def Main():
cgiEnv = lib_common.CgiEnv()
grph = cgiEnv.GetGraph()
try:
# TODO: Extends this to have machines as parameters.
# domainController = win32net.NetGetDCName (None, None)
# domainController = win32net.NetGetDCName (None, "")
# ... throws: "Could not find domain controller for this domain."
# domainController = win32net.NetGetDCName ("127.0.0.1", None)
# domainController = win32net.NetGetDCName ("192.168.1.83", None)
# domainController = win32net.NetGetDCName ("192.168.1.83", "")
# ... throws: "The service has not been started."
domainController = win32net.NetGetDCName("", "")
except pywintypes.error:
exc = sys.exc_info()[1]
lib_common.ErrorMessageHtml(str(exc))
domainName = win32net.NetUserModalsGet(domainController, 2)['domain_name']
sys.stderr.write("Domain name:" + domainName + "\n")
sys.stderr.write("Domaine Controller:" + domainController + "\n")
sys.stderr.write("Info=" +
str(win32net.NetUserModalsGet(domainController, 2)) +
"\n")
nodeDomain = lib_common.gUriGen.SmbDomainUri(domainName)
nodeController = lib_common.gUriGen.HostnameUri(domainController)
grph.add((nodeDomain, pc.property_controller, nodeController))
sys.stderr.write("About to loop on machine\n")
cnt = 0
adsi = win32com.client.Dispatch("ADsNameSpaces")
nt = adsi.GetObject("", "WinNT:")
result = nt.OpenDSObject("WinNT://%s" % domainName, "", "", 0)
result.Filter = ["computer"]
for machine in result:
# sys.stderr.write("Machine="+str(machine))
if machine.Name[0] == '$':
continue
# Prefer not to print them because of possible race condition.
# sys.stderr.write("machineName="+machine.Name+"\n")
nodeMachine = lib_common.gUriGen.HostnameUri(machine.Name)
grph.add((nodeDomain, pc.property_domain, nodeMachine))
cnt += 1
# TODO: It works fine until 1000 nodes, but after that takes ages to run. What can we do ?????
# HARDCODE_LIMIT
if cnt > 1000:
sys.stderr.write("COULD NOT RUN IT TILL THE END\n")
break
cgiEnv.OutCgiRdf()
def dump_user_modals(self):
d1 = d2 = d3 = d4 = {}
try:
d1 = win32net.NetUserModalsGet(wpc.conf.remote_server, 0)
d2 = win32net.NetUserModalsGet(wpc.conf.remote_server, 1)
d3 = win32net.NetUserModalsGet(wpc.conf.remote_server, 2)
d4 = win32net.NetUserModalsGet(wpc.conf.remote_server, 3)
except pywintypes.error as e:
print "[E] %s: %s" % (e[1], e[2])
for d in (d1, d2, d3, d4):
for k in d.keys():
print "%s: %s" % (k, d[k])
def main():
try:
domain_controller = win32net.NetGetDCName(None, None)
domain_name = win32net.NetUserModalsGet(domain_controller,
2)['domain_name']
adsi = win32com.client.Dispatch("ADsNameSpaces")
nt = adsi.GetObject("", "WinNT:")
result = nt.OpenDSObject("WinNT://%s" % domain_name, "", "", 0)
result.Filter = ["computer"]
return [machine for machine in result]
except Exception as e:
return "Machine enumeration returned error: {}".format(str(e))
def password_policy(self, policy):
res = win32net.NetUserModalsGet(None, 0)
data = policy["value_data"]
check_type = policy["password_policy"]
if check_type == "ENFORCE_PASSWORD_HISTORY":
return self.password_policy_dword(data, res["password_hist_len"], "Password history")
elif check_type == "MAXIMUM_PASSWORD_AGE":
return self.password_policy_dword(data, res["max_passwd_age"], "Maximum password age")
elif check_type == "MINIMUM_PASSWORD_AGE":
return self.password_policy_dword(data, res["min_passwd_age"], "Minimum password age")
elif check_type == "MINIMUM_PASSWORD_LENGTH":
return self.password_policy_dword(data, res["min_passwd_len"], "Minimum password length")
elif check_type == "COMPLEXITY_REQUIREMENTS":
return {"status": -1, "msg": "Password complexity requirements to be done"}
elif check_type == "REVERSIBLE_ENCRYPTION":
return {"status": -1, "msg": "Password reversible encryption to be done"}
elif check_type == "FORCE_LOGOFF":
if res["force_logoff"] and data == "Enabled":
return {"status": 0, "msg": "Passed"}
return {"status": 1, "msg": "Force logoff should be disabled"}
return {"status": 1, "msg": f"{check_type} unknown check type"}
def lockout_policy(self, policy):
res = win32net.NetUserModalsGet(None, 3)
check_type = policy["lockout_policy"]
data = policy["value_data"]
is_range = False
if '..' in data:
is_range = True
actual_val = None
if check_type == "LOCKOUT_DURATION":
actual_val = res["lockout_duration"]
elif check_type == "LOCKOUT_THRESHOLD":
actual_val = res["lockout_threshold"]
else:
actual_val = res["lockout_observation_window"]
if is_range:
vals = data.replace('[', "").replace(']', '').split("..")
