def test_ElfrReportEventW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
request = even.ElfrReportEventW()
request['LogHandle'] = resp['LogHandle']
request['Time'] = 5000000
request['EventType'] = even.EVENTLOG_ERROR_TYPE
request['EventCategory'] = 0
request['EventID'] = 7037
request['ComputerName'] = 'MYCOMPUTER!'
request['NumStrings'] = 1
request['DataSize'] = 0
request['UserSID'].fromCanonical('S-1-2-5-21')
nn = even.PRPC_UNICODE_STRING()
nn['Data'] = 'HOLA BETUSSS'
request['Strings'].append(nn)
request['Data'] = NULL
request['Flags'] = 0
request['RecordNumber'] = NULL
request['TimeWritten'] = NULL
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_ACCESS_DENIED') < 0:
raise
def test_ElfrReportEventW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
request = even.ElfrReportEventW()
request['LogHandle'] = resp['LogHandle']
request['Time'] = 5000000
request['EventType'] = even.EVENTLOG_ERROR_TYPE
request['EventCategory'] = 0
request['EventID'] = 7037
request['ComputerName'] = 'MYCOMPUTER!'
request['NumStrings'] = 1
request['DataSize'] = 0
request['UserSID'].fromCanonical('S-1-2-5-21')
nn = even.PRPC_UNICODE_STRING()
nn['Data'] = 'HOLA BETUSSS'
request['Strings'].append(nn)
request['Data'] = NULL
request['Flags'] = 0
request['RecordNumber'] = NULL
request['TimeWritten'] = NULL
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_ACCESS_DENIED') < 0:
raise
def test_hElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
with assertRaisesRegex(self, DCERPCException, "STATUS_OBJECT_NAME_INVALID"):
even.hElfrBackupELFW(dce, resp['LogHandle'], '\\??\\c:\\beto2')
def test_hElfrReadELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
resp = even.hElfrReadELW(dce, resp['LogHandle'],
even.EVENTLOG_SEQUENTIAL_READ | even.EVENTLOG_FORWARDS_READ,
0, even.MAX_BATCH_BUFF)
resp.dump()
def atest_hElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
try:
resp = even.hElfrBackupELFW(dce, resp['LogHandle'], '\\??\\c:\\beto2')
resp.dump()
except Exception, e:
if str(e).find('STATUS_OBJECT_NAME_INVALID') < 0:
raise
def test_ElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
request = even.ElfrBackupELFW()
request['LogHandle'] = resp['LogHandle']
request['BackupFileName'] = '\\??\\c:\\beto2'
with assertRaisesRegex(self, DCERPCException, "STATUS_OBJECT_NAME_INVALID"):
dce.request(request)
def test_hElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
try:
resp = even.hElfrBackupELFW(dce, resp['LogHandle'], '\\??\\c:\\beto2')
resp.dump()
except Exception as e:
if str(e).find('STATUS_OBJECT_NAME_INVALID') < 0:
raise
def atest_ElfrReadELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
request = even.ElfrReadELW()
request['LogHandle'] = resp['LogHandle']
request['ReadFlags'] = even.EVENTLOG_SEQUENTIAL_READ | even.EVENTLOG_FORWARDS_READ
request['RecordOffset'] = 0
request['NumberOfBytesToRead'] = even.MAX_BATCH_BUFF/2
resp = dce.request(request)
resp.dump()
def test_ElfrReadELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
request = even.ElfrReadELW()
request['LogHandle'] = resp['LogHandle']
request['ReadFlags'] = even.EVENTLOG_SEQUENTIAL_READ | even.EVENTLOG_FORWARDS_READ
request['RecordOffset'] = 0
request['NumberOfBytesToRead'] = even.MAX_BATCH_BUFF
resp = dce.request(request)
resp.dump()
def atest_ElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
request = even.ElfrBackupELFW()
request['LogHandle'] = resp['LogHandle']
request['BackupFileName'] = '\\??\\c:\\beto2'
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_OBJECT_NAME_INVALID') < 0:
raise
def atest_ElfrBackupELFW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
request = even.ElfrBackupELFW()
request['LogHandle'] = resp['LogHandle']
request['BackupFileName'] = '\\??\\c:\\beto2'
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_OBJECT_NAME_INVALID') < 0:
raise
def atest_hElfrOpenELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
def atest_hElfrReadELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
resp = even.hElfrReadELW(dce, resp['LogHandle'],even.EVENTLOG_SEQUENTIAL_READ | even.EVENTLOG_FORWARDS_READ,0, even.MAX_BATCH_BUFF/2 )
resp.dump()
def atest_hElfrOpenELW(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, NULL, 'Security', '')
resp.dump()
def test_hElfrOldestRecordNumber(self):
dce, rpctransport = self.connect()
resp = even.hElfrOpenELW(dce, 'Security', '')
resp.dump()
resp = even.hElfrOldestRecordNumber(dce, resp['LogHandle'])
resp.dump()
