本文整理汇总了Python中impacket.dcerpc.v5.rpcrt.DCERPCException方法的典型用法代码示例。如果您正苦于以下问题:Python rpcrt.DCERPCException方法的具体用法?Python rpcrt.DCERPCException怎么用?Python rpcrt.DCERPCException使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类impacket.dcerpc.v5.rpcrt的用法示例。
在下文中一共展示了rpcrt.DCERPCException方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: get_os_arch
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_os_arch(self):
try:
stringBinding = r'ncacn_ip_tcp:{}[135]'.format(self.host)
transport = DCERPCTransportFactory(stringBinding)
transport.set_connect_timeout(5)
dce = transport.get_dce_rpc()
if self.args.kerberos:
dce.set_auth_type(RPC_C_AUTHN_GSS_NEGOTIATE)
dce.connect()
try:
dce.bind(MSRPC_UUID_PORTMAP, transfer_syntax=('71710533-BEBA-4937-8319-B5DBEF9CCC36', '1.0'))
except (DCERPCException, e):
if str(e).find('syntaxes_not_supported') >= 0:
dce.disconnect()
return 32
else:
dce.disconnect()
return 64
except Exception as e:
logging.debug('Error retrieving os arch of {}: {}'.format(self.host, str(e)))
return 0 示例2: get_os_arch
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_os_arch(target):
try:
stringBinding = r'ncacn_ip_tcp:{}[135]'.format(target)
transport = DCERPCTransportFactory(stringBinding)
transport.set_connect_timeout(5)
dce = transport.get_dce_rpc()
dce.connect()
try:
dce.bind(MSRPC_UUID_PORTMAP, transfer_syntax=('71710533-BEBA-4937-8319-B5DBEF9CCC36', '1.0'))
except DCERPCException as e:
if str(e).find('syntaxes_not_supported') >= 0:
return 32
else:
pass
else:
return 64
dce.disconnect()
except Exception as e:
logging.warning('%sErr with get_os_arch for %s: %s' % (warningRed, target, str(e))) 示例3: isAdmin
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def isAdmin(self):
rpctransport = SMBTransport(self.session.getRemoteHost(), 445, r'\svcctl', smb_connection=self.session)
dce = rpctransport.get_dce_rpc()
try:
dce.connect()
except:
pass
else:
dce.bind(scmr.MSRPC_UUID_SCMR)
try:
# 0xF003F - SC_MANAGER_ALL_ACCESS
# http://msdn.microsoft.com/en-us/library/windows/desktop/ms685981(v=vs.85).aspx
ans = scmr.hROpenSCManagerW(dce,'{}\x00'.format(self.target.hostname),'ServicesActive\x00', 0xF003F)
return "TRUE"
except scmr.DCERPCException as e:
pass
return "FALSE" 示例4: __print_all_subkeys_and_entries
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def __print_all_subkeys_and_entries(self, rpc, keyName, keyHandler, index):
index = 0
while True:
try:
subkey = rrp.hBaseRegEnumKey(rpc, keyHandler, index)
index += 1
ans = rrp.hBaseRegOpenKey(rpc, keyHandler, subkey['lpNameOut'],
samDesired=rrp.MAXIMUM_ALLOWED | rrp.KEY_ENUMERATE_SUB_KEYS)
newKeyName = keyName + subkey['lpNameOut'][:-1] + '\\'
print(newKeyName)
self.__print_key_values(rpc, ans['phkResult'])
self.__print_all_subkeys_and_entries(rpc, newKeyName, ans['phkResult'], 0)
except rrp.DCERPCSessionError as e:
if e.get_error_code() == ERROR_NO_MORE_ITEMS:
break
except rpcrt.DCERPCException as e:
if str(e).find('access_denied') >= 0:
logging.error('Cannot access subkey %s, bypassing it' % subkey['lpNameOut'][:-1])
continue
elif str(e).find('rpc_x_bad_stub_data') >= 0:
logging.error('Fault call, cannot retrieve value for %s, bypassing it' % subkey['lpNameOut'][:-1])
return
raise 示例5: getDomainUsers
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def getDomainUsers(self, enumerationContext=0):
