本文整理匯總了Python中impacket.dcerpc.v5.rrp.hBaseRegQueryInfoKey方法的典型用法代碼示例。如果您正苦於以下問題:Python rrp.hBaseRegQueryInfoKey方法的具體用法?Python rrp.hBaseRegQueryInfoKey怎麽用?Python rrp.hBaseRegQueryInfoKey使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類impacket.dcerpc.v5.rrp的用法示例。
在下文中一共展示了rrp.hBaseRegQueryInfoKey方法的4個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: getBootKey
# 需要導入模塊: from impacket.dcerpc.v5 import rrp [as 別名]
# 或者: from impacket.dcerpc.v5.rrp import hBaseRegQueryInfoKey [as 別名]
def getBootKey(self):
bootKey = ''
ans = rrp.hOpenLocalMachine(self.__rrp)
self.__regHandle = ans['phKey']
for key in ['JD','Skew1','GBG','Data']:
LOG.debug('Retrieving class info for %s'% key)
ans = rrp.hBaseRegOpenKey(self.__rrp, self.__regHandle, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\%s' % key)
keyHandle = ans['phkResult']
ans = rrp.hBaseRegQueryInfoKey(self.__rrp,keyHandle)
bootKey = bootKey + ans['lpClassOut'][:-1]
rrp.hBaseRegCloseKey(self.__rrp, keyHandle)
transforms = [ 8, 5, 4, 2, 11, 9, 13, 3, 0, 6, 1, 12, 14, 10, 15, 7 ]
bootKey = unhexlify(bootKey)
for i in xrange(len(bootKey)):
self.__bootKey += bootKey[transforms[i]]
LOG.info('Target system bootKey: 0x%s' % hexlify(self.__bootKey))
return self.__bootKey 示例2: getBootKey
# 需要導入模塊: from impacket.dcerpc.v5 import rrp [as 別名]
# 或者: from impacket.dcerpc.v5.rrp import hBaseRegQueryInfoKey [as 別名]
def getBootKey(self):
bootKey = ''
ans = rrp.hOpenLocalMachine(self.__rrp)
self.__regHandle = ans['phKey']
for key in ['JD','Skew1','GBG','Data']:
logging.debug('Retrieving class info for %s'% key)
ans = rrp.hBaseRegOpenKey(self.__rrp, self.__regHandle, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\%s' % key)
keyHandle = ans['phkResult']
ans = rrp.hBaseRegQueryInfoKey(self.__rrp,keyHandle)
bootKey = bootKey + ans['lpClassOut'][:-1]
rrp.hBaseRegCloseKey(self.__rrp, keyHandle)
transforms = [ 8, 5, 4, 2, 11, 9, 13, 3, 0, 6, 1, 12, 14, 10, 15, 7 ]
bootKey = unhexlify(bootKey)
for i in xrange(len(bootKey)):
self.__bootKey += bootKey[transforms[i]]
logging.info('Target system bootKey: 0x%s' % hexlify(self.__bootKey))
return self.__bootKey 示例3: getBootKey
# 需要導入模塊: from impacket.dcerpc.v5 import rrp [as 別名]
# 或者: from impacket.dcerpc.v5.rrp import hBaseRegQueryInfoKey [as 別名]
def getBootKey(self):
bootKey = b''
ans = rrp.hOpenLocalMachine(self.__rrp)
self.__regHandle = ans['phKey']
for key in ['JD','Skew1','GBG','Data']:
LOG.debug('Retrieving class info for %s'% key)
ans = rrp.hBaseRegOpenKey(self.__rrp, self.__regHandle, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\%s' % key)
keyHandle = ans['phkResult']
ans = rrp.hBaseRegQueryInfoKey(self.__rrp,keyHandle)
bootKey = bootKey + b(ans['lpClassOut'][:-1])
rrp.hBaseRegCloseKey(self.__rrp, keyHandle)
transforms = [ 8, 5, 4, 2, 11, 9, 13, 3, 0, 6, 1, 12, 14, 10, 15, 7 ]
bootKey = unhexlify(bootKey)
for i in range(len(bootKey)):
self.__bootKey += bootKey[transforms[i]:transforms[i]+1]
LOG.info('Target system bootKey: 0x%s' % hexlify(self.__bootKey).decode('utf-8'))
return self.__bootKey 示例4: test_hBaseRegQueryInfoKey
# 需要導入模塊: from impacket.dcerpc.v5 import rrp [as 別名]
# 或者: from impacket.dcerpc.v5.rrp import hBaseRegQueryInfoKey [as 別名]
def test_hBaseRegQueryInfoKey(self):
dce, rpctransport, phKey = self.connect()
resp = rrp.hBaseRegOpenKey(dce, phKey, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\JD\x00' )
resp = rrp.hBaseRegQueryInfoKey(dce,resp['phkResult'])
resp.dump()