def getShares(self): # Setup up a DCE SMBTransport with the connection already in place self._rpctransport = transport.SMBTransport('','',filename = r'\srvsvc', smb_server = self.client) self._dce = dcerpc.DCERPC_v5(self._rpctransport) self._dce.connect() self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(self._dce) resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip()) return resp
def do_shares(self, line): rpctransport = transport.SMBTransport(self.smb.get_remote_name(), self.smb.get_remote_host(), filename=r'\srvsvc', smb_server=self.smb) dce = dcerpc.DCERPC_v5(rpctransport) dce.connect() dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(dce) resp = srv_svc.get_share_enum_1(rpctransport.get_dip()) for i in range(len(resp)): print resp[i]['NetName'].decode('utf-16')
def listShares(self): # Get the shares through RPC from impacket.dcerpc import transport, dcerpc, srvsvc rpctransport = transport.SMBTransport(self.getRemoteHost(), self.getRemoteHost(), filename=r'\srvsvc', smb_connection=self) dce = dcerpc.DCERPC_v5(rpctransport) dce.connect() dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(dce) resp = srv_svc.get_share_enum_1(rpctransport.get_dip()) return resp
def getShares(self): # Setup up a DCE SMBTransport with the connection already in place print "[*] Requesting shares on %s....." % (self.client.get_remote_host()) try: self._rpctransport = transport.SMBTransport('','',filename = r'\srvsvc', smb_server = self.client) self._dce = dcerpc.DCERPC_v5(self._rpctransport) self._dce.connect() self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(self._dce) resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip()) return resp except: print "[!] Error requesting shares on %s, aborting....." % (self.client.get_remote_host()) raise
def do_info(self, line): rpctransport = transport.SMBTransport(self.smb.get_remote_name(), self.smb.get_remote_host(), filename=r'\srvsvc', smb_server=self.smb) dce = dcerpc.DCERPC_v5(rpctransport) dce.connect() dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(dce) resp = srv_svc.get_server_info_102(rpctransport.get_dip()) print "Version Major: %d" % resp['VersionMajor'] print "Version Minor: %d" % resp['VersionMinor'] print "Server Name: %s" % resp['Name'] print "Server Comment: %s" % resp['Comment'] print "Server UserPath: %s" % resp['UserPath'] print "Simultaneous Users: %d" % resp['Users']
def getShares(self): """Return a list of shares on the remote windows server.""" # Setup up a DCE SMBTransport with the connection already in place print("[*] Requesting shares on %s....." % (self.connection.getRemoteHost())) try: self._rpctransport = transport.SMBTransport( '', '', filename=r'\srvsvc', smb_connection=self.connection) self._dce = dcerpc.DCERPC_v5(self._rpctransport) self._dce.connect() self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC) srv_svc = srvsvc.DCERPCSrvSvc(self._dce) resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip()) return resp except Exception: print("[!] Error requesting shares on %s, aborting....." % (self.connection.getRemoteHost())) raise