本文整理汇总了Python中impacket.dcerpc.v5.scmr.SERVICE_STATE_ALL属性的典型用法代码示例。如果您正苦于以下问题:Python scmr.SERVICE_STATE_ALL属性的具体用法?Python scmr.SERVICE_STATE_ALL怎么用?Python scmr.SERVICE_STATE_ALL使用的例子?那么恭喜您, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类impacket.dcerpc.v5.scmr的用法示例。
在下文中一共展示了scmr.SERVICE_STATE_ALL属性的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_REnumServicesStatusExW
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_REnumServicesStatusExW(self):
dce, rpctransport, scHandle = self.connect()
request = scmr.REnumServicesStatusExW()
request['hSCManager'] = scHandle
request['InfoLevel'] = scmr.SC_STATUS_PROCESS_INFO
request['dwServiceType'] = scmr.SERVICE_WIN32_OWN_PROCESS
request['dwServiceState'] = scmr.SERVICE_STATE_ALL
request['lpResumeIndex'] = NULL
request['pszGroupName'] = NULL
request['cbBufSize'] = 0
#request.dump()
#print "\n"
# Request again with the right bufSize
try:
resp = dce.request(request)
except Exception, e:
if str(e).find('ERROR_MORE_DATA') <= 0:
raise
else:
resp = e.get_packet() 示例2: te_REnumServiceGroupW
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def te_REnumServiceGroupW(self):
dce, rpctransport, scHandle = self.connect()
dwServiceType = scmr.SERVICE_WIN32_OWN_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
cbBufSize = 10
lpResumeIndex = 0
pszGroupName = 'RemoteRegistry\x00'
try:
resp = scmr.hREnumServiceGroupW(dce, scHandle, dwServiceType, dwServiceState, cbBufSize, lpResumeIndex, pszGroupName )
resp.dump()
except Exception, e:
if str(e).find('ERROR_SERVICE_DOES_NOT_EXISTS') <= 0:
raise 示例3: test_query
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_query(self):
dce, rpctransport, scHandle = self.connect()
############################
# Query Service Status / Enum Dependent
lpServiceName = 'PlugPlay\x00'
desiredAccess = scmr.SERVICE_START | scmr.SERVICE_STOP | scmr.SERVICE_CHANGE_CONFIG | scmr.SERVICE_QUERY_CONFIG | scmr.SERVICE_QUERY_STATUS | scmr.SERVICE_ENUMERATE_DEPENDENTS
resp = scmr.hROpenServiceW(dce, scHandle, lpServiceName, desiredAccess )
resp.dump()
serviceHandle = resp['lpServiceHandle']
resp = scmr.hRQueryServiceStatus(dce, serviceHandle)
cbBufSize = 0
try:
resp = scmr.hREnumDependentServicesW(dce, serviceHandle, scmr.SERVICE_STATE_ALL,cbBufSize )
resp.dump()
except scmr.DCERPCSessionError, e:
if str(e).find('ERROR_MORE_DATA') <= 0:
raise
else:
resp = e.get_packet() 示例4: te_REnumServiceGroupW
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def te_REnumServiceGroupW(self):
dce, rpctransport, scHandle = self.connect()
dwServiceType = scmr.SERVICE_WIN32_OWN_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
cbBufSize = 10
lpResumeIndex = 0
pszGroupName = 'RemoteRegistry\x00'
try:
resp = scmr.hREnumServiceGroupW(dce, scHandle, dwServiceType, dwServiceState, cbBufSize, lpResumeIndex, pszGroupName )
resp.dump()
except Exception as e:
if str(e).find('ERROR_SERVICE_DOES_NOT_EXISTS') <= 0:
raise
scmr.hRCloseServiceHandle(dce, scHandle) 示例5: test_enumservices
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_enumservices(self):
dce, rpctransport, scHandle = self.connect()
#####################
# EnumServicesStatusW
dwServiceType = scmr.SERVICE_KERNEL_DRIVER | scmr.SERVICE_FILE_SYSTEM_DRIVER | scmr.SERVICE_WIN32_OWN_PROCESS | scmr.SERVICE_WIN32_SHARE_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
cbBufSize = 0
resp = scmr.hREnumServicesStatusW(dce, scHandle, dwServiceType, dwServiceState)
resp = scmr.hRCloseServiceHandle(dce, scHandle) 示例6: test_REnumServicesStatusExW
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_REnumServicesStatusExW(self):
dce, rpctransport, scHandle = self.connect()
request = scmr.REnumServicesStatusExW()
request['hSCManager'] = scHandle
