本文整理汇总了Python中impacket.dcerpc.v5.rpcrt.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY属性的典型用法代码示例。如果您正苦于以下问题:Python rpcrt.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY属性的具体用法?Python rpcrt.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY怎么用?Python rpcrt.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类impacket.dcerpc.v5.rpcrt的用法示例。
在下文中一共展示了rpcrt.RPC_C_AUTHN_LEVEL_PKT_INTEGRITY属性的7个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: connect
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def connect(self, stringBinding, bindUUID):
rpctransport = transport.DCERPCTransportFactory(stringBinding )
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.connect()
dce.bind(bindUUID, transfer_syntax = self.ts)
return dce, rpctransport 示例2: connect2
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def connect2(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding )
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
#dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.connect()
dce.bind(drsuapi.MSRPC_UUID_DRSUAPI, transfer_syntax = self.ts)
return dce, rpctransport 示例3: connect
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding)
rpctransport.set_connect_timeout(30000)
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
#if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
# rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
#dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.connect()
dce.bind(mimilib.MSRPC_UUID_MIMIKATZ, transfer_syntax = self.ts)
dh = mimilib.MimiDiffeH()
blob = mimilib.PUBLICKEYBLOB()
blob['y'] = dh.genPublicKey()[::-1]
request = mimilib.MimiBind()
request['clientPublicKey']['sessionType'] = mimilib.CALG_RC4
request['clientPublicKey']['cbPublicKey'] = 144
request['clientPublicKey']['pbPublicKey'] = str(blob)
resp = dce.request(request)
blob = mimilib.PUBLICKEYBLOB(''.join(resp['serverPublicKey']['pbPublicKey']))
key = dh.getSharedSecret(''.join(blob['y'])[::-1])
pHandle = resp['phMimi']
return dce, rpctransport, pHandle, key[-16:] 示例4: getDomainControllers
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def getDomainControllers(self):
logging.debug('Calling DRSDomainControllerInfo()')
stringBinding = epm.hept_map(self.__domain, MSRPC_UUID_DRSUAPI, protocol = 'ncacn_ip_tcp')
rpctransport = transport.DCERPCTransportFactory(stringBinding)
if hasattr(rpctransport, 'set_credentials'):
rpctransport.set_credentials(self.__username,self.__password, self.__domain, self.__lmhash, self.__nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.connect()
dce.bind(MSRPC_UUID_DRSUAPI)
request = DRSBind()
request['puuidClientDsa'] = NTDSAPI_CLIENT_GUID
drs = DRS_EXTENSIONS_INT()
drs['cb'] = len(drs) #- 4
drs['dwFlags'] = DRS_EXT_GETCHGREQ_V6 | DRS_EXT_GETCHGREPLY_V6 | DRS_EXT_GETCHGREQ_V8 | DRS_EXT_STRONG_ENCRYPTION
drs['SiteObjGuid'] = NULLGUID
drs['Pid'] = 0
drs['dwReplEpoch'] = 0
drs['dwFlagsExt'] = 0
drs['ConfigObjGUID'] = NULLGUID
drs['dwExtCaps'] = 127
request['pextClient']['cb'] = len(drs.getData())
request['pextClient']['rgb'] = list(drs.getData())
resp = dce.request(request)
dcs = hDRSDomainControllerInfo(dce, resp['phDrs'], self.__domain, 1)
dce.disconnect()
domainControllers = list()
for dc in dcs['pmsgOut']['V1']['rItems']:
logging.debug('Found domain controller %s' % dc['DnsHostName'][:-1])
domainControllers.append(dc['DnsHostName'][:-1])
return domainControllers 示例5: getDomainControllers
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def getDomainControllers(self):
logging.debug('Calling DRSDomainControllerInfo()')
stringBinding = epm.hept_map(self.__domain, MSRPC_UUID_DRSUAPI, protocol = 'ncacn_ip_tcp')
rpctransport = transport.DCERPCTransportFactory(stringBinding)
if hasattr(rpctransport, 'set_credentials'):
rpctransport.set_credentials(self.__username,self.__password, self.__domain, self.__lmhash, self.__nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.connect()
dce.bind(MSRPC_UUID_DRSUAPI)
request = DRSBind()
request['puuidClientDsa'] = NTDSAPI_CLIENT_GUID
drs = DRS_EXTENSIONS_INT()
drs['cb'] = len(drs) #- 4
drs['dwFlags'] = DRS_EXT_GETCHGREQ_V6 | DRS_EXT_GETCHGREPLY_V6 | DRS_EXT_GETCHGREQ_V8 | DRS_EXT_STRONG_ENCRYPTION
