Encoding error in get-netgroupmember

[ThePirateWhoSmellsOfSunflowers]

Same error as #5 but in get-netgroupmember

$ ./pywerview.py get-netgroupmember -w my.long.domain.xxx -u user -p p@$$w0rd --dc-ip 192.168.1.1 --groupname "Domain Admins"
Traceback (most recent call last):
  File "./pywerview.py", line 24, in <module>
    main()
  File "/home/zzz/tools/pywerview/pywerview/cli/main.py", line 347, in main
    results = args.func(**parsed_args)
  File "/home/zzz/tools/pywerview/pywerview/cli/helpers.py", line 128, in get_netgroupmember
    full_data=full_data, custom_filter=custom_filter)
  File "/home/zzz/tools/pywerview/pywerview/requester.py", line 127, in wrapper
    return f(*args, **kwargs)
  File "/home/zzz/tools/pywerview/pywerview/functions/net.py", line 355, in get_netgroupmember
    members = _get_members(groupname, sid)
  File "/home/zzz/tools/pywerview/pywerview/functions/net.py", line 313, in _get_members
    members += self.get_netuser(custom_filter=dn_filter)
  File "/home/zzz/tools/pywerview/pywerview/requester.py", line 127, in wrapper
    return f(*args, **kwargs)
  File "/home/zzz/tools/pywerview/pywerview/functions/net.py", line 69, in get_netuser
    return self._ldap_search(user_search_filter, adobj.User)
  File "/home/zzz/tools/pywerview/pywerview/requester.py", line 96, in _ldap_search
    attributes=attributes)
  File "/usr/local/lib/python2.7/dist-packages/impacket/ldap/ldap.py", line 351, in search
    searchRequest['filter'] = self._parseFilter(searchFilter)
  File "/usr/local/lib/python2.7/dist-packages/impacket/ldap/ldap.py", line 448, in _parseFilter
    filterList = list(reversed(unicode(filterStr)))
UnicodeDecodeError: 'ascii' codec can't decode byte 0xc3 in position 51: ordinal not in range(128)

Cheers from eastern europe :beers:

[the-useless-one]

Hmm, this seems to be a generalized problem: whenever we have an LDAP search filter with accentuated characters, impacket raises an error. I'll investigate. Thanks for the issue!

[the-useless-one]

Hey!

This pull request should solve your problems. Update your impacket installation, and it should now work:

./pywerview.py get-netgroupmember -t $DC_IP -w uselessdomain.local -u $USER -p $PASSWORD --groupname 'Groupe accent é' --full-data
accountexpires:        9223372036854775807
badpasswordtime:       2016-08-24 22:13:10
badpwdcount:           0
cn:                    Jérôme Doe
codepage:              0
countrycode:           0
displayname:           Jérôme Doe
distinguishedname:     CN=Jérôme Doe,CN=Users,DC=uselessdomain,DC=local
dscorepropagationdata: 1601-01-01 00:00:00
givenname:             Jérôme
groupdomain:           uselessdomain.local
groupname:             Groupe accent é
homedirectory:         
instancetype:          4
isgroup:               False
lastlogoff:            1601-01-01 00:09:21
lastlogon:             2016-09-29 22:06:39
lastlogontimestamp:    131196515997956278
logoncount:            22
memberdn:              CN=Jérôme Doe,CN=Users,DC=uselessdomain,DC=local
memberdomain:          uselessdomain.local
membername:            jerome.doe
memberof:              CN=Groupe accent é,DC=uselessdomain,DC=local
membersid:             S-1-5-21-2193705973-3019999467-1313540997-1153
name:                  Jérôme Doe
objectcategory:        CN=Person,CN=Schema,CN=Configuration,DC=uselessdomain,DC=local
objectclass:           top,
                       person,
                       organizationalPerson,
                       user
objectguid:            7124ecd4-9886-424c-a1ef-f0bf661f3c36
objectsid:             S-1-5-21-2193705973-3019999467-1313540997-1153
primarygroupid:        513
profilepath:           
pwdlastset:            2016-08-29 21:18:04
samaccountname:        jerome.doe
samaccounttype:        805306368
scriptpath:            
sn:                    Doe
useraccountcontrol:    512
userprincipalname:     jerome.doe@uselessdomain.local
usnchanged:            38416
usncreated:            28785
whenchanged:           2016-09-29 19:39:59
whencreated:           2016-07-09 09:44:03

Cheers,

Y

[ThePirateWhoSmellsOfSunflowers]

Thanks, See you for the next issue !

:banana: :eggplant: