search

skelsec / pypykatz

Mimikatz implementation in pure Python
MIT License
2.81k stars 371 forks source link

getWindowsBuild error. #91

Closed byehack closed 3 years ago

byehack commented 3 years ago 
Python 3.7.7 (tags/v3.7.7:d7c567b08f, Mar 10 2020, 09:44:33) [MSC v.1900 32 bit (Intel)] on win32
Type "help", "copyright", "credits" or "license" for more information.
>>> from pypykatz.pypykatz import pypykatz
>>> pypykatz.go_live()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "c:\Python37x86\lib\site-packages\pypykatz\pypykatz.py", line 104, in go_live
    reader = LiveReader()
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\readers\local\live_reader.py", line 310, in __init__
    self.sanity_check()
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\readers\local\live_reader.py", line 326, in sanity_check
    raise Exception('Python interpreter must be the same architecure of the OS you are running it on.')
Exception: Python interpreter must be the same architecure of the OS you are running it on.
>>> a=pypykatz.go_handledup()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "c:\Python37x86\lib\site-packages\pypykatz\pypykatz.py", line 114, in go_handledup
    from pypykatz.commons.winapi.local.function_defs.live_reader_ctypes import enum_lsass_handles
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\winapi\local\function_defs\live_reader_ctypes.py", line 48, in <module>
    if getWindowsBuild() >= WindowsMinBuild.WIN_VISTA.value:
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\winapi\local\function_defs\live_reader_ctypes.py", line 35, in getWindowsBuild
    GetVersionEx( ctypes.byref(version) )
ctypes.ArgumentError: argument 1: <class 'TypeError'>: expected LP_OSVERSIONINFOEXA instance instead of pointer to OSVersionInfo
>>>
skelsec commented 3 years ago

Exception: Python interpreter must be the same architecure of the OS you are running it on.

byehack commented 3 years ago

Exception: Python interpreter must be the same architecure of the OS you are running it on.

i know it. look at second part:

>>> a=pypykatz.go_handledup()
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "c:\Python37x86\lib\site-packages\pypykatz\pypykatz.py", line 114, in go_handledup
    from pypykatz.commons.winapi.local.function_defs.live_reader_ctypes import enum_lsass_handles
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\winapi\local\function_defs\live_reader_ctypes.py", line 48, in <module>
    if getWindowsBuild() >= WindowsMinBuild.WIN_VISTA.value:
  File "c:\Python37x86\lib\site-packages\pypykatz\commons\winapi\local\function_defs\live_reader_ctypes.py", line 35, in getWindowsBuild
    GetVersionEx( ctypes.byref(version) )
ctypes.ArgumentError: argument 1: <class 'TypeError'>: expected LP_OSVERSIONINFOEXA instance instead of pointer to OSVersionInfo
>>>

i tried to change "pypykatz\commons\winapi\local\function_defs\live_reader_ctypes.py", line 35 to:

def getWindowsBuild():
    key = winreg.OpenKey(winreg.HKEY_LOCAL_MACHINE, 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\')
    buildnumber, t = winreg.QueryValueEx(key, 'CurrentBuildNumber')
    return int(buildnumber)

    # version = GetVersionExA()
    # return version.dwBuildNumber

it didn't give error but immdiately exit from python process.