Mantis MS14-068.py errors

So I’m following the ippsec guide through for this one - quite a nice box. However when running the exploit I get errors. I’ve cloned this: git clone GitHub - SecWiki/windows-kernel-exploits: windows-kernel-exploits Windows平台提权漏洞集合
Then from /opt/windows-kernel-exploits/MS14-068/pykek I’m running the exploit: python ms14-068.py -u james@HTB.LOCAL -s S-1-5-21-4220043660-4019079961-2895681657-1103 -d MANTIS

enter password

Then the following errors:

[+] Building AS-REQ for MANTIS… Done!
[+] Sending AS-REQ to MANTIS… Done!
[+] Receiving AS-REP from MANTIS… Done!
[+] Parsing AS-REP from MANTIS…Traceback (most recent call last):
File “ms14-068.py”, line 189, in
sploit(user_realm, user_name, user_sid, user_key, kdc_a, kdc_b, target_realm, target_service, target_host, filename)
File “ms14-068.py”, line 48, in sploit
as_rep, as_rep_enc = decrypt_as_rep(data, user_key)
File “/opt/windows-kernel-exploits/MS14-068/pykek/kek/krb5.py”, line 431, in decrypt_as_rep
return _decrypt_rep(data, key, AsRep(), EncASRepPart(), 8)
File “/opt/windows-kernel-exploits/MS14-068/pykek/kek/krb5.py”, line 419, in _decrypt_rep
rep = decode(data, asn1Spec=spec)[0]
File “/opt/windows-kernel-exploits/MS14-068/pykek/pyasn1/codec/ber/decoder.py”, line 792, in call
stGetValueDecoder, self, substrateFun
File “/opt/windows-kernel-exploits/MS14-068/pykek/pyasn1/codec/ber/decoder.py”, line 55, in valueDecoder
value, _ = decodeFun(head, asn1Spec, tagSet, length)
File “/opt/windows-kernel-exploits/MS14-068/pykek/pyasn1/codec/ber/decoder.py”, line 798, in call
‘%r not in asn1Spec: %r’ % (tagSet, asn1Spec)
pyasn1.error.PyAsn1Error: TagSet(Tag(tagClass=0, tagFormat=32, tagId=16), Tag(tagClass=64, tagFormat=32, tagId=30)) not in asn1Spec: AsRep()

Any help would be really appreciated,

Bwebzy

I haven’t looked at this box but when I hit a “this python exploit crashes” scenario it’ s usually a Python2 vs python3 thing.

Hi, have you had a chance to resolve this. I have the very same problem. Also, the python2 vs. python3 thing does not help here either.

http://installion.co.uk/ubuntu/xenial/universe/p/python-impacket/uninstall/index.html this solved the impacket errors for me, just leaving it here in case you want to use goldenpac

Anyone have an update on how to fix this?

Sorry folks, looks like I moved on to another box at this point and forgot to come back to it.

I had linked to this write-up after my python problems: HackTheBox | Mantis Writeup. Hack The Box is an online platform that… | by 0Katz | secjuice™ | Medium

Mantis MS14-068.py is a script used to exploit a vulnerability in Microsoft Windows called CVE-2014-0686. If you’re encountering errors while using the Mantis MS14-068.py script, here are some possible solutions:

Check your Python version: Mantis MS14-068.py requires Python 2.x to run. Make sure you have the correct version of Python installed on your system.

Install dependencies: Mantis MS14-068.py has several dependencies that need to be installed before the script will work. Make sure you have all of the necessary dependencies installed on your system. You can find a list of dependencies in the script’s documentation.

Check your command syntax: Double-check that you’re using the correct command syntax when running the script. The syntax can be found in the script’s documentation.

Disable antivirus software: Some antivirus software may detect Mantis MS14-068.py as a threat and prevent it from running. Try temporarily disabling your antivirus software to see if that resolves the issue.

Regards,
Rachel Gomez

The error occurs when the tool’s trying to parse the TGT received. so we know that the TGT received probably has an error. I managed to fix the issue by synchronizing the clocks between the DC and the attackers computer.
I recommend using the rdate command and manually re-setting the time on the attackers computer.