def install(self):
if self.connection.isGuestSession():
LOG.critical("Authenticated as Guest. Aborting")
self.connection.logoff()
del self.connection
else:
fileCopied = False
serviceCreated = False
# Do the stuff here
try:
# Let's get the shares
shares = self.getShares()
self.share = self.findWritableShare(shares)
self.copy_file(self.__exeFile, self.share,
self.__binary_service_name)
fileCopied = True
svcManager = self.openSvcManager()
if svcManager != 0:
serverName = self.connection.getServerName()
if self.share.lower() == 'admin$':
path = '%systemroot%'
else:
if serverName != '':
path = '\\\\%s\\%s' % (serverName, self.share)
else:
path = '\\\\127.0.0.1\\' + self.share
service = self.createService(svcManager, self.share, path)
serviceCreated = True
if service != 0:
# Start service
LOG.info('Starting service %s.....' %
self.__service_name)
try:
scmr.hRStartServiceW(self.rpcsvc, service)
except:
pass
scmr.hRCloseServiceHandle(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, svcManager)
return True
except Exception, e:
LOG.critical(
"Error performing the installation, cleaning up: %s" % e)
try:
scmr.hRControlService(self.rpcsvc, service,
scmr.SERVICE_CONTROL_STOP)
except:
pass
if fileCopied is True:
try:
self.connection.deleteFile(self.share,
self.__binary_service_name)
except:
pass
if serviceCreated is True:
try:
scmr.hRDeleteService(self.rpcsvc, service)
except:
pass
return False
def install(self):
if self.connection.isGuestSession():
LOG.critical("Authenticated as Guest. Aborting")
self.connection.logoff()
del self.connection
else:
fileCopied = False
serviceCreated = False
# Do the stuff here
try:
# Let's get the shares
shares = self.getShares()
self.share = self.findWritableShare(shares)
self.copy_file(self.__exeFile ,self.share,self.__binary_service_name)
fileCopied = True
svcManager = self.openSvcManager()
if svcManager != 0:
serverName = self.connection.getServerName()
if self.share.lower() == 'admin$':
path = '%systemroot%'
else:
if serverName != '':
path = '\\\\%s\\%s' % (serverName, self.share)
else:
path = '\\\\127.0.0.1\\' + self.share
service = self.createService(svcManager, self.share, path)
serviceCreated = True
if service != 0:
# Start service
LOG.info('Starting service %s.....' % self.__service_name)
try:
scmr.hRStartServiceW(self.rpcsvc, service)
except:
pass
scmr.hRCloseServiceHandle(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, svcManager)
return True
except Exception, e:
LOG.critical("Error performing the installation, cleaning up: %s" %e)
try:
scmr.hRControlService(self.rpcsvc, service, scmr.SERVICE_CONTROL_STOP)
except:
pass
if fileCopied is True:
try:
self.connection.deleteFile(self.share, self.__binary_service_name)
except:
pass
if serviceCreated is True:
try:
scmr.hRDeleteService(self.rpcsvc, service)
except:
pass
return False
def test_RQueryServiceLockStatusW(self):
dce, rpctransport, scHandle = self.connect()
pcbBytesNeeded = 1000
resp = scmr.hRQueryServiceLockStatusW(dce, scHandle, pcbBytesNeeded)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def test_RQueryServiceLockStatusW(self):
dce, rpctransport, scHandle = self.connect()
pcbBytesNeeded = 1000
resp = scmr.hRQueryServiceLockStatusW(dce, scHandle, pcbBytesNeeded)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def test_lock_unlock(self):
dce, rpctransport, scHandle = self.connect()
resp = scmr.hRLockServiceDatabase(dce, scHandle)
lockHandle = resp['lpLock']
resp = scmr.hRUnlockServiceDatabase(dce, lockHandle)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def uninstall(self):
fileCopied = True
serviceCreated = True
# Do the stuff here
try:
# Let's get the shares
svcManager = self.openSvcManager()
if svcManager != 0:
resp = scmr.hROpenServiceW(self.rpcsvc, svcManager,
self.__service_name + '\x00')
service = resp['lpServiceHandle']
LOG.info('Stoping service %s.....' % self.__service_name)
try:
scmr.hRControlService(self.rpcsvc, service,
scmr.SERVICE_CONTROL_STOP)
except:
pass
LOG.info('Removing service %s.....' % self.__service_name)
scmr.hRDeleteService(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, svcManager)
LOG.info('Removing file %s.....' % self.__binary_service_name)
self.connection.deleteFile(self.share, self.__binary_service_name)
except Exception:
LOG.critical("Error performing the uninstallation, cleaning up")
try:
scmr.hRControlService(self.rpcsvc, service,
