Python impacket.nt_errors.STATUS_ACCESS_DENIED Examples
The following are 13
code examples of impacket.nt_errors.STATUS_ACCESS_DENIED().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
impacket.nt_errors
, or try the search function
.
Example #1
Source File: smbrelayserver.py From CVE-2017-7494 with GNU General Public License v3.0 | 6 votes |
def do_ntlm_auth(self,client,SPNEGO_token,authenticateMessage): #The NTLM blob is packed in a SPNEGO packet, extract it for methods other than SMB respToken2 = SPNEGO_NegTokenResp(SPNEGO_token) token = respToken2['ResponseToken'] clientResponse = None if self.target[0] == 'SMB': clientResponse, errorCode = client.sendAuth(SPNEGO_token,authenticateMessage) if self.target[0] == 'MSSQL': #This client needs a proper response code try: result = client.sendAuth(token) if result: #This contains a boolean errorCode = STATUS_SUCCESS else: errorCode = STATUS_ACCESS_DENIED except Exception, e: logging.error("NTLM Message type 3 against %s FAILED" % self.target[1]) logging.error(str(e)) errorCode = STATUS_ACCESS_DENIED
Example #2
Source File: smbrelayserver.py From cracke-dit with MIT License | 6 votes |
def do_ntlm_auth(self,client,SPNEGO_token,authenticateMessage): #The NTLM blob is packed in a SPNEGO packet, extract it for methods other than SMB respToken2 = SPNEGO_NegTokenResp(SPNEGO_token) token = respToken2['ResponseToken'] clientResponse = None if self.target[0] == 'SMB': clientResponse, errorCode = client.sendAuth(SPNEGO_token,authenticateMessage) if self.target[0] == 'MSSQL': #This client needs a proper response code try: result = client.sendAuth(token) if result: #This contains a boolean errorCode = STATUS_SUCCESS else: errorCode = STATUS_ACCESS_DENIED except Exception, e: logging.error("NTLM Message type 3 against %s FAILED" % self.target[1]) logging.error(str(e)) errorCode = STATUS_ACCESS_DENIED
Example #3
Source File: httprelayserver.py From GhostPotato with MIT License | 6 votes |
def do_ntlm_auth(self,token,authenticateMessage): #For some attacks it is important to know the authenticated username, so we store it if authenticateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('utf-16le'), authenticateMessage['user_name'].decode('utf-16le'))).upper() else: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('ascii'), authenticateMessage['user_name'].decode('ascii'))).upper() if authenticateMessage['user_name'] != '' or self.target.hostname == '127.0.0.1': clientResponse, errorCode = self.client.sendAuth(token) else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials, except # when coming from localhost errorCode = STATUS_ACCESS_DENIED if errorCode == STATUS_SUCCESS: return True return False
Example #4
Source File: smbrelayserver.py From NtlmRelayToEWS with GNU General Public License v3.0 | 6 votes |
def do_ntlm_auth(self,client,SPNEGO_token,authenticateMessage): #The NTLM blob is packed in a SPNEGO packet, extract it for methods other than SMB respToken2 = SPNEGO_NegTokenResp(SPNEGO_token) token = respToken2['ResponseToken'] clientResponse = None if self.target[0] == 'HTTP' or self.target[0] == 'HTTPS': try: result = client.sendAuth(token) #Result is a boolean if result: errorCode = STATUS_SUCCESS else: logging.error("HTTP NTLM auth against %s as %s FAILED" % (self.target[1],self.authUser)) errorCode = STATUS_ACCESS_DENIED except Exception, e: logging.error("NTLM Message type 3 against %s FAILED" % self.target[1]) logging.error(str(e)) errorCode = STATUS_ACCESS_DENIED
Example #5
Source File: httprelayserver.py From Exchange2domain with MIT License | 6 votes |
