search

ly4k / Certipy

Tool for Active Directory Certificate Services enumeration and abuse
MIT License
2.34k stars 318 forks source link

digestmod issue #185

Open johnumorujo opened 10 months ago

johnumorujo commented 10 months ago

Certipy v4.8.2 - by Oliver Lyak (ly4k)

[-] Got error: Missing required parameter 'digestmod'. [-] Use -debug to print a stacktrace

fgeek commented 10 months ago

What command did you execute? Do you have stacktrace?

fgeek commented 10 months ago

Ping @johnumorujo happy to help if you can provide more details, thanks.

tedbot101 commented 10 months ago

[+] Authenticating to LDAP server [-] Got error: Missing required parameter 'digestmod'. Traceback (most recent call last): File "/home/kali/.local/lib/python3.11/site-packages/certipy/entry.py", line 60, in main actionsoptions.action File "/home/kali/.local/lib/python3.11/site-packages/certipy/commands/parsers/find.py", line 12, in entry find.entry(options) File "/home/kali/.local/lib/python3.11/site-packages/certipy/commands/find.py", line 1179, in entry find.find() File "/home/kali/.local/lib/python3.11/site-packages/certipy/commands/find.py", line 165, in find connection = self.connection ^^^^^^^^^^^^^^^ File "/home/kali/.local/lib/python3.11/site-packages/certipy/commands/find.py", line 124, in connection self._connection.connect() File "/home/kali/.local/lib/python3.11/site-packages/certipy/lib/ldap.py", line 77, in connect self.connect(version=ssl.PROTOCOL_TLSv1_2) File "/home/kali/.local/lib/python3.11/site-packages/certipy/lib/ldap.py", line 136, in connect bind_result = ldap_conn.bind() ^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/core/connection.py", line 563, in bind response = self.do_ntlm_bind(controls) ^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/core/connection.py", line 1302, in do_ntlm_bind request = bind_operation(self.version, 'SICILY_RESPONSE_NTLM', ntlm_client, result['server_creds']) ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/operation/bind.py", line 81, in bind_operation server_creds = name.create_authenticate_message() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/utils/ntlm.py", line 379, in create_authenticate_message nt_challenge_response = self.compute_nt_response() ^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/utils/ntlm.py", line 485, in compute_nt_response response_key_nt = self.ntowf_v2() ^^^^^^^^^^^^^^^ File "/usr/local/lib/python3.11/dist-packages/ldap3/utils/ntlm.py", line 497, in ntowf_v2 return hmac.new(password_digest, (self.user_name.upper() + self.user_domain).encode('utf-16-le')).digest() ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/hmac.py", line 184, in new return HMAC(key, msg, digestmod) ^^^^^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.11/hmac.py", line 56, in init raise TypeError("Missing required parameter 'digestmod'.") TypeError: Missing required parameter 'digestmod'.

fgeek commented 10 months ago

@tedbot101 does this help? https://github.com/byt3bl33d3r/CrackMapExec/issues/380#issuecomment-626173555

tedbot101 commented 10 months ago

@fgeek nope

flakpaket commented 6 months ago

I had the same error with a different tool and had to upgrade the ldap3 package to get it to work. Version 2.5.1 produced the error. You can check your version with pip list | grep ldap3.
I ran the following command to upgrade, which installed 2.9.1, and it solved my problem. pip install --upgrade ldap3