def decrypt_body(self, body): try: b_start = body.index("Content-Type: application/octet-stream") + \ len("Content-Type: application/octet-stream\r\n") except ValueError: # Unencrypted data, return body return body b_end = body.index("--Encrypted Boundary", b_start) ebody = body[b_start:b_end] ebody = base64.b64encode(ebody) try: rc = kerberos.authGSSClientUnwrapIov(self._context, ebody) except kerberos.GSSError as e: msg = e.args[1][0] raise Exception(msg) if rc is not kerberos.AUTH_GSS_COMPLETE: log.debug("Unable to decrypt message body") return ewrap = kerberos.authGSSClientResponse(self._context) body = base64.b64decode(ewrap) return body
def decrypt_body(self, body): try: b_start = body.index("Content-Type: application/octet-stream") + \ len("Content-Type: application/octet-stream\r\n") except ValueError: # Unencrypted data, return body return body b_end = body.index("--Encrypted Boundary",b_start) ebody = body[b_start:b_end] ebody = base64.b64encode(ebody) try: rc = kerberos.authGSSClientUnwrapIov(self._context, ebody) except kerberos.GSSError as e: msg = e.args[1][0] raise Exception(msg) if rc is not kerberos.AUTH_GSS_COMPLETE: log.debug("Unable to decrypt message body") return ewrap = kerberos.authGSSClientResponse(self._context) body = base64.b64decode(ewrap) return body
body = bytes(body.format(original_length=orig_len + pad_len, emsg=wrapped_req)) print_body = ''.join([i if isprint(i) else '.' for i in body]) print("Enumeration payload after encryption:\n{0}".format(print_body)) resp = s.request('POST', url, headers=k_headers, data=body) if resp.status_code == httplib.FORBIDDEN: logging.error("Forbidden: Check WinRM port and version") elif resp.status_code == httplib.UNAUTHORIZED: logging.error("Unauthorized: Check username and password") elif resp.status_code == httplib.OK: logging.debug("HTTP OK! Query Sent") print("HTTP OK! Query Sent") print_body = ''.join([i if isprint(i) else '.' for i in resp.content]) print("Response from server:\n{0}".format(print_body)) b_start = resp.content.index("Content-Type: application/octet-stream") + \ len("Content-Type: application/octet-stream\r\n") b_end = resp.content.index("--Encrypted Boundary", b_start) ebody = base64.b64encode(resp.content[b_start:b_end]) rc = kerberos.authGSSClientUnwrapIov(context, ebody) if rc == kerberos.AUTH_GSS_COMPLETE: body = base64.b64decode(kerberos.authGSSClientResponse(context)) body_xml = xml.dom.minidom.parseString(body) pretty_xml_as_string = body_xml.toprettyxml(indent=" ") print("{0}".format(pretty_xml_as_string)) else: logging.debug("HTTP status: {0}, {1}".format(resp.status_code, resp.content)) s.close() kerberos.authGSSClientClean(context)
resp = s.request('POST', url, headers=k_headers,data=body) if resp.status_code == httplib.FORBIDDEN: logging.error( "Forbidden: Check WinRM port and version") elif resp.status_code == httplib.UNAUTHORIZED: logging.error( "Unauthorized: Check username and password") elif resp.status_code == httplib.OK: logging.debug("HTTP OK! Query Sent") print("HTTP OK! Query Sent") print_body = ''.join([i if isprint(i) else '.' for i in resp.content]) print("Response from server:\n{0}".format(print_body)) b_start = resp.content.index("Content-Type: application/octet-stream") + \ len("Content-Type: application/octet-stream\r\n") b_end = resp.content.index("--Encrypted Boundary",b_start) ebody = base64.b64encode(resp.content[b_start:b_end]) rc = kerberos.authGSSClientUnwrapIov(context, ebody) if rc == kerberos.AUTH_GSS_COMPLETE: body = base64.b64decode(kerberos.authGSSClientResponse(context)) body_xml = xml.dom.minidom.parseString(body) pretty_xml_as_string = body_xml.toprettyxml(indent=" ") print("{0}".format(pretty_xml_as_string)) else: logging.debug("HTTP status: {0}, {1}".format( resp.status_code,resp.content)) s.close() kerberos.authGSSClientClean(context)