From 9c27dab06a07d2393403d50c8c690a28e126180b Mon Sep 17 00:00:00 2001
From: pgormanDS <86318031+pgormanDS@users.noreply.github.com>
Date: Tue, 1 Feb 2022 15:17:11 -0600
Subject: [PATCH] Update hash_spider.py

expired creds check to prevent account lockouts.
---
 cme/modules/hash_spider.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/cme/modules/hash_spider.py b/cme/modules/hash_spider.py
index 2dfef440..0175d564 100644
--- a/cme/modules/hash_spider.py
+++ b/cme/modules/hash_spider.py
@@ -166,7 +166,8 @@ class CMEModule:
             domain=domain_name
         )
         if session.smb_session is None:
-            context.log.error("Couldn't connect to remote host")
+            context.log.error("Couldn't connect to remote host. Password likely expired/changed. Removing from DB.")
+            cursor.execute("UPDATE admin_users SET hash = NULL WHERE username LIKE '" + username + "'")
             return False
         dumper = Dumper(session, timeout=10).load(self.method)
         if dumper is None:
@@ -203,7 +204,7 @@ class CMEModule:
                     cursor.execute(f"SELECT * FROM pc_and_admins WHERE pc_name = '{pc[0]}' AND dumped NOT LIKE 'TRUE'")
                     more_to_dump = cursor.fetchall()
                     if len(more_to_dump) > 0:
-                        context.log.info(f"User {user[0]} has more access to {pc[0]}. Dumping with hash {user[1]}")
+                        context.log.info(f"User {user[0]} has more access to {pc[0]}. Attempting to dump.")
                         setattr(connection, "host", pc[0].split('.')[0])
                         setattr(connection, "username", user[0].split('@')[0])
                         setattr(connection, "nthash", user[1])