本文整理汇总了Python中impacket.dcerpc.v5.ndr.NDRCALL属性的典型用法代码示例。如果您正苦于以下问题:Python ndr.NDRCALL属性的具体用法?Python ndr.NDRCALL怎么用?Python ndr.NDRCALL使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类impacket.dcerpc.v5.ndr的用法示例。
在下文中一共展示了ndr.NDRCALL属性的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_bigRequestMustFragment
# 需要导入模块: from impacket.dcerpc.v5 import ndr [as 别名]
# 或者: from impacket.dcerpc.v5.ndr import NDRCALL [as 别名]
def test_bigRequestMustFragment(self):
class dummyCall(NDRCALL):
opnum = 2
structure = (
('Name', RPC_UNICODE_STRING),
)
lmhash, nthash = self.hashes.split(':')
oldBinding = self.stringBinding
self.stringBinding = epm.hept_map(self.machine, samr.MSRPC_UUID_SAMR, protocol = 'ncacn_ip_tcp')
print self.stringBinding
dce = self.connectDCE(self.username, '', self.domain, lmhash, nthash, dceFragment=0,
auth_level=RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, auth_type=RPC_C_AUTHN_GSS_NEGOTIATE,
dceAuth=True,
doKerberos=True, bind=samr.MSRPC_UUID_SAMR)
self.stringBinding = oldBinding
request = samr.SamrConnect()
request['ServerName'] = u'BETO\x00'
request['DesiredAccess'] = samr.DELETE | samr.READ_CONTROL | samr.WRITE_DAC | samr.WRITE_OWNER | samr.ACCESS_SYSTEM_SECURITY | samr.GENERIC_READ | samr.GENERIC_WRITE | samr.GENERIC_EXECUTE | samr.SAM_SERVER_CONNECT | samr.SAM_SERVER_SHUTDOWN | samr.SAM_SERVER_INITIALIZE | samr.SAM_SERVER_CREATE_DOMAIN | samr.SAM_SERVER_ENUMERATE_DOMAINS | samr.SAM_SERVER_LOOKUP_DOMAIN | samr.SAM_SERVER_READ | samr.SAM_SERVER_WRITE | samr.SAM_SERVER_EXECUTE
resp = dce.request(request)
request = samr.SamrEnumerateDomainsInSamServer()
request['ServerHandle'] = resp['ServerHandle']
request['EnumerationContext'] = 0
request['PreferedMaximumLength'] = 500
resp2 = dce.request(request)
try:
request = samr.SamrLookupDomainInSamServer()
request['ServerHandle'] = resp['ServerHandle']
request['Name'] = 'A'*4500
resp = dce.request(request)
except Exception, e:
if str(e).find('STATUS_NO_SUCH_DOMAIN') < 0:
raise 示例2: test_bigRequestMustFragment
# 需要导入模块: from impacket.dcerpc.v5 import ndr [as 别名]
# 或者: from impacket.dcerpc.v5.ndr import NDRCALL [as 别名]
def test_bigRequestMustFragment(self):
class dummyCall(NDRCALL):
opnum = 2
structure = (
('Name', RPC_UNICODE_STRING),
)
lmhash, nthash = self.hashes.split(':')
oldBinding = self.stringBinding
self.stringBinding = epm.hept_map(self.machine, samr.MSRPC_UUID_SAMR, protocol = 'ncacn_ip_tcp')
print(self.stringBinding)
dce = self.connectDCE(self.username, '', self.domain, lmhash, nthash, dceFragment=0,
auth_level=RPC_C_AUTHN_LEVEL_PKT_INTEGRITY, auth_type=RPC_C_AUTHN_GSS_NEGOTIATE,
dceAuth=True,
doKerberos=True, bind=samr.MSRPC_UUID_SAMR)
self.stringBinding = oldBinding
request = samr.SamrConnect()
request['ServerName'] = b'BETO\x00'
request['DesiredAccess'] = samr.DELETE | samr.READ_CONTROL | samr.WRITE_DAC | samr.WRITE_OWNER | samr.ACCESS_SYSTEM_SECURITY | samr.GENERIC_READ | samr.GENERIC_WRITE | samr.GENERIC_EXECUTE | samr.SAM_SERVER_CONNECT | samr.SAM_SERVER_SHUTDOWN | samr.SAM_SERVER_INITIALIZE | samr.SAM_SERVER_CREATE_DOMAIN | samr.SAM_SERVER_ENUMERATE_DOMAINS | samr.SAM_SERVER_LOOKUP_DOMAIN | samr.SAM_SERVER_READ | samr.SAM_SERVER_WRITE | samr.SAM_SERVER_EXECUTE
resp = dce.request(request)
request = samr.SamrEnumerateDomainsInSamServer()
request['ServerHandle'] = resp['ServerHandle']
request['EnumerationContext'] = 0
request['PreferedMaximumLength'] = 500
dce.request(request)
try:
request = samr.SamrLookupDomainInSamServer()
request['ServerHandle'] = resp['ServerHandle']
request['Name'] = 'A'*4500
dce.request(request)
except Exception as e:
if str(e).find('STATUS_NO_SUCH_DOMAIN') < 0:
raise
dce.disconnect()