Starting Point Machine

Hi all!

New guy trying to startup in info sec.

Having some troubles just with the starting point tutorial :neutral:
I’ve followed everything up until I try to use mssqlclient.py where it says Login failed for user ‘ARCHETYPE\Guest’ even though I’m connecting as ARCHETYPE\sql_svc@10.10.10.27.
I have the password from the previous step, so that all should be right.

Any ideas?

you’d have to show us what commands you’re running otherwise pretty impossible for anyone to say what you’re doing wrong

try ARCHETYPE/Guest
in the password, do you have a !

i have the same problem

i have the password and it is telling me the password is wrong.

python3 mssqlclient.py ARCHETYPE\sql_svc@10.10.10.27 -windows -auth

with password M3g4c0rp123

get l;ogin failed for user ‘archetype\guest’

Type your comment> @VbScrub said:

you’d have to show us what commands you’re running otherwise pretty impossible for anyone to say what you’re doing wrong

Sorry should’ve added that.
My command is exactly what usmarine2141 has

I will try peeks suggestion in an hour or so.

Thanks for the replies!

i tried guest, but not putting a ! at the end because the prod.dtsconfig file doesnt have a !

update: tried with appending a ! on the end and it does not work still.

Ha! Silly mistake!
Use forward slash not back slash for command.
so:
python3 mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth

yeah impacket loves their forward slashes even on windows where domain names and usernames are always normally separated by a backslash

When I run: mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth
I get:
Traceback (most recent call last):
File “/usr/local/bin/mssqlclient.py”, line 4, in
import(‘pkg_resources’).run_script(‘impacket==0.9.22.dev1+20200327.103853.7e505892’, ‘mssqlclient.py’)
File “/usr/lib/python2.7/dist-packages/pkg_resources/init.py”, line 666, in run_script
self.require(requires)[0].run_script(script_name, ns)
File “/usr/lib/python2.7/dist-packages/pkg_resources/init.py”, line 1462, in run_script
exec(code, namespace, namespace)
File “/usr/local/lib/python2.7/dist-packages/impacket-0.9.22.dev1+20200327.103853.7e505892-py2.7.egg/EGG-INFO/scripts/mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python2.7/dist-packages/impacket-0.9.22.dev1+20200327.103853.7e505892-py2.7.egg/impacket/tds.py”, line 532, in connect
sock.connect(sa)
File “/usr/lib/python2.7/socket.py”, line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 110] Connection timed out

anyone know what’s wrong?

mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth
Impacket v0.9.22.dev1 - Copyright 2020 SecureAuth Corporation

Password:
Traceback (most recent call last):
File “/usr/local/bin/mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python2.7/dist-packages/impacket/tds.py”, line 532, in connect
sock.connect(sa)
File “/usr/lib/python2.7/socket.py”, line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 110] Connection timed out

Any help would be appreciated

@saj try downloading python 2.7.9, im pretty sure that command uses an older version. worked for me when i did it

@zillakami

python -V

Python 2.7.17

which python

/usr/bin/python

@Inigma THANK YOU THANK YOU! I didn’t even realize that it just had to due with the semantic issue around \ / 's …gawds…

@saj - I’m running Python 3.8.2

I had to download impacket-0.9.21 for my Kali-linux machine, otherwise myssqlclient.py will keep reporting “[-] Missing required parameter ‘digestmod’.”

v0.9.21 just came out in March, and it solves some issues related to SMB connections, but apparently not backslashes vs forward slashes! :grimace: :grimace: :grimace:

Hello everyone, I’m coming to you because I have a problem with impacket GitHub - fortra/impacket: Impacket is a collection of Python classes for working with network protocols.

all the python library is installed but here is what I encounter as error:

./mssqlclient.py ARCHETYPE/sql_scv@10.10.27 -windows-auth
Impacket v0.9.22.dev1+20200518.92028.525fa3d0 - Copyright 2020 SecureAuth Corporation

Password: M3g4c0rp123
Traceback (most recent call last):
File “./mssqlclient.py”, line 173, in
ms_sql.connect()
File “/usr/local/lib/python2.7/dist-packages/impacket-0.9.22.dev1+20200518.92028.525fa3d0-py2.7.egg/impacket/tds.py”, line 532, in connect
sock.connect(sa)
File “/usr/lib/python2.7/socket.py”, line 228, in meth
return getattr(self._sock,name)(*args)
socket.error: [Errno 113] No route to host

the VPN is connected, I uninstall and reinstall the python and impacket libraries and still nothing, always this error message, thanks in advance for your help.

Type your comment> @Inigma said:

Ha! Silly mistake!
Use forward slash not back slash for command.
so:
python3 mssqlclient.py ARCHETYPE/sql_svc@10.10.10.27 -windows-auth

Forward slash works! hey thx!

Hello Experts! i am very new to HTB. long way to go! but i have attitude keep trying. and get help from experts. i am stuck at this All 65535 scanned ports on 10.10.10.27 are filtered . i disconnect and re connect my vpn many times but no luck. i can ping the gateway 10.10.16.1 and i show the route of 10.10.10.0/23 point to gw. need help to move on.

Are you sure that you connected to the correct VPN?

yes ! its showing same ip on web also 10.10.16.XX

route

Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
default _gateway 0.0.0.0 UG 100 0 0 eth0
10.10.10.0 10.10.16.1 255.255.254.0 UG 0 0 0 tun0
10.10.16.0 0.0.0.0 255.255.252.0 U 0 0 0 tun0
192.168.26.0 0.0.0.0 255.255.255.0 U 100 0 0 eth0

ifconfig | grep 16.33

    inet 10.10.16.XX  netmask 255.255.252.0  destination 10.10.16.XX

Host is up (1.6s latency).
All 1000 scanned ports on 10.10.10.27 are filtered

hello guys any clue why its not working and y i m getting this output