当前位置: 首页>>代码示例>>Python>>正文


Python smb.NewSMBPacket方法代码示例

本文整理汇总了Python中impacket.smb.NewSMBPacket方法的典型用法代码示例。如果您正苦于以下问题:Python smb.NewSMBPacket方法的具体用法?Python smb.NewSMBPacket怎么用?Python smb.NewSMBPacket使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在impacket.smb的用法示例。


在下文中一共展示了smb.NewSMBPacket方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: getServerSupportedDialects

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def getServerSupportedDialects(self, ip, port = 445):
		'''Connects to the specified server on the provided port(445 default) and enumeratesSMBKey the supported dialects'''
		dialects = [SMB_DIALECT, SMB2_DIALECT_002, SMB2_DIALECT_21, SMB2_DIALECT_30, SMB2_DIALECT_302 ]#, SMB2_DIALECT_311]
		
		# Check SMBv1
		try:
			# Build a generic SMBv1 negotiate packet and only show support for SMBv1
			smb 	= NewSMBPacket(data = unhexlify("ff534d4272000000001845680000000000000000000000000000ed4300000100000e00024e54204c4d20302e3132000200"))
			rawData = str(smb)
			netbios = struct.pack('>i', len(str(rawData)))
			rpkt 	= str(netbios) + str(rawData)
			# Connect through
			client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
			client.connect((ip, port))
			client.sendall(rpkt)
			response = client.recv(999999)
			client.close()
			del(client)
		except Exception, e:
			# It's not supported, bummer
			dialects.remove(SMB_DIALECT) 
开发者ID:quickbreach,项目名称:SMBetray,代码行数:23,代码来源:SMB_Core.py

示例2: checkServerSupportSMB1

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def checkServerSupportSMB1(self, ip, port = 445):
		# Check SMBv1
		try:
			# Build a generic SMBv1 negotiate packet and only show support for SMBv1
			smb 	= NewSMBPacket(data = unhexlify("ff534d4272000000001845680000000000000000000000000000ed4300000100000e00024e54204c4d20302e3132000200"))
			rawData = str(smb)
			netbios = struct.pack('>i', len(str(rawData)))
			rpkt 	= str(netbios) + str(rawData)
			# Connect through
			client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
			client.connect((ip, port))
			client.sendall(rpkt)
			response = client.recv(999999)
			client.close()
			del(client)
		except Exception, e:
			# It's not supported, bummer
			return False 
开发者ID:quickbreach,项目名称:SMBetray,代码行数:20,代码来源:SMB_Core.py

示例3: create_smb_packet

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def create_smb_packet(self, smbReq, mid=None, pid=None, tid=None):
		if mid is None:
			mid = self.next_mid()
		
		pkt = smb.NewSMBPacket()
		pkt.addCommand(smbReq)
		pkt['Tid'] = self._default_tid if tid is None else tid
		pkt['Uid'] = self._uid
		pkt['Pid'] = self._pid if pid is None else pid
		pkt['Mid'] = mid
		flags1, flags2 = self.get_flags()
		pkt['Flags1'] = flags1
		pkt['Flags2'] = self._pkt_flags2 if self._pkt_flags2 != 0 else flags2
		
		if self._SignatureEnabled:
			pkt['Flags2'] |= smb.SMB.FLAGS2_SMB_SECURITY_SIGNATURE
			self.signSMB(pkt, self._SigningSessionKey, self._SigningChallengeResponse)
			
		req = str(pkt)
		return '\x00'*2 + pack('>H', len(req)) + req  # assume length is <65536 
开发者ID:offensive-security,项目名称:exploitdb-bin-sploits,代码行数:22,代码来源:42315.py

