pypykatz icon indicating copy to clipboard operation
pypykatz copied to clipboard

Published 20 hours ago verified publisher icon skelsec

pypykatz on arm64

Open ghost opened this issue 1 year ago • 4 comments

can someone please help me get this running on my macbook m2. i ran pip install pypykatz. even using arch -x86_64 flag it still throws error saying i have arm64 and need x86_64. is there a precompiled binary somewhere?

ghost avatar Jan 22 '23 08:01 ghost

Please provide an exact description of what you want to do and document the exception(s) with screenshots including the commands you executed that produce the exception. Alternatively instead of screenshots you can copy-past the command line text.

skelsec avatar Jan 22 '23 11:01 skelsec

pip install pypykatz

Defaulting to user installation because normal site-packages is not writeable Collecting pypykatz Using cached pypykatz-0.6.3-py3-none-any.whl (384 kB) Requirement already satisfied: aiosmb>=0.4.2 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.4.4) Requirement already satisfied: tqdm in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (4.64.1) Requirement already satisfied: winacl>=0.1.5 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.1.6) Requirement already satisfied: aiowinreg>=0.0.7 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.0.7) Requirement already satisfied: minidump>=0.0.21 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.0.21) Requirement already satisfied: msldap>=0.4.1 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.4.7) Requirement already satisfied: aesedb>=0.1.0 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.1.0) Requirement already satisfied: minikerberos>=0.3.5 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.3.5) Requirement already satisfied: unicrypto>=0.0.9 in ./Library/Python/3.9/lib/python/site-packages (from pypykatz) (0.0.9) Requirement already satisfied: pycryptodomex in ./Library/Python/3.9/lib/python/site-packages (from aesedb>=0.1.0->pypykatz) (3.16.0) Requirement already satisfied: colorama in ./Library/Python/3.9/lib/python/site-packages (from aesedb>=0.1.0->pypykatz) (0.4.6) Requirement already satisfied: prompt-toolkit>=3.0.2 in ./Library/Python/3.9/lib/python/site-packages (from aiosmb>=0.4.2->pypykatz) (3.0.36) Requirement already satisfied: asn1crypto in ./Library/Python/3.9/lib/python/site-packages (from aiosmb>=0.4.2->pypykatz) (1.5.1) Requirement already satisfied: asysocks>=0.2.2 in ./Library/Python/3.9/lib/python/site-packages (from aiosmb>=0.4.2->pypykatz) (0.2.5) Requirement already satisfied: asyauth>=0.0.8 in ./Library/Python/3.9/lib/python/site-packages (from aiosmb>=0.4.2->pypykatz) (0.0.11) Requirement already satisfied: wcwidth in ./Library/Python/3.9/lib/python/site-packages (from aiosmb>=0.4.2->pypykatz) (0.2.6) Requirement already satisfied: six in /Library/Developer/CommandLineTools/Library/Frameworks/Python3.framework/Versions/3.9/lib/python3.9/site-packages (from aiosmb>=0.4.2->pypykatz) (1.15.0) Requirement already satisfied: oscrypto>=1.2.1 in ./Library/Python/3.9/lib/python/site-packages (from minikerberos>=0.3.5->pypykatz) (1.3.0) Requirement already satisfied: cryptography>=38.0.1 in ./Library/Python/3.9/lib/python/site-packages (from winacl>=0.1.5->pypykatz) (39.0.0) Requirement already satisfied: cffi>=1.12 in ./Library/Python/3.9/lib/python/site-packages (from cryptography>=38.0.1->winacl>=0.1.5->pypykatz) (1.15.1) Requirement already satisfied: pycparser in ./Library/Python/3.9/lib/python/site-packages (from cffi>=1.12->cryptography>=38.0.1->winacl>=0.1.5->pypykatz) (2.21) Installing collected packages: pypykatz Successfully installed pypykatz-0.6.3

