fgeek
commented
1 year ago What was the command line you used?
Closed vaibhav200225 closed 1 year ago
fgeek
commented
1 year ago What was the command line you used?
vaibhav200225
commented
1 year ago certipy req -u
arnydo
commented
1 year ago Same error for me.
prismbreak
commented
1 year ago Hello, I have the same error, did you solved?
gashadarli
commented
1 year ago same error, i think, there is a problem with python 3.11 version
prismbreak
commented
1 year ago same error, i think, there is a problem with python 3.11 version
Hello, did you solved?
gashadarli
commented
1 year ago same error, i think, there is a problem with python 3.11 version
Hello, did you solved?
I use Manjaro, then I switched to Kali in virtual machine, I got same error. Then again I did create new computer, new password. It worked. I dont know, how it worked.
I'll share the commands when I get behind the computer
MANAVGK2038
commented
1 year ago Any fixes to the same error? I'm solving a HTB machine that requires the usage of this tool and it ain't working
ly4k
commented
1 year ago Certipy tries to connect first via SMB, and if that fails then directly via RPC over TCP. It appears that SMB returns access denied, and the RPC returns an unknown error. This error code isn’t documented by Microsoft, but it’s a fair assumption that if SMB throws access denied, it’s because the credentials provided don’t grant have access. It’s difficult for me to investigate without further context.
Best regards
BatM4ster5on
commented
1 month ago If anyone is still encountering this issue, while doing Authority on HTB. I changed up a few things and had success.
First, instead of using impacket-addcomputer i used addcomputer.py
next I installed certipy via Pipx to my machine, instead of using Kali's apt package.
I also noticed that the Target will remove the created computer after a certain amount of time so be sure to confirm that your 'Computer' is (still) available on the targets Domain.
Goodluck!
While running the tool I got the error like this [+] Generating RSA key [*] Requesting certificate via RPC [+] Trying to connect to endpoint: ncacn_np:10.10.11.222[\pipe\cert] [!] Failed to connect to endpoint ncacn_np:10.10.11.222[\pipe\cert]: SMB SessionError: STATUS_ACCESS_DENIED({Access Denied} A process has requested access to an object but has not been granted those access rights.) [+] Trying to resolve dynamic endpoint '91AE6020-9E3C-11CF-8D7C-00AA00C091BE' [+] Resolved dynamic endpoint '91AE6020-9E3C-11CF-8D7C-00AA00C091BE' to 'ncacn_ip_tcp:10.10.11.222[49705]' [+] Trying to connect to endpoint: ncacn_ip_tcp:10.10.11.222[49705] [+] Connected to endpoint: ncacn_ip_tcp:10.10.11.222[49705] [-] Got error: Unknown DCE RPC fault status code: 00000721 Traceback (most recent call last): File "/home/vzsecure/.local/lib/python3.11/site-packages/certipy/entry.py", line 60, in main actionsoptions.action File "/home/vzsecure/.local/lib/python3.11/site-packages/certipy/commands/parsers/req.py", line 12, in entry req.entry(options) File "/home/vzsecure/.local/lib/python3.11/site-packages/certipy/commands/req.py", line 764, in entry request.request() File "/home/vzsecure/.local/lib/python3.11/site-packages/certipy/commands/req.py", line 715, in request cert = self.interface.request(csr, attributes) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/vzsecure/.local/lib/python3.11/site-packages/certipy/commands/req.py", line 208, in request response = self.dce.request(request) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/home/vzsecure/.local/lib/python3.11/site-packages/impacket/dcerpc/v5/rpcrt.py", line 859, in request answer = self.recv() ^^^^^^^^^^^ File "/home/vzsecure/.local/lib/python3.11/site-packages/impacket/dcerpc/v5/rpcrt.py", line 1332, in recv raise DCERPCException('Unknown DCE RPC fault status code: %.8x' % status_code) impacket.dcerpc.v5.rpcrt.DCERPCException: Unknown DCE RPC fault status code: 00000721