示例4: sendEcho

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def sendEcho(conn, tid, data):
	pkt = smb.NewSMBPacket()
	pkt['Tid'] = tid

	transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
	transCommand['Parameters'] = smb.SMBEcho_Parameters()
	transCommand['Data'] = smb.SMBEcho_Data()

	transCommand['Parameters']['EchoCount'] = 1
	transCommand['Data']['Data'] = data
	pkt.addCommand(transCommand)

	conn.sendSMB(pkt)
	recvPkt = conn.recvSMB()
	if recvPkt.getNTStatus() == 0:
		print('got good ECHO response')
	else:
		print('got bad ECHO response: 0x{:x}'.format(recvPkt.getNTStatus()))


# override SMB.neg_session() to allow forcing ntlm authentication 
开发者ID:3ndG4me,项目名称:AutoBlue-MS17-010,代码行数:23,代码来源:eternalblue_exploit8.py

示例5: sendEcho

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def sendEcho(conn, tid, data):
	pkt = smb.NewSMBPacket()
	pkt['Tid'] = tid

	transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
	transCommand['Parameters'] = smb.SMBEcho_Parameters()
	transCommand['Data'] = smb.SMBEcho_Data()

	transCommand['Parameters']['EchoCount'] = 1
	transCommand['Data']['Data'] = data
	pkt.addCommand(transCommand)

	conn.sendSMB(pkt)
	recvPkt = conn.recvSMB()
	if recvPkt.getNTStatus() == 0:
		print('got good ECHO response')
	else:
		print('got bad ECHO response: 0x{:x}'.format(recvPkt.getNTStatus())) 
开发者ID:3ndG4me,项目名称:AutoBlue-MS17-010,代码行数:20,代码来源:eternalblue_exploit7.py

示例6: splitSMBChainedMessages

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def splitSMBChainedMessages(self, data):
		try:
			smbMessages = []
			# SMB v1
			if(data[4:8] == '\xff\x53\x4d\x42'):
				z 		= 4
				nx 		= data.find('\xff\x53\x4d\x42', z + 1)
				while nx > -1:
					smbMessages.append(NewSMBPacket(data = data[z:nx]))
					z 		= nx
					nx 		= data.find('\xff\x53\x4d\x42', z + 1)
				# Required after the last iteration to get the remaining data 
				smbMessages.append(NewSMBPacket(data = copy.deepcopy(data[z:])))
				return smbMessages

			# SMB v2
			elif(data[4:8] == '\xfe\x53\x4d\x42'):
				z 		= 4
				nx 		= data.find('\xfe\x53\x4d\x42', z + 1)
				while nx > -1:
					smbMessages.append(SMB2Packet(data = copy.deepcopy(data[z:nx])))
					z 		= nx
					nx 		= data.find('\xfe\x53\x4d\x42', z + 1)
				# Required after the last iteration to get the remaining data
				smbMessages.append(SMB2Packet(data = copy.deepcopy(data[z:])))
				return smbMessages
		except Exception, e:
			logging.error("[SMB_Core::splitSMBChainedMessages] " + str(traceback.format_exc()))
			return data 
开发者ID:quickbreach,项目名称:SMBetray,代码行数:31,代码来源:SMB_Core.py

示例7: restackSMBChainedMessages

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def restackSMBChainedMessages(self, SMBPacketList):
		try:
			# Takes in a list of NewSMBPacket or SMB2Packets	
			if SMBPacketList[0].__class__.__name__ == 'SMB2Packet':	
				reStacked = ""
				for i in range(0, len(SMBPacketList)):
					if(i < len(SMBPacketList) - 1):
						SMBPacketList[i]['NextCommand'] = len(str(SMBPacketList[i])) + ((8 - (len(str(SMBPacketList[i])) % 8)) % 8)
						SMBPacketList[i]['Data'] = SMBPacketList[i]['Data'] + str('\x00' * ((8 - (len(str(SMBPacketList[i])) % 8)) % 8)) #Padding
					else:
						SMBPacketList[i]['NextCommand'] = 0
					reStacked += str(SMBPacketList[i])
				netbios = struct.pack('>i', len(str(reStacked)))
				# Return the ready-to-send packet
				return str(netbios) + str(reStacked)

			if SMBPacketList[0].__class__.__name__ == 'NewSMBPacket':
				# SMBv1 Uses ANDX to chain messages

