search

the-useless-one / pywerview

A (partial) Python rewriting of PowerSploit's PowerView
GNU General Public License v3.0
909 stars 113 forks source link

--hashes doesn't appear to be working #17

Closed rkornmeyer closed 8 years ago

rkornmeyer commented 8 years ago

File "./pywerview.py", line 24, in main() File "/Users/robertkornmeyer/pywerview/pywerview/cli/main.py", line 342, in main results = args.func(**parsed_args) File "/Users/robertkornmeyer/pywerview/pywerview/cli/helpers.py", line 46, in get_netuser custom_filter=custom_filter) File "/Users/robertkornmeyer/pywerview/pywerview/requester.py", line 117, in wrapper ads_path=ads_path, ads_prefix=ads_prefix) File "/Users/robertkornmeyer/pywerview/pywerview/requester.py", line 76, in _create_ldap_connection self._lmhash, self._nthash) File "/Library/Python/2.7/site-packages/impacket/ldap/ldap.py", line 290, in login type3, exportedSessionKey = getNTLMSSPType3(negotiate, str(type2), user, password, domain, lmhash, nthash) File "/Library/Python/2.7/site-packages/impacket/ntlm.py", line 599, in getNTLMSSPType3 password = password.decode(encoding) AttributeError: 'NoneType' object has no attribute 'decode

However, impacket lib works just fine when using hashes.

cli:

./pywerview.py get-netuser -w domain -u user --hashes hashes:here --dc-ip ipaddress --domain queried domain --username usernametoquery

the-useless-one commented 8 years ago

Hey man, thanks for the issue. The trouble was that by default, if password is not set, its value is None, and impacket doesn't seem to like it. I changed the default value to an empty string, this should fix your problem.

I also changed how hashes are treated: you can now give only the NT hash, and by default the LM hash will be set to the empty LM hash.

Cheers,

Y

rkornmeyer commented 8 years ago

awesome!

Sent from my iPhone

On Sep 19, 2016, at 5:29 PM, the-useless-one notifications@github.com wrote:

Hey man, thanks for the issue. The trouble was that by default, if password is not set, its value is None, and impacket doesn't seem to like it. I changed the default value to an empty string, this should fix your problem.

I also changed how hashes are treated: you can now give only the NT hash, and by default the LM hash will be set to the empty LM hash.

Cheers,

Y

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.