def main(): parser = argparse.ArgumentParser() parser.add_argument("ip", action="store", help="The IP address or hostname of the KMS host.", type=str) parser.add_argument( "port", nargs="?", action="store", default=1688, help= "The port the KMS service is listening on. The default is \"1688\".", type=int) parser.add_argument("-m", "--mode", dest="mode", choices=[ "WindowsVista", "Windows7", "Windows8", "Windows81", "Windows10", "Office2010", "Office2013", "Office2016" ], default="Windows7") parser.add_argument( "-c", "--cmid", dest="cmid", default=None, help= "Use this flag to manually specify a CMID to use. If no CMID is specified, a random CMID will be generated.", type=str) parser.add_argument( "-n", "--name", dest="machineName", default=None, help= "Use this flag to manually specify an ASCII machineName to use. If no machineName is specified, a random machineName will be generated.", type=str) parser.add_argument("-v", "--verbose", dest="verbose", action="store_const", const=True, default=False, help="Use this flag to enable verbose output.") parser.add_argument( "-d", "--debug", dest="debug", action="store_const", const=True, default=False, help="Use this flag to enable debug output. Implies \"-v\".") config.update(vars(parser.parse_args())) checkConfig() config['call_id'] = 1 if config['debug']: config['verbose'] = True updateConfig() try: socket.inet_pton(socket.AF_INET6, config['ip']) except OSError: s = socket.socket() else: s = socket.socket(socket.AF_INET6) print("Connecting to %s on port %d..." % (config['ip'], config['port'])) s.connect((config['ip'], config['port'])) if config['verbose']: print("Connection successful!") binder = rpcBind.handler(None, config) RPC_Bind = bytes(binder.generateRequest()) if config['verbose']: print("Sending RPC bind request...") s.send(RPC_Bind) try: bindResponse = s.recv(1024) except socket.error as e: if e.errno == errno.ECONNRESET: print("Error: Connection reset by peer. Exiting...") sys.exit() else: raise if bindResponse == '' or not bindResponse: print("No data received! Exiting...") sys.exit() packetType = MSRPCHeader(bindResponse)['type'] if packetType == rpcBase.packetType['bindAck']: if config['verbose']: print("RPC bind acknowledged.") kmsRequest = createKmsRequest() requester = rpcRequest.handler(kmsRequest, config) s.send(bytes(requester.generateRequest())) response = s.recv(1024) if config['debug']: print("Response:", binascii.b2a_hex(response)) parsed = MSRPCRespHeader(response) kmsData = readKmsResponse(parsed['pduData'], kmsRequest, config) kmsResp = kmsData['response'] try: hwid = kmsData['hwid'] print("KMS Host HWID:", binascii.b2a_hex(hwid).upper()) except KeyError: pass print("KMS Host ePID:", kmsResp['kmsEpid']) print("KMS Host Current Client Count:", kmsResp['currentClientCount']) print("KMS VL Activation Interval:", kmsResp['vLActivationInterval']) print("KMS VL Renewal Interval:", kmsResp['vLRenewalInterval']) elif packetType == rpcBase.packetType['bindNak']: print(MSRPCBindNak(bindResponse).dump()) sys.exit() else: print("Something went wrong.") sys.exit()
def main(): parser = argparse.ArgumentParser() parser.add_argument("ip", action="store", help='The IP address or hostname of the KMS server.', type=str) parser.add_argument( "port", nargs="?", action="store", default=1688, help= 'The port the KMS service is listening on. The default is \"1688\".', type=int) parser.add_argument( "-m", "--mode", dest="mode", choices=[ "WindowsVista", "Windows7", "Windows8", "Windows81", "Windows10", "Office2010", "Office2013", "Office2016" ], default="Windows7", help= 'Use this flag to manually specify a Microsoft product for testing the server. The default is \"Windows81\".', type=str) parser.add_argument( "-c", "--cmid", dest="cmid", default=None, help= 'Use this flag to manually specify a CMID to use. If no CMID is specified, a random CMID will be generated.', type=str) parser.add_argument( "-n", "--name", dest="machineName", default=None, help= 'Use this flag to manually specify an ASCII machineName to use. If no machineName is specified,\ a random machineName will be generated.', type=str) parser.add_argument( "-v", "--loglevel", dest="loglevel", action="store", default="ERROR", choices=["CRITICAL", "ERROR", "WARNING", "INFO", "DEBUG"], help='Use this flag to set a Loglevel. The default is \"ERROR\".', type=str) parser.add_argument( "-f", "--logfile", dest="logfile", action="store", default=os.path.dirname(os.path.abspath(__file__)) + "/py3kms_client.log", help= 'Use this flag to set an output Logfile. The default is \"pykms_client.log\".', type=str) config.update(vars(parser.parse_args())) logging.basicConfig(level=config['loglevel'], format='%(asctime)s %(levelname)-8s %(message)s', datefmt='%a, %d %b %Y %H:%M:%S', filename=config['logfile'], filemode='w') checkConfig() config['call_id'] = 1 updateConfig() s = socket.socket() logging.info("Connecting