Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update DumpNTLMInfo.py: Allow non-default ports #1730

Merged
merged 2 commits into from
May 21, 2024
Merged

Update DumpNTLMInfo.py: Allow non-default ports #1730

merged 2 commits into from
May 21, 2024

Conversation

jeffmcjunkin
Copy link
Contributor

Remove restrictions on -port (can specify any port number). Add new -protocol, defaulting to SMB.
If -port 135 and -protocol isn't specified, assume RPC.

@jeffmcjunkin
Update DumpNTLMInfo.py: Allow non-default ports
855ddec 
Remove restrictions on `-port` (can specify any port number).
Add new `-protocol`, defaulting to SMB.
If `-port 135` and `-protocol` isn't specified, assume RPC.
@jeffmcjunkin jeffmcjunkin mentioned this pull request Apr 12, 2024
Closed
@anadrianmanrique anadrianmanrique added the in review This issue or pull request is being analyzed label Apr 18, 2024
@gabrielg5
Copy link
Collaborator

Hello @jeffmcjunkin,
thank you for your PR! nice enhancement to the example

I have only one comment related to usability from when I was running it.

Can you log a message to the console explaining the "decisions" the code take in behalf of the operator? For example if I run
python DumpNTLMInfo.py XXX.XXX.XXX.XXX -port 135 -protocol SMB
I get the RPCInfo output, which may be weird for someone that does not know the implementation details.

At first, I thought if it would be possible to directly know the desired output from the traffic itself - directly with the port, I mean -. But then I recall that it's possible to retrieve the RPC or SMB output from the same port, so it's ok to have that as a different parameter.

Thank you

@gabrielg5 gabrielg5 added the waiting for response Further information is needed from people who opened the issue or pull request label May 17, 2024
@jeffmcjunkin
Copy link
Contributor Author

@gabrielg5 I think this latest commit fulfills that comment, but let me know if you feel otherwise.

PS C:\> DumpNTLMInfo.py -port 445 192.168.119.136
Impacket v0.11.0 - Copyright 2023 Fortra

[*] Defaulting to SMB protocol.
[*] Using target: 192.168.119.136, IP: 192.168.119.136, Port: 445, Protocol: SMB
[+] SMBv1 Enabled   : False
[+] Prefered Dialect: SMB 3.0
[+] Server Security : SIGNING_ENABLED (not required)
[+] Max Read Size   : 8.0 MB (8388608 bytes)
[+] Max Write Size  : 8.0 MB (8388608 bytes)
[+] Current Time    : 2024-05-21 23:25:42.992672+00:00
[+] Name            : DESKTOP-5U9SEG5
[+] Domain          : DESKTOP-5U9SEG5
[+] DNS Domain Name : DESKTOP-5U9SEG5
[+] DNS Host Name   : DESKTOP-5U9SEG5
[+] OS              : Windows NT 10.0 Build 22621
[+] Null Session    : False

PS C:\> DumpNTLMInfo.py -port 135 192.168.119.136
Impacket v0.11.0 - Copyright 2023 Fortra

[*] Port 135 specified; using RPC protocol by default. Use `-protocol SMB` to force SMB protocol.
[*] Using target: 192.168.119.136, IP: 192.168.119.136, Port: 135, Protocol: RPC
[+] Name            : DESKTOP-5U9SEG5
[+] Domain          : DESKTOP-5U9SEG5
[+] DNS Domain Name : DESKTOP-5U9SEG5
[+] DNS Host Name   : DESKTOP-5U9SEG5
[+] OS              : Windows NT 10.0 Build 22621
[+] Max Read Size   : 4.18 KB (4280 bytes)
[+] Max Write Size  : 4.18 KB (4280 bytes)

PS C:\> DumpNTLMInfo.py -port 135 -protocol SMB 192.168.119.136
Impacket v0.11.0 - Copyright 2023 Fortra

[*] Port 135 specified with SMB protocol. Are you sure you don't want `-protocol RPC`?
[*] Using target: 192.168.119.136, IP: 192.168.119.136, Port: 135, Protocol: SMB
[-] The NETBIOS connection with the remote host timed out.

@gabrielg5 gabrielg5 removed the waiting for response Further information is needed from people who opened the issue or pull request label May 21, 2024
@gabrielg5 gabrielg5 merged commit ced688a into fortra:master May 21, 2024
9 checks passed
@gabrielg5
Copy link
Collaborator

Thank you @jeffmcjunkin!! 🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@gabrielg5 gabrielg5

Labels
in review This issue or pull request is being analyzed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jeffmcjunkin @gabrielg5 @anadrianmanrique