def test_BaseRegLoadKey_BaseRegUnLoadKey(self): dce, rpctransport, phKey = self.connect() request = rrp.BaseRegOpenKey() request['hKey'] = phKey request['lpSubKey'] = 'SECURITY\x00' request['dwOptions'] = 0x00000001 request['samDesired'] = MAXIMUM_ALLOWED resp = dce.request(request) resp.dump() request = rrp.BaseRegSaveKey() request['hKey'] = resp['phkResult'] request['lpFile'] = 'SEC\x00' request['pSecurityAttributes'] = NULL resp = dce.request(request) resp.dump() request = rrp.BaseRegLoadKey() request['hKey'] = phKey request['lpSubKey'] = 'BETUS\x00' request['lpFile'] = 'SEC\x00' resp = dce.request(request) resp.dump() request = rrp.BaseRegUnLoadKey() request['hKey'] = phKey request['lpSubKey'] = 'BETUS\x00' resp = dce.request(request) resp.dump() smb = rpctransport.get_smb_connection() smb.deleteFile('ADMIN$', 'System32\\SEC')
def test_BaseRegSaveKey(self): dce, rpctransport, phKey = self.connect() request = rrp.OpenCurrentUser() request['ServerName'] = NULL request['samDesired'] = MAXIMUM_ALLOWED resp = dce.request(request) resp.dump() request = rrp.BaseRegSaveKey() request['hKey'] = resp['phKey'] request['lpFile'] = 'BETUSFILE2\x00' request['pSecurityAttributes'] = NULL resp = dce.request(request) resp.dump() # I gotta remove the file now :s smb = rpctransport.get_smb_connection() smb.deleteFile('ADMIN$', 'System32\\BETUSFILE2')
def test_hBaseRegLoadKey_hBaseRegUnLoadKey(self): dce, rpctransport, phKey = self.connect() resp = rrp.hBaseRegOpenKey(dce, phKey, 'SECURITY\x00') resp.dump() request = rrp.BaseRegSaveKey() request['hKey'] = resp['phkResult'] request['lpFile'] = 'SEC\x00' request['pSecurityAttributes'] = NULL resp = dce.request(request) resp.dump() resp = rrp.hBaseRegLoadKey(dce, phKey, 'BETUS\x00', 'SEC\x00') resp.dump() resp = rrp.hBaseRegUnLoadKey(dce, phKey, 'BETUS\x00') resp.dump() smb = rpctransport.get_smb_connection() smb.deleteFile('ADMIN$', 'System32\\SEC')