Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Format Timestamp error #24

Closed
bmarsh9 opened this issue Jun 29, 2019 · 1 comment
Closed

Format Timestamp error #24

bmarsh9 opened this issue Jun 29, 2019 · 1 comment

Comments

@bmarsh9
Copy link

bmarsh9 commented Jun 29, 2019

Hi, when invoking bloodhound, I get the following error which appears to occur when converting timestamps gathered from the DC. Wondering if anyone else is experiencing similar issues..

[2019-06-29 18:20:19,687: ERROR/ForkPoolWorker-2] Task app.tasks.bloodhound_job[c0ff7df6-67a7-4ce3-9885-21caef11f661] raised unexpected: TypeError("unsupported operand type(s) for -: 'str' and 'datetime.datetime'",)
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/celery/app/trace.py", line 382, in trace_task
    R = retval = fun(*args, **kwargs)
  File "/usr/local/lib/python2.7/dist-packages/celery/app/trace.py", line 641, in __protected_call__
    return self.run(*args, **kwargs)
  File "/home/app/tasks.py", line 40, in bloodhound_job
    disable_pooling=True,domain=domain,campaign_id=campaign_id)
  File "/home/app/bhcollector/bloodhound/__init__.py", line 73, in run
    self.pdc.prefetch_info('objectprops' in collect, 'acl' in collect)
  File "/home/app/bhcollector/bloodhound/ad/domain.py", line 327, in prefetch_info
    self.get_domains(acl=acls)
  File "/home/app/bhcollector/bloodhound/ad/domain.py", line 204, in get_domains
    for entry in entries:
  File "/home/app/bhcollector/bloodhound/ad/domain.py", line 134, in search
    for e in sresult:
  File "/usr/local/lib/python2.7/dist-packages/ldap3/extend/standard/PagedSearch.py", line 64, in paged_search_generator
    None if cookie is True else cookie)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/core/connection.py", line 788, in search
    response = self.post_send_search(self.send('searchRequest', request, controls))
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/sync.py", line 139, in post_send_search
    responses, result = self.get_response(message_id)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/base.py", line 325, in get_response
    responses = self._get_response(message_id)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/sync.py", line 165, in _get_response
    dict_response = self.decode_response_fast(ldap_resp)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/strategy/base.py", line 509, in decode_response_fast
    result = search_result_entry_response_to_dict_fast(ldap_message['payload'], self.connection.server.schema, self.connection.server.custom_formatter, self.connection.check_names)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/operation/search.py", line 568, in search_result_entry_response_to_dict_fast
    entry_dict['attributes'] = checked_attributes_to_dict_fast(response[1][3], schema, custom_formatter)  # attributes
  File "/usr/local/lib/python2.7/dist-packages/ldap3/operation/search.py", line 453, in checked_attributes_to_dict_fast
    checked_attributes[name] = format_attribute_values(schema, name, decode_raw_vals_fast(attribute[3][1][3]) or [], custom_formatter)
  File "/usr/local/lib/python2.7/dist-packages/ldap3/protocol/formatters/standard.py", line 213, in format_attribute_values
    formatted_values = [formatter(raw_value) for raw_value in values]  # executes formatter
  File "/usr/local/lib/python2.7/dist-packages/ldap3/protocol/formatters/formatters.py", line 340, in format_ad_timedelta
    return format_ad_timestamp(raw_value * -1) - format_ad_timestamp(0)
TypeError: unsupported operand type(s) for -: 'str' and 'datetime.datetime'

The error appears to be happening with this function in /usr/local/lib/python2.7/dist-packages/ldap3/protocol/formatters/formatters.py

def format_ad_timedelta(raw_value):
    """  
    Convert a negative filetime value to a timedelta.
    """
    # Active Directory stores attributes like "minPwdAge" as a negative
    # "filetime" timestamp, which is the number of 100-nanosecond intervals that
    # have elapsed since the 0 hour on January 1, 1601. By making the number
    # positive, we can reuse format_ad_timestamp to get a datetime object.
    # Afterwards, we can subtract a datetime representing 0 hour on January 1,
    # 1601 from the returned datetime to get the timedelta.
    return format_ad_timestamp(raw_value * -1) - format_ad_timestamp(0)

This is the value that is passed into raw_value -18000000000 when an error occurs.

I would prefer not to wrap this in a try/except. Thank you for any help!
@bmarsh9
Copy link
Author

bmarsh9 commented Jun 29, 2019

I apologize, this seems like a ldap3 issue and not a bloodhound issue. Saw your post on the very same issue.

@bmarsh9 bmarsh9 closed this as completed Jun 29, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@bmarsh9