impacket icon indicating copy to clipboard operation
impacket copied to clipboard

Published 20 hours ago verified publisher icon fortra

Impacket-net access denied when specifying user

Open Signum21 opened this issue 1 year ago • 0 comments

Configuration

impacket version: Impacket v0.11.0 Python version: Python 3.11.7 Target OS: Windows Server 2019

Debug Output With Command String

Not working example specifying username

impacket-net -debug 'thm.corp/TABATHA_BRITT:marlboro(1985)@thm.corp' user -name TABATHA_BRITT

Impacket v0.11.0 - Copyright 2023 Fortra

[+] Impacket Library Installation Path: /usr/lib/python3/dist-packages/impacket
Traceback (most recent call last):
  File "/usr/share/doc/python3-impacket/examples/net.py", line 549, in <module>
    net.run(address, options.target_ip)
  File "/usr/share/doc/python3-impacket/examples/net.py", line 370, in run
    info = actionObject.Query(self.__options.name)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/share/doc/python3-impacket/examples/net.py", line 158, in Query
    user_handle = self._get_user_handle(domain_handle, name)
                  ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/share/doc/python3-impacket/examples/net.py", line 105, in _get_user_handle
    response = samr.hSamrOpenUser(self._dce, domain_handle, samr.USER_ALL_ACCESS, user_rid)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/impacket/dcerpc/v5/samr.py", line 2487, in hSamrOpenUser
    return dce.request(request)
           ^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/impacket/dcerpc/v5/rpcrt.py", line 880, in request
    raise exception
impacket.dcerpc.v5.samr.DCERPCSessionError: SAMR SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights.
[-] SAMR SessionError: code: 0xc0000022 - STATUS_ACCESS_DENIED - {Access Denied} A process has requested access to an object but has not been granted those access rights.

Working example without specifying username

impacket-net -debug 'thm.corp/TABATHA_BRITT:marlboro(1985)@thm.corp' user

Impacket v0.11.0 - Copyright 2023 Fortra

[+] Impacket Library Installation Path: /usr/lib/python3/dist-packages/impacket
[*] Enumerating users ..
  1. Administrator (500)
  2. Guest (501)
  3. krbtgt (502)
  <snip>

PCAP

None

Additional context

Tested on https://tryhackme.com/room/resetui

Signum21 avatar Feb 27 '24 18:02 Signum21