コード例 #1
0
ファイル: getprintproviders.py プロジェクト: tsondt/Canvas 
    def __init__(self):
        msrpcexploit.__init__(self)
        
        self.name=NAME
        self.host=""
        self.user=""
        self.password=""
        self.knowledgestring="PrintProviders"
        self.UUID="12345678-1234-abcd-ef00-0123456789ab"
        self.uuidversion="1.0"
        self.namedpipe="\\spoolss"
        self.response=1
        self.parseResponse=self.parse_packet
        self.autoversion=True #always true, essentially :>
        self.buildConnectionList=self.buildTCPConnectionList
        self.port=445
        self.needsNoShellcode=True
        self.targetfunction=0
        self.getcontexthandle=self.get_pp_size

        #here's where we set the size to be something larger than zero
        #when we're doing it for real
        self.datasize=0
        self.sleeptime=0
        self.nouniresult=[]
        return
コード例 #2
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.version = 0
     self.badstring = '\0'
     self.subesp = 2000
     self.myDCE = None
コード例 #3
0
ファイル: nwspool_a.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version = 0
     self.badstring = "\x00"
     self.UUID = u"12345678-1234-abcd-ef00-0123456789ab"
     self.uuidversion = u"1.0"
     self.targetfunction = 0  # EnumPrintersW
     self.name = NAME
コード例 #4
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version        = 0
     self.badstring      = "\x00\\/.:$"
     self.UUID           = u"20610036-fa22-11cf-9823-00a0c911e5df"
     self.uuidversion    = u"1.0"
     self.targetfunction = 0xc
     self.name           = NAME
コード例 #5
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version=0
     self.badstring='\x00\xff'
     self.UUID='12345678-1234-abcd-ef00-0123456789ab'
     self.uuidversion='1.0'
     self.targetfunction=0 # EnumPrintersW
     self.name=NAME
     return
コード例 #6
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.setInfo(DESCRIPTION)
     self.version = 0
     self.badstring = '\0'
     self.UUID = u'dc246bf0-7a7a-11ce-9f88-00805fe43838'
     self.uuidversion = u'1.0'
     self.targetfunction = 1
コード例 #7
0
ファイル: ms07_029.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.UUID = u'50abc2a4-574d-40b3-9d66-ee4fd5fba076'
     self.uuidversion = u'5.0'
     self.targetfunction = 1
     self.autoversion = 0
     self.subesp = 2000
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #8
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version = 0
     self.badstring = '\0'
     self.UUID = u'12345678-1234-abcd-ef00-0123456789ab'
     self.uuidversion = u'1.0'
     self.targetfunction = 0xa  # EnumPrinterDriversW
     self.name = NAME
     self.subesp = 1000
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #9
0
ファイル: tm_sprotectagent.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version = 0
     self.badstring = '\0'
     self.UUID = u'25288888-bd5b-11d1-9d53-0080c83a5c2c'
     self.uuidversion = u'1.0'
     self.targetfunction = 0
     self.name = NAME
     self.port = 3628
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #10
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.port = 139
     self.host = ''
     self.version = 0
     self.badstring = ''  #no bad chars
     self.UUID = u'8d9f4e40-a03d-11ce-8f69-08003e30051b'
     self.namedpipe = u'browser'
     self.autoversion = 1
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #11
0
ファイル: nwspool_c.py プロジェクト: tsondt/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version = 0
     self.badstring = '\0\xff'
     self.UUID = '12345678-1234-abcd-ef00-0123456789ab'
     self.uuidversion = '1.0'
     self.targetfunction = 0x0  # EnumPrintersW
     self.name = NAME
     self.subesp = 0
     self.listenerArgsDict['fromcreatethread'] = 0  #force it to 0
     return
コード例 #12
0
