def test_BaseRegLoadKey_BaseRegUnLoadKey(self):
dce, rpctransport, phKey = self.connect()
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request['lpSubKey'] = 'SECURITY\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED
resp = dce.request(request)
resp.dump()
request = rrp.BaseRegSaveKey()
request['hKey'] = resp['phkResult']
request['lpFile'] = 'SEC\x00'
request['pSecurityAttributes'] = NULL
resp = dce.request(request)
resp.dump()
request = rrp.BaseRegLoadKey()
request['hKey'] = phKey
request['lpSubKey'] = 'BETUS\x00'
request['lpFile'] = 'SEC\x00'
resp = dce.request(request)
resp.dump()
request = rrp.BaseRegUnLoadKey()
request['hKey'] = phKey
request['lpSubKey'] = 'BETUS\x00'
resp = dce.request(request)
resp.dump()
smb = rpctransport.get_smb_connection()
smb.deleteFile('ADMIN$', 'System32\\SEC')
def test_BaseRegOpenKey(self):
dce, rpctransport, phKey = self.connect()
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request['lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED
resp = dce.request(request)
resp.dump()
def test_hBaseRegEnumKey(self):
dce, rpctransport, phKey = self.connect()
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request['lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED | rrp.KEY_ENUMERATE_SUB_KEYS
resp = dce.request(request)
resp = rrp.hBaseRegEnumKey(dce, resp['phkResult'], 1 )
resp.dump()
def test_hBaseRegEnumValue(self):
dce, rpctransport = self.connect()
phKey = self.open_local_machine(dce)
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request[
'lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED
resp = dce.request(request)
resp = rrp.hBaseRegEnumValue(dce, resp['phkResult'], 6, 100)
resp.dump()
def test_BaseRegQueryValue(self):
dce, rpctransport, phKey = self.connect()
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request['lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED
resp = dce.request(request)
resp.dump()
request = rrp.BaseRegQueryValue()
request['hKey'] = resp['phkResult']
request['lpValueName'] = 'ProductName\x00'
request['lpData'] = b' '*100
request['lpcbData'] = 100
request['lpcbLen'] = 100
resp = dce.request(request)
resp.dump()
def test_BaseRegQueryMultipleValues2(self):
dce, rpctransport = self.connect()
phKey = self.open_local_machine(dce)
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request[
'lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED | rrp.KEY_QUERY_VALUE
resp = dce.request(request)
resp.dump()
request = rrp.BaseRegQueryMultipleValues2()
item1 = rrp.RVALENT()
item1['ve_valuename'] = 'ProductName\x00'
item1['ve_valuelen'] = len('ProductName\x00')
item1['ve_valueptr'] = NULL
item1['ve_type'] = rrp.REG_SZ
item2 = rrp.RVALENT()
item2['ve_valuename'] = 'SystemRoot\x00'
item2['ve_valuelen'] = len('SystemRoot\x00')
item1['ve_valueptr'] = NULL
item2['ve_type'] = rrp.REG_SZ
item3 = rrp.RVALENT()
item3['ve_valuename'] = 'EditionID\x00'
item3['ve_valuelen'] = len('EditionID\x00')
item3['ve_valueptr'] = NULL
item3['ve_type'] = rrp.REG_SZ
request['hKey'] = resp['phkResult']
request['val_listIn'].append(item1)
request['val_listIn'].append(item2)
request['val_listIn'].append(item3)
request['num_vals'] = len(request['val_listIn'])
request['lpvalueBuf'] = list(b' ' * 128)
request['ldwTotsize'] = 128
resp = dce.request(request)
resp.dump()
def test_BaseRegEnumKey(self):
dce, rpctransport, phKey = self.connect()
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request['lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED | rrp.KEY_ENUMERATE_SUB_KEYS
resp = dce.request(request)
request = rrp.BaseRegEnumKey()
request['hKey'] = resp['phkResult']
request['dwIndex'] = 1
# I gotta access the fields manually :s
request.fields['lpNameIn'].fields['MaximumLength'] = 510
request.fields['lpNameIn'].fields['Data'].fields['Data'].fields['MaximumCount'] = 255
request['lpClassIn'] = ' '*100
request['lpftLastWriteTime'] = NULL
resp = dce.request(request)
resp.dump()
def test_BaseRegEnumValue(self):
dce, rpctransport = self.connect()
phKey = self.open_local_machine(dce)
request = rrp.BaseRegOpenKey()
request['hKey'] = phKey
request[
'lpSubKey'] = 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00'
request['dwOptions'] = 0x00000001
request['samDesired'] = MAXIMUM_ALLOWED
resp = dce.request(request)
request = rrp.BaseRegEnumValue()
request['hKey'] = resp['phkResult']
request['dwIndex'] = 6
request['lpValueNameIn'] = ' ' * 100
request['lpData'] = b' ' * 100
request['lpcbData'] = 100
request['lpcbLen'] = 100
resp = dce.request(request)
resp.dump()
