Pipe Failure #1
Description
Issue: When using the script to create a PSEXEC session on a remote machine, execution hangs and raises an exception with the following statement:
PS C:\Python27> ./python.exe "C:\Users\username\Downloads\AzureADJoinedMachinePTC-master\AzureADJoinedMachinePTC-master\main.py" --usercert "named.pfx" --certpass AzureADCert --remoteip 192.168.38.104
StringBinding ncacn_np:192.168.38.104[\pipe\svcctl]
C:\Python27\lib\site-packages\OpenSSL\crypto.py:14: CryptographyDeprecationWarning: Python 2 is no longer supported by the Python core team. Support for it is now deprecated in cryptography, and will be removed in the next release.
from cryptography import utils, x509
Pipe not ready, aborting
Traceback (most recent call last):
File "C:\Users\username\Downloads\AzureADJoinedMachinePTC-master\AzureADJoinedMachinePTC-master\main.py", line 148, in doStuff
fid_main = self.openPipe(s,tid,r'\RemCom_communicaton',0x12019f)
File "C:\Users\username\Downloads\AzureADJoinedMachinePTC-master\AzureADJoinedMachinePTC-master\main.py", line 98, in openPipe
raise Exception('Pipe not ready, aborting')
Exception: Pipe not ready, aborting
Pipe not ready, aborting
Summary: I attempted to trouble shoot by doing the following:
- Ensuring all active IDS/AV systems were disabled in addition to firewalls
- Executing the standalone PSExec process to ensure that pipe connections were occurring. This did not return any issues and allowed for a normal connection + command execution.
- Ran ProcMon and Wireshark on the two systems to track down the point of failure. This did not return anything solid. From what I can tell the RemComSvc is not being created on the remote machine with the message 'Create Request File: <.exe name> being followed by a Create Response, Error: STATUS_OBJECT_NAME_NOT_FOUND. This is preceded by an OpenServiceW Response, Unknown error 0x00000424 for SVCCTL.
I can provide any additional information needed. Thanks in advance.