				# TODO: fix this
				reStacked = ""
				for i in range(0, len(SMBPacketList)):
					reStacked += str(SMBPacketList[i])
				netbios = struct.pack('>i', len(str(reStacked)))
				# Return the ready-to-send packet
				return str(netbios) + str(reStacked)

		except Exception, e:
			logging.error("[SMB_Core::restackSMBChainedMessages] " + str(traceback.format_exc()))
			return SMBPacketList

	# Returns a list of supported dialects as constants,
	# such as SMB_DIALECT and SMB2_DIALECT_302 
开发者ID:quickbreach,项目名称:SMBetray,代码行数:35,代码来源:SMB_Core.py

示例8: NewSMBPacket_addCommand_hook_login

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def NewSMBPacket_addCommand_hook_login(self, command):
	# restore NewSMBPacket.addCommand
	setattr(smb.NewSMBPacket, "addCommand", origin_NewSMBPacket_addCommand)
	
	if isinstance(command['Parameters'], smb.SMBSessionSetupAndX_Extended_Parameters):
		command['Parameters']['MaxBufferSize'] = login_MaxBufferSize
	elif isinstance(command['Parameters'], smb.SMBSessionSetupAndX_Parameters):
		command['Parameters']['MaxBuffer'] = login_MaxBufferSize
	
	# call original one
	origin_NewSMBPacket_addCommand(self, command) 
开发者ID:offensive-security,项目名称:exploitdb-bin-sploits,代码行数:13,代码来源:42315.py

示例9: _setup_login_packet_hook

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def _setup_login_packet_hook(maxBufferSize):
	# setup hook for next NewSMBPacket.addCommand if maxBufferSize is not None
	if maxBufferSize is not None:
		global login_MaxBufferSize
		login_MaxBufferSize = maxBufferSize
		setattr(smb.NewSMBPacket, "addCommand", NewSMBPacket_addCommand_hook_login) 
开发者ID:offensive-security,项目名称:exploitdb-bin-sploits,代码行数:8,代码来源:42315.py

示例10: send_echo

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def send_echo(self, data):
		pkt = smb.NewSMBPacket()
		pkt['Tid'] = self._default_tid
		
		transCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO)
		transCommand['Parameters'] = smb.SMBEcho_Parameters()
		transCommand['Data'] = smb.SMBEcho_Data()

		transCommand['Parameters']['EchoCount'] = 1
		transCommand['Data']['Data'] = data
		pkt.addCommand(transCommand)

		self.sendSMB(pkt)
		return self.recvSMB() 
开发者ID:offensive-security,项目名称:exploitdb-bin-sploits,代码行数:16,代码来源:42315.py

示例11: send_trans2_second

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def send_trans2_second(conn, tid, data, displacement):
	pkt = smb.NewSMBPacket()
	pkt['Tid'] = tid

	# assume no params

	transCommand = smb.SMBCommand(smb.SMB.SMB_COM_TRANSACTION2_SECONDARY)
	transCommand['Parameters'] = SMBTransaction2Secondary_Parameters_Fixed()
	transCommand['Data'] = smb.SMBTransaction2Secondary_Data()

	transCommand['Parameters']['TotalParameterCount'] = 0
	transCommand['Parameters']['TotalDataCount'] = len(data)

	fixedOffset = 32+3+18
	transCommand['Data']['Pad1'] = ''

	transCommand['Parameters']['ParameterCount'] = 0
	transCommand['Parameters']['ParameterOffset'] = 0

	if len(data) > 0:
		pad2Len = (4 - fixedOffset % 4) % 4
		transCommand['Data']['Pad2'] = '\xFF' * pad2Len
	else:
		transCommand['Data']['Pad2'] = ''
		pad2Len = 0

	transCommand['Parameters']['DataCount'] = len(data)
	transCommand['Parameters']['DataOffset'] = fixedOffset + pad2Len
	transCommand['Parameters']['DataDisplacement'] = displacement

	transCommand['Data']['Trans_Parameters'] = ''
	transCommand['Data']['Trans_Data'] = data
	pkt.addCommand(transCommand)

	conn.sendSMB(pkt) 
开发者ID:3ndG4me,项目名称:AutoBlue-MS17-010,代码行数:37,代码来源:eternalblue_exploit8.py

