ropnop / go-windapsearch

Utility to enumerate users, groups and computers from a Windows domain through LDAP queries
BSD 3-Clause "New" or "Revised" License
348 stars 46 forks source link

invalid Credentials every time #2

Closed b1gbroth3r closed 4 years ago

b1gbroth3r commented 4 years ago

Hey ropnop, first of all awesome tool, and I love that you've re-written it in Go! I've run into an issue today that I'm stumped by. I'm trying to run the simple module queries like admin-objects against a domain controller in the lab environment. I have 2 separate working sets of valid domain user credentials, and have confirmed they're valid through other tools (rpcclient, crackmapexec, ldapdomaindump, etc), yet I keep getting invalid Credentials upon every query attempt. Sample commands: windapsearch --dc dc01.lab.local -u <user> -p <password> -m admin-objects windapsearch --domain lab.local -u <user> -p <password> -m admin-objects

I followed the instructions on building the project with mage and ran into no issues on that front. Any idea on why this would be happening?

ropnop commented 4 years ago

Hey thanks! Hmm that’s strange. A few questions:

What format are you providing the username in? Is it “user@domain.com” ? Are there any special characters in the password? Can you try running it with verbose and debug options on and share the output?

It’s really interesting that ldapdomaindump works but windapsearch doesn’t. I’d love to get to the bottom of this. If possible, if you could get a wireshark capture of the LDAP bind failing that would be really helpful too!

b1gbroth3r commented 4 years ago

Ah, this is embarrassing, I didn't realize the username format needed to be user@domain.com. I was just doing username. Running it with the corrected format seems to have done the trick and it's working flawlessly now.

Thank you!

ropnop commented 4 years ago

Heh, no worries. I guess it doesn’t make sense to require that part of the username when the domain is given. I’ll change that in the next version so either should work!