Beispiel #1
0
    def getShares(self):
        # Setup up a DCE SMBTransport with the connection already in place
        LOG.info("Requesting shares on %s....." % (self.connection.getRemoteHost()))
        try: 
            self._rpctransport = transport.SMBTransport(self.connection.getRemoteHost(), self.connection.getRemoteHost(),filename = r'\srvsvc', smb_connection = self.connection)
            dce_srvs = self._rpctransport.get_dce_rpc()
            dce_srvs.connect()

            dce_srvs.bind(srvs.MSRPC_UUID_SRVS)
            resp = srvs.hNetrShareEnum(dce_srvs, 1)
            return resp['InfoStruct']['ShareInfo']['Level1']
        except:
            LOG.critical("Error requesting shares on %s, aborting....." % (self.connection.getRemoteHost()))
            raise
Beispiel #2
0
    def listShares(self):
        """
        get a list of available shares at the connected target

        :return: a list containing dict entries for each share, raises exception if error
        """
        # Get the shares through RPC
        from mitmflib.impacket.dcerpc.v5 import transport, srvs
        rpctransport = transport.SMBTransport(self.getRemoteHost(), self.getRemoteHost(), filename = r'\srvsvc', smb_connection = self)
        dce = rpctransport.get_dce_rpc()
        dce.connect()
        dce.bind(srvs.MSRPC_UUID_SRVS)
        resp = srvs.hNetrShareEnum(dce, 1)
        return resp['InfoStruct']['ShareInfo']['Level1']['Buffer']
Beispiel #3
0
    def getShares(self):
        # Setup up a DCE SMBTransport with the connection already in place
        LOG.info("Requesting shares on %s....." %
                 (self.connection.getRemoteHost()))
        try:
            self._rpctransport = transport.SMBTransport(
                self.connection.getRemoteHost(),
                self.connection.getRemoteHost(),
                filename=r'\srvsvc',
                smb_connection=self.connection)
            dce_srvs = self._rpctransport.get_dce_rpc()
            dce_srvs.connect()

            dce_srvs.bind(srvs.MSRPC_UUID_SRVS)
            resp = srvs.hNetrShareEnum(dce_srvs, 1)
            return resp['InfoStruct']['ShareInfo']['Level1']
        except:
            LOG.critical("Error requesting shares on %s, aborting....." %
                         (self.connection.getRemoteHost()))
            raise
Beispiel #4
0
    def test_hNetrShareEnum(self):
        dce, rpctransport = self.connect()
        resp = srvs.hNetrShareEnum(dce, 0)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 1)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 2)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 501)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 502)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 503)
        resp.dump()
Beispiel #5
0
    def test_hNetrShareEnum(self):
        dce, rpctransport = self.connect()
        resp = srvs.hNetrShareEnum(dce, 0)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 1)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 2)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 501)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 502)
        resp.dump()

        resp = srvs.hNetrShareEnum(dce, 503)
        resp.dump()