当前位置: 首页>>代码示例>>Python>>正文

Python dcomrt.DCOMConnection方法代码示例

本文整理汇总了Python中impacket.dcerpc.v5.dcomrt.DCOMConnection方法的典型用法代码示例。如果您正苦于以下问题:Python dcomrt.DCOMConnection方法的具体用法?Python dcomrt.DCOMConnection怎么用?Python dcomrt.DCOMConnection使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在impacket.dcerpc.v5.dcomrt的用法示例。


在下文中一共展示了dcomrt.DCOMConnection方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_IWbemServices_ExecQuery

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemServices_ExecQuery(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
        #classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service']
        classes = [ 'Win32_Service']
        for classn in classes:
            print("Reading %s " % classn)
            try:
                iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn)
                done = False
                while done is False:
                    try:
                        iEnumWbemClassObject.Next(0xffffffff,1)
                    except Exception as e:
                        if str(e).find('S_FALSE') < 0:
                            print(e)
                        else:
                            done = True
                            pass
            except Exception as e:
                if str(e).find('S_FALSE') < 0:
                    print(e)
        dcom.disconnect()
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:27,代码来源:test_wmi.py

示例2: test_IWbemServices_ExecQuery

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemServices_ExecQuery(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
        classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service']
        for classn in classes:
            print "Reading %s " % classn
            try:
                iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn)
                done = False
                while done is False:
                    try:
                        iEnumWbemClassObject.Next(0xffffffff,1)
                    except Exception, e:
                        if str(e).find('S_FALSE') < 0:
                            print e
                        else:
                            done = True
                            pass
            except Exception, e:
                if str(e).find('S_FALSE') < 0:
                    print e
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:25,代码来源:test_wmi.py

示例3: test_RemQueryInterface

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_RemQueryInterface(self):
        dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain)
        iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem)
        iEventSystem = comev.IEventSystem(iInterface)
        iEventSystem.RemQueryInterface(1, (comev.IID_IEventSystem,))
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:8,代码来源:test_dcomrt.py

示例4: test_RemRelease

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_RemRelease(self):
        dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain)
        iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem)
        iEventSystem = comev.IEventSystem(iInterface)
        iEventSystem.RemRelease()
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:8,代码来源:test_dcomrt.py

示例5: tes_activation

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def tes_activation(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLoginClientID)
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:6,代码来源:test_wmi.py

示例6: test_IWbemLevel1Login_EstablishPosition

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemLevel1Login_EstablishPosition(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        resp = iWbemLevel1Login.EstablishPosition()
        print resp
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:9,代码来源:test_wmi.py

示例7: test_IWbemLevel1Login_RequestChallenge

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemLevel1Login_RequestChallenge(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        try:
            resp = iWbemLevel1Login.RequestChallenge()
            print resp
        except Exception, e:
            if str(e).find('WBEM_E_NOT_SUPPORTED') < 0:
                dcom.disconnect()
                raise
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:13,代码来源:test_wmi.py

示例8: test_IWbemLevel1Login_NTLMLogin

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemLevel1Login_NTLMLogin(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        resp = iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
        print resp
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:9,代码来源:test_wmi.py

示例9: tes_IWbemServices_OpenNamespace

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def tes_IWbemServices_OpenNamespace(self):
        # Not working
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('//./ROOT', NULL, NULL)
        try:
            resp = iWbemServices.OpenNamespace('__Namespace')
            print resp
        except Exception, e:
            dcom.disconnect()
            raise
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:14,代码来源:test_wmi.py

示例10: test_IWbemServices_GetObject

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def test_IWbemServices_GetObject(self):
        dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash)
        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL)
        iWbemLevel1Login.RemRelease()

        classObject,_ = iWbemServices.GetObject('Win32_Process')
       
        dcom.disconnect()
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:12,代码来源:test_wmi.py

示例11: _getwin32process

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def _getwin32process(self):
        if self.conn.kerberos:
            self.log.debug("Trying to authenticate using kerberos ticket")
        else:
            self.log.debug("Trying to authenticate using : {}\\{}:{}".format(
                self.conn.domain_name,
                self.conn.username,
                self.conn.password)
            )

        try:
            self.dcom = DCOMConnection(
                self.conn.hostname,
                self.conn.username,
                self.conn.password,
                self.conn.domain_name,
                self.conn.lmhash,
                self.conn.nthash,
                self.conn.aesKey,
                oxidResolver=True,
                doKerberos=self.conn.kerberos,
                kdcHost=self.conn.dc_ip
            )
            iInterface = self.dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login, wmi.IID_IWbemLevel1Login)
            iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
            self.iWbemServices = iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
            iWbemLevel1Login.RemRelease()
            self.win32Process, _ = self.iWbemServices.GetObject('Win32_Process')
        except KeyboardInterrupt as e:
            self.dcom.disconnect()
            raise KeyboardInterrupt(e)
        except Exception as e:
            raise Exception("WMIEXEC not supported on host %s : %s" % (self.conn.hostname, e))
开发者ID:Hackndo,项目名称:lsassy,代码行数:35,代码来源:wmi.py