min_val, max_val = vals[0], vals[1]
if min_val == "MIN":
if actual_val < int(max_val):
return {"status": 0, "msg": "Passed"}
else:
return {"status": 1, "msg": f"{check_type} should be less than {max_val}"}
elif max_val == "MAX":
if actual_val > int(min_val):
return {"status": 0, "msg": "Passed"}
else:
return {"status": 1, "msg": f"{check_type} should be more than {min_val}"}
else:
if actual_val > int(min_val) and actual_val < int(max_val):
return {"status": 0, "msg": "Passed"}
else:
return {"status": 1, "msg": f"{check_type} should be more than {min_val} and less than {max_val}"}
else:
if res["lockout_duration"] == data:
return {"status": 0, "msg": "Passed"}
else:
return {"status": 1, "msg": f"Incorrect data in {check_type}."}
def Main():
cgiEnv = lib_common.CgiEnv()
machineName = cgiEnv.GetId()
if lib_util.IsLocalAddress(machineName):
machineName = None
if not lib_util.isPlatformWindows:
lib_common.ErrorMessageHtml(
"win32 Python library only on Windows platforms")
try:
import win32com.client
import win32net
import pywintypes
except ImportError:
lib_common.ErrorMessageHtml("win32 Python library not installed")
grph = cgiEnv.GetGraph()
try:
# Parameters:
# Name of remote server on which the function is to execute. If None, local computer.
# Domain name. If None, name of the domain controller for the primary domain.
# If machineName="LONW00052257.EURO.NET.INTRA", then it must be truncated to "LONW00052257"
# Maybe this is a Netbios machine name ?? No idea, just make it work, for the moment.
if machineName == None:
machSplit = None
else:
machSplit = machineName.split('.')[0]
WARNING("machineName:%s machSplit:%s", machineName, machSplit)
domainController = win32net.NetGetDCName(machSplit, None)
except pywintypes.error:
exc = sys.exc_info()[1]
lib_common.ErrorMessageHtml("NetGetDCName:machSplit=%s %s" %
(machSplit, str(exc)))
# This returns the domain name, for example "EURO".
domainName = win32net.NetUserModalsGet(domainController, 2)['domain_name']
DEBUG("Domain name:%s", domainName)
DEBUG("Domaine Controller:%s", domainController)
DEBUG("Info=%s", str(win32net.NetUserModalsGet(domainController, 2)))
nodeDomain = lib_common.gUriGen.SmbDomainUri(domainName)
nodeController = lib_common.gUriGen.HostnameUri(domainController)
grph.add((nodeDomain, pc.property_controller, nodeController))
cnt = 0
# Sounds like these are the machines in the domain...
adsi = win32com.client.Dispatch("ADsNameSpaces")
nt = adsi.GetObject("", "WinNT:")
result = nt.OpenDSObject("WinNT://%s" % domainName, "", "", 0)
result.Filter = ["computer"]
for machine in result:
# sys.stderr.write("Machine="+str(machine))
if machine.Name[0] == '$':
continue
DEBUG("machineName=%s", machine.Name)
nodeMachine = lib_common.gUriGen.HostnameUri(machine.Name)
grph.add((nodeDomain, pc.property_domain, nodeMachine))
cnt += 1
# TODO: It works fine until 1000 nodes, but after that takes ages to run. What can we do ?????
# HARDCODE_LIMIT
if cnt > 1000:
WARNING("COULD NOT RUN IT TILL THE END")
break
cgiEnv.OutCgiRdf()
def machines_in_default_domain():
domain_controller = win32net.NetGetDCName(None, None)
domain_name = win32net.NetUserModalsGet(domain_controller,
2)['domain_name']
return machines_in_domain(domain_name)
def my_domain_name():
domain_controller = win32net.NetGetDCName(None, None)
domain_name = win32net.NetUserModalsGet(domain_controller,
2)['domain_name']
return domain_name