def do_ntlm_auth(self,token,authenticateMessage): #For some attacks it is important to know the authenticated username, so we store it if authenticateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('utf-16le'), authenticateMessage['user_name'].decode('utf-16le'))).upper() else: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('ascii'), authenticateMessage['user_name'].decode('ascii'))).upper() if authenticateMessage['user_name'] != '' or self.target.hostname == '127.0.0.1': clientResponse, errorCode = self.client.sendAuth(token) else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials, except # when coming from localhost errorCode = STATUS_ACCESS_DENIED if errorCode == STATUS_SUCCESS: config.set_suc(True) return True else: config.set_fail(True) return False return False
Example #6
Source File: httprelayserver.py From Slackor with GNU General Public License v3.0 | 6 votes |
def do_ntlm_auth(self,token,authenticateMessage): #For some attacks it is important to know the authenticated username, so we store it if authenticateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('utf-16le'), authenticateMessage['user_name'].decode('utf-16le'))).upper() else: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('ascii'), authenticateMessage['user_name'].decode('ascii'))).upper() if authenticateMessage['user_name'] != '' or self.target.hostname == '127.0.0.1': clientResponse, errorCode = self.client.sendAuth(token) else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials, except # when coming from localhost errorCode = STATUS_ACCESS_DENIED if errorCode == STATUS_SUCCESS: return True return False
Example #7
Source File: httprelayserver.py From CVE-2019-1040 with MIT License | 6 votes |
def do_ntlm_auth(self,token,authenticateMessage): #For some attacks it is important to know the authenticated username, so we store it if authenticateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('utf-16le'), authenticateMessage['user_name'].decode('utf-16le'))).upper() else: self.authUser = ('%s/%s' % (authenticateMessage['domain_name'].decode('ascii'), authenticateMessage['user_name'].decode('ascii'))).upper() if authenticateMessage['user_name'] != '' or self.target.hostname == '127.0.0.1': clientResponse, errorCode = self.client.sendAuth(token) else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials, except # when coming from localhost errorCode = STATUS_ACCESS_DENIED if errorCode == STATUS_SUCCESS: return True return False
Example #8
Source File: smbrelayserver.py From PiBunny with MIT License | 6 votes |
def do_ntlm_auth(self,client,SPNEGO_token,authenticateMessage): #The NTLM blob is packed in a SPNEGO packet, extract it for methods other than SMB respToken2 = SPNEGO_NegTokenResp(SPNEGO_token) token = respToken2['ResponseToken'] clientResponse = None if self.target[0] == 'SMB': clientResponse, errorCode = client.sendAuth(SPNEGO_token,authenticateMessage) if self.target[0] == 'MSSQL': #This client needs a proper response code try: result = client.sendAuth(token) if result: #This contains a boolean errorCode = STATUS_SUCCESS else: errorCode = STATUS_ACCESS_DENIED except Exception, e: logging.error("NTLM Message type 3 against %s FAILED" % self.target[1]) logging.error(str(e)) errorCode = STATUS_ACCESS_DENIED
Example #9
Source File: smbrelayclient.py From GhostPotato with MIT License | 4 votes |
def sendStandardSecurityAuth(self, sessionSetupData): v1client = self.session.getSMBServer() flags2 = v1client.get_flags()[1] v1client.