Python impacket.dcerpc.v5.dcomrt.DCOMConnection() Examples
The following are 30
code examples of impacket.dcerpc.v5.dcomrt.DCOMConnection().
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example.
You may also want to check out all available functions/classes of the module
impacket.dcerpc.v5.dcomrt
, or try the search function
.
Example #1
Source File: test_wmi.py From PiBunny with MIT License | 6 votes |
def test_IWbemServices_ExecQuery(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service'] for classn in classes: print "Reading %s " % classn try: iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn) done = False while done is False: try: iEnumWbemClassObject.Next(0xffffffff,1) except Exception, e: if str(e).find('S_FALSE') < 0: print e else: done = True pass except Exception, e: if str(e).find('S_FALSE') < 0: print e
Example #2
Source File: test_wmi.py From cracke-dit with MIT License | 6 votes |
def test_IWbemServices_ExecQuery(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service'] for classn in classes: print "Reading %s " % classn try: iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn) done = False while done is False: try: iEnumWbemClassObject.Next(0xffffffff,1) except Exception, e: if str(e).find('S_FALSE') < 0: print e else: done = True pass except Exception, e: if str(e).find('S_FALSE') < 0: print e
Example #3
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 6 votes |
def test_IWbemServices_ExecQuery(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) #classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service'] classes = [ 'Win32_Service'] for classn in classes: print("Reading %s " % classn) try: iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn) done = False while done is False: try: iEnumWbemClassObject.Next(0xffffffff,1) except Exception as e: if str(e).find('S_FALSE') < 0: print(e) else: done = True pass except Exception as e: if str(e).find('S_FALSE') < 0: print(e) dcom.disconnect()
Example #4
Source File: test_wmi.py From CVE-2017-7494 with GNU General Public License v3.0 | 6 votes |
def test_IWbemServices_ExecQuery(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) classes = [ 'Win32_Account', 'Win32_UserAccount', 'Win32_Group', 'Win32_SystemAccount', 'Win32_Service'] for classn in classes: print "Reading %s " % classn try: iEnumWbemClassObject = iWbemServices.ExecQuery('SELECT * from %s' % classn) done = False while done is False: try: iEnumWbemClassObject.Next(0xffffffff,1) except Exception, e: if str(e).find('S_FALSE') < 0: print e else: done = True pass except Exception, e: if str(e).find('S_FALSE') < 0: print e
Example #5
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_IWbemServices_GetObject(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) iWbemLevel1Login.RemRelease() classObject,_ = iWbemServices.GetObject('Win32_Process') dcom.disconnect()
Example #6
Source File: test_dcomrt.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def test_RemRelease(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemRelease() dcom.disconnect()
Example #7
Source File: wmiexec_delete.py From spraykatz with MIT License | 5 votes |
def run(self, addr, osArch='64'): dcom = DCOMConnection(addr, self.__username, self.__password, self.__domain, self.__lmhash, self.__nthash, self.__aesKey, oxidResolver=True, doKerberos=self.__doKerberos, kdcHost=self.__kdcHost) try: iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices=iWbemLevel1Login.NTLMLogin('//./root/cimv2', NULL, NULL) iWbemLevel1Login.RemRelease() win32Process,_ = iWbemServices.GetObject('Win32_Process') self.shell = RemoteShell(self.__share, win32Process, self.__smbConnection) # Delete Procdump cmd = "del procdump%s.exe" % (osArch) logging.info("%s Deleting ProcDump on %s..." % (debugBlue, addr)) if logging.getLogger().getEffectiveLevel() > 10: with suppress_std(): self.shell.onecmd(cmd) else: self.shell.onecmd(cmd) # Delete Dumps cmd = "del SPRAY_*.dmp" logging.info("%s Deleting dumps on %s..." % (debugBlue, addr)) if logging.getLogger().getEffectiveLevel() > 10: with suppress_std(): self.shell.onecmd(cmd) else: self.shell.onecmd(cmd) finally: if self.__smbConnection is not None: self.__smbConnection.logoff() dcom.disconnect() sys.stdout.flush()
Example #8
Source File: test_dcomrt.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_RemQueryInterface(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemQueryInterface(1, (comev.IID_IEventSystem,)) dcom.disconnect()
Example #9
Source File: test_dcomrt.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_RemRelease(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemRelease() dcom.disconnect()
Example #10
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def tes_activation(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLoginClientID) dcom.disconnect()
Example #11
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_EstablishPosition(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.EstablishPosition() print(resp) dcom.disconnect()
Example #12
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_WBEMLogin(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) try: resp = iWbemLevel1Login.WBEMLogin() print(resp) except Exception as e: if str(e).find('E_NOTIMPL') < 0: dcom.disconnect() raise dcom.disconnect()