scmr.SERVICE_CONTROL_STOP)
except:
pass
if fileCopied is True:
try:
self.connection.deleteFile(self.share,
self.__binary_service_name)
except:
try:
self.connection.deleteFile(self.share,
self.__binary_service_name)
except:
pass
pass
if serviceCreated is True:
try:
scmr.hRDeleteService(self.rpcsvc, service)
except:
pass
def test_lock_unlock(self):
dce, rpctransport, scHandle = self.connect()
resp = scmr.hRLockServiceDatabase(dce, scHandle)
lockHandle = resp['lpLock']
resp = scmr.hRUnlockServiceDatabase(dce, lockHandle)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def test_RGetServiceKeyNameW(self):
dce, rpctransport, scHandle = self.connect()
lpDisplayName = 'Plug and Play\x00'
lpcchBuffer = len(lpDisplayName)+100
resp = scmr.hRGetServiceKeyNameW(dce, scHandle, lpDisplayName, lpcchBuffer)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def test_RGetServiceKeyNameW(self):
dce, rpctransport, scHandle = self.connect()
lpDisplayName = 'Plug and Play\x00'
lpcchBuffer = len(lpDisplayName) + 100
resp = scmr.hRGetServiceKeyNameW(dce, scHandle, lpDisplayName,
lpcchBuffer)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def test_enumservices(self):
dce, rpctransport, scHandle = self.connect()
#####################
# EnumServicesStatusW
dwServiceType = scmr.SERVICE_KERNEL_DRIVER | scmr.SERVICE_FILE_SYSTEM_DRIVER | scmr.SERVICE_WIN32_OWN_PROCESS | scmr.SERVICE_WIN32_SHARE_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
cbBufSize = 0
resp = scmr.hREnumServicesStatusW(dce, scHandle, dwServiceType, dwServiceState)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
def uninstall(self):
fileCopied = True
serviceCreated = True
# Do the stuff here
try:
# Let's get the shares
svcManager = self.openSvcManager()
if svcManager != 0:
resp = scmr.hROpenServiceW(self.rpcsvc, svcManager, self.__service_name+'\x00')
service = resp['lpServiceHandle']
LOG.info('Stoping service %s.....' % self.__service_name)
try:
scmr.hRControlService(self.rpcsvc, service, scmr.SERVICE_CONTROL_STOP)
except:
pass
LOG.info('Removing service %s.....' % self.__service_name)
scmr.hRDeleteService(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, service)
scmr.hRCloseServiceHandle(self.rpcsvc, svcManager)
LOG.info('Removing file %s.....' % self.__binary_service_name)
self.connection.deleteFile(self.share, self.__binary_service_name)
except Exception:
LOG.critical("Error performing the uninstallation, cleaning up" )
try:
scmr.hRControlService(self.rpcsvc, service, scmr.SERVICE_CONTROL_STOP)
except:
pass
if fileCopied is True:
try:
self.connection.deleteFile(self.share, self.__binary_service_name)
except:
try:
self.connection.deleteFile(self.share, self.__binary_service_name)
except:
pass
pass
if serviceCreated is True:
try:
scmr.hRDeleteService(self.rpcsvc, service)
except:
pass
def test_enumservices(self):
dce, rpctransport, scHandle = self.connect()
#####################
# EnumServicesStatusW
dwServiceType = scmr.SERVICE_KERNEL_DRIVER | scmr.SERVICE_FILE_SYSTEM_DRIVER | scmr.SERVICE_WIN32_OWN_PROCESS | scmr.SERVICE_WIN32_SHARE_PROCESS
dwServiceState = scmr.SERVICE_STATE_ALL
cbBufSize = 0
resp = scmr.hREnumServicesStatusW(dce, scHandle, dwServiceType,
dwServiceState)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
request['Info']['dwInfoLevel'] = 11
request['Info']['Union']['tag'] = 11
request['Info']['Union']['psma']['fIsManagedAccount'] = 1
# This one doesn't work
#resp = dce.request(request)
#self.changeServiceAndQuery2(dce, request, request['Info']['Union']['psma']['fIsManagedAccount'])
except Exception, e:
import traceback
traceback.print_exc()
print e
error = True
pass
resp = scmr.hRDeleteService(dce, newHandle)
resp = scmr.hRCloseServiceHandle(dce, newHandle)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
if error:
self.assertTrue(1 == 0)
def test_REnumServicesStatusExW(self):
dce, rpctransport, scHandle = self.connect()
request = scmr.REnumServicesStatusExW()
request['hSCManager'] = scHandle
request['InfoLevel'] = scmr.SC_STATUS_PROCESS_INFO
request['dwServiceType'] = scmr.SERVICE_WIN32_OWN_PROCESS
request['dwServiceState'] = scmr.SERVICE_STATE_ALL
request['lpResumeIndex'] = NULL
request['pszGroupName'] = NULL
request['cbBufSize'] = 0
def createService(self, handle, share, path):
LOG.info("Creating service %s on %s....." % (self.__service_name, self.connection.getRemoteHost()))
