Open juliourena opened 1 year ago
I tried with the exe and first run. dont show the tokens. second run, show. try :-)
I tried many times, but I still got the same issue, that's why I decide to compile the binary instead of using the CME module.
This is indeed very strange. You're the second person to tell me that however I have no idea, as of now, why there is no token.
Are there special GPO's on your AD ?
No, just a default domain. I tried in a machine without DC, my personal computer, and I got the same result.
I'm sorry but I can't reproduce this behaviour. I have installed a new Windows 10 pro, fully updated, defender updated as well and it does work :/
Hi, I'm experiencing same issue. Compiled version in Debug mode shows this error. Not sure if its relevant though :)
That one is interesting, it implies that the secured string copy fails because of a buffer being too small. However I have no idea how it is possible. I might push a debug version on this repo and ask you guys to help me since I can't reproduce the issue.
Is that ok for you ?
sure
Hey hey! For information I have been able to reproduce the bug on a Windows Pro N version. So I'll take a deeper look and try to hack something :P !
Just a quick update to let you know I have patched the bug and upgraded the binary in the mean time. I'll publish a PR as soon as possible with an update on the blog post :) !
With the update you will hopefully be able to list all tokens and now you can even see their integrity in order to choose the most important ones:
I still have to patch the CME module tho. Let me know if you still have issues :)!
Hi!
I'm trying to replicate the token impersonation, I tried in 3 different machines, and I got the same result, no token at all. I also tried using the CrackMapExec module and also got the same result.
Here some pictures.
Machine No. 1 DC01
Machine No. 2
Please let me know if I can provide more information.
Best regards!