def test_hLsarLookupNames(self): dce, rpctransport = self.connect() policyHandle = self.open_policy(dce) resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator', 'Guest')) resp.dump()
def test_hLsarLookupSids2(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator',)) #resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0]['Sid'].formatCanonical() sids = list() sids.append(domainSid + '-500') sids.append(domainSid + '-501') resp = lsat.hLsarLookupSids2(dce, policyHandle, sids)
def test_hLsarLookupSids2(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ("Administrator",)) resp.dump() domainSid = resp["ReferencedDomains"]["Domains"][0]["Sid"].formatCanonical() sids = list() sids.append(domainSid + "-500") sids.append(domainSid + "-501") resp = lsat.hLsarLookupSids2(dce, policyHandle, sids) resp.dump()
def test_hLsarLookupSids2(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator',)) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0]['Sid'].formatCanonical() sids = list() sids.append(domainSid + '-500') sids.append(domainSid + '-501') resp = lsat.hLsarLookupSids2(dce, policyHandle, sids) resp.dump()
def test_hLsarLookupSids(self): dce, rpctransport = self.connect() policyHandle = self.open_policy(dce) resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator', )) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0][ 'Sid'].formatCanonical() sids = list() for i in range(1000): sids.append(domainSid + '-%d' % (500 + i)) with assertRaisesRegex(self, DCERPCException, 'STATUS_SOME_NOT_MAPPED'): lsat.hLsarLookupSids(dce, policyHandle, sids)
def test_hLsarLookupSids(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator',)) #resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0]['Sid'].formatCanonical() sids = list() for i in range(1000): sids.append(domainSid + '-%d' % (500+i)) try: resp = lsat.hLsarLookupSids(dce, policyHandle, sids ) #resp.dump() except Exception, e: if str(e).find('STATUS_SOME_NOT_MAPPED') < 0: raise else: resp = e.get_packet()
def test_hLsarLookupSids(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator',)) resp.dump() domainSid = resp['ReferencedDomains']['Domains'][0]['Sid'].formatCanonical() sids = list() for i in range(1000): sids.append(domainSid + '-%d' % (500+i)) try: resp = lsat.hLsarLookupSids(dce, policyHandle, sids ) resp.dump() except Exception as e: if str(e).find('STATUS_SOME_NOT_MAPPED') < 0: raise else: resp = e.get_packet() resp.dump()
def get_sid(self, name): self.log.info('[*] Looking up SID for {0}..'.format(name)) stringbinding = r'ncacn_np:{0}[\pipe\lsarpc]'.format(self.target) logging.debug('StringBinding {0}'.format(stringbinding)) rpctransport = transport.DCERPCTransportFactory(stringbinding) rpctransport.set_dport(self.port) rpctransport.setRemoteHost(self.target) if hasattr(rpctransport, 'set_credentials'): rpctransport.set_credentials(self.username, self.password, self.domain) dce = rpctransport.get_dce_rpc() dce.connect() dce.bind(lsat.MSRPC_UUID_LSAT) resp = lsad.hLsarOpenPolicy2( dce, MAXIMUM_ALLOWED | lsad.POLICY_LOOKUP_NAMES) policyHandle = resp['PolicyHandle'] resp = lsat.hLsarLookupNames(dce, policyHandle, (name, )) self.rid = resp['TranslatedSids']['Sids'][0]['RelativeId'] dce.disconnect() return
def test_hLsarLookupNames(self): dce, rpctransport, policyHandle = self.connect() resp = lsat.hLsarLookupNames(dce, policyHandle, ('Administrator', 'Guest')) resp.dump()