def QueryProviders(self, masks): request = IVdsService_QueryProviders() request['ORPCthis'] = self.get_cinstance().get_ORPCthis() request['ORPCthis']['flags'] = 0 request['masks'] = masks resp = self.request(request, uuid = self.get_iPid()) return IEnumVdsObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
class IVssSnapshotMgmt(IRemUnknown2): def __init__(self, interface): IRemUnknown2.__init__(self, interface) self._iid = IID_IVssSnapshotMgmt def GetProviderMgmtInterface( self, providerId=IID_ShadowCopyProvider, interfaceId=IID_IVssDifferentialSoftwareSnapshotMgmt): req = GetProviderMgmtInterface() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['ProviderId'] = providerId req['InterfaceId'] = interfaceId resp = self.request(req, self._iid, uuid=self.get_iPid()) return IVssDifferentialSoftwareSnapshotMgmt( INTERFACE(classInstance, ''.join(resp['ppItf']['abData']), self.get_ipidRemUnknown(), target=self.get_target())) def QueryVolumesSupportedForSnapshots(self, providerId, iContext): req = QueryVolumesSupportedForSnapshots() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['ProviderId'] = providerId req['IContext'] = iContext resp = self.request(req, self._iid, uuid=self.get_iPid()) return IVssEnumMgmtObject( INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target=self.get_target())) def QuerySnapshotsByVolume(self, volumeName, providerId=IID_ShadowCopyProvider): req = QuerySnapshotsByVolume() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['pwszVolumeName'] = volumeName req['ProviderId'] = providerId try: resp = self.request(req, self._iid, uuid=self.get_iPid()) except Exception, e: print e from impacket.winregistry import hexdump data = e.get_packet() hexdump(data) kk = QuerySnapshotsByVolumeResponse(data) kk.dump() #resp.dump() return IVssEnumObject( INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target=self.get_target()))
def GetTypeComp(self): request = ITypeInfo_GetTypeComp() resp = self.request(request, iid=self._iid, uuid=self.get_iPid()) return ITypeComp( INTERFACE(self.get_cinstance(), ''.join(resp['ppTComp']['abData']), self.get_ipidRemUnknown(), target=self.get_target()))
def QueryDiffAreasForVolume(self, pwszVolumeName): req = QueryDiffAreasForVolume() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['pwszVolumeName'] = pwszVolumeName resp = self.request(req, self._iid, uuid = self.get_iPid()) return IVssEnumMgmtObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def QueryVolumesSupportedForSnapshots(self, providerId, iContext): req = QueryVolumesSupportedForSnapshots() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['ProviderId'] = providerId req['IContext'] = iContext resp = self.request(req, self._iid, uuid = self.get_iPid()) return IVssEnumMgmtObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(),target = self.get_target()))
def GetProviderMgmtInterface(self, providerId = IID_ShadowCopyProvider, interfaceId = IID_IVssDifferentialSoftwareSnapshotMgmt): req = GetProviderMgmtInterface() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['ProviderId'] = providerId req['InterfaceId'] = interfaceId resp = self.request(req, self._iid, uuid = self.get_iPid()) return IVssDifferentialSoftwareSnapshotMgmt(INTERFACE(classInstance, ''.join(resp['ppItf']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def GetTypeInfo(self): request = IDispatch_GetTypeInfo() request['iTInfo'] = 0 request['lcid'] = 0 resp = self.request(request, iid=self._iid, uuid=self.get_iPid()) return ITypeInfo( INTERFACE(self.get_cinstance(), ''.join(resp['ppTInfo']['abData']), self.get_ipidRemUnknown(), target=self.get_target()))
class IEnumVdsObject(IRemUnknown2): def Next(self, celt=0xffff): request = IEnumVdsObject_Next() request['ORPCthis'] = self.get_cinstance().get_ORPCthis() request['ORPCthis']['flags'] = 0 request['celt'] = celt try: resp = self.request(request, uuid = self.get_iPid()) except Exception, e: resp = e.get_packet() # If it is S_FALSE(1) means less items were returned if resp['ErrorCode'] != 1: raise interfaces = list() for interface in resp['ppObjectArray']: interfaces.append(IRemUnknown2(INTERFACE(self.get_cinstance(), ''.join(interface['abData']), self.get_ipidRemUnknown(), target = self.get_target()))) return interfaces
def QuerySnapshotsByVolume(self, volumeName, providerId = IID_ShadowCopyProvider): req = QuerySnapshotsByVolume() classInstance = self.get_cinstance() req['ORPCthis'] = classInstance.get_ORPCthis() req['ORPCthis']['flags'] = 0 req['pwszVolumeName'] = volumeName req['ProviderId'] = providerId try: resp = self.request(req, self._iid, uuid = self.get_iPid()) except DCERPCException as e: print(e) from impacket.winregistry import hexdump data = e.get_packet() hexdump(data) kk = QuerySnapshotsByVolumeResponse(data) kk.dump() #resp.dump() return IVssEnumObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def getInterface(self, interface, resp): # Now let's parse the answer and build an Interface instance objRefType = OBJREF(''.join(resp))['flags'] objRef = None if objRefType == FLAGS_OBJREF_CUSTOM: objRef = OBJREF_CUSTOM(''.join(resp)) elif objRefType == FLAGS_OBJREF_HANDLER: objRef = OBJREF_HANDLER(''.join(resp)) elif objRefType == FLAGS_OBJREF_STANDARD: objRef = OBJREF_STANDARD(''.join(resp)) elif objRefType == FLAGS_OBJREF_EXTENDED: objRef = OBJREF_EXTENDED(''.join(resp)) else: logging.error("Unknown OBJREF Type! 0x%x" % objRefType) return IRemUnknown2( INTERFACE(interface.get_cinstance(), None, interface.get_ipidRemUnknown(), objRef['std']['ipid'], oxid=objRef['std']['oxid'], oid=objRef['std']['oxid'], target=interface.get_target()))