ファイル: ms06_066.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name           = NAME
     self.version        = 0
     self.badstring      = '\0\xff'
     self.UUID           = u'e67ab081-9844-3521-9d32-834f038001c0'
     self.uuidversion    = u'1.0'
     self.targetfunction = 9 #NwrOpenEnumNdsSubTrees_Any
     self.autoversion    = 1
     self.subesp         = 3000
     self.listenerArgsDict['fromcreatethread']=1
コード例 #13
0
ファイル: ms08_059.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.UUID = u'ed6ee250-e0d1-11cf-925a-00aa00c006c1'
     self.uuidversion = u'1.1'
     self.targetfunction = 1
     self.autoversion = 1
     self.subesp = 2000
     self.port = 0
     self.command = 'net user xxx xxx /add'
     self.needsNoShellcode = 1
コード例 #14
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name                                 = NAME
     self.port                                 = 135
     self.host                                 = ''
     self.version                              = 0
     self.badstring                            = '\x00\xff'
     self.UUID                                 = u'4d9f4ab8-7d1c-11cf-861e-0020af6e7c57'
     self.uuidversion                          = u'0.0'
     self.targetfunction                       = 0
     self.listenerArgsDict['fromcreatethread'] = 1
     self.autoversion                          = 1
コード例 #15
0
ファイル: ms04_031.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.port = 139
     self.host = ''
     self.version = 0
     self.badstring = '\x00\xff'
     self.UUID = u'2f5f3220-c126-1076-b549-074d078619da'
     self.uuidversion = u'1.2'
     self.targetfunction = 0xc
     self.autoversion = 1
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #16
0
ファイル: ms03_049.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.port = 139
     self.host = ''
     self.version = 0
     self.badstring = '\x00'
     self.UUID = u'6bffd098-a112-3610-9833-46c3f87e345a'
     self.uuidversion = u'1.0'
     self.targetfunction = -1
     self.listenerArgsDict['fromcreatethread'] = 1
     self.autoversion = 1
     self.subesp = 2000
コード例 #17
0
ファイル: ms03_001.py プロジェクト: y360u/canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.port = 139
     self.host = ''
     self.version = 0
     self.badstring = '\x00\xff'
     self.UUID = u'd3fbb514-0e3b-11cb-8fad-08002b1d29c3'
     self.uuidversion = u'1.0'
     self.targetfunction = 0
     self.namedpipe = 'locator'
     self.autoversion = 1
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #18
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version = 0
     self.badstring = '\x00\xff'
     self.UUID = u'6bffd098-a112-3610-9833-46c3f87e345a'
     self.uuidversion = u'1.0'
     self.targetfunction = 22  #NetrJoinDomain2
     self.name = NAME
     self.domain = 'FOOBAR'
     self.controller = 'DC-1'
     self.usefakedc = 0
     self.timeout = 10.0  #ten second timeout for the fake NBNS server
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #19
0
ファイル: ms08_059.py プロジェクト: tsondt/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.UUID = 'ed6ee250-e0d1-11cf-925a-00aa00c006c1'
     self.uuidversion = '1.1'
     self.targetfunction = 1
     self.autoversion = 1
     #self.listenerArgsDict['fromcreatethread']=1
     self.subesp = 2000
     self.port = 0
     self.command = 'net user xxx xxx /add'
     self.needsNoShellcode = 1
     return
コード例 #20
0
ファイル: ms04_011_lsass.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.port = 139
     self.host = ''
     self.version = 0
     self.badstring = '\x00\xff\\/.:$'
     self.UUID = u'3919286a-b10c-11d0-9ba8-00c04fd92ef5'
     self.uuidversion = u'0.0'
     self.targetfunction = 0x9
     self.autoversion = 1
     self.subesp = 3000
     self.listenerArgsDict['fromcreatethread'] = 1
コード例 #21
0
