ValueError: in check_webclient when running with different bitness of python

Question

ValueError: in check_webclient when running with different bitness of python

eranzim opened this issue 5 years ago · comments

Eran Zimmerman-Gonen commented 5 years ago

Getting this at the end of the output when running it with 32-bit python on a x64 Windows 10:

################ Check user admin ################

[!] Is user in the administrator group
True

-------------- Get System Priv with WebClient --------------

[!] Checking WebClient vulnerability

################ Error on: check_webclient ################
Traceback (most recent call last):
  File "D:\PTs\Utils\Programs\BeRoot\Windows\BeRoot\beroot\run.py", line 336, in check_all
    results = c(cmd)
  File "D:\PTs\Utils\Programs\BeRoot\Windows\BeRoot\beroot\run.py", line 297, in check_webclient
    b = w.run(self.service, cmd)
  File "D:\PTs\Utils\Programs\BeRoot\Windows\BeRoot\beroot\modules\checks\webclient\webclient.py", line 218, in run
    if self.start_webclient():
  File "D:\PTs\Utils\Programs\BeRoot\Windows\BeRoot\beroot\modules\checks\webclient\webclient.py", line 114, in start_webclient
    if self.EventWrite(hReg, byref(event_desc), 0, None) == 0:
ValueError: Procedure probably called with not enough arguments (4 bytes missing)

It should probably either be fixed, or replaced with a more descriptive error (it's easy to check the bitness of python and of the system...).
Running it with 64-bit python works.

AlessandroZ · Answer 1 · Fri Aug 02 2019 23:09:11 GMT+0800 (China Standard Time)

This vulnerability is not checked anymore (because it's mainly patched on most windows systems). However, the poc is still available here: https://github.com/AlessandroZ/BeRoot/tree/master/Windows/templates/MS16-075