本文整理汇总了Python中impacket.smb.SMB属性的典型用法代码示例。如果您正苦于以下问题:Python smb.SMB属性的具体用法?Python smb.SMB怎么用?Python smb.SMB使用的例子?那么, 这里精选的属性代码示例或许可以为您提供帮助。您也可以进一步了解该属性所在类impacket.smb
的用法示例。
在下文中一共展示了smb.SMB属性的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: reconnect
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def reconnect(self):
"""
reconnects the SMB object based on the original options and credentials used. Only exception is that
manualNegotiate will not be honored.
Not only the connection will be created but also a login attempt using the original credentials and
method (Kerberos, PtH, etc)
:return: True, raises a SessionError exception if error
"""
userName, password, domain, lmhash, nthash, aesKey, TGT, TGS = self.getCredentials()
self.negotiateSession(self._preferredDialect)
if self._doKerberos is True:
self.kerberosLogin(userName, password, domain, lmhash, nthash, aesKey, self._kdcHost, TGT, TGS, self._useCache)
else:
self.login(userName, password, domain, lmhash, nthash, self._ntlmFallback)
return True
示例2: _put_trans_data
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def _put_trans_data(transCmd, parameters, data, noPad=False):
# have to init offset before calling len()
transCmd['Parameters']['ParameterOffset'] = 0
transCmd['Parameters']['DataOffset'] = 0
# SMB header: 32 bytes
# WordCount: 1 bytes
# ByteCount: 2 bytes
# Note: Setup length is included when len(param) is called
offset = 32 + 1 + len(transCmd['Parameters']) + 2
transData = ''
if len(parameters):
padLen = 0 if noPad else (4 - offset % 4 ) % 4
transCmd['Parameters']['ParameterOffset'] = offset + padLen
transData = ('\x00' * padLen) + parameters
offset += padLen + len(parameters)
if len(data):
padLen = 0 if noPad else (4 - offset % 4 ) % 4
transCmd['Parameters']['DataOffset'] = offset + padLen
transData += ('\x00' * padLen) + data
transCmd['Data'] = transData
示例3: create_trans_packet
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def create_trans_packet(self, setup, param='', data='', mid=None, maxSetupCount=None, totalParameterCount=None, totalDataCount=None, maxParameterCount=None, maxDataCount=None, pid=None, tid=None, noPad=False):
if maxSetupCount is None:
maxSetupCount = len(setup)
if totalParameterCount is None:
totalParameterCount = len(param)
if totalDataCount is None:
totalDataCount = len(data)
if maxParameterCount is None:
maxParameterCount = totalParameterCount
if maxDataCount is None:
maxDataCount = totalDataCount
transCmd = smb.SMBCommand(smb.SMB.SMB_COM_TRANSACTION)
transCmd['Parameters'] = smb.SMBTransaction_Parameters()
transCmd['Parameters']['TotalParameterCount'] = totalParameterCount
transCmd['Parameters']['TotalDataCount'] = totalDataCount
transCmd['Parameters']['MaxParameterCount'] = maxParameterCount
transCmd['Parameters']['MaxDataCount'] = maxDataCount
transCmd['Parameters']['MaxSetupCount'] = maxSetupCount
transCmd['Parameters']['Flags'] = 0
transCmd['Parameters']['Timeout'] = 0xffffffff
transCmd['Parameters']['ParameterCount'] = len(param)
transCmd['Parameters']['DataCount'] = len(data)
transCmd['Parameters']['Setup'] = setup
_put_trans_data(transCmd, param, data, noPad)
return self.create_smb_packet(transCmd, mid, pid, tid)
示例4: create_trans2_packet
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def create_trans2_packet(self, setup, param='', data='', mid=None, maxSetupCount=None, totalParameterCount=None, totalDataCount=None, maxParameterCount=None, maxDataCount=None, pid=None, tid=None, noPad=False):
if maxSetupCount is None:
maxSetupCount = len(setup)
if totalParameterCount is None:
totalParameterCount = len(param)
if totalDataCount is None:
totalDataCount = len(data)
if maxParameterCount is None:
maxParameterCount = totalParameterCount
if maxDataCount is None:
maxDataCount = totalDataCount
transCmd = smb.SMBCommand(smb.SMB.SMB_COM_TRANSACTION2)
transCmd['Parameters'] = smb.SMBTransaction2_Parameters()
