PS > python3 .\sccmhunter.py smb -u admin -p 10203040 -d corp.exmaple.com -dc-ip 10.10.10.10
(
888 d8 \
dP"Y e88'888 e88'888 888 888 8e 888 ee 8888 8888 888 8e d88 ,e e, 888,8, )
C88b d888 '8 d888 '8 888 888 88b 888 88b 8888 8888 888 88b d88888 d88 88b 888 " ##-------->
Y88D Y888 , Y888 , 888 888 888 888 888 Y888 888P 888 888 888 888 , 888 )
d,dP "88,e8' "88,e8' 888 888 888 888 888 "88 88" 888 888 888 "YeeP" 888 /
(
v0.0.2
@garrfoster
[15:20:17] INFO [-] Existing log file not found, searching LDAP for site servers.
[15:20:18] INFO [+] Found System Management Container. Parsing DACL.
[15:20:20] INFO "key 'member' not found"
[15:20:20] INFO "key 'member' not found"
[15:20:20] INFO [+] Found 2 computers with Full Control ACE
[15:20:20] INFO [*] Querying LDAP for published Management Points
[15:20:20] INFO [+] Found 2 site servers in LDAP.
[15:20:21] INFO [*] Searching LDAP for anything containing the strings 'SCCM'or 'MECM'
╭─────────────────────────────── Traceback (most recent call last) ────────────────────────────────╮
│ C:\Tools\sccmhunter\lib\commands\smb.py:28 in main │
│ │
│ 25 │ smbhunter = SMB(username=username, password=password, domain=domain, dc_ip=dc_ip,lda │
│ 26 │ │ │ │ │ │ │ kerberos=kerberos, no_pass=no_pass, hashes=hashes, aes=aes, │
│ 27 │ │ │ │ │ │ │ save=save, logs_dir=logs_dir) │
│ ❱ 28 │ smbhunter.run() │
│ 29 │
│ 30 │
│ 31 │
│ │
│ C:\Tools\sccmhunter\lib\attacks\smb.py:57 in run │
│ │
│ 54 │ │ │ │ │ │ │ │ │ target_dom=self.target_dom, dc_ip=self.dc_ip,ldaps=s │
│ 55 │ │ │ │ │ │ │ │ │ kerberos=self.kerberos, no_pass=self.no_pass, hashes │
│ 56 │ │ │ │ │ │ │ │ │ aes=self.aes, debug=self.debug, logs_dir=self.logs_d │
│ ❱ 57 │ │ │ sccmhunter.run() │
│ 58 │ │ │ self.run() │
│ 59 │ │
│ 60 │ def read_logs(self): │
│ │
│ C:\Tools\sccmhunter\lib\attacks\find.py:238 in run │
│ │
│ 235 │ │ else: │
│ 236 │ │ │ logger.info("[-] No SCCM Servers found.") │
│ 237 │ │ │
│ ❱ 238 │ │ self.save_csv(_users, _computers, _groups) │
│ 239 │ │ │
│ 240 │ │ │
│ 241 │ │ # show results │
│ │
│ C:\Tools\sccmhunter\lib\attacks\find.py:322 in save_csv │
│ │
│ 319 │ │ │ with open(f'{self.logs_dir}/csvs/groups.csv', 'w', newline='') as f: │
│ 320 │ │ │ │ writer = csv.DictWriter(f, fieldnames=group_fields) │
│ 321 │ │ │ │ writer.writeheader() │
│ ❱ 322 │ │ │ │ writer.writerows(groups) │
│ 323 │ │ │ f.close() │
│ 324 │ │ │
│ 325 │ │ if self.debug: │
│ │
│ C:\Users\predator\AppData\Local\Programs\Python\Python310\lib\csv.py:157 in writerows │
│ │
│ 154 │ │ return self.writer.writerow(self._dict_to_list(rowdict)) │
│ 155 │ │
│ 156 │ def writerows(self, rowdicts): │
│ ❱ 157 │ │ return self.writer.writerows(map(self._dict_to_list, rowdicts)) │
│ 158 │
│ 159 # Guard Sniffer's type checking against builds that exclude complex() │
│ 160 try: │
│ │
│ C:\Users\predator\AppData\Local\Programs\Python\Python310\lib\encodings\cp1252.py:19 in encode │
│ │
│ 16 │
│ 17 class IncrementalEncoder(codecs.IncrementalEncoder): │
│ 18 │ def encode(self, input, final=False): │
│ ❱ 19 │ │ return codecs.charmap_encode(input,self.errors,encoding_table)[0] │
│ 20 │
│ 21 class IncrementalDecoder(codecs.IncrementalDecoder): │
│ 22 │ def decode(self, input, final=False): │
╰──────────────────────────────────────────────────────────────────────────────────────────────────╯
UnicodeEncodeError: 'charmap' codec can't encode characters in position 72-76: character maps to <undefined>