示例12: run

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def run(self, addr):
        if self.__noOutput is False:
            smbConnection = SMBConnection(addr, addr)
            smbConnection.login(self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash)
            dialect = smbConnection.getDialect()
            if dialect == SMB_DIALECT:
                color.echo("[*] SMBv1 dialect used", GREEN)
            elif dialect == SMB2_DIALECT_002:
                color.echo("[*] SMBv2.0 dialect used", GREEN)
            elif dialect == SMB2_DIALECT_21:
                color.echo("[*] SMBv2.1 dialect used", GREEN)
            else:
                color.echo("[*] SMBv3.0 dialect used", GREEN)
        else:
            smbConnection = None

        dcom = DCOMConnection(addr, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, oxidResolver = True)

        iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
        iWbemLevel1Login.RemRelease()

        win32Process,_ = iWbemServices.GetObject('Win32_Process')

        try:
            self.shell = RemoteShell(self.__share, win32Process, smbConnection)
            if self.__command != ' ':
                self.shell.onecmd(self.__command)
            else:
                self.shell.cmdloop()
        except  (Exception, KeyboardInterrupt), e:
            #import traceback
            #traceback.print_exc()
            if smbConnection is not None:
                smbConnection.logoff()
            dcom.disconnect()
            sys.stdout.flush()
开发者ID:x0day,项目名称:MultiProxies,代码行数:40,代码来源:wmi_exec.py

示例13: _create_wmi_connection

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def _create_wmi_connection(self, namespace='root\\cimv2'):
        try:
            self._dcom = DCOMConnection(self._target_computer, self._user, self._password,
                                        self._domain, self._lmhash, self._nthash)
        except DCERPCException:
            self._dcom = None
        else:
            i_interface = self._dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,
                                                        wmi.IID_IWbemLevel1Login)
            i_wbem_level1_login = wmi.IWbemLevel1Login(i_interface)
            self._wmi_connection = i_wbem_level1_login.NTLMLogin(ntpath.join('\\\\{}\\'.format(self._target_computer), namespace),
                                                                 NULL, NULL)
开发者ID:the-useless-one,项目名称:pywerview,代码行数:14,代码来源:requester.py

示例14: __init__

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def __init__(self, target, share_name, username, password, domain, smbconnection, doKerberos=False, aesKey=None, kdcHost=None, hashes=None, share=None):
        self.__target = target
        self.__username = username
        self.__password = password
        self.__domain = domain
        self.__lmhash = ''
        self.__nthash = ''
        self.__share = share
        self.__smbconnection = smbconnection
        self.__output = None
        self.__outputBuffer = b''
        self.__share_name = share_name
        self.__shell = 'cmd.exe /Q /c '
        self.__pwd = 'C:\\'
        self.__aesKey = aesKey
        self.__kdcHost = kdcHost
        self.__doKerberos = doKerberos
        self.__retOutput = True

        if hashes is not None:
        #This checks to see if we didn't provide the LM Hash
            if hashes.find(':') != -1:
                self.__lmhash, self.__nthash = hashes.split(':')
            else:
                self.__nthash = hashes

        if self.__password is None:
            self.__password = ''
        self.__dcom = DCOMConnection(self.__target, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, self.__aesKey, oxidResolver=True, doKerberos=self.__doKerberos, kdcHost=self.__kdcHost)
        iInterface = self.__dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
        iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
        iWbemServices= iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
        iWbemLevel1Login.RemRelease()

        self.__win32Process,_ = iWbemServices.GetObject('Win32_Process')
开发者ID:byt3bl33d3r,项目名称:CrackMapExec,代码行数:37,代码来源:wmiexec.py

示例15: run

# 需要导入模块: from impacket.dcerpc.v5 import dcomrt [as 别名]
# 或者: from impacket.dcerpc.v5.dcomrt import DCOMConnection [as 别名]
def run(self, addr, osArch='64'):
        dcom = DCOMConnection(addr, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, self.__aesKey, oxidResolver=True, doKerberos=self.__doKerberos, kdcHost=self.__kdcHost)
        try:
            iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login)
            iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface)
            iWbemServices=iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL)
            iWbemLevel1Login.RemRelease()

            win32Process,_ = iWbemServices.GetObject('Win32_Process')

            self.shell = RemoteShell(self.__share, win32Process, self.__smbConnection)
            
            # Delete Procdump
            cmd = "del procdump%s.exe" % (osArch)
            logging.info("%s  Deleting ProcDump on %s..." % (debugBlue, addr))
            if logging.getLogger().getEffectiveLevel() > 10:
                with suppress_std():
                    self.shell.onecmd(cmd)
            else:
                self.shell.onecmd(cmd)

            # Delete Dumps
            cmd = "del SPRAY_*.dmp"
            logging.info("%s  Deleting dumps on %s..." % (debugBlue, addr))
            if logging.getLogger().getEffectiveLevel() > 10:
                with suppress_std():
                    self.shell.onecmd(cmd)
            else:
                self.shell.onecmd(cmd)

        finally:
            if self.__smbConnection is not None:
                self.__smbConnection.logoff()
            dcom.disconnect()
            sys.stdout.flush()
开发者ID:aas-n,项目名称:spraykatz,代码行数:37,代码来源:wmiexec_delete.py


注:本文中的impacket.dcerpc.v5.dcomrt.DCOMConnection方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。