transCmd['Parameters']['TotalParameterCount'] = totalParameterCount
transCmd['Parameters']['TotalDataCount'] = totalDataCount
transCmd['Parameters']['MaxParameterCount'] = maxParameterCount
transCmd['Parameters']['MaxDataCount'] = maxDataCount
transCmd['Parameters']['MaxSetupCount'] = len(setup)
transCmd['Parameters']['Flags'] = 0
transCmd['Parameters']['Timeout'] = 0xffffffff
transCmd['Parameters']['ParameterCount'] = len(param)
transCmd['Parameters']['DataCount'] = len(data)
transCmd['Parameters']['Setup'] = setup
_put_trans_data(transCmd, param, data, noPad)
return self.create_smb_packet(transCmd, mid, pid, tid)
示例5: create_nt_trans_packet
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def create_nt_trans_packet(self, function, setup='', param='', data='', mid=None, maxSetupCount=None, totalParameterCount=None, totalDataCount=None, maxParameterCount=None, maxDataCount=None, pid=None, tid=None, noPad=False):
if maxSetupCount is None:
maxSetupCount = len(setup)
if totalParameterCount is None:
totalParameterCount = len(param)
if totalDataCount is None:
totalDataCount = len(data)
if maxParameterCount is None:
maxParameterCount = totalParameterCount
if maxDataCount is None:
maxDataCount = totalDataCount
transCmd = smb.SMBCommand(smb.SMB.SMB_COM_NT_TRANSACT)
transCmd['Parameters'] = smb.SMBNTTransaction_Parameters()
transCmd['Parameters']['MaxSetupCount'] = maxSetupCount
transCmd['Parameters']['TotalParameterCount'] = totalParameterCount
transCmd['Parameters']['TotalDataCount'] = totalDataCount
transCmd['Parameters']['MaxParameterCount'] = maxParameterCount
transCmd['Parameters']['MaxDataCount'] = maxDataCount
transCmd['Parameters']['ParameterCount'] = len(param)
transCmd['Parameters']['DataCount'] = len(data)
transCmd['Parameters']['Function'] = function
transCmd['Parameters']['Setup'] = setup
_put_trans_data(transCmd, param, data, noPad)
return self.create_smb_packet(transCmd, mid, pid, tid)
示例6: sendEcho
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def sendEcho(conn, tid, data):
pkt = smb.NewSMBPacket()
pkt['Tid'] = tid
transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
transCommand['Parameters'] = smb.SMBEcho_Parameters()
transCommand['Data'] = smb.SMBEcho_Data()
transCommand['Parameters']['EchoCount'] = 1
transCommand['Data']['Data'] = data
pkt.addCommand(transCommand)
conn.sendSMB(pkt)
recvPkt = conn.recvSMB()
if recvPkt.getNTStatus() == 0:
print('got good ECHO response')
else:
print('got bad ECHO response: 0x{:x}'.format(recvPkt.getNTStatus()))
# override SMB.neg_session() to allow forcing ntlm authentication
示例7: sendEcho
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def sendEcho(conn, tid, data):
pkt = smb.NewSMBPacket()
pkt['Tid'] = tid
transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
transCommand['Parameters'] = smb.SMBEcho_Parameters()
transCommand['Data'] = smb.SMBEcho_Data()
transCommand['Parameters']['EchoCount'] = 1
transCommand['Data']['Data'] = data
pkt.addCommand(transCommand)
conn.sendSMB(pkt)
recvPkt = conn.recvSMB()
if recvPkt.getNTStatus() == 0:
print('got good ECHO response')
else:
print('got bad ECHO response: 0x{:x}'.format(recvPkt.getNTStatus()))
示例8: createConnectionWithBigSMBFirst80
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def createConnectionWithBigSMBFirst80(target):
# https://msdn.microsoft.com/en-us/library/cc246496.aspx
# Above link is about SMB2, but the important here is first 4 bytes.
# If using wireshark, you will see the StreamProtocolLength is NBSS length.
# The first 4 bytes is same for all SMB version. It is used for determine the SMB message length.
#
# After received first 4 bytes, srvnet.sys allocate nonpaged pool for receving SMB message.
# srvnet.sys forwards this buffer to SMB message handler after receiving all SMB message.
# Note: For Windows 7 and Windows 2008, srvnet.sys also forwards the SMB message to its handler when connection lost too.
