Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Veeam Module crashing #93

Closed
NeffIsBack opened this issue Oct 27, 2023 · 5 comments
Closed

Veeam Module crashing #93

NeffIsBack opened this issue Oct 27, 2023 · 5 comments
Assignees
@NeffIsBack
Labels
bug Something isn't working

Comments

@NeffIsBack
Copy link
Contributor

Describe the bug
Veeam Modul randomly crashes

To Reproduce
Uknown

Screenshots

ERROR    Exception while calling proto_flow() on target 999.999.999.999: not enough values to unpack (expected 2, got 1)                                                connection.py:115
                    ╭──────────────────────────────────────────────────────────── Traceback (most recent call last) ─────────────────────────────────────────────────────────────╮                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/connection.py:113 in __init__                                                          │                  
                    │                                                                                                                                                            │                  
                    │   110 │   │   │   sleep(value)                                                                                                                             │                  
                    │   111 │   │                                                                                                                                                │                  
                    │   112 │   │   try:                                                                                                                                         │                  
                    │ ❱ 113 │   │   │   self.proto_flow()                                                                                                                        │                  
                    │   114 │   │   except Exception as e:                                                                                                                       │                  
                    │   115 │   │   │   self.logger.exception(f"Exception while calling proto_flow() on target                                                                   │                  
                    │       {self.host}: {e}")                                                                                                                                   │                  
                    │   116                                                                                                                                                      │                  
                    │                                                                                                                                                            │                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/connection.py:163 in proto_flow                                                        │                  
                    │                                                                                                                                                            │                  
                    │   160 │   │   │   │   # because of null session                                                                                                            │                  
                    │   161 │   │   │   │   if self.login() or (self.username == "" and self.password == ""):                                                                    │                  
                    │   162 │   │   │   │   │   if hasattr(self.args, "module") and self.args.module:                                                                            │                  
                    │ ❱ 163 │   │   │   │   │   │   self.call_modules()                                                                                                          │                  
                    │   164 │   │   │   │   │   else:                                                                                                                            │                  
                    │   165 │   │   │   │   │   │   self.call_cmd_args()                                                                                                         │                  
                    │   166                                                                                                                                                      │                  
                    │                                                                                                                                                            │                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/connection.py:201 in call_modules                                                      │                  
                    │                                                                                                                                                            │                  
                    │   198 │   │   │                                                                                                                                            │                  
                    │   199 │   │   │   if self.admin_privs and hasattr(module, "on_admin_login"):                                                                               │                  
                    │   200 │   │   │   │   self.logger.debug(f"Module {module.name} has on_admin_login method")                                                                 │                  
                    │ ❱ 201 │   │   │   │   module.on_admin_login(context, self)                                                                                                 │                  
                    │   202 │   │   │                                                                                                                                            │                  
                    │   203 │   │   │   if (not hasattr(module, "on_request") and not hasattr(module,                                                                            │                  
                    │       "has_response")) and hasattr(module, "on_shutdown"):                                                                                                 │                  
                    │   204 │   │   │   │   self.logger.debug(f"Module {module.name} has on_shutdown method")                                                                    │      
                    │                                                                                                                                                            │                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/modules/veeam_dump.py:170 in on_admin_login                                            │                  
                    │                                                                                                                                                            │                  
                    │   167 │   │   │   │   context.log.fail(f"Password contains whitespaces! The password for user                                                              │                  
                    │       \"{user}\" is: \"{password}\"")                                                                                                                      │                  
                    │   168 │                                                                                                                                                    │                  
                    │   169 │   def on_admin_login(self, context, connection):                                                                                                   │                  
                    │ ❱ 170 │   │   self.checkVeeamInstalled(context, connection)                                                                                                │                  
                    │   171                                                                                                                                                      │                  
                    │                                                                                                                                                            │                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/modules/veeam_dump.py:121 in checkVeeamInstalled                                       │                  
                    │                                                                                                                                                            │                  
                    │   118 │   │   if SqlDatabase and SqlInstance and SqlServer:                                                                                                │                  
                    │   119 │   │   │   context.log.success(f'Found Veeam DB "{SqlDatabase}" on SQL Server                                                                       │                  
                    │       "{SqlServer}\\{SqlInstance}"! Extracting stored credentials...')                                                                                     │                  
                    │   120 │   │   │   credentials = self.executePsMssql(context, connection, SqlDatabase,                                                                      │                  
                    │       SqlInstance, SqlServer)                                                                                                                              │                  
                    │ ❱ 121 │   │   │   self.printCreds(context, credentials)                                                                                                    │                  
                    │   122 │   │   elif PostgreSqlExec and PostgresUserForWindowsAuth and SqlDatabaseName:                                                                      │                  
                    │   123 │   │   │   context.log.success(f'Found Veeam DB "{SqlDatabaseName}" on an PostgreSQL                                                                │                  
                    │       Instance! Extracting stored credentials...')                                                                                                         │                  
                    │   124 │   │   │   credentials = self.executePsPostgreSql(context, connection, PostgreSqlExec,                                                              │                  
                    │       PostgresUserForWindowsAuth, SqlDatabaseName)                                                                                                         │                  
                    │                                                                                                                                                            │                  
                    │ /home/kali/.local/pipx/venvs/netexec/lib/python3.11/site-packages/nxc/modules/veeam_dump.py:163 in printCreds                                                │                  
                    │                                                                                                                                                            │                  
                    │   160 │   │   │   return                                                                                                                                   │                  
                    │   161 │   │                                                                                                                                                │                  
                    │   162 │   │   for account in output_stripped:                                                                                                              │                  
                    │ ❱ 163 │   │   │   user, password = account.split(" ", 1)                                                                                                   │                  
                    │   164 │   │   │   password = password.replace("WHITESPACE_ERROR", " ")                                                                                     │                  
                    │   165 │   │   │   context.log.highlight(user + ":" + f"{password}")                                                                                        │                  
                    │   166 │   │   │   if ' ' in password:                                                                                                                      │                  
                    ╰────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────╯                  
                    ValueError: not enough values to unpack (expected 2, got 1)