示例12: process

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def process(data, packetNum):
    packet = smb.NewSMBPacket()
    if data.get_packet()[0] == '\x00':
       if data.get_packet()[4:8] == '\xffSMB':
           try:
               packet.fromString(data.get_packet()[4:])
           except Exception, e:
               print "ERROR: %s" % e
               print "Command: SMBPacket" 
               print "Packet: %d %r" % (packetNum, data.get_packet())
               return True
       else:
           return False 
开发者ID:tholum,项目名称:PiBunny,代码行数:15,代码来源:smbtorture.py

示例13: _negotiateSession

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def _negotiateSession(self, myName, remoteName, remoteHost, sess_port, timeout, extended_security=True, flags1=0,
                          flags2=0, data=None):
        # Here we follow [MS-SMB2] negotiation handshake trying to understand what dialects
        # (including SMB1) is supported on the other end.

        if not myName:
            myName = socket.gethostname()
            i = string.find(myName, '.')
            if i > -1:
                myName = myName[:i]

        tries = 0
        smbp = smb.NewSMBPacket()
        smbp['Flags1'] = flags1
        # FLAGS2_UNICODE is required by some stacks to continue, regardless of subsequent support
        smbp['Flags2'] = flags2 | smb.SMB.FLAGS2_UNICODE
        resp = None
        while tries < 2:
            self._nmbSession = nmb.NetBIOSTCPSession(myName, remoteName, remoteHost, nmb.TYPE_SERVER, sess_port,
                                                     timeout)

            negSession = smb.SMBCommand(smb.SMB.SMB_COM_NEGOTIATE)
            if extended_security is True:
                smbp['Flags2'] |= smb.SMB.FLAGS2_EXTENDED_SECURITY
            negSession['Data'] = data
            smbp.addCommand(negSession)
            self._nmbSession.send_packet(str(smbp))

            try:
                resp = self._nmbSession.recv_packet(timeout)
                break
            except nmb.NetBIOSError:
                # OSX Yosemite asks for more Flags. Let's give it a try and see what happens
                smbp['Flags2'] |= smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES | smb.SMB.FLAGS2_UNICODE
                smbp['Data'] = []

            tries += 1

        if resp is None:
            # No luck, quitting
            raise

        return resp.get_trailer() 
开发者ID:joxeankoret,项目名称:CVE-2017-7494,代码行数:45,代码来源:smbconnection.py

示例14: profileServer_SMB1

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def profileServer_SMB1(self, ip, port = 445):
		# Checkout SMB1 support & security requirements
		logging.debug("Inspecting SMBv1 support on " + self.MiTMModuleConfig['target_ip'])

		# Build a generic SMBv1 negotiate packet and only show support for SMBv1
		smb 	= NewSMBPacket(data = unhexlify("ff534d4272000000001845680000000000000000000000000000ed4300000100000e00024e54204c4d20302e3132000200"))
		rawData = str(smb)
		netbios = struct.pack('>i', len(str(rawData)))
		rpkt 	= str(netbios) + str(rawData)

