Ejemplo n.º 1
0
async def domain_test(connection_string, domain_name, out_file = None, json_out = False):
	target = SMBTarget.from_connection_string(connection_string)
	credential = SMBCredential.from_connection_string(connection_string)
	spneg = AuthenticatorBuilder.to_spnego_cred(credential, target)
	
	async with SMBConnection(spneg, target) as connection: 
		await connection.login()
		
		async with SMBDomain(domain_name, connection=connection) as domain:
			logging.debug('Connecting to SAMR')
			try:
				await domain.open(access_level = samr.DOMAIN_ALL_ACCESS)
			except Exception as e:
				logging.exception('Failed to create domain object')
				
			info = await domain.get_info()
			
			async for user_name, user_sid in domain.list_users():
				print(user_name, user_sid)
				try:
					user_handle = await domain.open_user(user_sid, access_level = samr.USER_ALL_ACCESS)
					#x = await domain.get_security_info(user_handle)
					user_info = await domain.get_user_info(user_handle)
					
					#async for group_sid in domain.get_user_group_memberships(user_handle):
					#	print(group_sid)
				except Exception as e:
					print(e)
					continue
					
			#async for name, sid in domain.list_groups():
			#	print(name, sid)

	print('Done!')
Ejemplo n.º 2
0
    def get_smb_connection(self, cmd):
        try:
            hostname, ip = self.get_target_address(cmd.target)
            res, domain, username, password = self.get_stored_cred(cmd.creds)
            if res is False:
                raise Exception('Could not find user creds!')

            target = SMBTarget(ip=ip,
                               hostname=hostname,
                               timeout=1,
                               dc_ip=domain,
                               protocol=SMBConnectionProtocol.TCP)
            target.preferred_dialects = SMB2_NEGOTIATE_DIALTECTS_2

            auth_type = SMBAuthProtocol.NTLM
            secret_type = SMBCredentialsSecretType.PASSWORD

            credential = SMBCredential(username=username,
                                       domain=domain,
                                       secret=password,
                                       secret_type=secret_type,
                                       authentication_type=auth_type,
                                       settings=None,
                                       target=target)
            print(target)
            print(credential)

            gssapi = AuthenticatorBuilder.to_spnego_cred(credential, target)
            connection = SMBConnection(gssapi, target)

            return connection, None
        except Exception as e:
            traceback.print_exc()
            return None, e
Ejemplo n.º 3
0
    def create_connection_newtarget(self, ip):
        credential = self.get_credential()
        credential.target = ip

        target = self.get_target()
        target.ip = ip

        spneg = AuthenticatorBuilder.to_spnego_cred(credential, target)

        return SMBConnection(spneg, target)
Ejemplo n.º 4
0
    def create_connection_newtarget(self, ip_or_hostname):
        credential = self.get_credential()
        credential.target = ip_or_hostname

        target = self.get_target()
        try:
            ipaddress.ip_address(ip_or_hostname)
            target.ip = ip_or_hostname
            target.hostname = None
        except:
            target.hostname = ip_or_hostname
            target.ip = ip_or_hostname

        spneg = AuthenticatorBuilder.to_spnego_cred(credential, target)

        return SMBConnection(spneg, target)
Ejemplo n.º 5
0
    def get_connection(self):
        credential = self.get_credential()
        target = self.get_target()
        spneg = AuthenticatorBuilder.to_spnego_cred(credential, target)

        return SMBConnection(spneg, target)