Starting Point foothold

Type your comment> @tonyntas said:

The command is working as expected but the issue is that the \ needs to be escaped and become /\… meaning the working command is

python3 ARCHETYPE/\sql_svc:M3g4c0rp123@ -windows-auth
# notice the escaping of the \

huh? ‘/’ is not an escape character. Backslashes (‘') are used to escape characters. You could just use a forward-slash (’/‘). A properly escaped backslash (’\‘) won’t work with this script because that’s not valid syntax. The ‘/\s…’ only works because the ‘\s’ translates to s, but had the username began with an ‘n’, that would be interpreted as a newline character (’\n’).

If you run the script with just a -h flag, the help message implies that it only accepts ‘/’ as a separator between domain and username.

positional arguments:
  target                [[domain/]username[:password]@]<targetName or address>

Type your comment> @Legilmalas said:

Hello everyone,
I’m new at HTB and i have a problem with
When i’m running the command :
“sudo python3 ARCHETYPE\sql_svc@ -windows-auth”

the command return this :

Impacket v0.9.20 - Copyright 2019 SecureAuth Corporation

[*] Encryption required, switching to TLS
[-] Missing required parameter ‘digestmod’.

i’ve tried to use the mssqlclient with python 3.7 and 2.7 but no one works

This is so sad i’m stuck in the tutorial :joy:

Thank you in advance for your answer.

try omit the domain ARCHETYPE, because it is trusted and no need to be explicit:

└─$ python3 ./impacket-master/examples/ sql_svc@ -windows-auth
Impacket v0.9.23.dev1 - Copyright 2020 SecureAuth Corporation

[] Encryption required, switching to TLS
] ENVCHANGE(DATABASE): Old Value: master, New Value: master
[] ENVCHANGE(LANGUAGE): Old Value: , New Value: us_english
] ENVCHANGE(PACKETSIZE): Old Value: 4096, New Value: 16192
[] INFO(ARCHETYPE): Line 1: Changed database context to ‘master’.
] INFO(ARCHETYPE): Line 1: Changed language setting to us_english.
[*] ACK: Result: 1 - Microsoft SQL Server (140 3232)
[!] Press help for extra shell commands

I’m guessing maybe Apache2 and postgresql were running? when I shut those down, I was able to connect. Now I’m messing with impacket.

Try running it again after this brief command.
pip install impacket --upgrade --user
pip3 install impacket --upgrade --user

On my side what I did was:

  • a clone of the Impacket’s git hub;
  • copied the file from ./impacket/examples/ to ./examples (yes, there are two examples folder)
  • changed the (inside of the ./examples) where it says “from impacket.examples.utils import parse_target” to “from utils import parse_target”
  • ran the command
    python3 ARCHETYPE/sql_svc:M3g4c0rp123@ -windows-auth
    Impacket v0.9.22 - Copyright 2020 SecureAuth Corporation

@5H4D0W13 @squirrelcop I’m facing the same issue as you two. Did you manage to figure out how to make it work?

What worked for me is impacket-mssqlclient ARCHETYPE/sql_svc:'$password'@archetype.htb -windows-auth I’m using a fully updated box with impacket installed by default. It’s currently December 2021.

For all with the errorcode: connection timeout
delete all openvpn files → kill the openvpn connection → reconnect to the startingpoint → refresh the website and Maschine IP → run the “python3 ARCHETYPE/sql_svc@ -windows-auth” code again

I tried it successfully.python ARCHETYPE/\sql_svc@ -windows-auth
But,I don’t know the reason about it.

reset your machine , in my case issue is solved

mpacket v0.10.1.dev1+20220606.123812.ac35841f - Copyright 2022 SecureAuth Corporation

Traceback (most recent call last):
File “/root/.local/share/Trash/files/impacket/examples/”, line 169, in
File “/usr/local/lib/python3.9/dist-packages/impacket/”, line 535, in connect
OSError: [Errno 113] No route to host

Try removing the "ARCHETYPE" from the command. So it will become something like this

python3 sql_svc@ -windows-auth

Make sure you have impacket installed (if not, run python3 install ), if you are in the right directory and don’t forget to change the IP address
It worked for me

thanks bro it’s working

I’ve gone through all of the replies here and can’t get it to work. I can ping and nmap the server. I used impacket on a previous exercise and it’s installed. Any advice?