ファイル: Exchange_DoS.py プロジェクト: y360u/canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name                = NAME        
     self.version             = 0
     self.badstring           = "\x00\\/.:$"
     self.UUID                = u"a4f1db00-ca47-1067-b31e-00dd010662da"
     self.uuidversion         = u"1.0"
     self.targetfunction      = 5
     self.autoversion         = 1
     self.version             = 1
     self.sleeptime           = 1
     self.buildConnectionList = self.buildTCPConnectionList
     self.run                 = self.run_exhaust_memory
     self.needsNoShellcode    = 1
コード例 #22
0
ファイル: ms06_040.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.version = 0
     self.badstring = '\0\xff'
     self.searchbadstring = '\0'
     self.UUID = u'4b324fc8-1670-01d3-1278-5a47bf6ee188'
     self.uuidversion = u'3.0'
     self.targetfunction = 0x1f
     self.autoversion = 1
     self.subesp = 3000
     self.sleeptime = 4
     self.namedpipe = '\\browser'
     self.buildConnectionList = self.buildTCPConnectionList
コード例 #23
0
ファイル: ms09_041.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name                = NAME
     self.version             = 0
     self.badstring           = '\0\xff'
     self.searchbadstring     = '\0'
     self.UUID                = u'6bffd098-a112-3610-9833-46c3f87e345a' 
     self.uuidversion         = u'1.0'
     self.targetfunction      = 0x14
     self.autoversion         = 1
     self.sleeptime           = 4
     self.port                = 445
     self.namedpipe           = '\\wkssvc'
     self.buildConnectionList = self.buildTCPConnectionList
     self.needsNoShellcode    = 1
コード例 #24
0
ファイル: ms05_040.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.version          = 0
     self.badstring        = "\x00\\/.:$"
     self.UUID             = u"2f5f6520-ca46-1067-b319-00dd010662da"
     self.uuidversion      = u"1.0"
     self.targetfunction   = 0x1
     self.name             = NAME
     self.startservice     = self.StartTapiSrvService
     self.getcontexthandle = self.getContextHandle
     self.port             = 445
     self.forceauth        = 1
     self.object           = self.UUID
     self.context          = ""
     self.runlocalhost     = self.mylocalhost
     self.autoversion      = 1 #we can now
コード例 #25
0
ファイル: umpnp_dos.py プロジェクト: zu1kbackup/Canvas 
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name = NAME
     self.covertness = 0
     self.port = 0
     self.host = "192.168.0.6"
     self.localhost = "192.168.0.2"
     self.localport = 5555
     self.version = 0
     self.badstring = "\x00\\"  #/.:$"# \\/.:$"
     self.UUID = u"8d9f4e40-a03d-11ce-8f69-08003e30051b"
     self.uuidversion = u"1.0"
     self.targetfunction = 10
     self.autoversion = 1
     self.response = 1
     self.memorysize = 0x00f0ff10
     self.sleeptime = 10
コード例 #26
0
 def __init__(self):
     msrpcexploit.__init__(self)
     self.name=NAME
     self.version=0
     self.badstring='\0\xff'
     self.searchbadstring='\0'
     self.UUID='4b324fc8-1670-01d3-1278-5a47bf6ee188'
     self.uuidversion='3.0'
     self.targetfunction=0x1f
     self.autoversion=1
     self.subesp=1000
     self.sleeptime=4
     self.port=445
     self.namedpipe='\\browser'
     self.buildConnectionList=self.buildTCPConnectionList
     self.setSubVersions() #automatically sets some variables for some common versions/languages
     return
コード例 #27
0
 def __init__(self):
     msrpcexploit.__init__(self)
     
     self.setPort(135)
     self.setHost("")
     self.name=NAME
     self.version=0
     #MGMT UUID
     self.UUID="afa8bd80-7d8a-11c9-bef4-08002b102989"
     self.uuidversion="1.0"
     self.targetfunction=0
     self.response=1
     self.needsNoShellcode=1 #we don't need shellcode here
     self.autoversion=1
     self.namedpipe="\\browser"
     self.loadDocumentationFile()
     self.sleeptime=0
     return