Comments (6)
Okay, thanks a lot ! I had forgotten to disable the firewall on the attacking machine. So it work now.
I didn't think PurpleSharp needed to have firewall restrictions turned off. But now I understand.
Thank you for your time !
from purplesharp.
Hey @JonathanAppriou !
To troubleshoot this issue, lets try to execute one single technique on a remote host using the command line. The command line provides more debug logs that can help us determine the issue.
PurpleSharp.exe /rhost 192.168.38.3 /ruser admin /d mokoil.com /t T1059.001
Should look something like this:
Also, please confirm that
- The 'mokoil.com\admin' domain user has administrative privileges on 192.168.38.3
- There is network connectivity between the host where you are running PurpleSharp and the remote host.
- There is no anti malware solution deleting the PurpleSharp binary when its being copied to 192.168.38.3
from purplesharp.
I found a solution : disable the Windows Firewall.
Is it expected that PurpleSharp does not work with Windows Firewall?
I have another mistake now:
It seems that RPC is not present on the target, but :
from purplesharp.
@JonathanAppriou . Yes, disabling the Windows Firewall is necessary.
PurpleSharp connects to the remote endpoint on native service like SMB and RPC. If connections are being blocked by a Firewall, PurpleSharp will not be able to connect to the endpoint.
The RPC error you are seeing looks like a network error. I have seen it before.
Are you using the right Ip address ? In your first screenshot it was 192.168.38.3 but on the last one you are using 192.168.38.2
from purplesharp.
I have another question :
When a want to use a technique, how can I know what objects are needed in the playbook (or arguments using command line) ?
For example, I want to use Brute Force technique in my playbook. Where can I found the arguments/objects needed ?
from purplesharp.
@JonathanAppriou, I'm glad its working now !
That is a great question. I definitely need y to do a better job at documentation. Ideally, all the parameters would live here:
https://www.purplesharp.com/en/latest/techniques/techniques.html#brute-force-password-spraying
Right now, it does not have it.
For now, you can look at some playbook examples I have here:
https://github.com/mvelazc0/PurpleAD
Happy to jump on a call to talk about the specific parameters for your simulations also !
from purplesharp.
Related Issues (6)
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from purplesharp.