search

z3v2cicidi / impacket

Automatically exported from code.google.com/p/impacket
Other
0 stars 0 forks source link

samrdump import issue #22

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago 
What steps will reproduce the problem?
1. Download the 0.9.9.9.9 version
2. run setup.py install
3. run samrdump.py <ip>

What is the expected output? What do you see instead?
The normal smb enumeration info are expected, but it returns:

Traceback (most recent call last):
  File "/usr/local/bin/samrdump.py", line 24, in <module>
    from impacket import uuid, version
ImportError: cannot import name version

What version of the product are you using? On what operating system?
The last one (impacket-0.9.9.9.tar.gz) - Linux Backtrack 5r3

Please provide any additional information below.

Original issue reported on code.google.com by haruo.ka...@gmail.com on 18 Jan 2013 at 1:57

GoogleCodeExporter commented 9 years ago 
Hey Haru:

Question.. are you able to run other examples? or you have the same import 
issues as well?

thanks
beto

Original comment by bet...@gmail.com on 18 Jan 2013 at 2:26

GoogleCodeExporter commented 9 years ago 
Hi, I have the same import issues for other examples too.

thanks

Haruo

Original comment by haruo.ka...@gmail.com on 18 Jan 2013 at 2:32

GoogleCodeExporter commented 9 years ago 
Haruo:

Could you please run python setup.py install and paste the output here?

thanks

Original comment by bet...@gmail.com on 18 Jan 2013 at 2:34

GoogleCodeExporter commented 9 years ago 
Sure,

root@haruobt:/pentest/python/impacket# ./setup.py install
running install
running build
running build_py
running build_scripts
running install_lib
running install_scripts
changing mode of /usr/local/bin/exploit.py to 755
changing mode of /usr/local/bin/ping6.py to 755
changing mode of /usr/local/bin/psexec.py to 755
changing mode of /usr/local/bin/smbcat.py to 755
changing mode of /usr/local/bin/services.py to 755
changing mode of /usr/local/bin/os_ident.py to 755
changing mode of /usr/local/bin/sniffer.py to 755
changing mode of /usr/local/bin/ifmap.py to 755
changing mode of /usr/local/bin/crapchain.py to 755
changing mode of /usr/local/bin/ping.py to 755
changing mode of /usr/local/bin/win_echod.py to 755
changing mode of /usr/local/bin/smbtorture.py to 755
changing mode of /usr/local/bin/lookupsid.py to 755
changing mode of /usr/local/bin/loopchain.py to 755
changing mode of /usr/local/bin/samrdump.py to 755
changing mode of /usr/local/bin/split.py to 755
changing mode of /usr/local/bin/test_wkssvc.py to 755
changing mode of /usr/local/bin/uncrc32.py to 755
changing mode of /usr/local/bin/opdump.py to 755
changing mode of /usr/local/bin/rpcdump.py to 755
changing mode of /usr/local/bin/tracer.py to 755
changing mode of /usr/local/bin/chain.py to 755
changing mode of /usr/local/bin/smbclient.py to 755
changing mode of /usr/local/bin/atsvc.py to 755
changing mode of /usr/local/bin/oochain.py to 755
changing mode of /usr/local/bin/nmapAnswerMachine.py to 755
changing mode of /usr/local/bin/spoolss.py to 755
changing mode of /usr/local/bin/sniff.py to 755
changing mode of /usr/local/bin/ms05-039-crash.py to 755
running install_data
running install_egg_info
Removing /usr/local/lib/python2.6/dist-packages/impacket-0.9.9.9.egg-info
Writing /usr/local/lib/python2.6/dist-packages/impacket-0.9.9.9.egg-info

thanks.

Haruo

Original comment by haruo.ka...@gmail.com on 18 Jan 2013 at 2:49

GoogleCodeExporter commented 9 years ago 
Hmm.. are you running the python setup.py install as root?

I gotta install Backtrack and verify what's going on ..

In the meantime you can:

1) Untar impacket-0.9.9.9.tar.gz on a directory (let's say /home/src)
2) type: export PYTHONPATH=/home/src/impacket
3) run the examples, in the same terminal.

