yuanlink / cve-2022-26809 Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
when the fake_smb_server.py script is started this error occurs:
__File "c:\Users\pc\Desktop\CVE-2022-26809-main\attacker-server\fake_smb_server.py", line 4, in
myserver = SimpleSMBServer(listenPort=445)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\site-packages\impacket\smbserver.py", line 4838, in init
self.__server = SMBSERVER((listenAddress, listenPort), config_parser=self.smbConfig)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\site-packages\impacket\smbserver.py", line 3941, in init
socketserver.TCPServer.init(self, server_address, handler_class)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\socketserver.py", line 452, in init
self.server_bind()
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\socketserver.py", line 466, in server_bind
self.socket.bind(self.server_address)
OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions
This seems to be due to the fact that on windows port 445 cannot be delegated to another service.
Is it possible to fix this or is it easier to deploy a server on linux?
Sorry for the bad English.
Thank you in advance!
Hello,
we have a problem when executing poc.py.
Impacket used: 0.9.24.
We don't exactly know what is meant by "And the rpcrt.py is the python package impacket.dcerpc.v5.rpcrt, just modify it to trigger vuln". Our conclusion was to replace the rpcrt.py file in the python installation folder at "\Lib\site-packages\impacket\dcerpc\v5".
Could it be that Python 3.10. is the root of the problem? Would an older version of Python be better?
您好,遇到个问题想请教下
我在wirshark中没能收到恶意smb服务器到目标机的DCERPC的包,只看到PetitPotam机器与目标机之间的DCERPC包. 两个现象:
1.在恶意smb服务器到目标机之间的smb通信中,wireshark截到了STATUS_OBJECT_PATH_NOT_FOUND的错误.
2.恶意smb服务器安装在ubuntu18.04上, 自身及另一台ubuntu能够通过smb:\fakesmb.ip 正常访问,但是在window10和win server中却无法正常访问 \fakesmb.ip.
3.目标机单独用 \fakesmb.ip 访问时,在wireshark中能够截取到DCERPC包.
请问老师,问题可能出现在哪呢?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.