request['InfoLevel'] = scmr.SC_STATUS_PROCESS_INFO
request['dwServiceType'] = scmr.SERVICE_WIN32_OWN_PROCESS
request['dwServiceState'] = scmr.SERVICE_STATE_ALL
request['lpResumeIndex'] = NULL
request['pszGroupName'] = NULL
request['cbBufSize'] = 0
#request.dump()
#print "\n"
# Request again with the right bufSize
try:
resp = dce.request(request)
except Exception as e:
if str(e).find('ERROR_MORE_DATA') <= 0:
raise
else:
resp = e.get_packet()
resp.dump()
request['cbBufSize'] = resp['pcbBytesNeeded']
resp = dce.request(request)
resp.dump() 示例7: test_enumservices
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_enumservices(self):
dce, rpctransport, scHandle = self.connect()
#####################
# EnumServicesStatusW
dwServiceType = scmr.SERVICE_KERNEL_DRIVER | scmr.SERVICE_FILE_SYSTEM_DRIVER | scmr.SERVICE_WIN32_OWN_PROCESS | scmr.SERVICE_WIN32_SHARE_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
scmr.hREnumServicesStatusW(dce, scHandle, dwServiceType, dwServiceState)
scmr.hRCloseServiceHandle(dce, scHandle) 示例8: test_query
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def test_query(self):
dce, rpctransport, scHandle = self.connect()
############################
# Query Service Status / Enum Dependent
lpServiceName = 'PlugPlay\x00'
desiredAccess = scmr.SERVICE_START | scmr.SERVICE_STOP | scmr.SERVICE_CHANGE_CONFIG | scmr.SERVICE_QUERY_CONFIG | scmr.SERVICE_QUERY_STATUS | scmr.SERVICE_ENUMERATE_DEPENDENTS
resp = scmr.hROpenServiceW(dce, scHandle, lpServiceName, desiredAccess )
resp.dump()
serviceHandle = resp['lpServiceHandle']
scmr.hRQueryServiceStatus(dce, serviceHandle)
cbBufSize = 0
try:
resp = scmr.hREnumDependentServicesW(dce, serviceHandle, scmr.SERVICE_STATE_ALL,cbBufSize )
resp.dump()
except scmr.DCERPCSessionError as e:
if str(e).find('ERROR_MORE_DATA') <= 0:
raise
else:
resp = e.get_packet()
resp.dump()
cbBufSize = resp['pcbBytesNeeded']
resp = scmr.hREnumDependentServicesW(dce, serviceHandle, scmr.SERVICE_STATE_ALL,cbBufSize )
resp.dump()
scmr.hRCloseServiceHandle(dce, serviceHandle)
scmr.hRCloseServiceHandle(dce, scHandle) 示例9: rpc_get_services
# 需要导入模块: from impacket.dcerpc.v5 import scmr [as 别名]
# 或者: from impacket.dcerpc.v5.scmr import SERVICE_STATE_ALL [as 别名]
def rpc_get_services(self):
"""
Query services with stored credentials via RPC.
These credentials can be dumped with mimikatz via lsadump::secrets or via secretsdump.py
"""
binding = r'ncacn_np:%s[\PIPE\svcctl]' % self.addr
serviceusers = []
dce = self.dce_rpc_connect(binding, scmr.MSRPC_UUID_SCMR)
if dce is None:
return
try:
resp = scmr.hROpenSCManagerW(dce)
scManagerHandle = resp['lpScHandle']
# TODO: Figure out if filtering out service types makes sense
resp = scmr.hREnumServicesStatusW(dce,
scManagerHandle,
dwServiceType=scmr.SERVICE_WIN32_OWN_PROCESS,
dwServiceState=scmr.SERVICE_STATE_ALL)
# TODO: Skip well-known services to save on traffic
for i in range(len(resp)):
try:
ans = scmr.hROpenServiceW(dce, scManagerHandle, resp[i]['lpServiceName'][:-1])
serviceHandle = ans['lpServiceHandle']
svcresp = scmr.hRQueryServiceConfigW(dce, serviceHandle)
svc_user = svcresp['lpServiceConfig']['lpServiceStartName'][:-1]
if '@' in svc_user:
logging.info("Found user service: %s running as %s on %s",
resp[i]['lpServiceName'][:-1],
svc_user,
self.hostname)
serviceusers.append(svc_user)
except DCERPCException as e:
if 'rpc_s_access_denied' not in str(e):
logging.debug('Exception querying service %s via RPC: %s', resp[i]['lpServiceName'][:-1], e)
except DCERPCException as e:
logging.debug('Exception connecting to RPC: %s', e)
except Exception as e:
if 'connection reset' in str(e):
logging.debug('Connection was reset: %s', e)
else:
raise e
dce.disconnect()
return serviceusers