Closed Meatballs1 closed 8 years ago
None being passed to the connection method:
09:49:02 INFO -: Getting remote passwords of 2 users
09:49:02 INFO -: Try to get the session key and salt of the XXXX user
09:49:02 DEBUG -: Session key and salt are now emply
09:49:02 DEBUG -: Sniffing is running in a new thread
09:49:02 DEBUG -: Session key and salt are now emply
09:49:02 DEBUG -: Waiting 3 seconds
09:49:05 DEBUG -: Connection to the database via a new thread with the username None
09:49:05 DEBUG -: Connecting with None/aaaaaaa@
09:49:05 INFO -: We have captured the session key:
09:49:05 INFO -: We have captured the salt:
Maybe not being passed correctly b = Thread(None, self.__try_to_connect__, None, (), {'args':self.args})
?
Ah fix below:
def __try_to_connect__(self, user):
'''
Establish a connection to the database
'''
import cx_Oracle
try:
connectString = "{0}/{1}@{2}:{3}/{4}".format(user,
It was trying to use self.args['user']
instead of the username from the thread kwargs
def getAPassword(self,user):
'''
'''
self.__resetSessionKeyValueAndSalt__()
logging.debug("Sniffing is running in a new thread")
a = Thread(None, self.__sniff_sessionkey_and_salt__, None, (), {'ip':self.args['server'],'port':self.args['port']})
a.start()
logging.debug("Waiting 3 seconds")
sleep(3)
logging.debug("Connection to the database via a new thread with the username {0}".format(user))
b = Thread(None, self.__try_to_connect__, None, (), {'user':user})
b.start()
b.join()
a.join()
return "",""
Thank you Meatballs1. Bug fixed in last commit (493035261bf44f373849f146c8a8ccad6cf85b1c).
Awesome thanks :)
If I use --test-module I get the same salt each time for a specific user (I already know password)
If I use --get-all-passwords I get a different salt than for the test-module.
If I try decrypt-sessions on the known user it wont decrypt the values? :(