search

ly4k / Certipy

Tool for Active Directory Certificate Services enumeration and abuse
MIT License
2.44k stars 340 forks source link

ugly pwd #232

Closed sec13b closed 2 weeks ago

sec13b commented 3 weeks ago

how i can do if i have a password like this : m'"I$O*D#"i|ZX"xv

certipy-ad find -dc-ip 192.168.0.5 -u eldorado@cocaine.corp -p eldoradopwd.txt  -enabled -vulnerable -stdout -debug
[+] Authenticating to LDAP server
[-] Got error: Failed to authenticate to LDAP: (invalidCredentials) 8009030C: LdapErr: DSID-0C0907FC, comment: AcceptSecurityContext error, data 52e, v4563
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/certipy/entry.py", line 60, in main
    actions[options.action](options)
  File "/usr/lib/python3/dist-packages/certipy/commands/parsers/find.py", line 12, in entry
    find.entry(options)
  File "/usr/lib/python3/dist-packages/certipy/commands/find.py", line 1179, in entry
    find.find()
  File "/usr/lib/python3/dist-packages/certipy/commands/find.py", line 165, in find
    connection = self.connection
                 ^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/certipy/commands/find.py", line 124, in connection
    self._connection.connect()
  File "/usr/lib/python3/dist-packages/certipy/lib/ldap.py", line 77, in connect
    self.connect(version=ssl.PROTOCOL_TLSv1_2)
  File "/usr/lib/python3/dist-packages/certipy/lib/ldap.py", line 155, in connect
    raise Exception(
Exception: Failed to authenticate to LDAP: (invalidCredentials) 8009030C: LdapErr: DSID-0C0907FC, comment: AcceptSecurityContext error, data 52e, v4563
certipy-ad find -dc-ip 192.168.0.5 -u eldorado@cocaine.corp -p m'"I$O*D#"i|ZX"xv  -enabled -vulnerable -stdout -debug

results: 

certipy-ad find -dc-ip 192.168.0.5 -u eldorado@cocaine.corp -p m'"I$O*D#"i|ZXxv  -enabled -vulnerable -stdout -debug   
quote>
spextat0r commented 3 weeks ago

You can put the password into a file then $(cat filewithpassword) as the password. image

(NOTE) "r" is the file that holds the password in my screenshot.

sec13b commented 3 weeks ago

thank you a lot

dan-hollis commented 2 weeks ago

You can also put your password in single quotes and "glue" the single quote within your password to the rest of the password 'm'"'"'"I$O*D#"i|ZXxv'. Encapsulate in single quotes any time an input arg has bash special characters like $, !, |, etc.

>>> echo 'm'"'"'"I$O*D#"i|ZXxv'
m'"I$O*D#"i|ZXxv
sec13b commented 2 weeks ago

thank you , i used $(cat filewithpassword) and work perfectly