Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Error with dnstool.py remove

See original GitHub issue

Hi @dirkjanm,

Per our conversation…I am creating this issue. FYI, I first ran ldapdelete, which seemed to work perfectly:

[+] Bind OK
[-] Modifying record
[+] LDAP operation completed successfully

After I ran ldapdelete, I used remove and I got this error:

[-] Connecting to host...
[-] Binding to host
[+] Bind OK
[-] Target has only one record, tombstoning it
Traceback (most recent call last):
  File "dnstool.py", line 536, in <module>
    main()
  File "dnstool.py", line 516, in main
    'dNSTombstoned': [(MODIFY_REPLACE, True)]})
  File "/usr/local/lib/python3.6/dist-packages/ldap3/core/connection.py", line 1140, in modify
    request = modify_operation(dn, changelist, self.auto_encode, self.server.schema if self.server else None, validator=self.server.custom_validator if self.server else None, check_names=self.check_names)
  File "/usr/local/lib/python3.6/dist-packages/ldap3/operation/modify.py", line 70, in modify_operation
    partial_attribute['vals'].setComponentByPosition(index, prepare_for_sending(validate_attribute_value(schema, attribute, value, auto_encode, validator, check_names=check_names)))
  File "/usr/local/lib/python3.6/dist-packages/pyasn1/type/univ.py", line 1920, in setComponentByPosition
    value = componentType.clone(value=value)
  File "/usr/local/lib/python3.6/dist-packages/pyasn1/type/base.py", line 376, in clone
    return self.__class__(value, **initializers)
  File "/usr/local/lib/python3.6/dist-packages/pyasn1/type/univ.py", line 837, in __init__
    base.SimpleAsn1Type.__init__(self, value, **kwargs)
  File "/usr/local/lib/python3.6/dist-packages/pyasn1/type/base.py", line 267, in __init__
    value = self.prettyIn(value)
  File "/usr/local/lib/python3.6/dist-packages/pyasn1/type/univ.py", line 912, in prettyIn
    return bytes(value)
  File "/usr/local/lib/python3.6/dist-packages/impacket/structure.py", line 166, in __getitem__
    return self.fields[key]
KeyError: 0

Hopefully, I cleaned up my A record in the right order 😃. Thanks again for your help!

Issue Analytics

State:
Created 3 years ago
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

dirkjanmcommented, Mar 29, 2021

it’s likely related to a combination of ldap3 / pyasn1 version since the errors are all occurring there

0reactions

dirkjanmcommented, Feb 22, 2022

this thread is about the dns tool, not the SPN tool. You may need to repeat your command for the ATTACKER$ SPN to remove the netbios name which got added automatically.

Top Results From Across the Web

krbrelayx/dnstool.py at master - GitHub

krbrelayx/dnstool.py ... except socket.error: ... "modify an existing record), query (show existing), remove (mark record ". "for cleanup from DNS cache), ...

ADIDNS poisoning - The Hacker Recipes

Theoretically, this script can be used to add , modify , query , remove , resurrect and ldapdelete records in ADIDNS. # query...

“Relaying” Kerberos - Having fun with unconstrained delegation

The dnstool.py utility has several other options, including one to remove records again after exploitation, which I won't go into in this ...

Active Directory - Python edition - HideAndSec

python3 dnstool.py -u "domain.local\user1" -p "password" -a remove -r ... #Set SPN on all the possible users, request the ticket and delete the...

Unconstrained - Pentester's Promiscuous Notebook

Use ticket_converter or ticketConverter.py to convert the TGT from .kirbi to ... Printer bug on a domain controller (DC01). ... Delete SPN and...