The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation.

[oppsec]

Hello! During a pentest, I tried to dump the passwords from a user that I connected to SMB using Evil-WinRM and PassTheHash technique. However, when I executed the HackBrowserData executable I get this error below:

Describe the bug ./hack.exe --browser chrome -vv [NOTICE] [browser.go:73,pickChromium] find browser chrome_default success [NOTICE] [browser.go:73,pickChromium] find browser chrome_user_data success [INFO] [chromium_windows.go:37,GetMasterKey] chrome_default initialized master key success [ERROR] [main.go:55,func1] The requested operation cannot be completed. The computer must be trusted for delegation and the current user account must be configured to allow delegation. hack.exe : panic: runtime error: invalid memory address or nil pointer dereference + CategoryInfo : NotSpecified: (panic: runtime ...ter dereference:String) [], RemoteException + FullyQualifiedErrorId : NativeCommandError [signal 0xc0000005 code=0x0 addr=0x0 pc=0x7ff7155c5d3b]

goroutine 1 [running]: github.com/moond4rk/HackBrowserData/browingdata.(*Data).Output(0xc0000b6f70?, {0x7ff71576d1fe, 0x7}, {0xc00020d0b0, 0xe}, {0x7ff715767ebf?, 0x18?}) /home/opp/workspace/tools/HackBrowserData/browingdata/browsingdata.go:51 +0x7b main.Execute.func1(0xc000186160?) /home/opp/workspace/tools/HackBrowserData/cmd/hack-browser-data/main.go:57 +0x11d github.com/urfave/cli/v2.(*Command).Run(0xc000186160, 0xc0000925c0, {0xc000092040, 0x4, 0x4}) /home/opp/go/pkg/mod/github.com/urfave/cli/[email protected]/command.go:273 +0x9eb github.com/urfave/cli/v2.(*App).RunContext(0xc00017e000, {0x7ff7157e40a8?, 0xc0000ae0b0}, {0xc000092040, 0x4, 0x4}) /home/opp/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:332 +0x616 github.com/urfave/cli/v2.(*App).Run(...) /home/opp/go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:309 main.Execute() /home/opp/workspace/tools/HackBrowserData/cmd/hack-browser-data/main.go:69 +0x8b7 main.main() /home/opp/workspace/tools/HackBrowserData/cmd/hack-browser-data/main.go:24 +0x17

Desktop (please complete the following information):

• OS Name: Windows Server 2012 R2
• Browser Name: Google Chrome
• Browser Version: 109.0.5414.129 64 Bits

[ghost]

same issue here :[

[EricZhou05]

Me too~Unable to Access Complete Data.

Describe the bug .\hack-browser-data-windows-64bit.exe -b all -f json --dir results -zip

[NOTICE] [browser.go:47,pickChromium] find browser Vivaldi failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser CocCoc failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser Yandex failed, profile folder does not exist [NOTICE] [browser.go:51,pickChromium] find browser QQ success [NOTICE] [browser.go:51,pickChromium] find browser Microsoft Edge success [NOTICE] [browser.go:53,pickChromium] find browser microsoft_edge_default success [NOTICE] [browser.go:47,pickChromium] find browser Chromium failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser Opera failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser Brave failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser 360speed failed, profile folder does not exist [NOTICE] [browser.go:51,pickChromium] find browser Chrome success [NOTICE] [browser.go:53,pickChromium] find browser chrome_default success [NOTICE] [browser.go:47,pickChromium] find browser Chrome Beta failed, profile folder does not exist [NOTICE] [browser.go:47,pickChromium] find browser OperaGX failed, profile folder does not exist [NOTICE] [browser.go:91,pickFirefox] find browser firefox Firefox failed, profile folder does not exist [ERROR] [main.go:60,func1] Key not valid for use in specified state. panic: runtime error: invalid memory address or nil pointer dereference [signal 0xc0000005 code=0x0 addr=0x0 pc=0x110837b]

goroutine 1 [running]: hack-browser-data/internal/browingdata.(*Data).Output(0xc0002bccb0?, {0xc0000a00c0, 0x7}, {0xc000284198, 0x16}, {0xc0000a00a0?, 0x0?}) /source/internal/browingdata/browsingdata.go:51 +0x7b main.Execute.func1(0xc00011e240?) /source/cmd/hack-browser-data/main.go:62 +0x23e github.com/urfave/cli/v2.(*App).RunContext(0xc000085040, {0x137bf48?, 0xc0000a00d8}, {0xc0000d0000, 0x8, 0x8}) /go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:322 +0x97c github.com/urfave/cli/v2.(*App).Run(...) /go/pkg/mod/github.com/urfave/cli/[email protected]/app.go:224 main.Execute() /source/cmd/hack-browser-data/main.go:73 +0x7f6 main.main() /source/cmd/hack-browser-data/main.go:24 +0x17

Desktop (please complete the following information):

• OS Name: Win11 (Version 21H2 / DirectX 12)\
• Browser Name: Google Chrome
• Browser Version: 109.0.5414.120 64 Bits

[lingszz]

It is speculated that it is returned by DPAPI error report

[moonD4rk]

It's a security restriction of Windows. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation

[oppsec]

It's a security restriction of Windows. https://learn.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/enable-computer-and-user-accounts-to-be-trusted-for-delegation

I think an error message that explains this will look better than a big stack trace. To resolve the delegation problem you need access to the Domain Controller and change the computer permissions.

However, even if I enable delegation, I will get the same error as @EricZhou05: Key not valid for use in specified state. Probably is the DPAPI error as @lingszz said.