panic: runtime error: invalid memory address or nil pointer dereference

[ad0nis]

Receiving this error whether I build ruler myself or use the release.

./ruler-linux64 --rpc --email test@example.com abk dump --output ./gal.txt
Password:
[+] Retrieving RPC/HTTP info
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x75e586]

goroutine 1 [running]:
github.com/staaldraad/go-ntlm/ntlm.(*V1ClientSession).ProcessChallengeMessage(0xc0001b8000, 0xc000542120, 0x69, 0xc000542120)
/home/staaldraad/go/pkg/mod/github.com/staaldraad/go-ntlm@v0.0.0-20200612175713-cd032d41aa8c/ntlm/ntlmv1.go:402 +0x1c6
github.com/sensepost/ruler/http-ntlm.NtlmTransport.RoundTrip(0x0, 0x0, 0x0, 0x0, 0xc000024d00, 0xb, 0x0, 0x0, 0x0, 0x0, ...)
/home/staaldraad/dev/ruler/http-ntlm/ntlmtransport.go:120 +0x737
net/http.send(0xc0001aa000, 0x93d8a0, 0xc000020500, 0x0, 0x0, 0x0, 0xc000192018, 0x7f308b985b00, 0x1, 0x0)
/usr/local/go/src/net/http/client.go:252 +0x453
net/http.(*Client).send(0xc000089c20, 0xc0001aa000, 0x0, 0x0, 0x0, 0xc000192018, 0x0, 0x1, 0x0)
/usr/local/go/src/net/http/client.go:176 +0xff
net/http.(*Client).do(0xc000089c20, 0xc0001aa000, 0x0, 0x0, 0x0)
/usr/local/go/src/net/http/client.go:718 +0x45f
net/http.(*Client).Do(...)
/usr/local/go/src/net/http/client.go:586
github.com/sensepost/ruler/autodiscover.autodiscover(0x7fffdd4c5e46, 0x14, 0xc00002e300, 0x0, 0x0, 0x0, 0x0, 0x0)
/home/staaldraad/dev/ruler/autodiscover/autodiscover.go:354 +0x52c
github.com/sensepost/ruler/autodiscover.Autodiscover(0x7fffdd4c5e46, 0x14, 0x8b1549, 0x1, 0x7, 0x65686361632e6d6f, 0x8b2133)
/home/staaldraad/dev/ruler/autodiscover/autodiscover.go:258 +0xf6
github.com/sensepost/ruler/autodiscover.GetRPCHTTP(0x7fffdd4c5e3e, 0x1c, 0x0, 0x0, 0x0, 0x93e0a0, 0xc000010018, 0xc000024cf0, 0xb, 0x10, ...)
/home/staaldraad/dev/ruler/autodiscover/autodiscover.go:104 +0xc25
main.connect(0xc0000b4b00, 0x6, 0xc0000736e0)
/home/staaldraad/dev/ruler/ruler.go:484 +0x1385
main.main.func10(0xc0000b4b00, 0x0, 0xc00000f4f0)
/home/staaldraad/dev/ruler/ruler.go:1531 +0x65
github.com/urfave/cli.HandleAction(0x8328c0, 0x8d7a40, 0xc0000b4b00, 0xc0000b4b00, 0x0)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:524 +0xfd
github.com/urfave/cli.Command.Run(0x8b1feb, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8cb4f6, 0x32, 0x0, ...)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:173 +0x58e
github.com/urfave/cli.(*App).RunAsSubcommand(0xc0000e8380, 0xc0000b4840, 0x0, 0x0)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:405 +0x954
github.com/urfave/cli.Command.startApp(0x8b19ac, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c5cc9, 0x25, 0x0, ...)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:372 +0x87f
github.com/urfave/cli.Command.Run(0x8b19ac, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8c5cc9, 0x25, 0x0, ...)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/command.go:102 +0x9f4
github.com/urfave/cli.(*App).Run(0xc0000e81c0, 0xc000020080, 0x8, 0x8, 0x0, 0x0)
/home/staaldraad/go/pkg/mod/github.com/urfave/cli@v1.22.5/app.go:277 +0x7e8
main.main()
/home/staaldraad/dev/ruler/ruler.go:1793 +0x3356

[staaldraad]

Hi @ad0nis
It is nearly impossible to figure out exactly what lead to this breakage, but it looks like the server responded with an empty NTLMv1 response. You can try with --debug to see if more information is dumped but I doubt it.

FWIW, anything under abk doesn't work with --rpc, so even if you got a little further in the auth, once it tries to interact with the addressbook, Ruler will error out