8000 ERROR: System.InvalidOperationException: Server did return a challenge · Issue #141 · SpecterOps/SharpHound · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

ERROR: System.InvalidOperationException: Server did return a challenge #141

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
PhilippRieth opened this issue Mar 16, 2025 · 4 comments · Fixed by SpecterOps/SharpHoundCommon#202
Closed

ERROR: System.InvalidOperationException: Server did return a challenge #141

PhilippRieth opened this issue Mar 16, 2025 · 4 comments · Fixed by SpecterOps/SharpHoundCommon#202
Labels
ticketed

Comments

@PhilippRieth
Copy link

I'm getting the error System.InvalidOperationException: Server did return a challenge with version and 2.6.0 and 2.6.1.

Not really sure what implications this has, I though it was worth mentioning :)

Version 2.6.0 and 2.6.1

PS C:\temp> .\SharpHound.exe --CollectionMethods All,GPOLocalGroup,LoggedOn --domain final.com --ldapusername nina --ldappassword "Password123!"

2025-03-15T18:41:27.3458496-07:00|INFORMATION|This version of SharpHound is compatible with the 5.0.0 Release of BloodHound
2025-03-15T18:41:27.4708473-07:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote, UserRights, CARegistry, DCRegistry, CertServices, LdapServices, WebClientService, SmbInfo, NTLMRegistry
2025-03-15T18:41:27.4864725-07:00|INFORMATION|Initializing SharpHound at 6:41 PM on 3/15/2025
2025-03-15T18:41:27.7208471-07:00|INFORMATION|Loaded cache with stats: 24 ID to type mappings.
 3 name to SID mappings.
 4 machine sid mappings.
 4 sid to domain mappings.
 0 global catalog mappings.
2025-03-15T18:41:27.7364757-07:00|INFORMATION|Flags: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote, UserRights, CARegistry, DCRegistry, CertServices, LdapServices, WebClientService, SmbInfo, NTLMRegistry
2025-03-15T18:41:27.8145971-07:00|INFORMATION|Beginning LDAP search for final.com
2025-03-15T18:41:27.8771057-07:00|INFORMATION|Beginning LDAP search for final.com Configuration NC
2025-03-15T18:41:27.8771057-07:00|INFORMATION|Producer has finished, closing LDAP channel
2025-03-15T18:41:27.8927251-07:00|INFORMATION|LDAP channel closed, waiting for consumers
2025-03-15T18:41:27.9395984-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.0489728-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.0802209-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.1114771-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.1583474-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.1896019-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.3302215-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.3458505-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:41:28.3771395-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM

2025-03-15T18:41:28.9083457-07:00|ERROR|An unhandled error occurred during the LDAP test: System.InvalidOperationException: Server did return a challenge
   at SharpHoundCommonLib.Ntlm.LdapConnection.SaslBind(String distinguishedName, String mechanism, Byte[] credential)
   at System.Threading.Tasks.Task`1.InnerInvoke()
   at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Ntlm.LdapTransport.<AuthenticateAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Ntlm.NtlmAuthenticationHandler.<PerformNtlmAuthenticationAsync>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Processors.DCLdapProcessor.<Authenticate>d__18.MoveNext()

2025-03-15T18:41:38.7213926-07:00|INFORMATION|Consumers finished, closing output channel
2025-03-15T18:41:38.7370149-07:00|INFORMATION|Output channel closed, waiting for output task to complete
Closing writers
2025-03-15T18:41:38.8463897-07:00|INFORMATION|Status: 326 objects finished (+326 29.63636)/s -- Using 40 MB RAM
2025-03-15T18:41:38.8463897-07:00|INFORMATION|Enumeration finished in 00:00:11.0409721
2025-03-15T18:41:38.9088940-07:00|INFORMATION|Saving cache with stats: 24 ID to type mappings.
 3 name to SID mappings.
 4 machine sid mappings.
 4 sid to domain mappings.
 0 global catalog mappings.
2025-03-15T18:41:38.9088940-07:00|INFORMATION|SharpHound Enumeration Completed at 6:41 PM on 3/15/2025! Happy Graphing!

Version 2.5.3

Using version 2.5.3 I dont get the error:

PS C:\temp> .\SharpHound-2.5.3.exe --CollectionMethods All,GPOLocalGroup,LoggedOn --domain final.com --ldapusername nina --ldappassword "Password123!"