Example #13
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_NTLMLogin(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) print(resp) dcom.disconnect()
Example #14
Source File: test_wmi.py From Slackor with GNU General Public License v3.0 | 5 votes |
def tes_IWbemServices_OpenNamespace(self): # Not working dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('//./ROOT', NULL, NULL) try: resp = iWbemServices.OpenNamespace('__Namespace') print(resp) except Exception as e: dcom.disconnect() raise dcom.disconnect()
Example #15
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def test_IWbemLevel1Login_NTLMLogin(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) print resp dcom.disconnect()
Example #16
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def test_IWbemServices_GetObject(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) iWbemLevel1Login.RemRelease() classObject,_ = iWbemServices.GetObject('Win32_Process') dcom.disconnect()
Example #17
Source File: wmi.py From ActiveReign with GNU General Public License v3.0 | 5 votes |
def create_wmi_con(self, namespace='root\\cimv2'): self.dcom = DCOMConnection(self.host, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = self.dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) self.wmi_con = iWbemLevel1Login.NTLMLogin('\\\\{}\\{}'.format(self.host, namespace), NULL, NULL)
Example #18
Source File: wmiexec.py From ActiveReign with GNU General Public License v3.0 | 5 votes |
def create_wmi_con(self): self.dcom = DCOMConnection(self.host, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = self.dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices = iWbemLevel1Login.NTLMLogin('\\\\{}\\root\\cimv2'.format(self.host), NULL, NULL) iWbemLevel1Login.RemRelease() self.win32Process, _ = iWbemServices.GetObject('Win32_Process')
Example #19
Source File: test_dcomrt.py From PiBunny with MIT License | 5 votes |
def test_RemQueryInterface(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemQueryInterface(1, (comev.IID_IEventSystem,)) dcom.disconnect()
Example #20
Source File: test_dcomrt.py From PiBunny with MIT License | 5 votes |
def test_RemRelease(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemRelease() dcom.disconnect()
Example #21
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def tes_IWbemServices_OpenNamespace(self): # Not working dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('//./ROOT', NULL, NULL) try: resp = iWbemServices.OpenNamespace('__Namespace') print resp except Exception, e: dcom.disconnect() raise
Example #22
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def tes_activation(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLoginClientID) dcom.disconnect()
Example #23
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def test_IWbemLevel1Login_EstablishPosition(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.EstablishPosition() print resp dcom.disconnect()
Example #24
Source File: test_wmi.py From PiBunny with MIT License | 5 votes |
def test_IWbemLevel1Login_WBEMLogin(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) try: resp = iWbemLevel1Login.WBEMLogin() print resp except Exception, e: if str(e).find('E_NOTIMPL') < 0: dcom.disconnect() raise
Example #25
Source File: test_wmi.py From cracke-dit with MIT License | 5 votes |
def test_IWbemServices_GetObject(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) iWbemServices= iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) iWbemLevel1Login.RemRelease() classObject,_ = iWbemServices.GetObject('Win32_Process') dcom.disconnect()
Example #26
Source File: test_dcomrt.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def test_RemQueryInterface(self): dcom = dcomrt.DCOMConnection(self.machine, self.username, self.password, self.domain) iInterface = dcom.CoCreateInstanceEx(comev.CLSID_EventSystem, comev.IID_IEventSystem) iEventSystem = comev.IEventSystem(iInterface) iEventSystem.RemQueryInterface(1, (comev.IID_IEventSystem,)) dcom.disconnect()
Example #27
Source File: test_wmi.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def tes_activation(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLoginClientID) dcom.disconnect()
Example #28
Source File: test_wmi.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_EstablishPosition(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.EstablishPosition() print resp dcom.disconnect()
Example #29
Source File: test_wmi.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_RequestChallenge(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) try: resp = iWbemLevel1Login.RequestChallenge() print resp except Exception, e: if str(e).find('WBEM_E_NOT_SUPPORTED') < 0: dcom.disconnect() raise
Example #30
Source File: test_wmi.py From CVE-2017-7494 with GNU General Public License v3.0 | 5 votes |
def test_IWbemLevel1Login_NTLMLogin(self): dcom = DCOMConnection(self.machine, self.username, self.password, self.domain, self.lmhash, self.nthash) iInterface = dcom.CoCreateInstanceEx(wmi.CLSID_WbemLevel1Login,wmi.IID_IWbemLevel1Login) iWbemLevel1Login = wmi.IWbemLevel1Login(iInterface) resp = iWbemLevel1Login.NTLMLogin('\\\\%s\\root\\cimv2' % self.machine, NULL, NULL) print resp dcom.disconnect()