnego.exceptions.BadMICError: SpnegoError (6): [WinError -2146893041] The message or signature supplied for verification has been altered, Context: Unwrapping IOV buffer

when run this code 

from pypsrp.client import Client
# this takes in the same kwargs as the WSMan object
with Client("MYSERVER",ssl=False,auth="kerberos",cert_validation=False,encryption="always") as client:
    # execute a cmd command
    stdout, stderr, rc = client.execute_cmd("dir")

    print(stdout)

what's wrong ?

thanks

jborean93 commented 4 years ago

Some is broken with the message encryption, can you let me know

Would you also be able to enable debug logs for the authentication phase by doing the following

import logging
import sys

from pypsrp.client import Client

log = logging.getLogger('spnego.sspi')
log.setLevel(logging.DEBUG)
handler = logging.StreamHandler(sys.stdout)
handler.setFormatter(logging.Formatter('%(asctime)s - %(name)s - %(levelname)s - %(message)s'))
log.addHandler(handler)

with Client('MYSERVER', auth='kerberos', ssl=False) as c:
    print(c.execute_cmd('dir'))

I'm particularly interested in the SSPI step input/output values as that will tell me what encryption method is used for the message encryption. If you are uncomfortable in sharing those details you can find out that info by running

pyspnego-parse --token base64valuefromlog

There will be a few fields in there, I'm very interested in the etype values.

sehot commented 4 years ago

Hi i'm trying access windows 7/10 machines from windows server 2012r2

etype value : AES256_CTS_HMAC_SHA1_96 (18)

thanks for your help.

jborean93 commented 4 years ago

Thanks for the details, I've found the problem which is is an underlying library and have opened a PR to fix it https://github.com/jborean93/pyspnego/pull/4.

jborean93 commented 4 years ago

v0.1.2 has been released for pyspnego, running pip install -U pyspnego should be enough to get you going if you need to upgrade the existing version.

sehot commented 4 years ago

Great , It's working now . thanks !

jborean93 commented 4 years ago

Thanks for the confirmation.