Stracciatella icon indicating copy to clipboard operation
Stracciatella copied to clipboard

Published 20 hours ago verified publisher icon mgeeky

always executes command on local, seems to ignore remote.

Open ghost opened this issue 4 years ago • 8 comments

hello friend , does the pipe name matters ? should the pipe exits on the target machine? Stracciatella seems always to be executing command on local machine and ignore the remote ip.

Is there a specific syntax to use ? thanks

i have tried Stracciatella-remote -v remote-ip \.\pipe\pipename command. also tested Stracciatella-remote -v remote-ip pipename(without \.\pipe) command.

ghost avatar Oct 19 '21 21:10 ghost

Hello,

Pipe name does matter as well as computer name - for which you are clearly using here the dot value \\.\ - this value refers to your local computer.

Instead you would like to use something like the following:

\\computer.domain.com\pipename

Hope that helps, Mariusz.

mgeeky avatar Dec 13 '21 21:12 mgeeky

no pipename specified as error;

stracciatella-remote -v \COMPUTER.DOMAIN.COM\b8f1c2a4-cc61-4ca3-bf91-ba44096438df whoami

is this how it is supposed to be used?

ghost avatar Jan 10 '22 13:01 ghost

@fendi1989 This project is a little dusty at the moment, so I admit there are things worth embellishing. As for the stracciatella-remote - I never used it that much to be honest, maybe once or twice just for a test. The idea is that if you're sure that you have Stracciatella running on a remote machine and there is a SMB pipe exposed as well as 445/137 ports available, you should be able to connect to that remote machine over SMB and communicate (RPC) with that remote stracciatella.

Then, the command you've attempted should get you connected to that remote Stracciatella instance. However, there are various issues that may interrupt your operations:

  • Straciatella on a remote system might have not been launched properly (exited prematurely?)
  • remote straciatella might have timed-out while waiting for inbound client connection to its pipe and due to that
  • you might be having some token privileges issues (or TGS/TGT maybe)
  • there might be firewall preventing your SMB/RPC connectivity

Without further context what did you try, what was the error message I'm unable to provide you with further assistance and track down what's going on in there.

Please do provide me more context with what fails and I will try think more of it.

Regards, Mariusz.

mgeeky avatar Jan 12 '22 19:01 mgeeky

oh god, tokens are funny I solved the problem , right now, if I doing a long command should I put it between " "?

ghost avatar Jan 12 '22 20:01 ghost

Hopefully not, I tried to code it up in aggressor script in a why to consume every argument opening a command :) In other words, the aggressor script should detect where your command begins and consider following bytes as that command.

Let me know if that doesn't work though!

mgeeky avatar Jan 13 '22 01:01 mgeeky

Hopefully not, I tried to code it up in aggressor script in a why to consume every argument opening a command :) In other words, the aggressor script should detect where your command begins and consider following bytes as that command.

Let me know if that doesn't work though!

Weird , It warns me about the pipename , the warning on the agressor "no pipename". I tested without remote option and added invoke command -computer name target and it works, just to avoid the remote option. Sad , i wanted to play a little bit with the remote option on my lab.

ghost avatar Jan 13 '22 01:01 ghost

@fendi1989 - Would you be kind taking a look at the straciatella.cna script file and attempt to fix that issue? :)

I must admit that I'm not able to pick up on Stracciatella in upcoming days.

mgeeky avatar Jan 13 '22 03:01 mgeeky

Hi @fendi1989 - I've hopefully addressed your issue in latest release :)

Let me know if problem remains!

mgeeky avatar May 17 '22 13:05 mgeeky