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) if sessionSetupData['Account'] != '': smb = NewSMBPacket() smb['Flags1'] = 8 sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() sessionSetup['Data'] = SMBSessionSetupAndX_Data() sessionSetup['Parameters']['MaxBuffer'] = 65535 sessionSetup['Parameters']['MaxMpxCount'] = 2 sessionSetup['Parameters']['VCNumber'] = os.getpid() sessionSetup['Parameters']['SessionKey'] = v1client._dialects_parameters['SessionKey'] sessionSetup['Parameters']['AnsiPwdLength'] = len(sessionSetupData['AnsiPwd']) sessionSetup['Parameters']['UnicodePwdLength'] = len(sessionSetupData['UnicodePwd']) sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE sessionSetup['Data']['AnsiPwd'] = sessionSetupData['AnsiPwd'] sessionSetup['Data']['UnicodePwd'] = sessionSetupData['UnicodePwd'] sessionSetup['Data']['Account'] = sessionSetupData['Account'] sessionSetup['Data']['PrimaryDomain'] = sessionSetupData['PrimaryDomain'] sessionSetup['Data']['NativeOS'] = 'Unix' sessionSetup['Data']['NativeLanMan'] = 'Samba' smb.addCommand(sessionSetup) v1client.sendSMB(smb) smb = v1client.recvSMB() try: smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX) except: return None, STATUS_LOGON_FAILURE else: v1client.set_uid(smb['Uid']) return smb, STATUS_SUCCESS else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials clientResponse = None errorCode = STATUS_ACCESS_DENIED return clientResponse, errorCode
Example #10
Source File: smbrelayclient.py From Exchange2domain with MIT License | 4 votes |
def sendStandardSecurityAuth(self, sessionSetupData): v1client = self.session.getSMBServer() flags2 = v1client.get_flags()[1] v1client.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) if sessionSetupData['Account'] != '': smb = NewSMBPacket() smb['Flags1'] = 8 sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() sessionSetup['Data'] = SMBSessionSetupAndX_Data() sessionSetup['Parameters']['MaxBuffer'] = 65535 sessionSetup['Parameters']['MaxMpxCount'] = 2 sessionSetup['Parameters']['VCNumber'] = os.getpid() sessionSetup['Parameters']['SessionKey'] = v1client._dialects_parameters['SessionKey'] sessionSetup['Parameters']['AnsiPwdLength'] = len(sessionSetupData['AnsiPwd']) sessionSetup['Parameters']['UnicodePwdLength'] = len(sessionSetupData['UnicodePwd']) sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE sessionSetup['Data']['AnsiPwd'] = sessionSetupData['AnsiPwd'] sessionSetup['Data']['UnicodePwd'] = sessionSetupData['UnicodePwd'] sessionSetup['Data']['Account'] = str(sessionSetupData['Account']) sessionSetup['Data']['PrimaryDomain'] = str(sessionSetupData['PrimaryDomain']) sessionSetup['Data']['NativeOS'] = 'Unix' sessionSetup['Data']['NativeLanMan'] = 'Samba' smb.addCommand(sessionSetup) v1client.sendSMB(smb) smb = v1client.recvSMB() try: smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX) except: return None, STATUS_LOGON_FAILURE else: v1client.set_uid(smb['Uid']) return smb, STATUS_SUCCESS else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials clientResponse = None errorCode = STATUS_ACCESS_DENIED return clientResponse, errorCode
Example #11
Source File: smbrelayclient.py From krbrelayx with MIT License | 4 votes |
def sendStandardSecurityAuth(self, sessionSetupData): v1client = self.session.getSMBServer() flags2 = v1client.get_flags()[1] v1client.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) if sessionSetupData['Account'] != '': smb = NewSMBPacket() smb['Flags1'] = 8 sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() sessionSetup['Data'] = SMBSessionSetupAndX_Data() sessionSetup['Parameters']['MaxBuffer'] = 65535 sessionSetup['Parameters']['MaxMpxCount'] = 2 sessionSetup['Parameters']['VCNumber'] = os.getpid() sessionSetup['Parameters']['SessionKey'] = v1client._dialects_parameters['SessionKey'] sessionSetup['Parameters']['AnsiPwdLength'] = len(sessionSetupData['AnsiPwd']) sessionSetup['Parameters']['UnicodePwdLength'] = len(sessionSetupData['UnicodePwd']) sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE sessionSetup['Data']['AnsiPwd'] = sessionSetupData['AnsiPwd'] sessionSetup['Data']['UnicodePwd'] = sessionSetupData['UnicodePwd'] sessionSetup['Data']['Account'] = str(sessionSetupData['Account']) sessionSetup['Data']['PrimaryDomain'] = str(sessionSetupData['PrimaryDomain']) sessionSetup['Data']['NativeOS'] = 'Unix' sessionSetup['Data']['NativeLanMan'] = 'Samba' smb.addCommand(sessionSetup) v1client.sendSMB(smb) smb = v1client.recvSMB() try: smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX) except: return None, STATUS_LOGON_FAILURE else: v1client.set_uid(smb['Uid']) return smb, STATUS_SUCCESS else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials clientResponse = None errorCode = STATUS_ACCESS_DENIED return clientResponse, errorCode
