def getShares(self):
# Setup up a DCE SMBTransport with the connection already in place
self._rpctransport = transport.SMBTransport('','',filename = r'\srvsvc', smb_server = self.client)
self._dce = dcerpc.DCERPC_v5(self._rpctransport)
self._dce.connect()
self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(self._dce)
resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip())
return resp
def do_shares(self, line):
rpctransport = transport.SMBTransport(self.smb.get_remote_name(),
self.smb.get_remote_host(),
filename=r'\srvsvc',
smb_server=self.smb)
dce = dcerpc.DCERPC_v5(rpctransport)
dce.connect()
dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(dce)
resp = srv_svc.get_share_enum_1(rpctransport.get_dip())
for i in range(len(resp)):
print resp[i]['NetName'].decode('utf-16')
def listShares(self):
# Get the shares through RPC
from impacket.dcerpc import transport, dcerpc, srvsvc
rpctransport = transport.SMBTransport(self.getRemoteHost(),
self.getRemoteHost(),
filename=r'\srvsvc',
smb_connection=self)
dce = dcerpc.DCERPC_v5(rpctransport)
dce.connect()
dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(dce)
resp = srv_svc.get_share_enum_1(rpctransport.get_dip())
return resp
def getShares(self):
# Setup up a DCE SMBTransport with the connection already in place
print "[*] Requesting shares on %s....." % (self.client.get_remote_host())
try:
self._rpctransport = transport.SMBTransport('','',filename = r'\srvsvc', smb_server = self.client)
self._dce = dcerpc.DCERPC_v5(self._rpctransport)
self._dce.connect()
self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(self._dce)
resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip())
return resp
except:
print "[!] Error requesting shares on %s, aborting....." % (self.client.get_remote_host())
raise
def do_info(self, line):
rpctransport = transport.SMBTransport(self.smb.get_remote_name(),
self.smb.get_remote_host(),
filename=r'\srvsvc',
smb_server=self.smb)
dce = dcerpc.DCERPC_v5(rpctransport)
dce.connect()
dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(dce)
resp = srv_svc.get_server_info_102(rpctransport.get_dip())
print "Version Major: %d" % resp['VersionMajor']
print "Version Minor: %d" % resp['VersionMinor']
print "Server Name: %s" % resp['Name']
print "Server Comment: %s" % resp['Comment']
print "Server UserPath: %s" % resp['UserPath']
print "Simultaneous Users: %d" % resp['Users']
def getShares(self):
"""Return a list of shares on the remote windows server."""
# Setup up a DCE SMBTransport with the connection already in place
print("[*] Requesting shares on %s....." %
(self.connection.getRemoteHost()))
try:
self._rpctransport = transport.SMBTransport(
'', '', filename=r'\srvsvc', smb_connection=self.connection)
self._dce = dcerpc.DCERPC_v5(self._rpctransport)
self._dce.connect()
self._dce.bind(srvsvc.MSRPC_UUID_SRVSVC)
srv_svc = srvsvc.DCERPCSrvSvc(self._dce)
resp = srv_svc.get_share_enum_1(self._rpctransport.get_dip())
return resp
except Exception:
print("[!] Error requesting shares on %s, aborting....." %
(self.connection.getRemoteHost()))
raise
