本文整理汇总了Python中impacket.dcerpc.v5.dcomrt.DCOMConnection类的典型用法代码示例。如果您正苦于以下问题:Python DCOMConnection类的具体用法?Python DCOMConnection怎么用?Python DCOMConnection使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了DCOMConnection类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_IWbemLevel1Login_EstablishPosition
def test_IWbemLevel1Login_EstablishPosition(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
resp = iWbemLevel1Login.EstablishPosition()
print resp
dcom.disconnect()示例2: test_IWbemServices_ExecQuery
def test_IWbemServices_ExecQuery(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
#classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service']
classes = [ 'Win32_Service']
for classn in classes:
print("Reading %s " % classn)
try:
iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn)
done = False
while done is False:
try:
iEnumWbemClassObject.Next(0xffffffff,1)
except Exception as e:
if str(e).find('S_FALSE') < 0:
print(e)
else:
done = True
pass
except Exception as e:
if str(e).find('S_FALSE') < 0:
print(e)
dcom.disconnect()示例3: connect
def connect(self, host, username, password, domain=None, lmhash="", nthash=""):
if not domain:
domain = host.ip_addr
dcom = DCOMConnection(host.ip_addr,
username=username,
password=password,
domain=domain,
lmhash=lmhash,
nthash=nthash,
oxidResolver=True)
try:
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,
wmi.IID_IWbemLevel1Login)
except Exception as exc:
dcom.disconnect()
if "rpc_s_access_denied" == exc.message:
raise AccessDeniedException(host, username, password, domain)
raise
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
try:
self._iWbemServices = iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
self._dcom = dcom
except:
dcom.disconnect()
raise
finally:
iWbemLevel1Login.RemRelease()示例4: test_IWbemLevel1Login_NTLMLogin
def test_IWbemLevel1Login_NTLMLogin(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
resp = iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
print resp
dcom.disconnect()示例5: run
def run(self, addr, smb):
if self.__noOutput is False:
smbConnection = smb
else:
logging.info("Output retrieval disabled")
smbConnection = None
dcom = DCOMConnection(
addr,
self.__username,
self.__password,
self.__domain,
self.__lmhash,
self.__nthash,
self.__aesKey,
oxidResolver=True,
doKerberos=self.__doKerberos,
)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login, wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices = iWbemLevel1Login.NTLMLogin("//./root/cimv2", NULL, NULL)
iWbemLevel1Login.RemRelease()
win32Process, _ = iWbemServices.GetObject("Win32_Process")
try:
self.shell = RemoteShell(self.__share, win32Process, smbConnection)
self.shell.onecmd(self.__command)
except (Exception, KeyboardInterrupt), e:
logging.error(str(e))
dcom.disconnect()示例6: run
def run(self, addr):
if self.__noOutput is False:
try:
smbConnection = SMBConnection(addr, addr)
if self.__doKerberos is False:
smbConnection.login(self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash)
else:
smbConnection.kerberosLogin(self.__username, self.__password, self.__domain, self.__lmhash,
self.__nthash, self.__aesKey, kdcHost=self.__kdcHost)
dialect = smbConnection.getDialect()
if dialect == SMB_DIALECT:
logging.info("SMBv1 dialect used")
elif dialect == SMB2_DIALECT_002:
logging.info("SMBv2.0 dialect used")
elif dialect == SMB2_DIALECT_21:
logging.info("SMBv2.1 dialect used")
else:
logging.info("SMBv3.0 dialect used")
except Exception as e:
return e
sys.stdout.flush()
sys.exit(1)
else:
smbConnection = None
dcom = DCOMConnection(addr, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash,
self.__aesKey, oxidResolver=True, doKerberos=self.__doKerberos, kdcHost=self.__kdcHost)
try:
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
iWbemLevel1Login.RemRelease()
win32Process,_ = iWbemServices.GetObject('Win32_Process')
self.shell = RemoteShell(self.__share, win32Process, smbConnection)
if self.__command != ' ':
self.shell.onecmd(self.__command)
else:
self.shell.cmdloop()
except (Exception, KeyboardInterrupt), e:
global totalOutput
totalOutput=str(e)
#logging.error(str(e))
try:
if smbConnection is not None:
smbConnection.logoff()
except:
pass
try:
dcom.disconnect()
except:
pass
sys.stdout.flush()
return str(e)示例7: test_IWbemServices_GetObject
def test_IWbemServices_GetObject(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
iWbemLevel1Login.RemRelease()
classObject,_ = iWbemServices.GetObject('Win32_Process')
dcom.disconnect()示例8: test_IWbemLevel1Login_WBEMLogin
def test_IWbemLevel1Login_WBEMLogin(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
try:
resp = iWbemLevel1Login.WBEMLogin()
print resp
except Exception, e:
if str(e).find('E_NOTIMPL') < 0:
dcom.disconnect()
raise示例9: test_IWbemLevel1Login_RequestChallenge
def test_IWbemLevel1Login_RequestChallenge(self):
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
try:
resp = iWbemLevel1Login.RequestChallenge()
print(resp)
except Exception as e:
if str(e).find('WBEM_E_NOT_SUPPORTED') < 0:
dcom.disconnect()
raise
