def test_LsarLookupNames4(self): # not working, I need netlogon here dce, rpctransport, policyHandle = self.connect() request = lsat.LsarLookupNames4() request['Count'] = 2 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' name2 = RPC_UNICODE_STRING() name2['Data'] = 'Guest' request['Names'].append(name1) request['Names'].append(name2) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta request['LookupOptions'] = 0x00000000 request['ClientRevision'] = 0x00000001 try: resp = dce.request(request) resp.dump() except Exception, e: # The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider # (as specified in [MS-RPCE] section 2.2.1.1.7) and at least # RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level (as specified in # [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. # Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED. if str(e).find('rpc_s_access_denied') < 0: raise
def test_LsarLookupSids(self): dce, rpctransport, policyHandle = self.connect() request = lsat.LsarLookupNames() request['PolicyHandle'] = policyHandle request['Count'] = 1 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' request['Names'].append(name1) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta resp = dce.request(request) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0][ 'Sid'].formatCanonical() request = lsat.LsarLookupSids() request['PolicyHandle'] = policyHandle for i in range(1000): sid = lsat.LSAPR_SID_INFORMATION() sid['Sid'].fromCanonical(domainSid + '-%d' % (500 + i)) request['SidEnumBuffer']['SidInfo'].append(sid) request['SidEnumBuffer']['Entries'] += 1 request['TranslatedNames']['Names'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta try: resp = dce.request(request) resp.dump() except Exception, e: if str(e).find('STATUS_SOME_NOT_MAPPED') < 0: raise else: resp = e.get_packet() resp.dump()
def test_LsarLookupNames(self): dce, rpctransport, policyHandle = self.connect() request = lsat.LsarLookupNames() request['PolicyHandle'] = policyHandle request['Count'] = 2 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' name2 = RPC_UNICODE_STRING() name2['Data'] = 'Guest' request['Names'].append(name1) request['Names'].append(name2) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta resp = dce.request(request) resp.dump()
def test_LsarLookupSids2(self): dce, rpctransport, policyHandle = self.connect() request = lsat.LsarLookupNames() request['PolicyHandle'] = policyHandle request['Count'] = 1 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' request['Names'].append(name1) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta resp = dce.request(request) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0][ 'Sid'].formatCanonical() request = lsat.LsarLookupSids2() request['PolicyHandle'] = policyHandle sid1 = lsat.LSAPR_SID_INFORMATION() sid1['Sid'].fromCanonical(domainSid + '-500') sid2 = lsat.LSAPR_SID_INFORMATION() sid2['Sid'].fromCanonical(domainSid + '-501') request['SidEnumBuffer']['Entries'] = 2 request['SidEnumBuffer']['SidInfo'].append(sid1) request['SidEnumBuffer']['SidInfo'].append(sid2) request['TranslatedNames']['Names'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta request['LookupOptions'] = 0x00000000 request['ClientRevision'] = 0x00000001 resp = dce.request(request) resp.dump()
def test_LsarAddAccountRights_LsarRemoveAccountRights(self): dce, rpctransport, policyHandle = self.connect() sid = 'S-1-5-32-504' request = lsad.LsarAddAccountRights() request['PolicyHandle'] = policyHandle request['AccountSid'].fromCanonical(sid) request['UserRights']['EntriesRead'] = 1 right = RPC_UNICODE_STRING() right['Data'] = 'SeChangeNotifyPrivilege' request['UserRights']['UserRights'].append(right) resp = dce.request(request) resp.dump() request = lsad.LsarRemoveAccountRights() request['PolicyHandle'] = policyHandle request['AccountSid'].fromCanonical(sid) request['UserRights']['EntriesRead'] = 1 right = RPC_UNICODE_STRING() right['Data'] = 'SeChangeNotifyPrivilege' request['UserRights']['UserRights'].append(right) resp = dce.request(request) resp.dump()
def test_LsarLookupNames4(self): dce, rpctransport = self.connect() request = lsat.LsarLookupNames4() request['Count'] = 2 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' name2 = RPC_UNICODE_STRING() name2['Data'] = 'Guest' request['Names'].append(name1) request['Names'].append(name2) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta request['LookupOptions'] = 0x00000000 request['ClientRevision'] = 0x00000001 # The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider # (as specified in [MS-RPCE] section 2.2.1.1.7) and at least # RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level (as specified in # [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. # Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED. with assertRaisesRegex(self, DCERPCException, 'rpc_s_access_denied'): dce.request(request)
def hLsarLookupNames(dce, policyHandle, names, lookupLevel=LSAP_LOOKUP_LEVEL.LsapLookupWksta): request = LsarLookupNames() request['PolicyHandle'] = policyHandle request['Count'] = len(names) for name in names: itemn = RPC_UNICODE_STRING() itemn['Data'] = name request['Names'].append(itemn) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lookupLevel return dce.request(request)
def hLsarLookupNames4(dce, names, lookupLevel=LSAP_LOOKUP_LEVEL.LsapLookupWksta, lookupOptions=0x00000000, clientRevision=0x00000001): request = LsarLookupNames4() request['Count'] = len(names) for name in names: itemn = RPC_UNICODE_STRING() itemn['Data'] = name request['Names'].append(itemn) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lookupLevel request['LookupOptions'] = lookupOptions request['ClientRevision'] = clientRevision return dce.request(request)
def test_LsarLookupSids3(self): # not working, I need netlogon here dce, rpctransport, policyHandle = self.connect() request = lsat.LsarLookupNames() request['PolicyHandle'] = policyHandle request['Count'] = 1 name1 = RPC_UNICODE_STRING() name1['Data'] = 'Administrator' request['Names'].append(name1) request['TranslatedSids']['Sids'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta resp = dce.request(request) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0][ 'Sid'].formatCanonical() request = lsat.LsarLookupSids3() sid1 = lsat.LSAPR_SID_INFORMATION() sid1['Sid'].fromCanonical(domainSid + '-500') sid2 = lsat.LSAPR_SID_INFORMATION() sid2['Sid'].fromCanonical(domainSid + '-501') request['SidEnumBuffer']['Entries'] = 2 request['SidEnumBuffer']['SidInfo'].append(sid1) request['SidEnumBuffer']['SidInfo'].append(sid2) request['TranslatedNames']['Names'] = NULL request['LookupLevel'] = lsat.LSAP_LOOKUP_LEVEL.LsapLookupWksta request['LookupOptions'] = 0x00000000 request['ClientRevision'] = 0x00000001 try: resp = dce.request(request) resp.dump() except Exception, e: # The RPC server MUST ensure that the RPC_C_AUTHN_NETLOGON security provider # (as specified in [MS-RPCE] section 2.2.1.1.7) and at least # RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication level (as specified in # [MS-RPCE] section 2.2.1.1.8) are used in this RPC message. # Otherwise, the RPC server MUST return STATUS_ACCESS_DENIED. if str(e).find('rpc_s_access_denied') < 0: raise