if self.__samr is None:
self.connectSamr(self.getMachineNameAndDomain()[1])
try:
resp = samr.hSamrEnumerateUsersInDomain(self.__samr, self.__domainHandle,
userAccountControl=samr.USER_NORMAL_ACCOUNT | \
samr.USER_WORKSTATION_TRUST_ACCOUNT | \
samr.USER_SERVER_TRUST_ACCOUNT |\
samr.USER_INTERDOMAIN_TRUST_ACCOUNT,
enumerationContext=enumerationContext)
except DCERPCException as e:
if str(e).find('STATUS_MORE_ENTRIES') < 0:
raise
resp = e.get_packet()
return resp 示例6: get_netloggedon
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_netloggedon(self):
self.loggedon = {}
self.create_rpc_con(r'\wkssvc')
try:
resp = wkst.hNetrWkstaUserEnum(self.rpc_connection, 1)
except DCERPCException as e:
return list()
results = list()
for wksta_user in resp['UserInfo']['WkstaUserInfo']['Level1']['Buffer']:
self.loggedon[wksta_user['wkui1_username'].strip('\x00')] = {
'domain' : wksta_user['wkui1_logon_domain'].strip('\x00'),
'logon_srv' : wksta_user['wkui1_logon_server'].strip('\x00'),
'user' : wksta_user['wkui1_username'].strip('\x00'),
}
self.rpc_connection.disconnect() 示例7: get_os_arch
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_os_arch(self):
# Credit: https://github.com/byt3bl33d3r/CrackMapExec/blob/master/cme/protocols/smb.py
# Credit: https://github.com/SecureAuthCorp/impacket/blob/impacket_0_9_19/examples/getArch.py
try:
stringBinding = r'ncacn_ip_tcp:{}[135]'.format(self.host)
transport = DCERPCTransportFactory(stringBinding)
transport.set_connect_timeout(5)
dce = transport.get_dce_rpc()
dce.connect()
try:
dce.bind(MSRPC_UUID_PORTMAP, transfer_syntax=('71710533-BEBA-4937-8319-B5DBEF9CCC36', '1.0'))
except DCERPCException as e:
if str(e).find('syntaxes_not_supported') >= 0:
dce.disconnect()
return 32
else:
dce.disconnect()
return 64
except:
return 0 示例8: __print_all_subkeys_and_entries
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def __print_all_subkeys_and_entries(self, rpc, keyName, keyHandler, index):
index = 0
while True:
try:
subkey = rrp.hBaseRegEnumKey(rpc, keyHandler, index)
index += 1
ans = rrp.hBaseRegOpenKey(rpc, keyHandler, subkey['lpNameOut'],
samDesired=rrp.MAXIMUM_ALLOWED | rrp.KEY_ENUMERATE_SUB_KEYS)
newKeyName = keyName + subkey['lpNameOut'][:-1] + '\\'
print newKeyName
self.__print_key_values(rpc, ans['phkResult'])
self.__print_all_subkeys_and_entries(rpc, newKeyName, ans['phkResult'], 0)
except rrp.DCERPCSessionError, e:
if e.get_error_code() == ERROR_NO_MORE_ITEMS:
break
except rpcrt.DCERPCException, e:
if str(e).find('access_denied') >= 0:
logging.error('Cannot access subkey %s, bypassing it' % subkey['lpNameOut'][:-1])
continue
elif str(e).find('rpc_x_bad_stub_data') >= 0:
logging.error('Fault call, cannot retrieve value for %s, bypassing it' % subkey['lpNameOut'][:-1])
return
raise 示例9: getDomainUsers
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def getDomainUsers(self, enumerationContext=0):
if self.__samr is None:
self.connectSamr(self.getMachineNameAndDomain()[1])
try:
resp = samr.hSamrEnumerateUsersInDomain(self.__samr, self.__domainHandle,
userAccountControl=samr.USER_NORMAL_ACCOUNT | \
samr.USER_WORKSTATION_TRUST_ACCOUNT | \
samr.USER_SERVER_TRUST_ACCOUNT |\
samr.USER_INTERDOMAIN_TRUST_ACCOUNT,
enumerationContext=enumerationContext)
except DCERPCException, e:
if str(e).find('STATUS_MORE_ENTRIES') < 0:
