BloodHound used in Pathfinder in StartingPoint was installed in pip.
but,
bash: bloodhound-python: The command isn’t found.
It’s indicated.
How should I do?
BloodHound used in Pathfinder in StartingPoint was installed in pip.
but,
bash: bloodhound-python: The command isn’t found.
It’s indicated.
How should I do?
If you are confident you’ve installed it, you can try:
which bloodhound
locate bloodhound
find / -iname "bloodhound*" 2>/dev/null
to see if it is somewhere on your filesystem. If it isn’t, then it isn’t installed.
It has been just checked in locate bloodhound.
$ locate bloodhound
/home/kali/.local/bin/bloodhound-python
/home/kali/.local/lib/python3.8/site-packages/bloodhound
/home/kali/.local/lib/python3.8/site-packages/bloodhound-1.0.5.dist-info
/home/kali/.local/lib/python3.8/site-packages/bloodhound/init.py
/home/kali/.local/lib/python3.8/site-packages/bloodhound/main.py
It was this. Can this be installed?
After that path was checked.
$ echo $PATH
/home/kali/.rbenv/shims:~/.rbenv/bin:/home/kali/.rbenv/shims:~/.rbenv/bin:/usr/local/bin:/usr/bin:/bin:/usr/local/games:/usr/games:
Is it said that path isn’t passing?
What happens when you run either:
/home/kali/.local/bin/bloodhound-python
python /home/kali/.local/bin/bloodhound-python
kali@kali:~$ /home/kali/.local/bin/bloodhound-python
usage: bloodhound-python [-h] [-c COLLECTIONMETHOD] [-u USERNAME] [-p PASSWORD] [-k] [–hashes HASHES]
[-ns NAMESERVER] [–dns-tcp] [-d DOMAIN] [-dc HOST] [-gc HOST] [-w WORKERS] [-v]
[–disable-pooling]
Python based ingestor for BloodHound
For help or reporting issues, visit GitHub - fox-it/BloodHound.py: A Python based ingestor for BloodHound
optional arguments:
-h, --help show this help message and exit
-c COLLECTIONMETHOD, --collectionmethod COLLECTIONMETHOD
Which information to collect. Supported: Group, LocalAdmin, Session, Trusts, Default (all
previous), DCOnly (no computer connections), DCOM, RDP,PSRemote, LoggedOn, ObjectProps,
ACL, All (all except LoggedOn). You can specify more than one by separating them with a
comma. (default: Default)
-u USERNAME, --username USERNAME
Username. Format: username[@domain]; If the domain is unspecified, the current domain is
used.
-p PASSWORD, --password PASSWORD
Password
-k, --kerberos Use kerberos
–hashes HASHES LM:NLTM hashes
-ns NAMESERVER, --nameserver NAMESERVER
Alternative name server to use for queries
–dns-tcp Use TCP instead of UDP for DNS queries
-d DOMAIN, --domain DOMAIN
Domain to query.
-dc HOST, --domain-controller HOST
Override which DC to query (hostname)
-gc HOST, --global-catalog HOST
Override which GC to query (hostname)
-w WORKERS, --workers WORKERS
Number of workers for computer enumeration (default: 10)
-v Enable verbose output
–disable-pooling Don’t use subprocesses for ACL parsing (only for debugging purposes)
kali@kali:~$ python /home/kali/.local/bin/bloodhound-python
Traceback (most recent call last):
File “/home/kali/.local/bin/bloodhound-python”, line 5, in
from bloodhound import main
ImportError: No module named bloodhound
seems like the first one worked.
I thank. This problem was settled with this.
Also a pass was added.
export -n PATH=“$PATH:/home/kali/.local/bin”
But
$ bloodhound-python -d megacorp.local -u sandra -p “Password1234!” -gc pathfinder.megacorp.local -c all -ns 10.10.10.30
INFO: Found AD domain: megacorp.local
INFO: Connecting to LDAP server: Pathfinder.MEGACORP.LOCAL
Traceback (most recent call last):
File “/home/kali/.local/bin/bloodhound-python”, line 8, in
sys.exit(main())
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/init.py”, line 284, in main
bloodhound.run(collect=collect,
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/init.py”, line 72, in run
self.pdc.prefetch_info(‘objectprops’ in collect, ‘acl’ in collect)
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/domain.py”, line 394, in prefetch_info
self.get_objecttype()
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/domain.py”, line 224, in get_objecttype
self.ldap_connect()
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/domain.py”, line 68, in ldap_connect
ldap = self.ad.auth.getLDAPConnection(hostname=ip,
File “/home/kali/.local/lib/python3.8/site-packages/bloodhound/ad/authentication.py”, line 78, in getLDAPConnection
if not conn.bind():
File “/usr/lib/python3/dist-packages/ldap3/core/connection.py”, line 563, in bind
response = self.do_ntlm_bind(controls)
File “/usr/lib/python3/dist-packages/ldap3/core/connection.py”, line 1302, in do_ntlm_bind
request = bind_operation(self.version, ‘SICILY_RESPONSE_NTLM’, ntlm_client, result[‘server_creds’])
File “/usr/lib/python3/dist-packages/ldap3/operation/bind.py”, line 81, in bind_operation
server_creds = name.create_authenticate_message()
File “/usr/lib/python3/dist-packages/ldap3/utils/ntlm.py”, line 379, in create_authenticate_message
nt_challenge_response = self.compute_nt_response()
File “/usr/lib/python3/dist-packages/ldap3/utils/ntlm.py”, line 485, in compute_nt_response
response_key_nt = self.ntowf_v2()
File “/usr/lib/python3/dist-packages/ldap3/utils/ntlm.py”, line 497, in ntowf_v2
return hmac.new(password_digest, (self.user_name.upper() + self.user_domain).encode(‘utf-16-le’)).digest()
File “/usr/lib/python3.8/hmac.py”, line 153, in new
return HMAC(key, msg, digestmod)
File “/usr/lib/python3.8/hmac.py”, line 51, in init
raise TypeError(“Missing required parameter ‘digestmod’.”)
TypeError: Missing required parameter ‘digestmod’.
This seems not to be normally moving.
How should it be done?
I dont know.
It looks like it is missing a parameter in the request:
TypeError: Missing required parameter 'digestmod'.
Hello, thank you all for this post here. I had a similar problem, and I dont know exactly, what the solution was but a
locate bloodhound revealed:
/usr/lib/python3/dist-packages/cme/modules/bloodhound.py
So I tried the command
python3 -m bloodhound -d (domain) -u (user) -p “(password)” -gc (global-catalog host) -c all -ns (ip)
and it worked for me… Maybe it helps somebody…