2025-03-15T18:48:51.3816036-07:00|INFORMATION|This version of SharpHound is compatible with the 5.0.0 Release of BloodHound
2025-03-15T18:48:51.5066000-07:00|INFORMATION|Resolved Collection Methods: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote, UserRights, CARegistry, DCRegistry, CertServices
2025-03-15T18:48:51.5378487-07:00|INFORMATION|Initializing SharpHound at 6:48 PM on 3/15/2025
2025-03-15T18:48:51.7722191-07:00|INFORMATION|Loaded cache with stats: 83 ID to type mappings.
 93 name to SID mappings.
 4 machine sid mappings.
 4 sid to domain mappings.
 0 global catalog mappings.
2025-03-15T18:48:51.8034725-07:00|INFORMATION|Flags: Group, LocalAdmin, GPOLocalGroup, Session, LoggedOn, Trusts, ACL, Container, RDP, ObjectProps, DCOM, SPNTargets, PSRemote, UserRights, CARegistry, DCRegistry, CertServices
2025-03-15T18:48:51.8815953-07:00|INFORMATION|Beginning LDAP search for final.com
2025-03-15T18:48:51.9440972-07:00|INFORMATION|Beginning LDAP search for final.com Configuration NC
2025-03-15T18:48:51.9440972-07:00|INFORMATION|Producer has finished, closing LDAP channel
2025-03-15T18:48:51.9440972-07:00|INFORMATION|LDAP channel closed, waiting for consumers
2025-03-15T18:48:52.0065974-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.1159686-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.1472234-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.1941014-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.2253452-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.2722157-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.3972185-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.4284685-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:48:52.4597922-07:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for FINAL.COM
2025-03-15T18:49:02.2721459-07:00|INFORMATION|Consumers finished, closing output channel
2025-03-15T18:49:02.2877649-07:00|INFORMATION|Output channel closed, waiting for output task to complete
Closing writers
2025-03-15T18:49:02.4283873-07:00|INFORMATION|Status: 326 objects finished (+326 32.6)/s -- Using 40 MB RAM
2025-03-15T18:49:02.4283873-07:00|INFORMATION|Enumeration finished in 00:00:10.5647434
2025-03-15T18:49:02.5065135-07:00|INFORMATION|Saving cache with stats: 83 ID to type mappings.
 93 name to SID mappings.
 4 machine sid mappings.
 4 sid to domain mappings.
 0 global catalog mappings.
2025-03-15T18:49:02.5221378-07:00|INFORMATION|SharpHound Enumeration Completed at 6:49 PM on 3/15/2025! Happy Graphing!
@DrorDvash
Copy link
DrorDvash commented Mar 16, 2025
edited
Loading

I have the same issue on v2.6.1. I ran it in runas /netonly session -> SharpHound -c All

2025-03-17T00:55:51.6309014+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:52.1492547+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:52.6770869+02:00|INFORMATION|Beginning LDAP search for eu-ifrit.vl Configuration NC
2025-03-17T00:55:53.1444945+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:53.1974569+02:00|INFORMATION|Producer has finished, closing LDAP channel
2025-03-17T00:55:53.1974569+02:00|INFORMATION|LDAP channel closed, waiting for consumers
2025-03-17T00:55:53.6282976+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:53.6282976+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:53.6282976+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:53.6282976+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:54.4885921+02:00|INFORMATION|[CommonLib ACLProc]Building GUID Cache for EU-IFRIT.VL
2025-03-17T00:55:57.3490490+02:00|ERROR|An unhandled error occurred during the LDAP test: System.InvalidOperationException: Server did return a challenge
   at SharpHoundCommonLib.Ntlm.LdapConnection.SaslBind(String distinguishedName, String mechanism, Byte[] credential)
   at System.Threading.Tasks.Task`1.InnerInvoke()
   at System.Threading.Tasks.Task.Execute()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Ntlm.LdapTransport.<AuthenticateAsync>d__12.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Ntlm.NtlmAuthenticationHandler.<PerformNtlmAuthenticationAsync>d__7.MoveNext()
--- End of stack trace from previous location where exception was thrown ---
   at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()
   at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)
   at SharpHoundCommonLib.Processors.DCLdapProcessor.<Authenticate>d__18.MoveNext()
2025-03-17T00:56:10.3763135+02:00|IN
8000
FORMATION|Consumers finished, closing output channel
Closing writers
2025-03-17T00:56:10.8014293+02:00|INFORMATION|Output channel closed, waiting for output task to complete
2025-03-17T00:56:10.8626932+02:00|INFORMATION|Status: 534 objects finished (+534 26.7)/s -- Using 45 MB RAM
2025-03-17T00:56:10.8626932+02:00|INFORMATION|Enumeration finished in 00:00:20.3365248
2025-03-17T00:56:10.9157917+02:00|INFORMATION|Saving cache with stats: 24 ID to type mappings.
 0 name to SID mappings.
 2 machine sid mappings.
 3 sid to domain mappings.
 0 global catalog mappings.
2025-03-17T00:56:10.9259058+02:00|INFORMATION|SharpHound Enumeration Completed at 0:56 on 17/03/2025! Happy Graphing!

@MaccariTA
Copy link

Still happening in 2.6.5

@jvplopper
Copy link

Saw this in 2.6.5 but did not see this in 2.5.13

@StephenHinck StephenHinck mentioned this issue May 1, 2025
Merged
8 tasks
@StephenHinck
Copy link

This will be fixed in our next release. The PR for resolving this issue is open here: SpecterOps/SharpHoundCommon#202

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
ticketed
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

BED-5562 changing LDAP InvalidOperationException to debug SpecterOps/SharpHoundCommon
5 participants
@DrorDvash @StephenHinck @MaccariTA @jvplopper @PhilippRieth
0