Skip to content
This repository has been archived by the owner on Dec 6, 2023. It is now read-only.

Authentication fails if the password contains the euro "€" character #786

Open
tigre-bleu opened this issue May 17, 2023 · 1 comment
Open

Authentication fails if the password contains the euro "€" character #786

tigre-bleu opened this issue May 17, 2023 · 1 comment

Comments

@tigre-bleu
Copy link

CME fails if the password used when authenticating has a "€" character in it with a UnicodeEncodeError exception.

Steps to reproduce the behavior:

  1. Create a user with a password containing character
  2. Try to authenticate using CME

To easily test, one could create a random share using impacket-smbserver

Expected behavior
The password is valid so the authentication shall succeed

Screenshots

└──╼ $cme smb 127.0.0.1 -u test -p 't€st'
[*] Initializing FTP protocol database
[*] Initializing RDP protocol database
[*] Old configuration file detected, replacing with new version
SMB         127.0.0.1       445    NenjEgZo         [*] mHRWzOcT (name:NenjEgZo) (domain:JIdQIxUP) (signing:False) (SMBv1:True)
Traceback (most recent call last):
  File "/home/user/.local/bin/cme", line 8, in <module>
    sys.exit(main())
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 257, in main
    asyncio.run(
  File "/usr/lib/python3.9/asyncio/runners.py", line 44, in run
    return loop.run_until_complete(main)
  File "/usr/lib/python3.9/asyncio/base_events.py", line 642, in run_until_complete
    return future.result()
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 105, in start_threadpool
    await asyncio.gather(*jobs)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/crackmapexec.py", line 69, in run_protocol
    await asyncio.wait_for(
  File "/usr/lib/python3.9/asyncio/tasks.py", line 442, in wait_for
    return await fut
  File "/usr/lib/python3.9/concurrent/futures/thread.py", line 52, in run
    result = self.fn(*self.args, **self.kwargs)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 143, in __init__
    connection.__init__(self, args, db, host)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 65, in __init__
    self.proto_flow()
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 101, in proto_flow
    if self.login() or (self.username == '' and self.password == ''):
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/connection.py", line 300, in login
    elif self.plaintext_login(self.domain, user, password): return True
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/cme/protocols/smb.py", line 450, in plaintext_login
    self.conn.login(self.username, self.password, domain)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smbconnection.py", line 276, in login
    return self._SMBConnection.login(user, password, domain, lmhash, nthash, ntlmFallback)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smb.py", line 3494, in login
    self.login_extended(user, password, domain, lmhash, nthash, use_ntlmv2 = True)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/smb.py", line 3402, in login_extended
    type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth, respToken['ResponseToken'], user, password, domain, lmhash, nthash, use_ntlmv2 = use_ntlmv2)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/ntlm.py", line 628, in getNTLMSSPType3
    ntlmChallengeResponse = NTLMAuthChallengeResponse(user, password, ntlmChallenge['challenge'])
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/ntlm.py", line 443, in __init__
    lmhash = compute_lmhash(password)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/impacket/ntlm.py", line 745, in compute_lmhash
    lmhash  = __DES_block(b(password[:7]), KNOWN_DES_INPUT)
  File "/home/user/.local/pipx/venvs/crackmapexec/lib/python3.9/site-packages/six.py", line 644, in b
    return s.encode("latin-1")
UnicodeEncodeError: 'latin-1' codec can't encode character '\u20ac' in position 1: ordinal not in range(256)

Crackmapexec info

  • OS: Parrot OS
  • Version of CME :5.4.1
  • Installed from pipx using github master on 05/17/2023
@Marshall-Hallenbeck
Copy link
Contributor

This looks like an error in the six package that impacket uses.

@NeffIsBack NeffIsBack mentioned this issue Sep 20, 2023
Merged
@NeffIsBack NeffIsBack mentioned this issue Nov 30, 2023
Closed
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Marshall-Hallenbeck @tigre-bleu