4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

Evil-winrm error on connection to host

evil-winrm

LordOfr0 1 May 14, 2022, 1:49am

Hi, I am receiving an error that i have been unable to fix and find a solution for online.
I am running on OS: Ubuntu 22.04 LTS x86_64.
I am able to connect if i run the same command via kali or the docker file supplied in the evil-winrm git repo.
Any solution to this issue would be greatly appreciated!

evil-winrm -u administrator -p badminton -i 10.129.239.174

Evil-WinRM shell v3.3

Info: Establishing connection to remote endpoint

Error: An error of type OpenSSL::Digest::DigestError happened, message is Digest

Error: Exiting with code 1

4 Likes

xMaSteRxQuiLtx 2 May 29, 2022, 1:06am

I too am running into this error.

xMaSteRxQuiLtx 3 May 29, 2022, 1:07am

@LordOfr0 Did you find the solution in the past 15 days?

LordOfr0 4 May 29, 2022, 1:36am

Yes it is related to this issue Lab Access Openvpn certificate verify failed

If you fix this it will fix the evil-winrm issue

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 1/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

xMaSteRxQuiLtx 5 May 29, 2022, 2:29am

Strange. I’m using the starting machines, and it looks like tls-cipher "DEFAULT:@SECLEVEL=0" is
already there. Don’t think it matters, but tried without quotes as well.

client
dev tun
proto udp
remote edge-us-starting-point-1-dhcp.hackthebox.eu 1337
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
comp-lzo
verb 3
cipher AES-128-CBC
tls-cipher "DEFAULT:@SECLEVEL=0"
auth SHA256
key-direction 1

Tried different VPN servers, tried re-installing evil-winrm, ruby, etc.

LordOfr0 6 May 29, 2022, 3:15am

try older openvpn version 2.51 e.g.

1 Like

xMaSteRxQuiLtx 7 May 29, 2022, 6:23am

Sadly, that didn’t work either. I’ll have to try a few other things.

xMaSteRxQuiLtx 8 May 29, 2022, 7:38am

I gave up and just used a docker image. Spent way too much time trying to solve this, so found a workaround.

heegan 9 July 30, 2022, 4:02am

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 2/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

Hi, have you got any solution to this?

hotpepper808 10 August 18, 2022, 4:13am

after infinite frustration, scouring the web, noting the addition to .ovpn file == no positive results…

I jumped into Discord and asked, a user ended up responding, explaining its a known issue and suggested a full
update on Kali. Upon updating, winrm worked smoothly, just as the write-up.

Link to Kali update doc: https://www.kali.org/docs/general-use/updating-kali/

Reelix 11 August 20, 2022, 8:51am

This is alarmingly hacky, but it works for this case.

1.) pip install pywinrm

2.) run python3 to open up a prompt
3.) Run the following

import winrm
session = winrm.Session('10.129.67.232', auth=('administrator','badminton'), tran
session.run_ps("whoami").std_out

If you get an md4 error, refer to: this link.

Then simply re-run the final line replacing “whoami” with your command (You can also change run_ps to
run_cmd to execute cmd commands instead of ps ones)

For the flag, do:

session.run_cmd("type C:\\Users\\mike\Desktop\\flag.txt").std_out

A bit hacky, but it’s a solution for this box.

1 Like

MrEscape 12 August 29, 2022, 6:30pm

In my case issue was evil-winrm was using ruby 2.7 but mine ruby path was set to ruby 3.0
so go to and change ruby3 to ruby2.7 temporarily

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 3/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

cd /usr/bin/
cp ruby ruby.bk
cp -f ruby2.7 ruby

and run evil-winrm this will solve the issue.

after executing to reverb changes

cd /usr/bin/
cp -f ruby.bk ruby

MrEscape 13 August 29, 2022, 6:33pm

In my case evil-winrm was using ruby2.7 but my default path for ruby was set to 3.0 so temporarily change it.

cd /usr/bin
cp ruby ruby.bk
cp -f ruby2.7 ruby

and now run evil-winrm it will work.

to revert back changes

cp -f ruby.bk ruby

1 Like

mickdec 14 December 6, 2022, 4:23pm

Add those lines to /etc/ssl/openssl.cnf

[provider_sect]
default = default_sect
legacy = legacy_sect

[default_sect]
activate = 1

[legacy_sect]
activate = 1

It will activate md4 for openssl.

15 Likes

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 4/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

carlosbean 15 January 12, 2023, 8:44pm

this fixes it… ty /bow

1 Like

merlin246 16 January 13, 2023, 12:07am

mickdec:

[legacy_sect]
activate = 1

Thankyou, this fixed it for me!

1 Like

riznob 17 March 2, 2023, 4:02am

I’m using ubuntu, not kali. I gave up on making evil-winrm work on ubuntu. I used docker instead.