raise
resp = e.get_packet() 示例10: DCERPCTransportFactory
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def DCERPCTransportFactory(stringbinding):
sb = DCERPCStringBinding(stringbinding)
na = sb.get_network_address()
ps = sb.get_protocol_sequence()
if 'ncadg_ip_udp' == ps:
port = sb.get_endpoint()
if port:
return UDPTransport(na, int(port))
else:
return UDPTransport(na)
elif 'ncacn_ip_tcp' == ps:
port = sb.get_endpoint()
if port:
return TCPTransport(na, int(port))
else:
return TCPTransport(na)
elif 'ncacn_http' == ps:
port = sb.get_endpoint()
if port:
return HTTPTransport(na, int(port))
else:
return HTTPTransport(na)
elif 'ncacn_np' == ps:
named_pipe = sb.get_endpoint()
if named_pipe:
named_pipe = named_pipe[len(r'\pipe'):]
return SMBTransport(na, filename = named_pipe)
else:
return SMBTransport(na)
elif 'ncalocal' == ps:
named_pipe = sb.get_endpoint()
return LOCALTransport(filename = named_pipe)
else:
raise DCERPCException("Unknown protocol sequence.") 示例11: connect
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def connect(self):
try:
af, socktype, proto, canonname, sa = socket.getaddrinfo(self.getRemoteHost(), self.get_dport(), 0, socket.SOCK_DGRAM)[0]
self.__socket = socket.socket(af, socktype, proto)
self.__socket.settimeout(self.get_connect_timeout())
except socket.error, msg:
self.__socket = None
raise DCERPCException("Could not connect: %s" % msg) 示例12: get_netsession
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_netsession(self):
try:
resp = srvs.hNetrSessionEnum(self._rpc_connection, '\x00', NULL, 10)
except DCERPCException:
return list()
results = list()
for session in resp['InfoStruct']['SessionInfo']['Level10']['Buffer']:
results.append(rpcobj.Session(session))
return results 示例13: get_netloggedon
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def get_netloggedon(self):
try:
resp = wkst.hNetrWkstaUserEnum(self._rpc_connection, 1)
except DCERPCException:
return list()
results = list()
for wksta_user in resp['UserInfo']['WkstaUserInfo']['Level1']['Buffer']:
results.append(rpcobj.WkstaUser(wksta_user))
return results
# TODO: if self._target_computer == self._domain_controller, check that
# self._domain_controller is indeed a domain controller 示例14: invoke_checklocaladminaccess
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def invoke_checklocaladminaccess(self):
try:
# 0xF003F - SC_MANAGER_ALL_ACCESS
# http://msdn.microsoft.com/en-us/library/windows/desktop/ms685981(v=vs.85).aspx
ans = scmr.hROpenSCManagerW(self._rpc_connection,
'{}\x00'.format(self._target_computer),
'ServicesActive\x00', 0xF003F)
except DCERPCException:
return False
return True 示例15: _create_wmi_connection
# 需要导入模块: from impacket.dcerpc.v5 import rpcrt [as 别名]
# 或者: from impacket.dcerpc.v5.rpcrt import DCERPCException [as 别名]
def _create_wmi_connection(self, namespace='root\\cimv2'):
try:
self._dcom = DCOMConnection(self._target_computer, self._user, self._password,
self._domain, self._lmhash, self._nthash)
except DCERPCException:
self._dcom = None
else:
i_interface = self._dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,
wmi.IID_IWbemLevel1Login)
i_wbem_level1_login = wmi.IWbemLevel1Login(i_interface)
self._wmi_connection = i_wbem_level1_login.NTLMLogin(ntpath.join('\\\\{}\\'.format(self._target_computer), namespace),
NULL, NULL)