WebClient check failing with ValueError: Procedure probably called with not enough arguments (4 bytes missing

Question

WebClient check failing with ValueError: Procedure probably called with not enough arguments (4 bytes missing

voidpt opened this issue 7 years ago · comments

C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot>python beRoot.py
|====================================================================|
|                                                                    |
|                    Windows Privilege Escalation                    |
|                                                                    |
|                          ! BANG BANG !                             |
|                                                                    |
|====================================================================|



-------------- Check user admin --------------

[!] Is user in the administrator group
True


-------------- Check well known dlls hijacking --------------

[!] Writeable path on the path environment variable
C:\Python27\
C:\Python27\Scripts

[!] Check if well known vulnerable services are present
Associated dll: wlbsctrl.dll
Service: ikeext


-------------- Get System Priv with WebClient --------------

[!] Checking WebClient vulnerability

-------------- Error on: check_webclient --------------
Traceback (most recent call last):
  File "C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot\beroot\run_checks
.py", line 315, in check_all
    results = c(cmd)
  File "C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot\beroot\run_checks
.py", line 277, in check_webclient
    b = w.run(self.service, cmd)
  File "C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot\beroot\modules\ch
ecks\webclient\webclient.py", line 190, in run
    if self.startWebclient():
  File "C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot\beroot\modules\ch
ecks\webclient\webclient.py", line 96, in startWebclient
    if self.EventWrite(hReg, byref(event_desc), 0, None) == 0:
ValueError: Procedure probably called with not enough arguments (4 bytes missing
)


[!] Elapsed time = 0.125

IE 8 on Windows 7 - 32-bits vm from https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

I have installed python 2.7.13, pywin32 and py2exe.

C:\Users\IEUser\Downloads\BeRoot-1.0\BeRoot-1.0\BeRoot>pip freeze
impacket==0.9.15
py2exe==0.6.9
pyasn1==0.2.3
pycrypto==2.6.1
pywin32==221

AlessandroZ · Answer 1 · Mon Aug 14 2017 21:17:41 GMT+0800 (China Standard Time)

I had some 32 bits errors. Now it's fixed ! Thanks for the feedback

pieterhouwen · Answer 2 · Mon Feb 05 2018 23:20:49 GMT+0800 (China Standard Time)

-------------- Get System Priv with WebClient --------------

[!] Checking WebClient vulnerability

################ Error on: check_webclient ################
Traceback (most recent call last):
File "beroot\run_checks.py", line 315, in check_all
File "beroot\run_checks.py", line 277, in check_webclient
File "beroot\modules\checks\webclient\webclient.py", line 206, in run
File "beroot\modules\checks\webclient\webclient.py", line 101, in startWebclie
nt
ValueError: Procedure probably called with not enough arguments (4 bytes missing
)

I got the X86 precompiled version v1.01

I got it in the new version