当前位置: 首页>>代码示例>>Python>>正文


Python tsch.hSchRpcRun方法代码示例

本文整理汇总了Python中impacket.dcerpc.v5.tsch.hSchRpcRun方法的典型用法代码示例。如果您正苦于以下问题:Python tsch.hSchRpcRun方法的具体用法?Python tsch.hSchRpcRun怎么用?Python tsch.hSchRpcRun使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在impacket.dcerpc.v5.tsch的用法示例。


在下文中一共展示了tsch.hSchRpcRun方法的12个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_hSchRpcRun

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcRun(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C dir > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
        resp.dump()
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception, e:
            print e
            pass 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:24,代码来源:test_tsch.py

示例2: test_SchRpcGetInstanceInfo

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_SchRpcGetInstanceInfo(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
        resp.dump()
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception, e:
            print e
            pass 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:24,代码来源:test_tsch.py

示例3: test_hSchRpcGetInstanceInfo

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcGetInstanceInfo(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
        resp.dump()
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception, e:
            print e
            pass 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:24,代码来源:test_tsch.py

示例4: test_SchRpcStopInstance

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_SchRpcStopInstance(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
        resp.dump()
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception, e:
            print e
            pass 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:24,代码来源:test_tsch.py

示例5: test_hSchRpcStopInstance

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcStopInstance(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
        resp.dump()
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception, e:
            print e
            pass 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:24,代码来源:test_tsch.py

示例6: execute

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def execute(self, commands):
        dce = self._rpctransport.get_dce_rpc()

        dce.set_credentials(*self._rpctransport.get_credentials())
        if self._conn.kerberos:
            dce.set_auth_type(RPC_C_AUTHN_GSS_NEGOTIATE)
        dce.connect()
        dce.bind(tsch.MSRPC_UUID_TSCHS)
        xml = self.gen_xml(commands)
        tmpName = ''.join(random.choice(string.ascii_letters + string.digits) for _ in range(8))
        self._log.debug("Register random task {}".format(tmpName))
        tsch.hSchRpcRegisterTask(dce, '\\%s' % tmpName, xml, tsch.TASK_CREATE, NULL, tsch.TASK_LOGON_NONE)
        tsch.hSchRpcRun(dce, '\\%s' % tmpName)
        done = False
        while not done:
            resp = tsch.hSchRpcGetLastRunInfo(dce, '\\%s' % tmpName)
            if resp['pLastRuntime']['wYear'] != 0:
                done = True
            else:
                time.sleep(2)

        time.sleep(3)
        tsch.hSchRpcDelete(dce, '\\%s' % tmpName)
        dce.disconnect() 
开发者ID:Hackndo,项目名称:lsassy,代码行数:26,代码来源:taskexe.py

示例7: test_hSchRpcRun

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcRun(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C dir > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        try:
            resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception as e:
            print(e)
            pass

        resp = atsvc.hNetrJobDel(dce2, NULL, jobId, jobId)
        resp.dump() 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:34,代码来源:test_tsch.py

示例8: test_hSchRpcGetInstanceInfo

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcGetInstanceInfo(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        try:
            resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception as e:
            print(e)
            pass

        try:
            resp = tsch.hSchRpcGetInstanceInfo(dce, resp['pGuid'])
            resp.dump()
        except Exception as e:
            if str(e).find('SCHED_E_TASK_NOT_RUNNING') <= 0:
                raise
            pass

        resp = atsvc.hNetrJobDel(dce2, NULL, jobId, jobId)
        resp.dump() 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:42,代码来源:test_tsch.py

示例9: test_SchRpcGetInstanceInfo

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_SchRpcGetInstanceInfo(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        try:
            resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception as e:
            print(e)
            pass

        request = tsch.SchRpcGetInstanceInfo()
        request['guid'] = resp['pGuid']
        try:
            resp = dce.request(request)
            resp.dump()
        except Exception as e:
            if str(e).find('SCHED_E_TASK_NOT_RUNNING') <= 0:
                raise
            pass

        resp = atsvc.hNetrJobDel(dce2, NULL, jobId, jobId)
        resp.dump() 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:44,代码来源:test_tsch.py

