search

ly4k / Certipy

Tool for Active Directory Certificate Services enumeration and abuse
MIT License
2.43k stars 338 forks source link

Unsupported hash type MD4 #142

Closed TheFiZi closed 1 year ago

TheFiZi commented 1 year ago

Fresh install.

me@LOCALHOST:~$ python --version
Python 3.10.6

me@LOCALHOST:~$ certipy find -vulnerable -stdout -u test@mydomain.tld -p *************** -debug
Certipy v4.4.0 - by Oliver Lyak (ly4k)

[+] Trying to resolve 'mydomain.tld' at '172.25.240.1'
[+] Resolved 'mydomain.tld' from cache: 192.168.0.4
[+] Authenticating to LDAP server
[-] Got error: unsupported hash type MD4
Traceback (most recent call last):
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/utils/ntlm.py", line 500, in ntowf_v2
    from Crypto.Hash import MD4  # try with the Crypto library if present
ModuleNotFoundError: No module named 'Crypto'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/home/me/.local/lib/python3.10/site-packages/certipy/entry.py", line 60, in main
    actions[options.action](options)
  File "/home/me/.local/lib/python3.10/site-packages/certipy/commands/parsers/find.py", line 12, in entry
    find.entry(options)
  File "/home/me/.local/lib/python3.10/site-packages/certipy/commands/find.py", line 1185, in entry
    find.find()
  File "/home/me/.local/lib/python3.10/site-packages/certipy/commands/find.py", line 165, in find
    connection = self.connection
  File "/home/me/.local/lib/python3.10/site-packages/certipy/commands/find.py", line 124, in connection
    self._connection.connect()
  File "/home/me/.local/lib/python3.10/site-packages/certipy/lib/ldap.py", line 77, in connect
    self.connect(version=ssl.PROTOCOL_TLSv1_2)
  File "/home/me/.local/lib/python3.10/site-packages/certipy/lib/ldap.py", line 128, in connect
    bind_result = ldap_conn.bind()
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/core/connection.py", line 628, in bind
    response = self.do_ntlm_bind(controls)
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/core/connection.py", line 1394, in do_ntlm_bind
    request = bind_operation(self.version, 'SICILY_RESPONSE_NTLM', ntlm_client,
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/operation/bind.py", line 81, in bind_operation
    server_creds = name.create_authenticate_message()
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/utils/ntlm.py", line 379, in create_authenticate_message
    nt_challenge_response = self.compute_nt_response()
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/utils/ntlm.py", line 485, in compute_nt_response
    response_key_nt = self.ntowf_v2()
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/utils/ntlm.py", line 503, in ntowf_v2
    raise e  # raise original exception
  File "/home/me/.local/lib/python3.10/site-packages/ldap3/utils/ntlm.py", line 497, in ntowf_v2
    password_digest = hashlib.new('MD4', self._password.encode('utf-16-le')).digest()
  File "/usr/lib/python3.10/hashlib.py", line 166, in __hash_new
    return __get_builtin_constructor(name)(data)
  File "/usr/lib/python3.10/hashlib.py", line 123, in __get_builtin_constructor
    raise ValueError('unsupported hash type ' + name)
ValueError: unsupported hash type MD4
timwsuqld commented 1 year ago

I got past this with pip install pycryptodome

TheFiZi commented 1 year ago

I got past this with pip install pycryptodome

That did the trick

timwsuqld commented 1 year ago

It probably means setup.py needs to be updated with that as a dependency, so really this shouldn't be closed yet.

ly4k commented 1 year ago

Should be fixed in latest release

nionios commented 1 year ago

This is still occuring with python 3.11. Downgrading to a lower python version (3.9.15 in my case) with pyenv and installing pycryptodome and certipy-ad works. Then, I had to run certipy from python ~/.pyenv/versions/3.9.18/bin/certipy