Execution fails if FIPS algorithms are enforced
leechristensen opened this issue · 1 comments
leechristensen commented
Describe the bug
When "Use FIPS compliant algorithms for encryption, hashing, and signing" is enabled on the system (you can check this with the registry key HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy, and if Enabled = 1), Seatbelt throws the following exception:
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
To Reproduce
Steps to reproduce the behavior. Please include any applicable artifacts that we could use to replicate the issue(e.g. files, registry keys, screenshots, etc.)
- Enable the GPO "Use FIPS compliant algorithms for encryption, hashing, and signing"
- Run Seatbealt running all modules
Expected behavior
Seatbelt should run successfully
Observed behavior
Errors with
System.InvalidOperationException: This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.
at System.Security.Cryptography.RijndaelManaged..ctor()
Additional Context
See https://github.com/GhostPack/Rubeus/pull/66/files