示例10: test_SchRpcStopInstance

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_SchRpcStopInstance(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        try:
            resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception as e:
            print(e)
            pass

        request = tsch.SchRpcStopInstance()
        request['guid'] = resp['pGuid']
        request['flags'] = 0
        try:
            resp = dce.request(request)
            resp.dump()
        except Exception as e:
            if str(e).find('SCHED_E_TASK_NOT_RUNNING') <= 0:
                raise
            pass

        resp = atsvc.hNetrJobDel(dce2, NULL, jobId, jobId)
        resp.dump() 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:45,代码来源:test_tsch.py

示例11: test_hSchRpcStopInstance

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def test_hSchRpcStopInstance(self):
        dce, rpctransport = self.connect(self.stringBindingAtSvc, tsch.MSRPC_UUID_TSCHS)

        dce2, rpctransport = self.connect(self.stringBindingAtSvc, atsvc.MSRPC_UUID_ATSVC)

        atInfo = AT_INFO()
        atInfo['JobTime'] = NULL
        atInfo['DaysOfMonth'] = 0
        atInfo['DaysOfWeek'] = 0
        atInfo['Flags'] = 0
        atInfo['Command'] = '%%COMSPEC%% /C vssadmin > %%SYSTEMROOT%%\\Temp\\ANI 2>&1\x00'

        try:
            resp = atsvc.hNetrJobAdd(dce2, NULL, atInfo)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return
        jobId = resp['pJobId']

        try:
            resp = tsch.hSchRpcRun(dce, '\\At%d\x00' % jobId, ('arg0','arg1'))
            resp.dump()
        except Exception as e:
            print(e)
            pass

        try:
            resp = tsch.hSchRpcStopInstance(dce, resp['pGuid'])
            resp.dump()
        except Exception as e:
            if str(e).find('SCHED_E_TASK_NOT_RUNNING') <= 0:
                raise
            pass

        try:
            resp = atsvc.hNetrJobDel(dce2, NULL, jobId, jobId)
            resp.dump()
        except Exception as e:
            if e.get_error_code() != ERROR_NOT_SUPPORTED:
                raise
            else:
                # OpNum not supported, aborting test
                return 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:49,代码来源:test_tsch.py

示例12: doStuff

# 需要导入模块: from impacket.dcerpc.v5 import tsch [as 别名]
# 或者: from impacket.dcerpc.v5.tsch import hSchRpcRun [as 别名]
def doStuff(self, command):
        dce = self.__rpctransport.get_dce_rpc()
        dce.set_credentials(*self.__rpctransport.get_credentials())
        dce.connect()
        #dce.set_auth_level(ntlm.NTLM_AUTH_PKT_PRIVACY)
        dce.bind(tsch.MSRPC_UUID_TSCHS)
        tmpName = gen_random_string(8)
        tmpFileName = tmpName + '.tmp'

        xml = self.gen_xml(command)
        taskCreated = False
        self.logger.debug('Creating task \\{}'.format(tmpName))
        tsch.hSchRpcRegisterTask(dce, '\\{}'.format(tmpName), xml, tsch.TASK_CREATE, NULL, tsch.TASK_LOGON_NONE)
        taskCreated = True

        self.logger.debug('Running task \\{}'.format(tmpName))
        tsch.hSchRpcRun(dce, '\\{}'.format(tmpName))

        done = False
        while not done:
            self.logger.debug('Calling SchRpcGetLastRunInfo for \\{}'.format(tmpName))
            resp = tsch.hSchRpcGetLastRunInfo(dce, '\\{}'.format(tmpName))
            if resp['pLastRuntime']['wYear'] != 0:
                done = True
            else:
                sleep(2)

        self.logger.debug('Deleting task \\{}'.format(tmpName))
        tsch.hSchRpcDelete(dce, '\\{}'.format(tmpName))
        taskCreated = False

        if taskCreated is True:
            tsch.hSchRpcDelete(dce, '\\{}'.format(tmpName))

            # Get output
        if self.noOutput:
            self.__outputBuffer = "Command executed with no output"
        elif self.fileless_output:
            self.get_output_fileless()
        else:
            self.get_output()
        dce.disconnect() 
开发者ID:m8r0wn,项目名称:ActiveReign,代码行数:44,代码来源:atexec.py


注:本文中的impacket.dcerpc.v5.tsch.hSchRpcRun方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。