def QueryProviders(self, masks):
request = IVdsService_QueryProviders()
request['ORPCthis'] = self.get_cinstance().get_ORPCthis()
request['ORPCthis']['flags'] = 0
request['masks'] = masks
resp = self.request(request, uuid = self.get_iPid())
return IEnumVdsObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
class IVssSnapshotMgmt(IRemUnknown2):
def __init__(self, interface):
IRemUnknown2.__init__(self, interface)
self._iid = IID_IVssSnapshotMgmt
def GetProviderMgmtInterface(
self,
providerId=IID_ShadowCopyProvider,
interfaceId=IID_IVssDifferentialSoftwareSnapshotMgmt):
req = GetProviderMgmtInterface()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['ProviderId'] = providerId
req['InterfaceId'] = interfaceId
resp = self.request(req, self._iid, uuid=self.get_iPid())
return IVssDifferentialSoftwareSnapshotMgmt(
INTERFACE(classInstance,
''.join(resp['ppItf']['abData']),
self.get_ipidRemUnknown(),
target=self.get_target()))
def QueryVolumesSupportedForSnapshots(self, providerId, iContext):
req = QueryVolumesSupportedForSnapshots()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['ProviderId'] = providerId
req['IContext'] = iContext
resp = self.request(req, self._iid, uuid=self.get_iPid())
return IVssEnumMgmtObject(
INTERFACE(self.get_cinstance(),
''.join(resp['ppEnum']['abData']),
self.get_ipidRemUnknown(),
target=self.get_target()))
def QuerySnapshotsByVolume(self,
volumeName,
providerId=IID_ShadowCopyProvider):
req = QuerySnapshotsByVolume()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['pwszVolumeName'] = volumeName
req['ProviderId'] = providerId
try:
resp = self.request(req, self._iid, uuid=self.get_iPid())
except Exception, e:
print e
from impacket.winregistry import hexdump
data = e.get_packet()
hexdump(data)
kk = QuerySnapshotsByVolumeResponse(data)
kk.dump()
#resp.dump()
return IVssEnumObject(
INTERFACE(self.get_cinstance(),
''.join(resp['ppEnum']['abData']),
self.get_ipidRemUnknown(),
target=self.get_target()))
def GetTypeComp(self):
request = ITypeInfo_GetTypeComp()
resp = self.request(request, iid=self._iid, uuid=self.get_iPid())
return ITypeComp(
INTERFACE(self.get_cinstance(),
''.join(resp['ppTComp']['abData']),
self.get_ipidRemUnknown(),
target=self.get_target()))
def QueryDiffAreasForVolume(self, pwszVolumeName):
req = QueryDiffAreasForVolume()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['pwszVolumeName'] = pwszVolumeName
resp = self.request(req, self._iid, uuid = self.get_iPid())
return IVssEnumMgmtObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def QueryVolumesSupportedForSnapshots(self, providerId, iContext):
req = QueryVolumesSupportedForSnapshots()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['ProviderId'] = providerId
req['IContext'] = iContext
resp = self.request(req, self._iid, uuid = self.get_iPid())
return IVssEnumMgmtObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(),target = self.get_target()))
def GetProviderMgmtInterface(self, providerId = IID_ShadowCopyProvider, interfaceId = IID_IVssDifferentialSoftwareSnapshotMgmt):
req = GetProviderMgmtInterface()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['ProviderId'] = providerId
req['InterfaceId'] = interfaceId
resp = self.request(req, self._iid, uuid = self.get_iPid())
return IVssDifferentialSoftwareSnapshotMgmt(INTERFACE(classInstance, ''.join(resp['ppItf']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def GetTypeInfo(self):
request = IDispatch_GetTypeInfo()
request['iTInfo'] = 0
request['lcid'] = 0
resp = self.request(request, iid=self._iid, uuid=self.get_iPid())
return ITypeInfo(
INTERFACE(self.get_cinstance(),
''.join(resp['ppTInfo']['abData']),
self.get_ipidRemUnknown(),
target=self.get_target()))
class IEnumVdsObject(IRemUnknown2):
def Next(self, celt=0xffff):
request = IEnumVdsObject_Next()
request['ORPCthis'] = self.get_cinstance().get_ORPCthis()
request['ORPCthis']['flags'] = 0
request['celt'] = celt
try:
resp = self.request(request, uuid = self.get_iPid())
except Exception, e:
resp = e.get_packet()
# If it is S_FALSE(1) means less items were returned
if resp['ErrorCode'] != 1:
raise
interfaces = list()
for interface in resp['ppObjectArray']:
interfaces.append(IRemUnknown2(INTERFACE(self.get_cinstance(), ''.join(interface['abData']), self.get_ipidRemUnknown(), target = self.get_target())))
return interfaces
def QuerySnapshotsByVolume(self, volumeName, providerId = IID_ShadowCopyProvider):
req = QuerySnapshotsByVolume()
classInstance = self.get_cinstance()
req['ORPCthis'] = classInstance.get_ORPCthis()
req['ORPCthis']['flags'] = 0
req['pwszVolumeName'] = volumeName
req['ProviderId'] = providerId
try:
resp = self.request(req, self._iid, uuid = self.get_iPid())
except DCERPCException as e:
print(e)
from impacket.winregistry import hexdump
data = e.get_packet()
hexdump(data)
kk = QuerySnapshotsByVolumeResponse(data)
kk.dump()
#resp.dump()
return IVssEnumObject(INTERFACE(self.get_cinstance(), ''.join(resp['ppEnum']['abData']), self.get_ipidRemUnknown(), target = self.get_target()))
def getInterface(self, interface, resp):
# Now let's parse the answer and build an Interface instance
objRefType = OBJREF(''.join(resp))['flags']
objRef = None
if objRefType == FLAGS_OBJREF_CUSTOM:
objRef = OBJREF_CUSTOM(''.join(resp))
elif objRefType == FLAGS_OBJREF_HANDLER:
objRef = OBJREF_HANDLER(''.join(resp))
elif objRefType == FLAGS_OBJREF_STANDARD:
objRef = OBJREF_STANDARD(''.join(resp))
elif objRefType == FLAGS_OBJREF_EXTENDED:
objRef = OBJREF_EXTENDED(''.join(resp))
else:
logging.error("Unknown OBJREF Type! 0x%x" % objRefType)
return IRemUnknown2(
INTERFACE(interface.get_cinstance(), None, interface.get_ipidRemUnknown(), objRef['std']['ipid'],
oxid=objRef['std']['oxid'], oid=objRef['std']['oxid'],
target=interface.get_target()))