to %s on port %d..." % (config['ip'], config['port'])) s.connect((config['ip'], config['port'])) logging.info("Connection successful !") binder = rpcBind.handler(None, config) RPC_Bind = str(binder.generateRequest()).encode('latin-1') #*2to3* logging.info("Sending RPC bind request...") shell_message(nshell=[-1, 1]) s.send(RPC_Bind) try: shell_message(nshell=[-4, 7]) bindResponse = s.recv(1024) except socket.error as e: #*2to3* if e[0] == 104: logging.error("Connection reset by peer. Exiting...") sys.exit() else: raise if bindResponse == '' or not bindResponse: logging.error("No data received ! Exiting...") sys.exit() packetType = MSRPCHeader(bindResponse)['type'] if packetType == rpcBase.packetType['bindAck']: logging.info("RPC bind acknowledged.") shell_message(nshell=8) kmsRequest = createKmsRequest() requester = rpcRequest.handler(kmsRequest, config) s.send(str(requester.generateRequest()).encode('latin-1')) #*2to3* shell_message(nshell=[-1, 12]) response = s.recv(1024) logging.debug( "Response: \n%s\n" % justify(binascii.b2a_hex(response).decode('latin-1'))) #*2to3* shell_message(nshell=[-4, 20]) parsed = MSRPCRespHeader(response) kmsData = readKmsResponse(parsed['pduData'], kmsRequest, config) kmsResp = kmsData['response'] try: hwid = kmsData['hwid'] except: hwid = None logging.info( "KMS Host ePID: %s" % kmsResp['kmsEpid'].encode('utf-8').decode('utf-16le')) #*2to3* if hwid is not None: logging.info("KMS Host HWID: %s" % binascii.b2a_hex( hwid.encode('latin-1')).upper().decode('utf-8')) #*2to3* logging.info("KMS Host Current Client Count: %s" % kmsResp['currentClientCount']) logging.info("KMS VL Activation Interval: %s" % kmsResp['vLActivationInterval']) logging.info("KMS VL Renewal Interval: %s" % kmsResp['vLRenewalInterval']) shell_message(nshell=21) elif packetType == rpcBase.packetType['bindNak']: logging.info( justify(MSRPCBindNak(bindResponse).dump(print_to_stdout=False))) sys.exit() else: logging.critical("Something went wrong.") sys.exit()
try: hwid = kmsData['hwid'] except: hwid = None logging.info("KMS Host ePID: %s" % kmsResp['kmsEpid'].decode('utf-16le').encode('utf-8')) if hwid is not None: logging.info("KMS Host HWID: %s" % binascii.b2a_hex(hwid).upper()) logging.info("KMS Host Current Client Count: %s" % kmsResp['currentClientCount']) logging.info("KMS VL Activation Interval: %s" % kmsResp['vLActivationInterval']) logging.info("KMS VL Renewal Interval: %s" % kmsResp['vLRenewalInterval']) shell_message(nshell = 21) elif packetType == rpcBase.packetType['bindNak']: logging.info(justify(MSRPCBindNak(bindResponse).dump(print_to_stdout = False))) sys.exit() else: logging.critical("Something went wrong.") sys.exit() def checkConfig(): if config['cmid'] is not None: try: uuid.UUID(config['cmid']) except: logging.error("Bad CMID. Exiting...") sys.exit() if config['machineName'] is not None: if len(config['machineName']) < 2 or len(config['machineName']) > 63:
packetType = MSRPCHeader(bindResponse)['type'] if packetType == rpcBase.packetType['bindAck']: if config['verbose']: print "RPC bind acknowledged." #config['call_id'] += 1 ''' request = CreateRequest() requester = rpcRequest.request(request, config) s.send(request) response = s.recv(1024) if config['debug']: print "Response:", binascii.b2a_hex(response), len(response) parsed = ReadResponse(response) ''' elif packetType == rpcBase.packetType['bindNak']: print MSRPCBindNak(bindResponse).dump() sys.exit() else: print "Something went wrong." sys.exit() def updateConfig(): if config['mode'] == 'WindowsVista': config['RequiredClientCount'] = 25 config['KMSProtocolMajorVersion'] = 4 config['KMSProtocolMinorVersion'] = 0 config['KMSClientLicenseStatus'] = 2 config['KMSClientAppID'] = "55c92734-d682-4d71-983e-d6ec3f16059f" config['KMSClientSkuID'] = "cfd8ff08-c0d7-452b-9f60-ef5c70c32094" config[
logging.error("No data received! Exiting...") sys.exit() packetType = MSRPCHeader(bindResponse)['type'] if packetType == rpcBase.packetType['bindAck']: logging.info("RPC bind acknowledged.") #config['call_id'] += 1 ''' request = CreateRequest() requester = rpcRequest.request(request, config) s.send(request) response = s.recv(1024) logging.debug("Response:", binascii.b2a_hex(response), len(response)) parsed = ReadResponse(response) ''' elif packetType == rpcBase.packetType['bindNak']: logging.info(MSRPCBindNak(bindResponse).dump()) sys.exit() else: logging.critical("Something went wrong.") sys.exit() def updateConfig(): if config['mode'] == 'WindowsVista': config['RequiredClientCount'] = 25 config['KMSProtocolMajorVersion'] = 4 config['KMSProtocolMinorVersion'] = 0 config['KMSClientLicenseStatus'] = 2 config['KMSClientAppID'] = "55c92734-d682-4d71-983e-d6ec3f16059f" config['KMSClientSkuID'] = "cfd8ff08-c0d7-452b-9f60-ef5c70c32094" config['KMSClientKMSCountedID'] = "212a64dc-43b1-4d3d-a30c-2fc69d2095c6" elif config['mode'] == 'Windows7':