View Issue Details

IDProjectCategoryView StatusLast Update
0007909Kali LinuxKali Package Bugpublic2022-09-09 14:00
ReporterX0RW3LL Assigned Toarnaudr  
Status resolvedResolutionfixed 
Summary0007909: (python3-impacket) impacket-rdp_check raises OpenSSL.crypto.Error on testing against targets

Running impacket-rdp_check raises OpenSSL.crypto.Error as the python3-impacket package on Kali hasn't received the June 29 and July 20 commits

The updated code in the SecureAuth impacket repo adds support for pyOpenSSL >= 21.0.0, while the package in the Kali repo contains the outdated code

Proposed fix: pull the latest commits from the SecureAuth impacket repo

Steps To Reproduce

$ impacket-rdp_check [[domain/]username[:password]@]<targetName or address>

Additional Information

Changed the setting up for new SSL connections

  • Modified the SSL context setting. Using TLS_METHOD the protocol version used will be negotiated to the highest version mutually supported by the client and the server
  • Modified cipher list setting. Defining 'ALL:@SECLEVEL=0' enables compatibility with previous versions.
  • Updated pyOpenSSL requirement to >=v21.0.0. This version included the TLS_METHOD definition.


Added support for TLS1.0

Traceback (most recent call last):
File "/usr/share/doc/python3-impacket/examples/", line 574, in <module>
check_rdp(address, username, password, domain, options.hashes)
File "/usr/share/doc/python3-impacket/examples/", line 470, in check_rdp
dump = crypto.dump_privatekey(crypto.FILETYPE_ASN1, pkey)
File "/usr/lib/python3/dist-packages/OpenSSL/", line 2090, in dump_privatekey
_openssl_assert(result_code != 0)
File "/usr/lib/python3/dist-packages/OpenSSL/", line 71, in openssl_assert
File "/usr/lib/python3/dist-packages/OpenSSL/", line 57, in exception_from_error_queue
raise exception_type(errors)
OpenSSL.crypto.Error: [('asn1 encoding routines', '', 'illegal zero content'), ('Provider routines', '', 'malloc failure'), ('asn1 encoding routines', '', 'illegal zero content'), ('Provider routines', '', 'malloc failure'), ('asn1 encoding routines', '', 'unsupported type')]

cat /etc/os-release
PRETTY_NAME="Kali GNU/Linux Rolling"
NAME="Kali GNU/Linux"

Python v3.10.6
pyOpenSSL v21.0.0
python3-impacket v0.10.0-2




2022-09-09 13:51

manager   ~0016716

Thanks for the thorough but report!

This package comes from Debian, so we fixed it there. It has just been uploaded to Debian: (version 0.10.0-3, this is the version with the fix). It should reach Kali mirrors in a few days,

Issue History

Date Modified Username Field Change
2022-09-06 21:49 X0RW3LL New Issue
2022-09-09 06:29 arnaudr Assigned To => arnaudr
2022-09-09 06:29 arnaudr Status new => assigned
2022-09-09 13:51 arnaudr Note Added: 0016716
2022-09-09 14:00 arnaudr Status assigned => resolved
2022-09-09 14:00 arnaudr Resolution open => fixed