pwnfoo / ntlmrecon Goto Github PK
View Code? Open in Web Editor NEWEnumerate information from NTLM authentication enabled web endpoints ๐
License: MIT License
Enumerate information from NTLM authentication enabled web endpoints ๐
License: MIT License
The tool currently can't handle wildcard and will continue to enumerate old endpoints. An ideal solution would be to make a request to an endpoint which does not exist and check if auth is enabled.
In iptools.IpRangeList, I can initialize the IpRange in the following way by providing a CIDR:
internalIP = iptools.IpRangeList('127.0.0.1/8')
But when I need to append a single IP in the IpRangeList, I'm unable to.
Is there some way I can fix this, cuz the module that I'm designing, works on a single IP.
As a result, it would be meaningless to send you a pull request without fixing this.
Hi,
I came across your work on GitHub and was impressed with your experience in blockchain projects. I'm reaching out about a potential collaboration opportunity for an NFT minting and staking project. If you're interested, I'd love to discuss further.
Best regards,
Aaron
Please contact me on:
Discord: terrasync
Skype: live:.cid.eb87d7833c0d9fa1
Email: [email protected]
Improve code cleanup and overall readability.
Some functions are a mess right now.
Connection breaks after enumeration of the endpoints, I guess this is related to the authentication attempt
Find below the error log:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 600, in urlopen
httplib_response = self._make_request(conn, method, url,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 387, in _make_request
six.raise_from(e, None)
File "", line 2, in raise_from
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 383, in _make_request
httplib_response = conn.getresponse()
File "/usr/lib/python3.8/http/client.py", line 1322, in getresponse
response.begin()
File "/usr/lib/python3.8/http/client.py", line 303, in begin
version, status, reason = self._read_status()
File "/usr/lib/python3.8/http/client.py", line 264, in _read_status
line = str(self.fp.readline(_MAXLINE + 1), "iso-8859-1")
File "/usr/lib/python3.8/socket.py", line 669, in readinto
return self._sock.recv_into(b)
File "/usr/local/lib/python3.8/dist-packages/urllib3/contrib/pyopenssl.py", line 309, in recv_into
raise SocketError(str(e))
OSError: (104, 'ECONNRESET')
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 439, in send
resp = conn.urlopen(
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 666, in urlopen
return self.urlopen(method, url, body, headers, retries,
File "/usr/local/lib/python3.8/dist-packages/urllib3/connectionpool.py", line 640, in urlopen
retries = retries.increment(method, url, error=e, _pool=self,
File "/usr/local/lib/python3.8/dist-packages/urllib3/util/retry.py", line 399, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='xxx.xxx.xxx.xxx', port=443): Max retries exceeded with url: /Exchange/ (Caused by ProtocolError('Connection aborted.', OSError("(104, 'ECONNRESET')")))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/local/bin/ntlmrecon", line 8, in
sys.exit(main())
File "/usr/local/lib/python3.8/dist-packages/ntlmrecon/init.py", line 114, in main
results = pool.map(gather_ntlm_info, all_combos)
File "/usr/lib/python3.8/multiprocessing/pool.py", line 364, in map
return self._map_async(func, iterable, mapstar, chunksize).get()
File "/usr/lib/python3.8/multiprocessing/pool.py", line 768, in get
raise self._value
File "/usr/lib/python3.8/multiprocessing/pool.py", line 125, in worker
result = (True, func(*args, **kwds))
File "/usr/lib/python3.8/multiprocessing/pool.py", line 48, in mapstar
return list(map(*args))
File "/usr/local/lib/python3.8/dist-packages/ntlmrecon/ntlmutil.py", line 223, in gather_ntlm_info
auth_response = requests_retry_session().get(url, verify=False, headers=headers)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 543, in get
return self.request('GET', url, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 530, in request
resp = self.send(prep, **send_kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/sessions.py", line 643, in send
r = adapter.send(request, **kwargs)
File "/usr/local/lib/python3.8/dist-packages/requests/adapters.py", line 516, in send
raise ConnectionError(e, request=request)
requests.exceptions.ConnectionError: HTTPSConnectionPool(host='IPAddress:xxx.xxx.xxx.xxx', port=443): Max retries exceeded with url: /Exchange/ (Caused by ProtocolError('Connection aborted.', OSError("(104, 'ECONNRESET')")))
The tool currently send synchronous requests. This is obviously not the best solution and it waits for the response before proceeds to the next set of URLs.
asyncio based solution will be a good feature to have.
The tool currently can't detect the presence of a WAF and will end up blocking your IP. Running a tool such as wafw00f
should help warn the user.
Can also work on a flag like --skip-waf
to skip all hosts where a WAF is detected
The tool currently has the timestamp hardcoded. Will be good to add a flag to set a custom timeout, jitter, etc.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.