sk = socket.create_connection((target, 445))
# For this exploit, use size is 0x11000
pkt = '\x00' + '\x00' + pack('>H', 0xfff7)
# There is no need to be SMB2 because we got code execution by corrupted srvnet buffer.
# Also this is invalid SMB2 message.
# I believe NSA exploit use SMB2 for hiding alert from IDS
#pkt += '\xfeSMB' # smb2
# it can be anything even it is invalid
pkt += 'BAAD' # can be any
pkt += '\x00'*0x7c
sk.send(pkt)
return sk
示例9: create_smb_packet
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def create_smb_packet(self, smbReq, mid=None, pid=None, tid=None):
if mid is None:
mid = self.next_mid()
pkt = smb.NewSMBPacket()
pkt.addCommand(smbReq)
pkt['Tid'] = self._default_tid if tid is None else tid
pkt['Uid'] = self._uid
pkt['Pid'] = self._pid if pid is None else pid
pkt['Mid'] = mid
flags1, flags2 = self.get_flags()
pkt['Flags1'] = flags1
pkt['Flags2'] = self._pkt_flags2 if self._pkt_flags2 != 0 else flags2
if self._SignatureEnabled:
pkt['Flags2'] |= smb.SMB.FLAGS2_SMB_SECURITY_SIGNATURE
self.signSMB(pkt, self._SigningSessionKey, self._SigningChallengeResponse)
req = str(pkt)
return '\x00'*2 + pack('>H', len(req)) + req # assume length is <65536
示例10: __init__
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def __init__(self, remote_name, extended_security = True, sess_port = 445):
self._extendedSecurity = extended_security
self.domainIp = None
self.machineAccount = None
self.machineHashes = None
smb.SMB.__init__(self,remote_name, remote_name, sess_port = sess_port)
示例11: neg_session
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def neg_session(self):
neg_sess = smb.SMB.neg_session(self, extended_security = self._extendedSecurity)
return neg_sess
示例12: __init__
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def __init__(self, SMBObject, exeFile):
self._rpctransport = 0
self.__service_name = ''.join([random.choice(string.letters) for i in range(4)])
self.__binary_service_name = ''.join([random.choice(string.letters) for i in range(8)]) + '.exe'
self.__exeFile = exeFile
# We might receive two different types of objects, always end up
# with a SMBConnection one
if isinstance(SMBObject, smb.SMB) or isinstance(SMBObject, smb3.SMB3):
self.connection = SMBConnection(existingConnection = SMBObject)
else:
self.connection = SMBObject
self.share = ''
示例13: getSMBServer
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def getSMBServer(self):
"""
returns the SMB/SMB3 instance being used. Useful for calling low level methods
"""
return self._SMBConnection
示例14: __init__
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def __init__(self, SMBObject, exeFile, serviceName=''):
self._rpctransport = 0
self.__service_name = serviceName if len(serviceName) > 0 else ''.join([random.choice(string.letters) for i in range(4)])
self.__binary_service_name = ''.join([random.choice(string.letters) for i in range(8)]) + '.exe'
self.__exeFile = exeFile
# We might receive two different types of objects, always end up
# with a SMBConnection one
if isinstance(SMBObject, smb.SMB) or isinstance(SMBObject, smb3.SMB3):
self.connection = SMBConnection(existingConnection = SMBObject)
else:
self.connection = SMBObject
self.share = ''
示例15: weak_pass
# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import SMB [as 别名]
def weak_pass(password, ip, username):
try:
client = smb.SMB('*SMBSERVER', ip)
client.login(username, password)
logger.info(ColorConsole.green('[True ] %s %s:%s' % (ip, username, password)))
found_password.append((ip, '%s:%s' % (username, password)))
return True
except Exception as e:
logger.info('[False] %s %s:%s' % (ip, username, password))
return False