def test_dumpert_upload_error(self):
dump_option = Dumper.Options()
dump_option.dumpert_path = dumpert_path
dump_option.share = "INVALID_SHARE"
ret = Dumper(self.conn, dump_option).dumpert_dump(())
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_DUMPERT_NOT_UPLOADED[1], ret.error_msg)
def test_dumpert_execute_error(self):
dump_option = Dumper.Options()
dump_option.dumpert_path = dumpert_path
dumper = Dumper(self.conn, dump_option)
ret = dumper.dumpert_dump(())
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_DUMPERT_NO_EXECUTE[1], ret.error_msg)
dumper.clean()
def test_procdump_execute_error(self):
dump_option = Dumper.Options()
dump_option.procdump_path = procdump_path
dump = Dumper(self.conn, dump_option)
ret = dump.procdump_dump(())
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_PROCDUMP_NO_EXECUTE[1], ret.error_msg)
dump.clean()
def test_dump_protected(self):
dump_option = Dumper.Options()
dump_option.method = 2
dump_option.procdump_path = procdump_path
dumper = Dumper(self.conn, dump_option)
ret = dumper.dump()
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_LSASS_PROTECTED[1], ret.error_msg)
dumper.clean()
def dump_lsass(self, options=Dumper.Options()):
is_admin = self._conn.isadmin()
if not is_admin.success():
self._conn.close()
return is_admin
self._dumper = Dumper(self._conn, options)
dump_result = self._dumper.dump()
if not dump_result.success():
return dump_result
self._dumpfile = self._dumper.getfile()
self._log.info("Process lsass.exe has been dumped")
return RetCode(ERROR_SUCCESS)
def test_dump_success(self):
dumper = Dumper(self.conn)
ret = dumper.dump()
dumper.clean()
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_SUCCESS[1], ret.error_msg)
def test_dump_method_unknown(self):
dump_option = Dumper.Options()
dump_option.method = 99
ret = Dumper(self.conn, dump_option).dump()
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_METHOD_NOT_SUPPORTED[1], ret.error_msg)
def test_dumpert_invalid_parameter(self):
dump_option = Dumper.Options()
dump_option.dumpert_path = "/invalid/path"
ret = Dumper(self.conn, dump_option).dumpert_dump(())
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_DUMPERT_NOT_FOUND[1], ret.error_msg)
def test_dumpert_missing_parameter(self):
ret = Dumper(self.conn).dumpert_dump(("wmi", ))
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_DUMPERT_NOT_PROVIDED[1], ret.error_msg)
def test_dll_execute_success(self):
ret = Dumper(self.conn).dll_dump(("task", ), "cmd")
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_SUCCESS[1], ret.error_msg)
def test_dll_execute_error(self):
ret = Dumper(self.conn).dll_dump((), "cmd")
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_DLL_NO_EXECUTE[1], ret.error_msg)
def test_dll_dump_invalid_shell(self):
ret = Dumper(self.conn).dll_dump(("wmi", ), "unknown")
self.assertIsInstance(ret, RetCode)
self.assertEqual(ERROR_METHOD_NOT_SUPPORTED[1], ret.error_msg)