Monteverde

my scripts from impacket are giving errors.
did not had that before rolling to python3.
i have users… but thats all.
and yes i did a git pull

congrats @splintercode That’s insane how fast you did it

@lukeasec said:
but I am really hoping this box is not all about A**** for root…my head hurts already

If it is and you figure it out, give me a shout - I’ve been going through the docs and some on-box files for over an hour and come up with nothing :smiley:

Type your comment> @rewks said:

@lukeasec said:
but I am really hoping this box is not all about A**** for root…my head hurts already

If it is and you figure it out, give me a shout - I’ve been going through the docs and some on-box files for over an hour and come up with nothing :smiley:

That’s where I am for user…lol

Type your comment> @madhack said:

my scripts from impacket are giving errors.
did not had that before rolling to python3.
i have users… but thats all.
and yes i did a git pull

I think I may know what you’re talking about. Had a similar issue after doing an update.
If this is your error:

Traceback (most recent call last):
File “xxxxxxx.py”, line 334, in
logger.init(options.ts)
TypeError: init() takes no arguments (1 given)

then edit out this line from the script:

Init the example’s logger theme
logger.init(options.ts)

Hope this help!

Type your comment> @madhack said:

my scripts from impacket are giving errors.
did not had that before rolling to python3.
i have users… but thats all.
and yes i did a git pull

If you are using kali and have the packages installed it will conflict with your libs from master and make all the scripts in the repo real sad. I don’t remember ever installing the package so it might be worth a double check. :slight_smile:

You can set PYTHONPATH to the repo base; I think I ended up doing both.

HTH

edit: replaced awful workaround with link to issue and more sane workaround. :slight_smile:

P.S. when this bit me I got the same traceback and the steps in linked issue or PYTHONPATH fixed it for me

yes it is working
but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM…
hmm let’s try something else

Type your comment> @madhack said:

yes it is working
but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM…
hmm let’s try something else

You are using wrong domain name, try different one.

Type your comment> @D8ll0 said:

Type your comment> @madhack said:

yes it is working
but ERROR:root:Kerberos SessionError: KDC_ERR_WRONG_REALM…
hmm let’s try something else

You are using wrong domain name, try different one.

thx got it!

Edit : nvm I found out

@brueh said:
‘Do not require Kerberos preauthentication’ set (UF_DONT_REQUIRE_PREAUTH).

I wonder how you got those hashes because the script you are talking about didnt find anything for me…

Type your comment> @Crafty said:

@brueh said:
‘Do not require Kerberos preauthentication’ set (UF_DONT_REQUIRE_PREAUTH).

I wonder how you got those hashes because the script you are talking about didnt find anything for me…

Think more, no just impacket

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Type your comment> @joshibeast said:

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Already tried brute forcing all users with top 100 passwords, no luck.
Impa**** gives nothing
:confused:

Type your comment> @Nt3c said:

Type your comment> @joshibeast said:

Initial foothold is a guessing game. The most simple one.
Have that in mind if your enum is not giving anything.

Already tried brute forcing all users with top 100 passwords, no luck.
Impa**** gives nothing
:confused:

I tried top-1000 passwords against all users, but no luck! :frowning:

tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
think laziest.

in retrospect it’s absolutely realistic. sadly.

Type your comment> @babywyrm said:

tbh if you think about some of those burner accounts that get installed in the process of spinning up a box, people can be pretty lazy about burner passwords.
think laziest.

in retrospect it’s absolutely realistic. sadly.

this is the same for me as try harder.
still thx for the info.

FINALLY found an account i can use ?

EDIT: found another set of creds.
Basically all enumeration till now, nothing fancy.

Any news about root?, I’m focus with A***e but can’t find anything.

guys how did you find the password for the user, cause I tried bruteforcing all of them and got nothing