def packet_drsuapi_13(packet, conversation, context): # DsWriteAccountSpn req = drsuapi.DsWriteAccountSpnRequest1() req.operation = drsuapi.DRSUAPI_DS_SPN_OPERATION_REPLACE req.unknown1 = 0 # Unused, must be 0 req.object_dn = context.user_dn req.count = 1 # only 1 name spn_name = drsuapi.DsNameString() spn_name.str = 'foo/{}'.format(context.username) req.spn_names = [spn_name] (drs, handle) = context.get_drsuapi_connection_pair() (level, res) = drs.DsWriteAccountSpn(handle, 1, req) return True
def _do_cracknames(self, name, format_offered, format_desired): req = drsuapi.DsNameRequest1() names = drsuapi.DsNameString() names.str = name req.codepage = 1252 # German, but it doesn't really matter here req.language = 1033 req.format_flags = 0 req.format_offered = format_offered req.format_desired = format_desired req.count = 1 req.names = [names] (result, ctr) = self.drs.DsCrackNames(self.drs_handle, 1, req) return (result, ctr)
def packet_drsuapi_12(packet, conversation, context): # DsCrackNames drs, handle = context.get_drsuapi_connection_pair() names = drsuapi.DsNameString() names.str = context.server req = drsuapi.DsNameRequest1() req.format_flags = 0 req.format_offered = 7 req.format_desired = random.choice(name_formats) req.codepage = 1252 req.language = 1033 # German, I think req.format_flags = 0 req.count = 1 req.names = [names] (result, ctr) = drs.DsCrackNames(handle, 1, req) return True