本文整理汇总了Python中impacket.dcerpc.v5.tsch.hSchRpcEnumFolders方法的典型用法代码示例。如果您正苦于以下问题:Python tsch.hSchRpcEnumFolders方法的具体用法?Python tsch.hSchRpcEnumFolders怎么用?Python tsch.hSchRpcEnumFolders使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类impacket.dcerpc.v5.tsch
的用法示例。
在下文中一共展示了tsch.hSchRpcEnumFolders方法的2个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_hSchRpcCreateFolder_hSchRpcEnumFolders_hSchRpcDelete
# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcEnumFolders [as 别名]
def test_hSchRpcCreateFolder_hSchRpcEnumFolders_hSchRpcDelete(self):
dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)
resp = tsch.hSchRpcCreateFolder(dce, '\\Beto')
resp.dump()
resp = tsch.hSchRpcEnumFolders(dce, '\\')
resp.dump()
resp = tsch.hSchRpcDelete(dce, '\\Beto')
resp.dump()
示例2: rpc_get_schtasks
# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcEnumFolders [as 别名]
def rpc_get_schtasks(self):
"""
Query the scheduled tasks via RPC. Requires admin privileges.
These credentials can be dumped with mimikatz via vault::cred
"""
# Blacklisted folders (Default ones)
blacklist = [u'Microsoft\x00']
# Start with the root folder
folders = ['\\']
tasks = []
schtaskusers = []
binding = r'ncacn_np:%s[\PIPE\atsvc]' % self.addr
try:
dce = self.dce_rpc_connect(binding, tsch.MSRPC_UUID_TSCHS, True)
if dce is None:
return
# Get root folder
resp = tsch.hSchRpcEnumFolders(dce, '\\')
for item in resp['pNames']:
data = item['Data']
if data not in blacklist:
folders.append('\\'+data)
# Enumerate the folders we found
# subfolders not supported yet
for folder in folders:
try:
resp = tsch.hSchRpcEnumTasks(dce, folder)
for item in resp['pNames']:
data = item['Data']
if folder != '\\':
# Make sure to strip the null byte
tasks.append(folder[:-1]+'\\'+data)
else:
tasks.append(folder+data)
except DCERPCException as e:
logging.debug('Error enumerating task folder %s: %s', folder, e)
for task in tasks:
try:
resp = tsch.hSchRpcRetrieveTask(dce, task)
# This returns a tuple (sid, logontype) or None
userinfo = ADUtils.parse_task_xml(resp['pXml'])
if userinfo:
if userinfo[1] == u'Password':
# Convert to byte string because our cache format is in bytes
schtaskusers.append(str(userinfo[0]))
logging.info('Found scheduled task %s on %s with stored credentials for SID %s',
task,
self.hostname,
userinfo[0])
except DCERPCException as e:
logging.debug('Error querying task %s: %s', task, e)
except DCERPCException as e:
logging.debug('Exception enumerating scheduled tasks: %s', e)
dce.disconnect()
return schtaskusers