Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] powerview share_finder module only works if ComputerName parameter is specified #610

Open
havocsh opened this issue Sep 6, 2022 · 0 comments
Open

[BUG] powerview share_finder module only works if ComputerName parameter is specified #610

havocsh opened this issue Sep 6, 2022 · 0 comments
Assignees
@Hubbl3
Labels
bug Something isn't working

Comments

@havocsh
Copy link

havocsh commented Sep 6, 2022
edited
Loading

Empire Version

  • Empire 4.7.1

OS Information (Linux flavor, Python version)

  • OS: Ubuntu 20.04
  • Python: 3.8.5

Describe the bug

When executing the powerview share_finder module, no results are returned unless the ComputerName parameter is populated. When I import the powerview.ps1 script and attempt to run the Find-DomainShare function manually, I get the following error:

Get-DomainSearcher : A parameter cannot be found that matches parameter name 'Properties'.
At C:\powerview.ps1:6323 char:44
+         $CompSearcher = Get-DomainSearcher @SearcherArguments
+                                                                               ~~~~~~~~~~~~~~~~
    + CategoryInfo                   : InvalidArgument: (:) [Get-DomainSearcher], ParameterBindingException
    + FullyQualifiedErrorId      : NamedParameterNotFound,Get-DomainSearcher

[Find-DomainShare] No hosts found to enumerate
At C:\powerview.ps1:18928 char:13
+         throw '[Find-DomainShare] No hosts found to enumerate'
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo              : OpeartionStopped: ([Find-DomainSha...nd to enumerate:String) [], RuntimeException
    + FullyQualifiedErrorId : [Find-DomainShare] No hosts found to enumerate

My PowerShell-fu is nonexistent but looking at the powerview.ps1 code, the one thing that jumped out at me in the Get-DomainComputer function was that there are a couple of extra brackets on line 6259 where the $Properties param is defined:

        [ValidateNotNullOrEmpty()]
        [String[]]
        $Properties,

I see that Find-DomainShare calls Get-DomainComputer, which calls Get-DomainSearcher so it makes sense that Get-DomainSearcher is failing due to a missing required parameter when it is getting called from Get-DomainComputer. So it would seem that any module that relies on this Get-DomainComputer function is going to fail.

To Reproduce

Steps to reproduce the behavior:
Execute the powerview share_finder module without any parameters.

Expected behavior

The module is supposed to find all computers in the current domain and use them as targets for discovering shares.

Screenshots

If applicable, add screenshots to help explain your problem.

Additional context

Add any other context about the problem here.
@havocsh havocsh added the bug Something isn't working label Sep 6, 2022
vinnybod pushed a commit that referenced this issue Jun 12, 2023
@Cx01N
Updated client to use new file endpoint (#610)
c352619
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Hubbl3 Hubbl3

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@Hubbl3 @havocsh