def sendBindType1(self, iface_uuid, auth_data):
bind = MSRPCBind()
item = CtxItem()
item['AbstractSyntax'] = iface_uuid
item['TransferSyntax'] = self.transfer_syntax
item['ContextID'] = 0
item['TransItems'] = 1
bind.addCtxItem(item)
packet = MSRPCHeader()
packet['type'] = rpcrt.MSRPC_BIND
packet['pduData'] = bind.getData()
packet['call_id'] = 0
sec_trailer = SEC_TRAILER()
sec_trailer['auth_type'] = RPC_C_AUTHN_WINNT
sec_trailer['auth_level'] = RPC_C_AUTHN_LEVEL_CONNECT
sec_trailer['auth_ctx_id'] = 79231
pad = (4 - (len(packet.get_packet()) % 4)) % 4
if pad != 0:
packet['pduData'] += b'\xFF' * pad
sec_trailer['auth_pad_len'] = pad
packet['sec_trailer'] = sec_trailer
packet['auth_data'] = auth_data
self._transport.send(packet.get_packet())
s = self._transport.recv()
if s != 0:
resp = MSRPCHeader(s)
else:
return 0 #mmm why not None?
if resp['type'] == rpcrt.MSRPC_BINDACK or resp['type'] == rpcrt.MSRPC_ALTERCTX_R:
bindResp = MSRPCBindAck(resp.getData())
elif resp['type'] == rpcrt.MSRPC_BINDNAK or resp['type'] == rpcrt.MSRPC_FAULT:
if resp['type'] == rpcrt.MSRPC_FAULT:
resp = MSRPCRespHeader(resp.getData())
status_code = unpack('<L', resp['pduData'][:4])[0]
else:
resp = MSRPCBindNak(resp['pduData'])
status_code = resp['RejectedReason']
if status_code in rpc_status_codes:
raise DCERPCException(error_code = status_code)
elif status_code in rpc_provider_reason:
raise DCERPCException("Bind context rejected: %s" % rpc_provider_reason[status_code])
else:
raise DCERPCException('Unknown DCE RPC fault status code: %.8x' % status_code)
else:
raise DCERPCException('Unknown DCE RPC packet type received: %d' % resp['type'])
self.set_max_tfrag(bindResp['max_rfrag'])
return bindResp
def __init__(self, error_string=None, proxy_error=None):
rpc_error_code = None
if proxy_error is not None:
try:
search = self.parser.search(proxy_error)
rpc_error_code = int(search.group(1), 16)
except:
error_string += ': ' + proxy_error
DCERPCException.__init__(self, error_string, rpc_error_code)
def DCERPCTransportFactory(stringbinding):
sb = DCERPCStringBinding(stringbinding)
na = sb.get_network_address()
ps = sb.get_protocol_sequence()
if 'ncadg_ip_udp' == ps:
port = sb.get_endpoint()
if port:
return UDPTransport(na, int(port))
else:
return UDPTransport(na)
elif 'ncacn_ip_tcp' == ps:
port = sb.get_endpoint()
if port:
return TCPTransport(na, int(port))
else:
return TCPTransport(na)
elif 'ncacn_http' == ps:
port = sb.get_endpoint()
if port:
return HTTPTransport(na, int(port))
else:
return HTTPTransport(na)
elif 'ncacn_np' == ps:
named_pipe = sb.get_endpoint()
if named_pipe:
named_pipe = named_pipe[len(r'\pipe'):]
return SMBTransport(na, filename = named_pipe)
else:
return SMBTransport(na)
elif 'ncalocal' == ps:
named_pipe = sb.get_endpoint()
return LOCALTransport(filename = named_pipe)
else:
raise DCERPCException("Unknown protocol sequence.")
def connect(self):
TCPTransport.connect(self)
self.get_socket().send('RPC_CONNECT ' + self.getRemoteHost() + ':593 HTTP/1.0\r\n\r\n')
data = self.get_socket().recv(8192)
if data[10:13] != '200':
raise DCERPCException("Service not supported.")
def connect(self):
try:
af, socktype, proto, canonname, sa = socket.getaddrinfo(self.get_dip(), self.get_dport(), 0, socket.SOCK_DGRAM)[0]
self.__socket = socket.socket(af, socktype, proto)
self.__socket.settimeout(self.get_connect_timeout())
except socket.error, msg:
self.__socket = None
raise DCERPCException("Could not connect: %s" % msg)
def connect(self):
af, socktype, proto, canonname, sa = socket.getaddrinfo(self.getRemoteHost(), self.get_dport(), 0, socket.SOCK_STREAM)[0]
self.__socket = socket.socket(af, socktype, proto)
try:
self.__socket.settimeout(self.get_connect_timeout())
self.__socket.connect(sa)
except socket.error as msg:
self.__socket.close()
raise DCERPCException("Could not connect: %s" % msg)
return 1
def connect(self):
if self._useRpcProxy == False:
# Connecting directly to the ncacn_http port
#
# Here we using RPC over HTTPv1 instead complex RPC over HTTP v2 syntax
# RPC over HTTP v2 here can be implemented in the future
self._version = RPC_OVER_HTTP_v1
TCPTransport.connect(self)
# Reading legacy server response
data = self.get_socket().recv(8192)
if data != b'ncacn_http/1.0':
raise DCERPCException("%s:%s service is not ncacn_http" % (self.__remoteName, self.__dstport))
else:
RPCProxyClient.connect(self)
def set_stringbinding(self, set_stringbinding):
DCERPCTransport.set_stringbinding(self, set_stringbinding)
if self._stringbinding.is_option_set("RpcProxy"):
self.rpc_proxy_init()
rpcproxy = self._stringbinding.get_option("RpcProxy").split(":")
if rpcproxy[1] == '443':
self.set_rpc_proxy_url('https://%s/rpc/rpcproxy.dll' % rpcproxy[0])
elif rpcproxy[1] == '80':
self.set_rpc_proxy_url('http://%s/rpc/rpcproxy.dll' % rpcproxy[0])
else:
# 2.1.2.1
# RPC over HTTP always uses port 80 for HTTP traffic and port 443 for HTTPS traffic.
# But you can use set_rpc_proxy_url method to set any URL / query you want.
raise DCERPCException("RPC Proxy port must be 80 or 443")
def __init__(self, error_string=None, error_code=None, packet=None):
DCERPCException.__init__(self, error_string, error_code, packet)
def __init__(self, error_string=None, error_code=None, packet=None):
DCERPCException.__init__(self, error_string, error_code, packet)
def get_socket(self):
if self._useRpcProxy == False:
return TCPTransport.get_socket(self)
else:
raise DCERPCException(
"This method is not supported for RPC Proxy connections")
