yuanlink / cve-2022-26809 Goto Github PK

when the fake_smb_server.py script is started this error occurs:

__File "c:\Users\pc\Desktop\CVE-2022-26809-main\attacker-server\fake_smb_server.py", line 4, in
myserver = SimpleSMBServer(listenPort=445)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\site-packages\impacket\smbserver.py", line 4838, in init
self.__server = SMBSERVER((listenAddress, listenPort), config_parser=self.smbConfig)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\site-packages\impacket\smbserver.py", line 3941, in init
socketserver.TCPServer.init(self, server_address, handler_class)
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\socketserver.py", line 452, in init
self.server_bind()
File "C:\Users\pc\AppData\Local\Programs\Python\Python310\lib\socketserver.py", line 466, in server_bind
self.socket.bind(self.server_address)
OSError: [WinError 10013] An attempt was made to access a socket in a way forbidden by its access permissions

This seems to be due to the fact that on windows port 445 cannot be delegated to another service.
Is it possible to fix this or is it easier to deploy a server on linux?

Sorry for the bad English.
Thank you in advance!

Hello,
we have a problem when executing poc.py.
Impacket used: 0.9.24.
We don't exactly know what is meant by "And the rpcrt.py is the python package impacket.dcerpc.v5.rpcrt, just modify it to trigger vuln". Our conclusion was to replace the rpcrt.py file in the python installation folder at "\Lib\site-packages\impacket\dcerpc\v5".
Could it be that Python 3.10. is the root of the problem? Would an older version of Python be better?

您好,遇到个问题想请教下
我在wirshark中没能收到恶意smb服务器到目标机的DCERPC的包,只看到PetitPotam机器与目标机之间的DCERPC包. 两个现象:
1.在恶意smb服务器到目标机之间的smb通信中,wireshark截到了STATUS_OBJECT_PATH_NOT_FOUND的错误.
2.恶意smb服务器安装在ubuntu18.04上, 自身及另一台ubuntu能够通过smb:\fakesmb.ip 正常访问,但是在window10和win server中却无法正常访问 \fakesmb.ip.
3.目标机单独用 \fakesmb.ip 访问时,在wireshark中能够截取到DCERPC包.
请问老师,问题可能出现在哪呢?