Example #12
Source File: smbrelayclient.py From Slackor with GNU General Public License v3.0 | 4 votes |
def sendStandardSecurityAuth(self, sessionSetupData): v1client = self.session.getSMBServer() flags2 = v1client.get_flags()[1] v1client.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) if sessionSetupData['Account'] != '': smb = NewSMBPacket() smb['Flags1'] = 8 sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() sessionSetup['Data'] = SMBSessionSetupAndX_Data() sessionSetup['Parameters']['MaxBuffer'] = 65535 sessionSetup['Parameters']['MaxMpxCount'] = 2 sessionSetup['Parameters']['VCNumber'] = os.getpid() sessionSetup['Parameters']['SessionKey'] = v1client._dialects_parameters['SessionKey'] sessionSetup['Parameters']['AnsiPwdLength'] = len(sessionSetupData['AnsiPwd']) sessionSetup['Parameters']['UnicodePwdLength'] = len(sessionSetupData['UnicodePwd']) sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE sessionSetup['Data']['AnsiPwd'] = sessionSetupData['AnsiPwd'] sessionSetup['Data']['UnicodePwd'] = sessionSetupData['UnicodePwd'] sessionSetup['Data']['Account'] = sessionSetupData['Account'] sessionSetup['Data']['PrimaryDomain'] = sessionSetupData['PrimaryDomain'] sessionSetup['Data']['NativeOS'] = 'Unix' sessionSetup['Data']['NativeLanMan'] = 'Samba' smb.addCommand(sessionSetup) v1client.sendSMB(smb) smb = v1client.recvSMB() try: smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX) except: return None, STATUS_LOGON_FAILURE else: v1client.set_uid(smb['Uid']) return smb, STATUS_SUCCESS else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials clientResponse = None errorCode = STATUS_ACCESS_DENIED return clientResponse, errorCode
Example #13
Source File: smbrelayclient.py From CVE-2019-1040 with MIT License | 4 votes |
def sendStandardSecurityAuth(self, sessionSetupData): v1client = self.session.getSMBServer() flags2 = v1client.get_flags()[1] v1client.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) if sessionSetupData['Account'] != '': smb = NewSMBPacket() smb['Flags1'] = 8 sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() sessionSetup['Data'] = SMBSessionSetupAndX_Data() sessionSetup['Parameters']['MaxBuffer'] = 65535 sessionSetup['Parameters']['MaxMpxCount'] = 2 sessionSetup['Parameters']['VCNumber'] = os.getpid() sessionSetup['Parameters']['SessionKey'] = v1client._dialects_parameters['SessionKey'] sessionSetup['Parameters']['AnsiPwdLength'] = len(sessionSetupData['AnsiPwd']) sessionSetup['Parameters']['UnicodePwdLength'] = len(sessionSetupData['UnicodePwd']) sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE sessionSetup['Data']['AnsiPwd'] = sessionSetupData['AnsiPwd'] sessionSetup['Data']['UnicodePwd'] = sessionSetupData['UnicodePwd'] sessionSetup['Data']['Account'] = sessionSetupData['Account'] sessionSetup['Data']['PrimaryDomain'] = sessionSetupData['PrimaryDomain'] sessionSetup['Data']['NativeOS'] = 'Unix' sessionSetup['Data']['NativeLanMan'] = 'Samba' smb.addCommand(sessionSetup) v1client.sendSMB(smb) smb = v1client.recvSMB() try: smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX) except: return None, STATUS_LOGON_FAILURE else: v1client.set_uid(smb['Uid']) return smb, STATUS_SUCCESS else: # Anonymous login, send STATUS_ACCESS_DENIED so we force the client to send his credentials clientResponse = None errorCode = STATUS_ACCESS_DENIED return clientResponse, errorCode