Please confirm that is working for you.

cheers,
beto

Original comment by bet...@gmail.com on 18 Jan 2013 at 3:15

GoogleCodeExporter commented 9 years ago 
Hi Beto,

Yes, I am installing as rot.

Now it works.

Thanks.

Original comment by haruo.ka...@gmail.com on 18 Jan 2013 at 3:23

GoogleCodeExporter commented 9 years ago 
Hey Haruo:

Good to know it works.. although you will need to set the PYTHONPATH everytime 
you want to use things.

Let me dig deeper on Backtrack to see what the issue is about..

stay tuned.

cheers,
beto

Original comment by bet...@gmail.com on 18 Jan 2013 at 3:26

GoogleCodeExporter commented 9 years ago 
OK,

Did you also notice that the impacket packet is not present at this version
of Backtrack?

thank you.

Original comment by haruo.ka...@gmail.com on 18 Jan 2013 at 3:38

GoogleCodeExporter commented 9 years ago 
Nope.. I'm not following Backtrack closely.. :s ...

In any case.. if you want.. I'd encourage you to check out the SVN trunk 
instead of using the stable version. Several things were added since 0.9.9.9 
(SMB2, SMB3, mssqlclient with hashes support, etc). We'll be tagging v1 soon so 
the code it's pretty stable these days.

cheers,
beto

Original comment by bet...@gmail.com on 18 Jan 2013 at 5:34

GoogleCodeExporter commented 9 years ago 
OK, thank you very much Beto.

Original comment by haruo.ka...@gmail.com on 18 Jan 2013 at 5:55

GoogleCodeExporter commented 9 years ago 
Haruo..

Check 0.9.10 to see if that version fixed your problems.

Original comment by bet...@gmail.com on 6 May 2013 at 5:48

GoogleCodeExporter commented 9 years ago 
Nice, I am gonna check. Thank you.

Original comment by haruo.ka...@gmail.com on 6 May 2013 at 6:09

GoogleCodeExporter commented 9 years ago 
This issue also occurs with 'psexec.py'.  I have the latest release and am 
experiencing the same issue

Original comment by PrestonT...@gmail.com on 11 May 2013 at 9:48

GoogleCodeExporter commented 9 years ago 
Hey Preston:

I'm assuming you're referring to 0.9.10. 

Please run python setup.py install and paste the output here.

Is this happening in Backtrack? Have you tried on another Linux distribution? 
(e.g. Ubuntu, Debian).

thanks!
beto

Original comment by bet...@gmail.com on 11 May 2013 at 10:20

GoogleCodeExporter commented 9 years ago 
[deleted comment]
GoogleCodeExporter commented 9 years ago 
Correct, using BT 5 R3 when this occurs.  I haven't yet tried other distros but 
certainly can.  I used the method you referred to above (setting the 
PYTHONPATH) and that worked until I rebooted the machine.  Is there an easy way 
to make that explicit reference persistent?  Thanks!

running install
running build
running build_py
running build_scripts
running install_lib
running install_scripts
changing mode of /usr/local/bin/os_ident.py to 755
changing mode of /usr/local/bin/exploit.py to 755
changing mode of /usr/local/bin/split.py to 755
changing mode of /usr/local/bin/lookupsid.py to 755
changing mode of /usr/local/bin/chain.py to 755
changing mode of /usr/local/bin/ping.py to 755
changing mode of /usr/local/bin/loopchain.py to 755
changing mode of /usr/local/bin/tracer.py to 755
changing mode of /usr/local/bin/mssqlclient.py to 755
changing mode of /usr/local/bin/crapchain.py to 755
changing mode of /usr/local/bin/nmapAnswerMachine.py to 755
changing mode of /usr/local/bin/smbtorture.py to 755
changing mode of /usr/local/bin/smbclient.py to 755
changing mode of /usr/local/bin/ms05-039-crash.py to 755
changing mode of /usr/local/bin/spoolss.py to 755
changing mode of /usr/local/bin/smbcat.py to 755
changing mode of /usr/local/bin/sys to 755
changing mode of /usr/local/bin/atsvc.py to 755
changing mode of /usr/local/bin/sniffer.py to 755
changing mode of /usr/local/bin/rpcdump.py to 755
changing mode of /usr/local/bin/smbexec.py to 755
changing mode of /usr/local/bin/mssqlinstance.py to 755
changing mode of /usr/local/bin/ping6.py to 755
changing mode of /usr/local/bin/oochain.py to 755
changing mode of /usr/local/bin/smbrelayx.py to 755
changing mode of /usr/local/bin/opdump.py to 755
changing mode of /usr/local/bin/sniff.py to 755
changing mode of /usr/local/bin/psexec.py to 755
changing mode of /usr/local/bin/samrdump.py to 755
changing mode of /usr/local/bin/win_echod.py to 755
changing mode of /usr/local/bin/uncrc32.py to 755
changing mode of /usr/local/bin/test_wkssvc.py to 755
changing mode of /usr/local/bin/ifmap.py to 755
changing mode of /usr/local/bin/services.py to 755
running install_data
running install_egg_info
Removing /usr/local/lib/python2.6/dist-packages/impacket-1.0_dev.egg-info
Writing /usr/local/lib/python2.6/dist-packages/impacket-1.0_dev.egg-info

