Giters

pwnfoo / NTLMRecon

Enumerate information from NTLM authentication enabled web endpoints 🔎

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

Connection breaks

Sagar-Jangam opened this issue · comments

commented

Connection breaks after enumeration of the endpoints, I guess this is related to the authentication attempt

Find below the error log:

Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
httplib_response = self._make_request(conn, method, url,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 387, in _make_request
six.raise_from(e, None)
File "", line 2, in raise_from
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 383, in _make_request
httplib_response = conn.getresponse()
File "/usr/lib/python3.8/http/client.py", line 1322, in getresponse
response.begin()
File "/usr/lib/python3.8/http/client.py", line 303, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.8/http/client.py", line 264, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib/python3.8/socket.py", line 669, in readinto
return self._sock.recv_into(b)
File "/usr/local/lib/python3.8/dist-packages/urllib3/contrib/pyopenssl.py", line 309, in recv_into
raise SocketError(str(e))
OSError: (104, 'ECONNRESET')

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 640, in urlopen
retries = retries.increment(method, url, error=e, _pool=self,
File "/usr/local/lib/python3.8/dist-packages/urllib3/util/retry.py", line 399, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxx.xxx.xxx.xxx', port=443): Max retries exceeded with url: /Exchange/ (Caused by ProtocolError('Connection aborted.', OSError("(104, 'ECONNRESET')")))

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
File "/usr/local/bin/ntlmrecon", line 8, in
sys.exit(main())
File "/usr/local/lib/python3.8/dist-packages/ntlmrecon/init.py", line 114, in main
results = pool.map(gather_ntlm_info, all_combos)
File "/usr/lib/python3.8/multiprocessing/pool.py", line 364, in map
return self._map_async(func, iterable, mapstar, chunksize).get()
File "/usr/lib/python3.8/multiprocessing/pool.py", line 768, in get
raise self._value
File "/usr/lib/python3.8/multiprocessing/pool.py", line 125, in worker
result = (True, func(*args, **kwds))
File "/usr/lib/python3.8/multiprocessing/pool.py", line 48, in mapstar
return list(map(*args))
File "/usr/local/lib/python3.8/dist-packages/ntlmrecon/ntlmutil.py", line 223, in gather_ntlm_info
auth_response = requests_retry_session().get(url, verify=False, headers=headers)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 543, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='IPAddress:xxx.xxx.xxx.xxx', port=443): Max retries exceeded with url: /Exchange/ (Caused by ProtocolError('Connection aborted.', OSError("(104, 'ECONNRESET')")))

commented

How did you do the scans?

Need the following info:

  1. Exact command line you used
  2. If you're using virtualenv, activate it and post result of pip freeze
  3. Is this for all IPs or only some hosts?

Unable to reproduce using known hosts :/

commented

Let's connect ofline!