Hi <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Hey <a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url=

I found a solution : disable the Windows Firewall. <a target="_blank

<a class="user-mention notranslate" data-hovercard-type="user" data-hovercard-url="/us

Network path not found about purplesharp HOT 6 CLOSED

mvelazc0 commented on July 29, 2024

Network path not found

from purplesharp.

Comments (6)

JonathanAppriou commented on July 29, 2024 1

@mvelazc0

Okay, thanks a lot ! I had forgotten to disable the firewall on the attacking machine. So it work now.

I didn't think PurpleSharp needed to have firewall restrictions turned off. But now I understand.

Thank you for your time !

from purplesharp.

mvelazc0 commented on July 29, 2024

Hey @JonathanAppriou !

To troubleshoot this issue, lets try to execute one single technique on a remote host using the command line. The command line provides more debug logs that can help us determine the issue.

PurpleSharp.exe /rhost 192.168.38.3 /ruser admin /d mokoil.com /t T1059.001

Should look something like this:

Also, please confirm that

The 'mokoil.com\admin' domain user has administrative privileges on 192.168.38.3
There is network connectivity between the host where you are running PurpleSharp and the remote host.
There is no anti malware solution deleting the PurpleSharp binary when its being copied to 192.168.38.3

from purplesharp.

JonathanAppriou commented on July 29, 2024

I found a solution : disable the Windows Firewall.

Is it expected that PurpleSharp does not work with Windows Firewall?

I have another mistake now:

It seems that RPC is not present on the target, but :

from purplesharp.

mvelazc0 commented on July 29, 2024

@JonathanAppriou . Yes, disabling the Windows Firewall is necessary.

PurpleSharp connects to the remote endpoint on native service like SMB and RPC. If connections are being blocked by a Firewall, PurpleSharp will not be able to connect to the endpoint.

The RPC error you are seeing looks like a network error. I have seen it before.

Are you using the right Ip address ? In your first screenshot it was 192.168.38.3 but on the last one you are using 192.168.38.2

from purplesharp.

JonathanAppriou commented on July 29, 2024

I have another question :

When a want to use a technique, how can I know what objects are needed in the playbook (or arguments using command line) ?

For example, I want to use Brute Force technique in my playbook. Where can I found the arguments/objects needed ?

from purplesharp.

mvelazc0 commented on July 29, 2024

@JonathanAppriou, I'm glad its working now !

That is a great question. I definitely need y to do a better job at documentation. Ideally, all the parameters would live here:

https://www.purplesharp.com/en/latest/techniques/techniques.html#brute-force-password-spraying

Right now, it does not have it.

For now, you can look at some playbook examples I have here:

https://github.com/mvelazc0/PurpleAD

Happy to jump on a call to talk about the specific parameters for your simulations also !

from purplesharp.

Network path not found about purplesharp HOT 6 CLOSED

Comments (6)

Related Issues (6)

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent

Jobs