NetExec info

  • OS: kali-rolling
  • Version of nxc: github upstream
  • Installed from: pipx from github

Additional context
My best guess is that powershell returns an output string which the module can't properly interprete. I will add a general error handling to the powershell output.
@NeffIsBack NeffIsBack added the bug Something isn't working label Oct 27, 2023
@NeffIsBack NeffIsBack self-assigned this Oct 27, 2023
@Marshall-Hallenbeck
Copy link
Collaborator

Maybe it's a blank password so it tries to split on it but cant?

@NeffIsBack
Copy link
Contributor Author

Maybe it's a blank password so it tries to split on it but cant?

That was indeed an issue in the past :D fixed that a few weeks ago by replacing whitespaces with a some text, so that shouldn't be it...

@Marshall-Hallenbeck
Copy link
Collaborator

It looks like you set that text after the split (line 164). From the error it's stating that account has no " " (space), so it can't split on it.

@NeffIsBack
Copy link
Contributor Author

NeffIsBack commented Oct 28, 2023
edited

That should be the convention back to the original whitespace. Currently whitespaces in the password are already converted to "WHITESPACE_ERROR" in the powershell output and now after splitting account and password converted back to the original " ".

I saw that error once when powershell returned some kind of error message where the whole syntax is not applicable (account could something arbitrary than). That was my idea why it crashed. I should probably do something like:
if output not splittable print whole output text and throw an error

NeffIsBack added a commit that referenced this issue Nov 11, 2023
@NeffIsBack
Adding error handling for unexpected powershell output, see issue #93
75190da
@NeffIsBack NeffIsBack mentioned this issue Nov 11, 2023
Merged
Marshall-Hallenbeck added a commit that referenced this issue Nov 12, 2023
@Marshall-Hallenbeck
Merge pull request #115 from Pennyw0rth/neff-bugfixes
54eb620 
Adding error handling for unexpected powershell output, see issue #93
@NeffIsBack
Copy link
Contributor Author

Closing it until someone opens up an issue with a specific crash report. This should be now get handled better and not crash.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NeffIsBack NeffIsBack

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Marshall-Hallenbeck @NeffIsBack