def test_hBaseRegQueryValue(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce, phKey, 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00' ) resp.dump() resp = rrp.hBaseRegQueryValue(dce, resp['phkResult'], 'ProductName\x00')
def test_hBaseRegQueryInfoKey(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce, phKey, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\JD\x00' ) resp = rrp.hBaseRegQueryInfoKey(dce,resp['phkResult']) resp.dump()
def test_hBaseRegQueryInfoKey(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey( dce, phKey, 'SYSTEM\\CurrentControlSet\\Control\\Lsa\\JD\x00') resp = rrp.hBaseRegQueryInfoKey(dce, resp['phkResult']) resp.dump()
def test_hBaseRegQueryValue(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey( dce, phKey, 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00') resp.dump() resp = rrp.hBaseRegQueryValue(dce, resp['phkResult'], 'ProductName\x00')
def test_hBaseRegLoadKey_hBaseRegUnLoadKey(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce,phKey, 'SECURITY\x00') resp.dump() request = rrp.BaseRegSaveKey() request['hKey'] = resp['phkResult'] request['lpFile'] = 'SEC\x00' request['pSecurityAttributes'] = NULL resp = dce.request(request) resp.dump() resp = rrp.hBaseRegLoadKey(dce, phKey,'BETUS\x00', 'SEC\x00' ) resp.dump() resp = rrp.hBaseRegUnLoadKey(dce, phKey, 'BETUS\x00') resp.dump() smb = rpctransport.get_smb_connection() smb.deleteFile('ADMIN$', 'System32\\SEC')
def test_hBaseRegLoadKey_hBaseRegUnLoadKey(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce, phKey, 'SECURITY\x00') resp.dump() request = rrp.BaseRegSaveKey() request['hKey'] = resp['phkResult'] request['lpFile'] = 'SEC\x00' request['pSecurityAttributes'] = NULL resp = dce.request(request) resp.dump() resp = rrp.hBaseRegLoadKey(dce, phKey, 'BETUS\x00', 'SEC\x00') resp.dump() resp = rrp.hBaseRegUnLoadKey(dce, phKey, 'BETUS\x00') resp.dump() smb = rpctransport.get_smb_connection() smb.deleteFile('ADMIN$', 'System32\\SEC')
def test_hBaseRegQueryMultipleValues(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce, phKey, 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00') resp.dump() valueIn = list() item1 = {} item1['ValueName'] = 'ProductName\x00' item1['ValueType'] = rrp.REG_SZ valueIn.append(item1) item2 = {} item2['ValueName'] = 'InstallDate\x00' item2['ValueType'] = rrp.REG_DWORD valueIn.append(item2) item3 = {} item3['ValueName'] = 'DigitalProductId\x00' item3['ValueType'] = rrp.REG_BINARY #valueIn.append(item3) resp = rrp.hBaseRegQueryMultipleValues(dce, resp['phkResult'], valueIn)
def test_hBaseRegQueryMultipleValues(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey( dce, phKey, 'SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\x00') resp.dump() valueIn = list() item1 = {} item1['ValueName'] = 'ProductName\x00' item1['ValueType'] = rrp.REG_SZ valueIn.append(item1) item2 = {} item2['ValueName'] = 'InstallDate\x00' item2['ValueType'] = rrp.REG_DWORD valueIn.append(item2) item3 = {} item3['ValueName'] = 'DigitalProductId\x00' item3['ValueType'] = rrp.REG_BINARY #valueIn.append(item3) resp = rrp.hBaseRegQueryMultipleValues(dce, resp['phkResult'], valueIn)