Comments (6)
dirkjanm
commented on August 30, 2024
It only authenticates with NTLM, which indicates that there is no SPN set for the cifs/attacker.test.com hostname. You probably skipped the step where you'd need to add an SPN for that host as well.
from krbrelayx.
girlgirlbest
commented on August 30, 2024
In your blog, wrote need SPN with service HOST/attacker.test.com;
For me now worked with HOST, but i get one more question;
I usage printer bug versus primary-dc.test.com
Krbrelayx output:
Got ticket for primary-dc.test.com [[email protected]]
But if i'am usage versus secondary-dc.test.com
Krbrelayx output
SMBD: receiver connection from "ip address"
Delegate info not set, cannot extract ticket!
Make sure the account you use has unconstrained delegation rights.
secondary-dc.test.com=Windows 2012 server
primary-dc.test.com = Windows 2012 server
I checked , both dc have unconstrained delegation;
from krbrelayx.
dirkjanm
commented on August 30, 2024
I'm not sure what would cause that but for some reason the secondary DC does not think your attacker account has unconstrained delegation.
from krbrelayx.
girlgirlbest
commented on August 30, 2024
Great thanks; Last question )))
If i'am usage printerbug.py versus Windows service 2008 sp2
Output:
[-] SMB SessionError: STATUS_OBJECT_NAME_NOT_FOUND(The object name is not found.)
Traceback (most recent call last):
File "printerbug.py", line 198, in
main()
File "printerbug.py", line 191, in main
lookup.dump(remote_name)
File "printerbug.py", line 77, in dump
self.lookup(rpctransport, remote_host)
File "printerbug.py", line 87, in lookup
dce.connect()
File "/usr/local/lib/python2.7/dist-packages/impacket/dcerpc/v5/rpcrt.py", line 800, in connect
return self._transport.connect()
File "/usr/local/lib/python2.7/dist-packages/impacket/dcerpc/v5/transport.py", line 400, in connect
self.__handle = self.__smb_connection.openFile(self.__tid, self.__filename)
File "/usr/local/lib/python2.7/dist-packages/impacket/smbconnection.py", line 547, in openFile
raise SessionError(e.get_error_code(), e.get_error_packet())
impacket.smbconnection.SessionError: SMB SessionError: STATUS_OBJECT_NAME_NOT_FOUND(The object name is not found.)
python rcpdump.py test\administrator@"ip address windows 2008 server"
Protocol [MS-RPRN]: Print System Remote Protocol Presense
from krbrelayx.
dirkjanm
commented on August 30, 2024
Not quite sure what causes this, could be something 2008 specific but I don't have it here to test.
from krbrelayx.
kaleemshaik7867
commented on August 30, 2024
In your blog, wrote need SPN with service HOST/attacker.test.com; For me now worked with HOST, but i get one more question; I usage printer bug versus primary-dc.test.com Krbrelayx output: Got ticket for primary-dc.test.com [[email protected]] But if i'am usage versus secondary-dc.test.com Krbrelayx output SMBD: receiver connection from "ip address" Delegate info not set, cannot extract ticket! Make sure the account you use has unconstrained delegation rights.
secondary-dc.test.com=Windows 2012 server primary-dc.test.com = Windows 2012 server I checked , both dc have unconstrained delegation;
@girlgirlbest how did it work, I have added both HOST and CIFS but did not work for me . Still getting the below error.
Unsupported MechType 'NTLMSSP - Microsoft NTLM Security Support Provider'
from krbrelayx.
Related Issues (20)
- Feature request: python3 support HOT 5
- Could not modify object, the server reports insufficient rights HOT 6
- python3.8 compatibility issue: TypeError: Missing required parameter 'digestmod'. HOT 6
- Error with dnstool.py remove HOT 7
- addspn.py doesn't handle useraccounts with '.' in the name. HOT 1
- AttributeError: 'Resolver' object has no attribute 'resolve' HOT 2
- AttributeError: 'GenericRdata' object has no attribute 'key' HOT 6
- AttributeError: 'KrbRelayxConfig' object has no attribute 'setIsADCSAttack' HOT 3
- why is that HOT 2
- TypeError: initConnection() takes 1 positional argument but 3 were given HOT 4
- dnstool error HOT 3
- "Could not find the correct encryption key! Ticket is encrypted with keytype 18, but keytype(s) were supplied" HOT 3
- Unsupported MechType 'NTLMSSP - Microsoft NTLM Security Support Provider HOT 5
- Question/Feature: Relaying DNS and HTTP Authentication to LDAP By Modifying the Client Integrity Flag HOT 1
- ADDSPN error HOT 3
- Connection reset by peer when adding a DNS record with dnstool.py HOT 6
- RPRN SessionError: code: 0x6ba - RPC_S_SERVER_UNAVAILABLE while executing printerbug.py script HOT 4
- Creating service ticket fails HOT 4
- Crash on Cyrillic domain HOT 9
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from krbrelayx.