impacket icon indicating copy to clipboard operation
impacket copied to clipboard

Published 20 hours ago verified publisher icon fortra

ntmlrelayx.py OpenSSL.crypto.Error

Open forktopot opened this issue 3 years ago • 3 comments

Configuration

impacket version: Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation Python version: 3.8.4 Target OS: mac os 10.15.5

Debug Output With Command String

i.e.
python3 ntlmrelayx.py -t https://192.168.52.129/certsrv/certfnsh.asp -smb2support --adcs

python3 ntlmrelayx.py -t https://192.168.52.129/certsrv/certfnsh.asp -smb2support --adcs
Impacket v0.10.0 - Copyright 2022 SecureAuth Corporation

[*] Protocol Client SMTP loaded..
[*] Protocol Client SMB loaded..
[*] Protocol Client RPC loaded..
[*] Protocol Client LDAPS loaded..
[*] Protocol Client LDAP loaded..
[*] Protocol Client HTTP loaded..
[*] Protocol Client HTTPS loaded..
[*] Protocol Client MSSQL loaded..
[*] Protocol Client IMAPS loaded..
[*] Protocol Client IMAP loaded..
[*] Protocol Client DCSYNC loaded..
[*] Running in relay mode to single host
[*] Setting up SMB Server
[*] Setting up HTTP Server on port 80
[*] Setting up WCF Server
[*] Setting up RAW Server on port 6666

[*] Servers started, waiting for connections
[*] SMBD-Thread-5: Received connection from 192.168.52.129, attacking target https://192.168.52.129
[*] HTTP server returned error code 200, treating as a successful login
[*] Authenticating against https://192.168.52.129 as / SUCCEED
[*] Generating CSR...
Exception in thread Thread-6:
Traceback (most recent call last):
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/threading.py", line 932, in _bootstrap_inner
    self.run()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/impacket/examples/ntlmrelayx/attacks/httpattack.py", line 36, in run
    ADCSAttack._run(self)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/impacket/examples/ntlmrelayx/attacks/httpattacks/adcsattack.py", line 40, in _run
    csr = self.generate_csr(key, self.username, self.config.altName)
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/impacket/examples/ntlmrelayx/attacks/httpattacks/adcsattack.py", line 87, in generate_csr
    req.get_subject().CN = CN
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/OpenSSL/crypto.py", line 603, in __setattr__
    _raise_current_error()
  File "/Library/Frameworks/Python.framework/Versions/3.8/lib/python3.8/site-packages/OpenSSL/_util.py", line 55, in exception_from_error_queue
    raise exception_type(errors)
OpenSSL.crypto.Error: [('asn1 encoding routines', 'ASN1_mbstring_ncopy', 'string too short')]
^C%
image

forktopot avatar Sep 13 '22 10:09 forktopot

Use petitpotam to attack, and petitpotam runs normally image

forktopot avatar Sep 13 '22 10:09 forktopot

I was also running into such issues, tho with RPC relay methods, it would be useful to have more descriptive messages in these cases.

fsacer avatar Feb 02 '24 12:02 fsacer

I get this error as well.

barrett092 avatar May 09 '24 14:05 barrett092