Here is the docker command I used…

docker run --rm -ti --name evil-winrm oscarakaelvis/evil-winrm -i 10.129.111.232

1 Like

longcatth 18 March 5, 2023, 5:29am

I wrote the solution for M1/M2 users here.

https://gist.github.com/pich4ya/002ae2d844315f4338f5586ba3dcbfbd
openssl3_no_md4.txt

# @author Pichaya Morimoto (p.morimoto@sth.sh)

# gem install evil-winrm

# evil-winrm -u "${user}" -p "${pass}" -i "${ip}"

Evil-WinRM shell v3.4

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 5/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

Info: Establishing connection to remote endpoint

Error: An error of type OpenSSL::Digest::DigestError happened, message is Di

This file has been truncated. show original

Geekecom 19 March 16, 2023, 2:58pm

Workaround: edit /etc/ssl/openssl.cnf by adding legacy = legacy_sect under default = default_sect in order to
appear as:

[openssl_init]
providers = provider_sect

# List of providers to load

[provider_sect]
default = default_sect
legacy = legacy_sect

and by uncommenting #activate = 1 under [default_sect] and adding [legacy_sect] and activate = 1 under them
in order to appear as:

[default_sect]
activate = 1
[legacy_sect]
activate = 1

6 Likes

corachiolo 20 March 17, 2023, 5:30pm

Thanks!! this works for me!

RachelGomez 21 April 17, 2023, 5:14am

Evil-winrm is a popular tool used to perform remote Windows exploitation and privilege escalation. When you
encounter an error while connecting to a host using evil-winrm, there are several things you can do to
troubleshoot the issue. Here are some tips to help you fix evil-winrm error on connection to host:

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 6/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

Verify the connection details: Ensure that you are using the correct IP address or hostname, port number, and
credentials for the target system. Double-check the spelling and formatting of the connection details, as even a
small error can prevent you from connecting.

Check network connectivity: Make sure that the target system is reachable from your machine. Check the
firewall settings on the target system and any intermediate devices such as routers or firewalls that may be
blocking the connection.

Verify credentials: Ensure that the credentials you are using to connect to the target system are correct and have
sufficient privileges to perform the desired actions. Try using different credentials if you have them available.

Regards,
Rachel Gomez

TonyShasta 22 June 28, 2023, 11:34pm

Perfect. Thank you

str4code 23 September 30, 2023, 10:23am

I had the same issue with Ubuntu 22.04. Use ruby 2.7.0. This fixed my issue:

curl -sSL https://rvm.io/pkuczynski.asc | gpg2 --import -

curl -sSL https://get.rvm.io | bash -s stable
source ~/.rvm/scripts/rvm
rvm pkg install openssl
rvm install ruby-2.7.0 --with-openssl-dir=$HOME/.rvm/usr
gem install evil-winrm

2 Likes

sha16 24 November 28, 2023, 3:49am

I love you! C: this worked for me

skeletonknight 25 December 16, 2023, 2:53pm

thanks

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 7/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

mulihtb 26 December 21, 2023, 11:57pm

good job, thank you very much.

hauger 27 January 6, 2024, 10:19pm

Same here, so I tried to run evil-winrm in Docker instead. The Digest-related error is gone, but I get another
one:

Evil-WinRM shell v3.5

Info: Establishing connection to remote endpoint

Error: An error of type HTTPClient::ReceiveTimeoutError happened, message is exec

Error: Exiting with code 1

Update

Changing the VPN protocol type from UDP to TCP resolved the connection error.

em.farih 28 January 7, 2024, 11:10am

save my day… thanks… i am using CrunchBang++

Cryptkeeper 29 January 15, 2024, 10:17pm

Carefully read the comments in the configuration file!!!11

# If you add a section explicitly activating any other provider(s), you most
# probably need to explicitly activate the default provider, otherwise it
# becomes unavailable in openssl. As a consequence applications depending on
# OpenSSL may not work correctly which could lead to significant system
# problems including inability to remotely access the system.

So if activate = 1 is commented out in your [default_sect] you definitly want to uncomment this!
That would have saved me an extra hour of troubleshooting…

For search engines: The evil-winrm error message without that additional activate was

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 8/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

/usr/lib/ruby/3.0.0/openssl/pkey.rb:132:in `initialize': could not parse pkey: (n

whoami94 30 February 8, 2024, 12:47pm

Thank you so much, buddy! I can’t tell you how many hours I spent trying to fix this problem, and it was
driving me crazy!
I’m using Debian 12 with Ruby version 3.1.2. After trying all the solutions offered by the community, I just
couldn’t get it to work.
But thanks to your advice, I was able to downgrade to version “ruby 2.7.0p0 (2019-12-25 revision
647ee6f091)” and complete the machine.

THANK YOU SO MUCH!

0xh4ty 31 February 9, 2024, 7:12am

Thank u so much.

gazgak 32 February 16, 2024, 2:49am

thanks

dturovskiy 33 February 19, 2024, 11:11am

thanks!

nothikiko 34 April 15, 2024, 9:11am

str4code:

rvm install ruby-2.7.0 --with-openssl-dir=$HOME/.rvm/usr

thank you so much for this. for others, if you wanna do this solution you have to source ~/.rvm/scripts/rvm
every time you wanna use evil-winrm. it might also ask you to install a specific version of nori, just do that and

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 9/10
4/16/24, 3:13 PM Evil-winrm error on connection to host - Off-topic - Hack The Box :: Forums

youll be gucci

https://forum.hackthebox.com/t/evil-winrm-error-on-connection-to-host/257342/print 10/10