		# If the connection resets - they don't support it
		try:
			# Connect through
			client = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
			client.connect((self.MiTMModuleConfig['target_ip'], self.MiTMModuleConfig['target_port']))
			client.sendall(rpkt)
			response = client.recv(999999)
			client.close()
			del(client)
		except:
			# If they dropped the connection, SMB1 is disabled
			logging.debug(self.MiTMModuleConfig['target_ip'] + " does not support SMBv1 :(")
			# Remove it from the supported dialects list, if it was even there
			if SMB_DIALECT in self.SERVER_INFO.SUPPORTED_DIALECTS:
				self.SERVER_INFO.SUPPORTED_DIALECTS.remove(SMB_DIALECT)
				return
		else:
			# No way dude
			logging.debug(self.MiTMModuleConfig['target_ip'] + " supports SMBv1!")
			self.SERVER_INFO.SUPPORTED_DIALECTS.append(SMB_DIALECT)

		# Checkout the security
		resp 		= NewSMBPacket(data = response[4:])
		respData 	= SMBCommand(resp['Data'][0])
		dialectData = SMBNTLMDialect_Parameters(respData['Parameters'])
		authData 	= SPNEGO_NegTokenInit(respData['Data'][16:])

		# Give it to me straight doc
		if dialectData['SecurityMode'] & SMB.SECURITY_SIGNATURES_ENABLED:
			logging.debug("Server supports SMB signing")
			self.SERVER_INFO.SERVER_SIGNATURES_ENABLED = True
		if dialectData['SecurityMode'] & SMB.SECURITY_SIGNATURES_REQUIRED:
			logging.debug("Server requires signatures :(")
			self.SERVER_INFO.SERVER_SIGNATURES_REQUIRED = True
		else:
			logging.debug("Server does not require signatures!")


		# Check if NTLM auth is supported
		if spnego.TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider'] in authData['MechTypes']:
			logging.debug("Server supports NTLM auth!")
			self.SERVER_INFO.SERVER_NTLM_SUPPORTED = True
		else:
			self.SERVER_INFO.SERVER_NTLM_SUPPORTED = False 
开发者ID:quickbreach,项目名称:SMBetray,代码行数:56,代码来源:SMB_Core.py

示例15: negotiateSessionWildcard

# 需要导入模块: from impacket import smb [as 别名]
# 或者: from impacket.smb import NewSMBPacket [as 别名]
def negotiateSessionWildcard(self, myName, remoteName, remoteHost, sess_port, timeout, extended_security=True, flags1=0,
                                 flags2=0, data=None):
        # Here we follow [MS-SMB2] negotiation handshake trying to understand what dialects
        # (including SMB1) is supported on the other end.

        if not myName:
            myName = socket.gethostname()
            i = myName.find('.')
            if i > -1:
                myName = myName[:i]

        tries = 0
        smbp = smb.NewSMBPacket()
        smbp['Flags1'] = flags1
        # FLAGS2_UNICODE is required by some stacks to continue, regardless of subsequent support
        smbp['Flags2'] = flags2 | smb.SMB.FLAGS2_UNICODE
        resp = None
        while tries < 2:
            self._nmbSession = nmb.NetBIOSTCPSession(myName, remoteName, remoteHost, nmb.TYPE_SERVER, sess_port,
                                                     timeout)

            negSession = smb.SMBCommand(smb.SMB.SMB_COM_NEGOTIATE)
            if extended_security is True:
                smbp['Flags2'] |= smb.SMB.FLAGS2_EXTENDED_SECURITY
            negSession['Data'] = data
            smbp.addCommand(negSession)
            self._nmbSession.send_packet(smbp.getData())

            try:
                resp = self._nmbSession.recv_packet(timeout)
                break
            except nmb.NetBIOSError:
                # OSX Yosemite asks for more Flags. Let's give it a try and see what happens
                smbp['Flags2'] |= smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES | smb.SMB.FLAGS2_UNICODE
                smbp['Data'] = []

            tries += 1

        if resp is None:
            # No luck, quitting
            raise Exception('No answer!')

        return resp.get_trailer() 
开发者ID:Coalfire-Research,项目名称:Slackor,代码行数:45,代码来源:smbconnection.py


注:本文中的impacket.smb.NewSMBPacket方法示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。