Comments (7)
jsdhasfedssad
commented on June 25, 2024
1
Aha. Good. Now it works. Thanks!
I noticed you have the same issue with DumpSMBShare.py. Please fix this in that to.
from finduncommonshares.
p0dalirius
commented on June 25, 2024
Hey @jsdhasfedssad,
Your NT hash (fc525c9683e8fe067095ba2ddc97188) is missing a character, it is only 31 characters long instead of 32. I've just tried with an NT hash on my end and it works fine.
./FindUncommonShares.py -u Administrator -H 520126a03f5d5a8d836f1c4f34ede7ce --domain DOMAIN.local --dc-ip 192.168.1.71 --check-user-access
Do not hesitate to open an issue if you encounter further problems,
Best regards,
Podalirius
from finduncommonshares.
jsdhasfedssad
commented on June 25, 2024
You were right about the short hash. However, after correcting that I still have issues.
As you can see below authenticating to LDAP using the same account and NT hash to the same target using CrackMapExec works. Using the same account but using it's plaintext password in combination with FindUncommonShares works. But, using the same account and it's NT hash with FindUncommonShares fails.
from finduncommonshares.
p0dalirius
commented on June 25, 2024
Yes I had that too I need to fix that
Please add a : in front of the hash for the moment, like this -H :fc525c9683e8fe067095ba2ddc97188d
from finduncommonshares.
p0dalirius
commented on June 25, 2024
Good point, I will too
from finduncommonshares.
jsdhasfedssad
commented on June 25, 2024
Hi again,
Today I cloned main in order to test this fix. Now authenticating using a NT hash works but using a plaintext password does not. The opposite to before the fix.
from finduncommonshares.
p0dalirius
commented on June 25, 2024
Hi @jsdhasfedssad, I've fixed it :)
from finduncommonshares.
Related Issues (20)
- [enhancement] Add an option to check user access HOT 5
- [enhancement] Add an option to customize COMMON_SHARES HOT 1
- [enhancement] Check if SMB port 445 is accessible before trying to connect
- [enhancement] Use parse_target instead of -u, -p and -d HOT 2
- [enhancement] Implement "writable" in access_rights HOT 1
- [bug] ValueError: max_workers must be greater than 0, when no computer object is found
- [enhancement] Add an option to filter access rights HOT 1
- [enhancement] Write results in a file as JSON
- [enhancement] Change colors of output HOT 1
- [bug] Output File Doesn't Respect Flags HOT 1
- Add additional logging to know which DNS Names are failing to resolve. HOT 1
- [bug] Issue when attempting to run with password authentication HOT 2
- [enhancement] Perform machine name DNS lookup in the script to prevent DNS issues
- [enhancement] Display comment field in output HOT 1
- [enhancement] Adding an option to list rights on the shares HOT 1
- [enhancement] Add getpass input if --no-pass and --password not supplied HOT 1
- [bug] Remove nslookup
- [enhancement] Add an option to filter computers with LDAP query HOT 1
- [enhancement] Add support of custom dns server instead of the DC HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from finduncommonshares.