Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

--resolve-sd error #54

Open
0xGreen opened this issue Jan 2, 2025 · 2 comments
Open

--resolve-sd error #54

0xGreen opened this issue Jan 2, 2025 · 2 comments

Comments

@0xGreen
Copy link

0xGreen commented Jan 2, 2025

--resolve-sd is erroring out in the latest version. I have tried "samaccountname", "group", "distinguished name" etc but all giving same error.

It used to work fine in the paste.

bloodyAD --host 172.16.5.5 -d testdomain.local -u USER -p PASSWORD get object "domain admins" --resolve-sd
# or
bloodyAD --host 172.16.5.5 -d testdomain.local -u USER -p PASSWORD get object "domain admins" --attr nTSecurityDescriptor --resolve-sd
distinguishedName: CN=Domain Admins,CN=Users,DC=TESTDOMAIN,DC=LOCAL
adminCount: 1
cn: Domain Admins
groupType: -2147483646
instanceType: 4
isCriticalSystemObject: True
member: CN=svc_qualys,OU=Service Accounts,...
memberOf: CN=Denied RODC Password Replication Group,CN=Users,DC=TESTDOMAIN,DC=LOCAL; CN=Administrators,CN=Builtin,DC=TESTDOMAIN,DC=LOCAL
Traceback (most recent call last):
  File "/opt/bloodyAD/bloodyAD/utils.py", line 386, in getsid
    return self.sid_dict[sid]
           ~~~~~~~~~~~~~^^^^^
KeyError: 'S-1-5-21-3842939050-3880317879-2865463114-512'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "/opt/bloodyAD/bloodyAD.py", line 5, in <module>
    main.main()
  File "/opt/bloodyAD/bloodyAD/main.py", line 217, in main
    entry_str = print_entry(attr_name, attr_val)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/bloodyAD/bloodyAD/main.py", line 244, in print_entry
    entry_str = print_entry(f"{entryname}{i_str}", v)
                ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/bloodyAD/bloodyAD/main.py", line 258, in print_entry
    print(f"{entryname}.{k}: {entry_str}")
                             ^^^^^^^^^^^
  File "/opt/bloodyAD/bloodyAD/utils.py", line 413, in __str__
    return global_lazy_adschema.getsid(self.sid)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/opt/bloodyAD/bloodyAD/utils.py", line 389, in getsid
    self._resolveAll()
  File "/opt/bloodyAD/bloodyAD/utils.py", line 341, in _resolveAll
    for entry in entries:
                 ^^^^^^^
  File "/opt/bloodyAD/bloodyAD/network/ldap.py", line 425, in bloodysearch
    raise err
  File "/usr/lib/python3/dist-packages/msldap/connection.py", line 684, in search
    flt = query_syntax_converter(query)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/query.py", line 112, in query_syntax_converter
    flt = LF.parse(ldap_query_string)
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/filter.py", line 48, in parse
    return parser.parse(filt, actions=ParserActions())
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 1530, in parse
    return parser.parse()
           ^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 1507, in parse
    tree = self._read_root()
           ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 159, in _read_root
    address0 = self._read_filter()
               ^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 203, in _read_filter
    address4 = self._read_filtercomp()
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 304, in _read_filtercomp
    address0 = self._read_or()
               ^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 422, in _read_or
    address4 = self._read_filterlist()
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 537, in _read_filterlist
    address1 = self._read_filter()
               ^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 203, in _read_filter
    address4 = self._read_filtercomp()
               ^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 310, in _read_filtercomp
    address0 = self._read_item()
               ^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 556, in _read_item
    address0 = self._read_wildcard()
               ^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 721, in _read_wildcard
    address3 = self._read_wildcard_value()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 749, in _read_wildcard_value
    address1 = self._read_value()
               ^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 878, in _read_value
    address1 = self._read_AttributeValue()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 1238, in _read_AttributeValue
    address0 = self._read_EscapedCharacter()
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/parser.py", line 1293, in _read_EscapedCharacter
    address0 = self._actions.return_escaped_char(self._input, index1, self._offset, elements0)
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/msldap/protocol/ldap_filter/filter.py", line 413, in return_escaped_char
    chr_code = int(string.replace('\\', ''))
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
ValueError: invalid literal for int() with base 10: ''
@CravateRouge
Copy link
Owner

You error sounds like you have a msldap version below 0.5.12 which is weird because it's required in the pyproject.toml of bloodyAD.
But from what I remember before msldap 0.5.12 some binary search were not done correctly due to an error in binary encoding in msldap, see skelsec/msldap#52 and you had the error you had as a symptom but the symptom has also been fixed in skelsec/msldap#51. And all those PR were added in https://github.com/skelsec/msldap/releases/tag/0.5.12

@0xGreen
Copy link
Author

0xGreen commented Jan 2, 2025

Thankyou!

Yes, it works fine with msldap 0.5.12. I had 0.5.10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@0xGreen @CravateRouge