drs['SiteObjGuid'] = NULLGUID
drs['Pid'] = 0
drs['dwReplEpoch'] = 0
drs['dwFlagsExt'] = 0
drs['ConfigObjGUID'] = NULLGUID
drs['dwExtCaps'] = 127
request['pextClient']['cb'] = len(drs)
request['pextClient']['rgb'] = list(str(drs))
resp = dce.request(request)
dcs = hDRSDomainControllerInfo(dce, resp['phDrs'], self.__domain, 1)
dce.disconnect()
domainControllers = list()
for dc in dcs['pmsgOut']['V1']['rItems']:
logging.debug('Found domain controller %s' % dc['DnsHostName'][:-1])
domainControllers.append(dc['DnsHostName'][:-1])
return domainControllers 示例6: connect
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding )
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.connect()
dce.bind(drsuapi.MSRPC_UUID_DRSUAPI, transfer_syntax = self.ts)
request = drsuapi.DRSBind()
request['puuidClientDsa'] = drsuapi.NTDSAPI_CLIENT_GUID
drs = drsuapi.DRS_EXTENSIONS_INT()
drs['cb'] = len(drs) #- 4
drs['dwFlags'] = drsuapi.DRS_EXT_GETCHGREQ_V6 | drsuapi.DRS_EXT_GETCHGREPLY_V6 | drsuapi.DRS_EXT_GETCHGREQ_V8 | drsuapi.DRS_EXT_STRONG_ENCRYPTION
drs['SiteObjGuid'] = drsuapi.NULLGUID
drs['Pid'] = 0
drs['dwReplEpoch'] = 0
drs['dwFlagsExt'] = drsuapi.DRS_EXT_RECYCLE_BIN
drs['ConfigObjGUID'] = drsuapi.NULLGUID
drs['dwExtCaps'] = 0
request['pextClient']['cb'] = len(drs)
request['pextClient']['rgb'] = list(str(drs))
resp = dce.request(request)
# Let's dig into the answer to check the dwReplEpoch. This field should match the one we send as part of
# DRSBind's DRS_EXTENSIONS_INT(). If not, it will fail later when trying to sync data.
drsExtensionsInt = drsuapi.DRS_EXTENSIONS_INT()
# If dwExtCaps is not included in the answer, let's just add it so we can unpack DRS_EXTENSIONS_INT right.
ppextServer = ''.join(resp['ppextServer']['rgb']) + '\x00' * (
len(drsuapi.DRS_EXTENSIONS_INT()) - resp['ppextServer']['cb'])
drsExtensionsInt.fromString(ppextServer)
if drsExtensionsInt['dwReplEpoch'] != 0:
# Different epoch, we have to call DRSBind again
drs['dwReplEpoch'] = drsExtensionsInt['dwReplEpoch']
request['pextClient']['cb'] = len(drs)
request['pextClient']['rgb'] = list(str(drs))
resp = dce.request(request)
resp2 = drsuapi.hDRSDomainControllerInfo(dce, resp['phDrs'], self.domain, 2)
return dce, rpctransport, resp['phDrs'], resp2['pmsgOut']['V2']['rItems'][0]['NtdsDsaObjectGuid'] 示例7: connect
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import RPC_C_AUTHN_LEVEL_PKT_INTEGRITY [as 别名]
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding )
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_PRIVACY)
dce.connect()
dce.bind(drsuapi.MSRPC_UUID_DRSUAPI, transfer_syntax = self.ts)
request = drsuapi.DRSBind()
request['puuidClientDsa'] = drsuapi.NTDSAPI_CLIENT_GUID
drs = drsuapi.DRS_EXTENSIONS_INT()
drs['cb'] = len(drs) #- 4
drs['dwFlags'] = drsuapi.DRS_EXT_GETCHGREQ_V6 | drsuapi.DRS_EXT_GETCHGREPLY_V6 | drsuapi.DRS_EXT_GETCHGREQ_V8 | drsuapi.DRS_EXT_STRONG_ENCRYPTION
drs['SiteObjGuid'] = drsuapi.NULLGUID
drs['Pid'] = 0
drs['dwReplEpoch'] = 0
drs['dwFlagsExt'] = drsuapi.DRS_EXT_RECYCLE_BIN
drs['ConfigObjGUID'] = drsuapi.NULLGUID
drs['dwExtCaps'] = 0
request['pextClient']['cb'] = len(drs.getData())
request['pextClient']['rgb'] = list(drs.getData())
resp = dce.request(request)
# Let's dig into the answer to check the dwReplEpoch. This field should match the one we send as part of
# DRSBind's DRS_EXTENSIONS_INT(). If not, it will fail later when trying to sync data.
drsExtensionsInt = drsuapi.DRS_EXTENSIONS_INT()
# If dwExtCaps is not included in the answer, let's just add it so we can unpack DRS_EXTENSIONS_INT right.
ppextServer = b''.join(resp['ppextServer']['rgb']) + b'\x00' * (
len(drsuapi.DRS_EXTENSIONS_INT()) - resp['ppextServer']['cb'])
drsExtensionsInt.fromString(ppextServer)
if drsExtensionsInt['dwReplEpoch'] != 0:
# Different epoch, we have to call DRSBind again
drs['dwReplEpoch'] = drsExtensionsInt['dwReplEpoch']
request['pextClient']['cb'] = len(drs.getData())
request['pextClient']['rgb'] = list(drs.getData())
resp = dce.request(request)
resp2 = drsuapi.hDRSDomainControllerInfo(dce, resp['phDrs'], self.domain, 2)
return dce, rpctransport, resp['phDrs'], resp2['pmsgOut']['V2']['rItems'][0]['NtdsDsaObjectGuid']