Original comment by PrestonT...@gmail.com on 16 May 2013 at 3:18

GoogleCodeExporter commented 9 years ago 
Here is the error received when trying to run a number of the scripts:

python psexec.py 
Traceback (most recent call last):
  File "psexec.py", line 22, in <module>
    from impacket import version
ImportError: cannot import name version

Original comment by PrestonT...@gmail.com on 16 May 2013 at 3:21

GoogleCodeExporter commented 9 years ago 
Hey Preston:

The output you showed me is trying to install impacket v1.0-dev. I'm assuming 
you checked out trunk right? That is NOT impact v-0.9.10.

In any case it should work as well.

Original comment by bet...@gmail.com on 16 May 2013 at 3:22

GoogleCodeExporter commented 9 years ago 
OK.

I'm downloading Backtrack right now and will see what happens. I checked it 
with Kali Linux and the install is successful. So there must be something wrong 
there.

Going back to your comment. The reason why version cannot be imported must be 
related to an old impacket version installed in backtrack.. and for some reason 
the python setup.py install is not overwriting.

Do this for me please, from python:

import impacket
print impacket.__file__

that will tell you where the OLD impacket library is located.

You can do a manual install, which is, copying the libraries yourself to that 
target directory.
Whenever you check out impacket, or download the tar.gz, you will see two main 
directories: 
1) examples (where all the examples are located)
2) impacket (this is the library itself). Note there are subdirectories in 
there you will need to copy as well (dcerpc and examples)

If you wanna install manually, you will need to copy the ENTIRE (including 
subdirectories, mantaining the directory structure) to the path you got from 
the previous step.

Check it out and let me know.. whenever Backtrack finishes downloading I'll 
install in a VM and do some tests.

cheers
beto

Original comment by bet...@gmail.com on 16 May 2013 at 3:28

GoogleCodeExporter commented 9 years ago 
Ok, yeah that didn't seem to fix the issue.  I've rolled everything back and 
re-did the "export PYTHONPATH=/home/src/impacket" which seems to work.  I 
appreciate the quick response!

Original comment by PrestonT...@gmail.com on 16 May 2013 at 3:51

GoogleCodeExporter commented 9 years ago 
That is weird.. 

if you can execute this from the root directory (/) and paste the output that'd 
be great:

find . -name smb.py -print 2> /dev/null 

we'll nail the problem down Preston.

bto

PS: In the meantime.. to solve the issue on every reboot setting up the 
PYTHONPATH variable, you can add that export line to the .profile  file in your 
home directory. That will be executed everytime you log in.

Original comment by bet...@gmail.com on 16 May 2013 at 3:55

GoogleCodeExporter commented 9 years ago 
Yeah no worries man.  I just booted up Kali and it worked like a champ the 
first time, just kind of odd.  Here's the output as requested (you'll notice 
the multiple locations that I was using to test).  The export path I'm using on 
the BT install is: export PYTHONPATH=/root/impacket-0.9.10/ which is working.