dcom.disconnect()示例10: tes_IWbemServices_OpenNamespace
def tes_IWbemServices_OpenNamespace(self):
# Not working
dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('//./ROOT', NULL, NULL)
try:
resp = iWbemServices.OpenNamespace('__Namespace')
print resp
except Exception, e:
dcom.disconnect()
raise示例11: __init__
def __init__(self, host, share_name, username, password, domain, smbconnection, hashes=None):
self.__host = host
self.__username = username
self.__password = password
self.__smbconnection = smbconnection
self.__domain = domain
self.__lmhash = ''
self.__nthash = ''
self.__share_name = share_name
self.__output = None
self.__outputBuffer = ''
self.__shell = 'c:\\windows\\system32\\cmd.exe'
self.__pwd = 'C:\\'
self.__quit = None
self.__executeShellCommand = None
self.__retOutput = True
if hashes is not None:
self.__lmhash, self.__nthash = hashes.split(':')
dcom = DCOMConnection(self.__host, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, None, oxidResolver=True)
try:
iInterface = dcom.CoCreateInstanceEx(string_to_bin('49B2791A-B1AE-4C90-9B8E-E860BA07F889'), IID_IDispatch)
iMMC = IDispatch(iInterface)
resp = iMMC.GetIDsOfNames(('Document',))
dispParams = DISPPARAMS(None, False)
dispParams['rgvarg'] = NULL
dispParams['rgdispidNamedArgs'] = NULL
dispParams['cArgs'] = 0
dispParams['cNamedArgs'] = 0
resp = iMMC.Invoke(resp[0], 0x409, DISPATCH_PROPERTYGET, dispParams, 0, [], [])
iDocument = IDispatch(self.getInterface(iMMC, resp['pVarResult']['_varUnion']['pdispVal']['abData']))
resp = iDocument.GetIDsOfNames(('ActiveView',))
resp = iDocument.Invoke(resp[0], 0x409, DISPATCH_PROPERTYGET, dispParams, 0, [], [])
iActiveView = IDispatch(self.getInterface(iMMC, resp['pVarResult']['_varUnion']['pdispVal']['abData']))
pExecuteShellCommand = iActiveView.GetIDsOfNames(('ExecuteShellCommand',))[0]
pQuit = iMMC.GetIDsOfNames(('Quit',))[0]
self.__quit = (iMMC, pQuit)
self.__executeShellCommand = (iActiveView, pExecuteShellCommand)
except Exception as e:
self.exit()
logging.error(str(e))
dcom.disconnect()示例12: run
def run(self, command, address, namespace):
dcom = DCOMConnection(address, self.__username, self.__password, self.__domain,
self.__lmhash, self.__nthash, self.__aesKey, self.__oxidResolver, self.__doKerberos)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin(namespace, NULL, NULL)
iWbemLevel1Login.RemRelease()
shell = WMIShell(self.__logger, iWbemServices, address)
shell.onecmd(command)
iWbemServices.RemRelease()
dcom.disconnect()示例13: __init__
def __init__(self, logger, connection, wmi_namespace):
self.__logger = logger
self.__addr = connection.host
self.__username = connection.username
self.__password = connection.password
self.__hash = connection.hash
self.__domain = connection.domain
self.__namespace = wmi_namespace
self.__iWbemServices = None
self.__doKerberos = False
self.__aesKey = None
self.__oxidResolver = True
self.__lmhash = ''
self.__nthash = ''
if self.__hash is not None:
self.__lmhash, self.__nthash = self.__hash.split(':')
if self.__password is None:
self.__password = ''
self.__dcom = DCOMConnection(self.__addr, self.__username, self.__password, self.__domain,
self.__lmhash, self.__nthash, self.__aesKey, self.__oxidResolver, self.__doKerberos)
try:
iInterface = self.__dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
self.__iWbemServices= iWbemLevel1Login.NTLMLogin(self.__namespace, NULL, NULL)
iWbemLevel1Login.RemRelease()
except Exception as e:
self.__logger.error(e)示例14: __init__
def __init__(self, target, username, password, domain, smbconnection, hashes=None, share=None):
self.__target = target
self.__username = username
self.__password = password
self.__domain = domain
self.__lmhash = ''
self.__nthash = ''
self.__share = share
self.__smbconnection = smbconnection
self.__output = '\\' + gen_random_string(6)
self.__outputBuffer = ''
self.__shell = 'cmd.exe /Q /c '
self.__pwd = 'C:\\'
self.__aesKey = None
self.__doKerberos = False
self.__retOutput = True
if hashes is not None:
self.__lmhash, self.__nthash = hashes.split(':')
if self.__password is None:
self.__password = ''
self.__dcom = DCOMConnection(self.__target, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, self.__aesKey, oxidResolver = True, doKerberos=self.__doKerberos)
iInterface = self.__dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
iWbemLevel1Login.RemRelease()
self.__win32Process,_ = iWbemServices.GetObject('Win32_Process')示例15: run
def run(self, addr, smbConnection):
result = ''
dcom = DCOMConnection(addr, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, self.__aesKey, oxidResolver = True, doKerberos=self.__doKerberos)
iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
iWbemServices= iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
iWbemLevel1Login.RemRelease()
win32Process,_ = iWbemServices.GetObject('Win32_Process')
try:
self.shell = RemoteShellwmi(self.__share, win32Process, smbConnection)
result = self.shell.send_data(self.__command)
except (Exception, KeyboardInterrupt), e:
traceback.print_exc()
dcom.disconnect()
sys.stdout.flush()