Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PyOpenSSL has removed deprecated PKCS12 breaking --shadow-credentials in ntlmrelayx.py #1716

Open
pwnf opened this issue Mar 18, 2024 · 1 comment
Open

PyOpenSSL has removed deprecated PKCS12 breaking --shadow-credentials in ntlmrelayx.py #1716

pwnf opened this issue Mar 18, 2024 · 1 comment
Assignees
@anadrianmanrique
Labels
high High priority item

Comments

@pwnf
Copy link

pwnf commented Mar 18, 2024
edited

Configuration

impacket version: 0.11.0
Python version: 3.11.8
Target OS: Kali Linux

Debug Output With Command String

ntlmrelayx.py -t ldaps://domain.com --shadow-credentials -smb2support --no-dump

ntlmrelayx.py -t ldaps://domain.com --shadow-credentials -smb2support --no-dump
[*] Generating certificate                                                                                                                                                                                                                                                                                                   [*] Certificate generated                                                                                                                                                                                                                                                                                                    [*] Generating KeyCredential                                                                                                                                                                                                                                                                                                 [*] KeyCredential generated with DeviceID: c6ec8e65-6dcf-d624-a64b-07680619cab3                                                                                                                                                                                                                                              [*] Updating the msDS-KeyCredentialLink attribute of ABC-123$                                                                                                                                                                                                                                                               [*] Updated the msDS-KeyCredentialLink attribute of the target object
Exception in thread Thread-7:
Traceback (most recent call last):
  File "/usr/lib/python3.11/threading.py", line 1045, in _bootstrap_inner
    self.run()
  File "/home/redacted/.local/share/pipx/venvs/impacket/lib/python3.11/site-packages/impacket/examples/ntlmrelayx/attacks/ldapattack.py", line 1129, in run
    self.shadowCredentialsAttack(domainDumper)
  File "/home/redacted/.local/share/pipx/venvs/impacket/lib/python3.11/site-packages/impacket/examples/ntlmrelayx/attacks/ldapattack.py", line 328, in shadowCredentialsAttack                                                                                                                                                  certificate.ExportPFX(password=password, path_to_file=path)
  File "/home/redacted/.local/share/pipx/venvs/impacket/lib/python3.11/site-packages/dsinternals/common/cryptography/X509Certificate2.py", line 54, in ExportPFX                                                                                                                                                                pk = OpenSSL.crypto.PKCS12()
         ^^^^^^^^^^^^^^^^^^^^^
  File "/home/redacted/.local/share/pipx/venvs/impacket/lib/python3.11/site-packages/cryptography/utils.py", line 72, in __getattr__
    obj = getattr(self._module, attr)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: module 'OpenSSL.crypto' has no attribute 'PKCS12'

Additional context

I am running impacket in pipx, I noted that pyOpenSSL made the following Backward-incompatible changes on 09/03/2024

Removed the deprecated OpenSSL.crypto.PKCS12 and OpenSSL.crypto.NetscapeSPKI. OpenSSL.crypto.PKCS12 may be replaced by the PKCS#12 APIs in the cryptography package.

Thus as a short term solution I was able to use the following to roll back pyOpenSSL and get the shadow credential attack working again:
pipx inject impacket pyOpenSSL==24.0.0
@anadrianmanrique anadrianmanrique added the high High priority item label Apr 11, 2024
@anadrianmanrique anadrianmanrique mentioned this issue Apr 22, 2024
Open
@mohnad-0b
Copy link

I have the same issue and I did this to solve it, and it worked for me

pip uninstall pyOpenSSL asgiref
sudo apt-get remove python3-asgiref 
pip install asgiref==3.7.2  
pip install pyOpenSSL==22.1.0 mitmproxy-rs==0.5.1 urwid-mitmproxy==2.1.1
pip install --upgrade impacke

@anadrianmanrique anadrianmanrique self-assigned this May 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@anadrianmanrique anadrianmanrique

Labels
high High priority item
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@pwnf @anadrianmanrique @mohnad-0b