# First we try to open the service in case it exists. If it does, we remove it.
try:
resp = scmr.hROpenServiceW(self.rpcsvc, handle, self.__service_name+'\x00')
except Exception, e:
if str(e).find('ERROR_SERVICE_DOES_NOT_EXIST') >= 0:
# We're good, pass the exception
pass
else:
raise e
else:
# It exists, remove it
scmr.hRDeleteService(self.rpcsvc, resp['lpServiceHandle'])
scmr.hRCloseServiceHandle(self.rpcsvc, resp['lpServiceHandle'])
# Create the service
command = '%s\\%s' % (path, self.__binary_service_name)
try:
resp = scmr.hRCreateServiceW(self.rpcsvc, handle,self.__service_name + '\x00', self.__service_name + '\x00', lpBinaryPathName=command + '\x00')
except:
LOG.critical("Error creating service %s on %s" % (self.__service_name, self.connection.getRemoteHost()))
raise
else:
return resp['lpServiceHandle']
def openSvcManager(self):
LOG.info("Opening SVCManager on %s....." % self.connection.getRemoteHost())
# Setup up a DCE SMBTransport with the connection already in place
self._rpctransport = transport.SMBTransport(self.connection.getRemoteHost(), self.connection.getRemoteHost(),filename = r'\svcctl', smb_connection = self.connection)
(self.__service_name, self.connection.getRemoteHost()))
# First we try to open the service in case it exists. If it does, we remove it.
try:
resp = scmr.hROpenServiceW(self.rpcsvc, handle,
self.__service_name + '\x00')
except Exception, e:
if str(e).find('ERROR_SERVICE_DOES_NOT_EXIST') >= 0:
# We're good, pass the exception
pass
else:
raise e
else:
# It exists, remove it
scmr.hRDeleteService(self.rpcsvc, resp['lpServiceHandle'])
scmr.hRCloseServiceHandle(self.rpcsvc, resp['lpServiceHandle'])
# Create the service
command = '%s\\%s' % (path, self.__binary_service_name)
try:
resp = scmr.hRCreateServiceW(self.rpcsvc,
handle,
self.__service_name + '\x00',
self.__service_name + '\x00',
lpBinaryPathName=command + '\x00')
except:
LOG.critical(
"Error creating service %s on %s" %
(self.__service_name, self.connection.getRemoteHost()))
raise
else:
request['Info']['dwInfoLevel'] = 11
request['Info']['Union']['tag'] = 11
request['Info']['Union']['psma']['fIsManagedAccount'] = 1
# This one doesn't work
#resp = dce.request(request)
#self.changeServiceAndQuery2(dce, request, request['Info']['Union']['psma']['fIsManagedAccount'])
except Exception, e:
import traceback
traceback.print_exc()
print e
error = True
pass
resp = scmr.hRDeleteService(dce, newHandle)
resp = scmr.hRCloseServiceHandle(dce, newHandle)
resp = scmr.hRCloseServiceHandle(dce, scHandle)
if error:
self.assertTrue( 1 == 0 )
def test_REnumServicesStatusExW(self):
dce, rpctransport, scHandle = self.connect()
request = scmr.REnumServicesStatusExW()
request['hSCManager'] = scHandle
request['InfoLevel'] = scmr.SC_STATUS_PROCESS_INFO
request['dwServiceType'] = scmr.SERVICE_WIN32_OWN_PROCESS
request['dwServiceState'] = scmr.SERVICE_STATE_ALL
request['lpResumeIndex'] = NULL
request['pszGroupName'] = NULL
request['cbBufSize'] = 0