swisskyrepo
/
NetExec
mirror of https://github.com/swisskyrepo/NetExec.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ldap try catch + magenta

main
mpgn 2022-10-24 08:30:31 -04:00
parent b9699ab078
commit 5040ab6b40
2 changed files with 61 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
cme/protocols/ldap.py
View File

@ -34,7 +34,8 @@ ldap_error_status = {
"532":"STATUS_PASSWORD_EXPIRED", "532":"STATUS_PASSWORD_EXPIRED",
"773":"STATUS_PASSWORD_MUST_CHANGE", "773":"STATUS_PASSWORD_MUST_CHANGE",
"775":"USER_ACCOUNT_LOCKED", "775":"USER_ACCOUNT_LOCKED",
"50":"LDAP_INSUFFICIENT_ACCESS" "50":"LDAP_INSUFFICIENT_ACCESS",
"KDC_ERR_CLIENT_REVOKED":"KDC_ERR_CLIENT_REVOKED"
} }
@ -286,12 +287,13 @@ class ldap(connection):
if not self.args.continue_on_success: if not self.args.continue_on_success:
return True return True
except SessionError as e: except SessionError as e:
error, desc = e.getErrorString()
self.logger.error(u'{}\\{}{} {}'.format(self.domain, self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username, self.username,
" from ccache" if useCache " from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8), else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
str(e)), str(e)),
color='red') color='magenta' if error in ldap_error_status else 'red')
return False return False
except KeyError as e: except KeyError as e:
self.logger.error(u'{}\\{}{} {}'.format(self.domain, self.logger.error(u'{}\\{}{} {}'.format(self.domain,
@ -300,9 +302,11 @@ class ldap(connection):
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8), else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
''), ''),
color='red') color='red')
return False
except ldap_impacket.LDAPSessionError as e: except ldap_impacket.LDAPSessionError as e:
if str(e).find('strongerAuthRequired') >= 0: if str(e).find('strongerAuthRequired') >= 0:
# We need to try SSL # We need to try SSL
try:
# Connect to LDAPS # Connect to LDAPS
self.ldapConnection = ldap_impacket.LDAPConnection('ldaps://%s' % target, self.baseDN) self.ldapConnection = ldap_impacket.LDAPConnection('ldaps://%s' % target, self.baseDN)
self.ldapConnection.kerberosLogin(username, password, domain, self.lmhash, self.nthash, self.ldapConnection.kerberosLogin(username, password, domain, self.lmhash, self.nthash,
@ -320,6 +324,16 @@ class ldap(connection):
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8), else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else '')) highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
if self.username == '':
self.username = self.get_ldap_username()
self.check_if_admin()
# Prepare success credential text
out = u'{}\\{} {}'.format(domain,
self.username,
highlight('({})'.format(self.config.get('CME', 'pwn3d_label')) if self.admin_privs else ''))
self.logger.extra['protocol'] = "LDAPS" self.logger.extra['protocol'] = "LDAPS"
self.logger.extra['port'] = "636" self.logger.extra['port'] = "636"
self.logger.success(out) self.logger.success(out)
@ -328,6 +342,23 @@ class ldap(connection):
add_user_bh(self.username, self.domain, self.logger, self.config) add_user_bh(self.username, self.domain, self.logger, self.config)
if not self.args.continue_on_success: if not self.args.continue_on_success:
return True return True
except ldap_impacket.LDAPSessionError as e:
errorCode = str(e).split()[-2][:-1]
self.logger.error(u'{}\\{}:{} {}'.format(self.domain,
self.username,
self.password if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8,
ldap_error_status[errorCode] if errorCode in ldap_error_status else ''),
color='magenta' if errorCode in ldap_error_status else 'red')
return False
except SessionError as e:
error, desc = e.getErrorString()
self.logger.error(u'{}\\{}{} {}'.format(self.domain,
self.username,
" from ccache" if useCache
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
str(e)),
color='magenta' if error in ldap_error_status else 'red')
return False
else: else:
errorCode = str(e).split()[-2][:-1] errorCode = str(e).split()[-2][:-1]
self.logger.error(u'{}\\{}{} {}'.format(self.domain, self.logger.error(u'{}\\{}{} {}'.format(self.domain,
@ -336,6 +367,7 @@ class ldap(connection):
else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8), else ":%s" % (next(sub for sub in [self.nthash, password, aesKey] if sub != '') if not self.config.get('CME', 'audit_mode') else self.config.get('CME', 'audit_mode')*8),
ldap_error_status[errorCode] if errorCode in ldap_error_status else ''), ldap_error_status[errorCode] if errorCode in ldap_error_status else ''),
color='magenta' if errorCode in ldap_error_status else 'red') color='magenta' if errorCode in ldap_error_status else 'red')
return False
def plaintext_login(self, domain, username, password): def plaintext_login(self, domain, username, password):
self.username = username self.username = username

3
cme/protocols/smb.py
View File

@ -378,6 +378,9 @@ class smb(connection):
except: except:
pass pass
self.create_conn_obj() self.create_conn_obj()
except FileNotFoundError as e:
self.logger.error('CCache Error: {}'.format(e))
return False
except (SessionError, Exception) as e: except (SessionError, Exception) as e:
error, desc = e.getErrorString() error, desc = e.getErrorString()
self.logger.error(u'{}\\{}{} {} {}'.format(domain, self.logger.error(u'{}\\{}{} {} {}'.format(domain,