Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug] Bloodhound.py failing due to a key error #151

Closed
ag-michael opened this issue Dec 6, 2023 · 0 comments
Closed

[Bug] Bloodhound.py failing due to a key error #151

ag-michael opened this issue Dec 6, 2023 · 0 comments

Comments

@ag-michael
Copy link

Hi @dirkjanm ,

Bloodhound.py is failing due to a key error when looking up a dn in the gc,here is the relevant part of the debug output:

DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying resolver LDAP for DN CN=<redacted>
DEBUG: Querying GC for DN CN=<redacted - cause of error>
Traceback (most recent call last):
  File "/home/<redacted>/BloodHound.py/bloodhound/ad/domain.py", line 760, in get_dn_from_cache_or_ldap
    linkentry = self.dncache[distinguishedname.upper()]
KeyError: '<redacted - cause of error>'

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "bloodhound.py", line 5, in <module>
    bloodhound.main()
  File "/home/<redacted>/BloodHound.py/bloodhound/__init__.py", line 341, in main
    bloodhound.run(collect=collect,
  File "/home/<redacted>/BloodHound.py/bloodhound/__init__.py", line 82, in run
    membership_enum.enumerate_memberships(timestamp=timestamp, fileNamePrefix=fileNamePrefix)
  File "/home/<redacted>/BloodHound.py/bloodhound/enumeration/memberships.py", line 844, in enumerate_memberships
    self.enumerate_groups(timestamp, fileNamePrefix)
  File "/home/<redacted>/BloodHound.py/bloodhound/enumeration/memberships.py", line 310, in enumerate_groups
    resolved_member = self.get_membership(member)
  File "/home/<redacted>/BloodHound.py/bloodhound/enumeration/memberships.py", line 59, in get_membership
    return self.addomain.get_dn_from_cache_or_ldap(member)
  File "/home/<redacted>/BloodHound.py/bloodhound/ad/domain.py", line 763, in get_dn_from_cache_or_ldap
    qobject = self.objectresolver.resolve_distinguishedname(distinguishedname, use_gc=use_gc)
  File "/home/<redacted>/BloodHound.py/bloodhound/enumeration/objectresolver.py", line 57, in resolve_distinguishedname
    distinguishedname = self.addc.ldap_get_single(distinguishedname,
  File "/home/<redacted>/BloodHound.py/bloodhound/ad/domain.py", line 201, in ldap_get_single
    sresult = searcher.extend.standard.paged_search(qobject,
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/extend/__init__.py", line 114, in paged_search
    return paged_search_accumulator(self._connection,
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/extend/standard/PagedSearch.py", line 130, in paged_search_accumulator
    for response in paged_search_generator(connection,
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/extend/standard/PagedSearch.py", line 56, in paged_search_generator
    result = connection.search(search_base,
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/core/connection.py", line 853, in search
    response = self.post_send_search(self.send('searchRequest', request, controls))
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/strategy/sync.py", line 178, in post_send_search
    responses, result = self.get_response(message_id)
  File "/home/<redacted>/.local/lib/python3.8/site-packages/ldap3/strategy/base.py", line 370, in get_response
    raise LDAPSessionTerminatedByServerError(self.connection.last_error)
ldap3.core.exceptions.LDAPSessionTerminatedByServerError: session terminated by server

This might be an easy fix on the affected line, by checking if the key exists first in dncache?
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@ag-michael