@@ -309,10 +309,9 @@ def print_host_info(self):
309309 return True
310310
311311 def kerberos_login (self , domain , username , password = "" , ntlm_hash = "" , aesKey = "" , kdcHost = "" , useCache = False ):
312- logging .getLogger ("impacket" ).disabled = True
313312 # Re-connect since we logged off
314- self .logger .debug (f"KDC set to: { kdcHost } )
315313 self .create_conn_obj ()
314+ self .logger .debug (f"KDC set to: { kdcHost } )
316315 lmhash = ""
317316 nthash = ""
318317
@@ -370,9 +369,6 @@ def kerberos_login(self, domain, username, password="", ntlm_hash="", aesKey="",
370369 if self .args .continue_on_success and self .signing :
371370 with contextlib .suppress (Exception ):
372371 self .conn .logoff ()
373-
374- self .create_conn_obj ()
375-
376372 return True
377373 except SessionKeyDecryptionError :
378374 # success for now, since it's a vulnerability - previously was an error
@@ -405,7 +401,6 @@ def kerberos_login(self, domain, username, password="", ntlm_hash="", aesKey="",
405401
406402 def plaintext_login (self , domain , username , password ):
407403 # Re-connect since we logged off
408- self .create_conn_obj ()
409404 try :
410405 self .password = password
411406 self .username = username
@@ -451,14 +446,15 @@ def plaintext_login(self, domain, username, password):
451446 return False
452447 except (ConnectionResetError , NetBIOSTimeout , NetBIOSError ) as e :
453448 self .logger .fail (f"Connection Error: { e } )
449+ self .create_conn_obj ()
454450 return False
455451 except BrokenPipeError :
456452 self .logger .fail ("Broken Pipe Error while attempting to login" )
453+ self .create_conn_obj ()
457454 return False
458455
459456 def hash_login (self , domain , username , ntlm_hash ):
460457 # Re-connect since we logged off
461- self .create_conn_obj ()
462458 lmhash = ""
463459 nthash = ""
464460 try :
@@ -515,12 +511,15 @@ def hash_login(self, domain, username, ntlm_hash):
515511 return False
516512 except (ConnectionResetError , NetBIOSTimeout , NetBIOSError ) as e :
517513 self .logger .fail (f"Connection Error: { e } )
514+ self .create_conn_obj ()
518515 return False
519516 except BrokenPipeError :
520517 self .logger .fail ("Broken Pipe Error while attempting to login" )
518+ self .create_conn_obj ()
521519 return False
522520
523521 def create_smbv1_conn (self ):
522+ self .logger .debug (f"Creating SMBv1 connection to { self .host } )
524523 try :
525524 self .conn = SMBConnection (
526525 self .remoteName ,
@@ -538,10 +537,10 @@ def create_smbv1_conn(self):
538537 except (Exception , NetBIOSTimeout ) as e :
539538 self .logger .info (f"Error creating SMBv1 connection to { self .host } { e } )
540539 return False
541-
542540 return True
543541
544542 def create_smbv3_conn (self ):
543+ self .logger .debug (f"Creating SMBv3 connection to { self .host } )
545544 try :
546545 self .conn = SMBConnection (
547546 self .remoteName ,
@@ -564,8 +563,25 @@ def create_smbv3_conn(self):
564563 return False
565564 return True
566565
567- def create_conn_obj (self ):
568- return bool (self .create_smbv1_conn () or self .create_smbv3_conn ())
566+ def create_conn_obj (self , no_smbv1 = False ):
567+ """
568+ Tries to create a connection object to the target host.
569+ On first try, it will try to create a SMBv1 connection.
570+ On further tries, it will remember which SMB version is supported and create a connection object accordingly.
571+
572+ :param no_smbv1: If True, it will not try to create a SMBv1 connection
573+ """
574+ # Initial negotiation
575+ if not no_smbv1 and self .smbv1 is None :
576+ self .smbv1 = self .create_smbv1_conn ()
577+ if self .smbv1 :
578+ return True
579+ else :
580+ return self .create_smbv3_conn ()
581+ elif not no_smbv1 and self .smbv1 :
582+ return self .create_smbv1_conn ()
583+ else :
584+ return self .create_smbv3_conn ()
569585
570586 def check_if_admin (self ):
571587 self .logger .debug (f"Checking if user is admin on { self .host } )
0 commit comments