pypykatz

Traceback (most recent call last): File "/Users/master/Library/Python/3.9/bin/pypykatz", line 8, in sys.exit(main()) File "/Users/master/Library/Python/3.9/lib/python/site-packages/pypykatz/main.py", line 17, in main from pypykatz.kerberos.cmdhelper import KerberosCMDHelper File "/Users/master/Library/Python/3.9/lib/python/site-packages/pypykatz/kerberos/cmdhelper.py", line 19, in from pypykatz.kerberos.kerberos import get_TGS, get_TGT, generate_targets,
File "/Users/master/Library/Python/3.9/lib/python/site-packages/pypykatz/kerberos/kerberos.py", line 7, in from minikerberos.security import KerberosUserEnum, APREPRoast, Kerberoast File "/Users/master/Library/Python/3.9/lib/python/site-packages/minikerberos/security.py", line 11, in from minikerberos.aioclient import AIOKerberosClient File "/Users/master/Library/Python/3.9/lib/python/site-packages/minikerberos/aioclient.py", line 25, in from minikerberos.protocol.encryption import Key, _enctype_table, _HMACMD5, Enctype, _checksum_table File "/Users/master/Library/Python/3.9/lib/python/site-packages/minikerberos/protocol/encryption.py", line 57, in from unicrypto.symmetric import MODE_CBC, MODE_ECB File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/symmetric.py", line 82, in DES = get_preferred_cipher('DES') File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/init.py", line 79, in get_preferred_cipher return get_cipher_by_name(ciphername, selected_module) File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/init.py", line 57, in get_cipher_by_name return import_from(moduleName , ciphername) File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/init.py", line 14, in import_from module = import(module, fromlist=[name]) File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/backends/pycryptodomex/init.py", line 1, in from . import AES, DES, RC4, TDES File "/Users/master/Library/Python/3.9/lib/python/site-packages/unicrypto/backends/pycryptodomex/AES.py", line 2, in from Cryptodome.Cipher import AES as _pyCryptodomeAES File "/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Cipher/init.py", line 27, in from Cryptodome.Cipher._mode_ecb import _create_ecb_cipher File "/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Cipher/_mode_ecb.py", line 35, in raw_ecb_lib = load_pycryptodome_raw_lib("Cryptodome.Cipher._raw_ecb", """ File "/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/_raw_api.py", line 309, in load_pycryptodome_raw_lib raise OSError("Cannot load native module '%s': %s" % (name, ", ".join(attempts))) OSError: Cannot load native module 'Cryptodome.Cipher._raw_ecb': Not found '_raw_ecb.cpython-39-darwin.so', Cannot load '_raw_ecb.abi3.so': cannot load library '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so': dlopen(/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so, 0x0002): tried: '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64')), '/System/Volumes/Preboot/Cryptexes/OS/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so' (no such file), '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64')), '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Cipher/_raw_ecb.abi3.so' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64')), '/System/Volumes/Preboot/Cryptexes/OS/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Cipher/_raw_ecb.abi3.so' (no such file), '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Cipher/_raw_ecb.abi3.so' (mach-o file, but is an incompatible architecture (have 'x86_64', need 'arm64')). Additionally, ctypes.util.find_library() did not manage to locate a library called '/Users/master/Library/Python/3.9/lib/python/site-packages/Cryptodome/Util/../Cipher/_raw_ecb.abi3.so', Not found '_raw_ecb.so'

ghost avatar Jan 23 '23 04:01 ghost

Okay, I see the problem now.
This looks like a problem with the cryptographic package pycryptodome which is outside of my control. I have a few hints on how you can overcome this error but please note that since I don't have a macbook I'll not be able to test what I'm suggesting here.
Easiest solution: completely uninstall pycryptodome/cryptodome via pip and install cryptography instead. pypykatz is using the unicrypto module which automatically detects python compatible crypto libraries and will use one from a preference list.

skelsec avatar Jan 23 '23 20:01 skelsec

Hello everyone,

To install pypykatz on Mac M2, I advise you to use pipx (it's simple and it will allow you to avoid dependency conflicts).

Install pipx :

python3 -m pip install pipx
pipx ensurepath

Install pypykatz :

python3 -m pipx install pypykatz

Run pypykatz :

pypykatz -h

Have a good day.

QU35T-code avatar Mar 02 '23 08:03 QU35T-code