def test_hNetrServerReqChallenge_NetrServerAuthenticate2(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
request = nrpc.NetrServerAuthenticate2()
request['PrimaryName'] = NULL
request['AccountName'] = self.username + '\x00'
request[
'SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
request['NegotiateFlags'] = 0x600FFFFF
resp = dce.request(request)
resp.dump()
def test_hNetrServerReqChallenge_hNetrServerAuthenticate(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp.dump()
try:
resp = nrpc.hNetrServerAuthenticate(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding)
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username,self.password, self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
#dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.connect()
dce.bind(nrpc.MSRPC_UUID_NRPC)
resp = nrpc.hNetrServerReqChallenge(dce, NULL, self.serverName + '\x00', '12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
self.sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', self.sessionKey)
try:
resp = nrpc.hNetrServerAuthenticate3(dce, NULL, self.username + '\x00', nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,self.serverName + '\x00',ppp, 0x600FFFFF )
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_hNetrServerReqChallenge_NetrServerAuthenticate2(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL, self.serverName + '\x00','12345678' )
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
request = nrpc.NetrServerAuthenticate2()
request['PrimaryName'] = NULL
request['AccountName'] = self.username + '\x00'
request['SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
request['NegotiateFlags'] = 0x600FFFFF
resp = dce.request(request)
resp.dump()
def test_hNetrServerReqChallenge_hNetrServerAuthenticate3(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL, self.serverName + '\x00','12345678' )
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp = nrpc.hNetrServerAuthenticate3(dce, NULL,self.username + '\x00', nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
,self.serverName + '\x00', ppp,0x600FFFFF )
resp.dump()
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding)
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username, self.password,
self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
#dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.connect()
dce.bind(nrpc.MSRPC_UUID_NRPC)
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
self.sessionKey = nrpc.ComputeSessionKeyStrongKey(
self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', self.sessionKey)
try:
resp = nrpc.hNetrServerAuthenticate3(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp, 0x600FFFFF)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_hNetrServerReqChallenge_hNetrServerAuthenticate(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL, self.serverName + '\x00','12345678' )
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp.dump()
try:
resp = nrpc.hNetrServerAuthenticate(dce, NULL,self.username + '\x00', nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel ,self.serverName + '\x00', ppp)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_hNetrServerReqChallenge_hNetrServerAuthenticate3(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp = nrpc.hNetrServerAuthenticate3(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp, 0x600FFFFF)
resp.dump()