root@bt:/# find . -name smb.py -print 2> /dev/null 
./var/www/impacket/impacket-0.9.10/build/lib.linux-i686-2.6/impacket/smb.py
./var/www/impacket/impacket-0.9.10/impacket/smb.py
./usr/local/lib/python2.6/dist-packages/scapy/layers/smb.py
./usr/local/lib/python2.6/dist-packages/impacket/smb.py
./usr/lib/pymodules/python2.6/dpkt/smb.py
./usr/lib/pymodules/python2.6/scapy/layers/smb.py
./usr/lib/pymodules/python2.6/impacket/smb.py
./usr/share/python-support/python-impacket/impacket/smb.py
./usr/share/pyshared/dpkt/smb.py
./usr/share/pyshared/scapy/layers/smb.py
./root/impacketcheckout/impacket-read-only/build/lib.linux-i686-2.6/impacket/smb
.py
./root/impacketcheckout/impacket-read-only/impacket/build/lib.linux-i686-2.6/imp
acket/smb.py
./root/impacketcheckout/impacket-read-only/impacket/smb.py
./root/impacket-0.9.10/build/lib.linux-i686-2.6/impacket/smb.py
./root/impacket-0.9.10/impacket/smb.py
./pentest/fuzzers/voip/voiper/sulley/impacket/smb.py

Thanks

Original comment by PrestonT...@gmail.com on 16 May 2013 at 4:03

GoogleCodeExporter commented 9 years ago 
Okey.. 

I installed backtrack and found the issue. 
Basically whenever you run from the unpacket impacket package:

python setup.py install 

it will install the impacket library in 
'/usr/local/lib/python2.6/dist-packages/impacket/' and the example files in 
'/usr/local/bin/'.

The problem has to do with Backtrack's Python path configuration, which can be 
printed from the sys.path python variable:

[  
    '/usr/local/lib/python2.6/dist-packages/requests-0.13.6-py2.6.egg',
    '/usr/local/lib/python2.6/dist-packages/grequests-0.1.0-py2.6.egg',
    '/usr/local/lib/python2.6/dist-packages/gevent-0.13.7-py2.6-linux-x86_64.egg',
    '/usr/local/lib/python2.6/dist-packages/greenlet-0.4.0-py2.6-linux-x86_64.egg',
    '/usr/local/lib/python2.6/dist-packages/Twisted-12.0.0-py2.6-linux-x86_64.egg',
    '/usr/lib/python2.6',
    '/usr/lib/python2.6/plat-linux2',
    '/usr/lib/python2.6/lib-tk',
    '/usr/lib/python2.6/lib-old',
    '/usr/lib/python2.6/lib-dynload',
    '/usr/lib/python2.6/dist-packages',
    '/usr/lib/python2.6/dist-packages/PIL',
    '/usr/lib/pymodules/python2.6',
    '/usr/lib/pymodules/python2.6/gtk-2.0',
    '/usr/lib/python2.6/dist-packages/wx-2.8-gtk2-unicode',
    '/usr/local/lib/python2.6/dist-packages']

As can be seen, '/usr/local/lib/python2.6/dist-packages' is the LAST directory 
where python will look for an specific library.

The old impacket shipped with backtrack is installed under 
'/usr/lib/pymodules/python2.6/impacket/'

As can be understood from the search path, python will always load the old 
library.

In order to fix this, you should remove the old library by doing:

rm -rf /usr/lib/pymodules/python2.6/impacket

This should fix the issue.

Don't forget that python always sets as first item in the search path the 
current directory, so if you have an impacket copy there, it will be loaded 
instead of the one located in /usr/local/lib/python2.6/dist-packages. That 
applies to all python scripts.

Hope this helps,
beto

Original comment by bet...@gmail.com on 16 May 2013 at 5:15

GoogleCodeExporter commented 9 years ago 
Excellent!  Thanks for your help!

Original comment by PrestonT...@gmail.com on 16 May 2013 at 5:25

GoogleCodeExporter commented 9 years ago 
No worries Preston.

Could you please test it on your backtrack so I can close the ticket if it 
works for you?

thanks
beto

Original comment by bet...@gmail.com on 16 May 2013 at 5:49

GoogleCodeExporter commented 9 years ago 
That worked!  Thanks and have a great day!

Original comment by PrestonT...@gmail.com on 16 May 2013 at 5:59

GoogleCodeExporter commented 9 years ago 
You too Preston.. thanks for the report.

Original comment by bet...@gmail.com on 16 May 2013 at 6:08