Created
April 16, 2024 05:13
-
-
Save pich4ya/1d8f06ddcbe46652181b9f74d153f1b8 to your computer and use it in GitHub Desktop.
Common solutions for Bloodhound-python errors, problems and issues
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # @author Pichaya Morimoto ([email protected]) | |
| # Compiled list of my common bloodhound-python problems & solutions | |
| Bloodhound-python Error #0 | |
| You do not get info like GPO and permission abuse edges. | |
| You need to add option -> -c All,LoggedOn | |
| Bloodhound-python Error #1 | |
| raise NoNameservers(request=self.request, errors=self.errors) | |
| dns.resolver.NoNameservers: All nameservers failed to answer the query _ldap._tcp.pdc._msdcs.DCHOSTNAME. IN SRV: Server 10.3.3.7 TCP port 53 answered SERVFAIL | |
| You forgot: FQN | |
| From: -d domain -> -d domain.local | |
| Or if you put -dc , you need -dc "${adz_hostname}.${adz}" | |
| For example, DCHOSTNAME.domain.local | |
| Bloodhound-python Error #2 | |
| raise NoNameservers(request=self.request, errors=self.errors) | |
| dns.resolver.NoNameservers: All nameservers failed to answer the query _ldap._tcp.pdc._msdcs.resourced. IN SRV: Server 10.3.3.7 TCP port 53 answered [Errno 111] Connection refused | |
| You forgot: -ns -> -ns ${adz_rhost} | |
| For example, -ns 10.3.3.7 | |
| Bloodhound-python Error #3 | |
| raise Timeout(timeout=duration) | |
| dns.exception.Timeout: The DNS operation timed out after 3.1057164669036865 seconds | |
| Your AD is too slow. Add -> --dns-timeout 3600 | |
| Bloodhound-python Error #4 | |
| Sometimes DNS UDP/53 does not work (like filtered out by firewall) | |
| You need to add option to use DNS TCP/53 -> --dns-tcp |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment