def main(): print(version.BANNER) # Init the example's logger theme logger.init() parser = argparse.ArgumentParser(add_help = True, description = "Extensive Storage Engine utility. Allows dumping " "catalog, pages and tables.") parser.add_argument('databaseFile', action='store', help='ESE to open') parser.add_argument('-debug', action='store_true', help='Turn DEBUG output ON') parser.add_argument('-page', action='store', help='page to open') subparsers = parser.add_subparsers(help='actions', dest='action') # dump page dump_parser = subparsers.add_parser('dump', help='dumps an specific page') dump_parser.add_argument('-page', action='store', required=True, help='page to dump') # info page subparsers.add_parser('info', help='dumps the catalog info for the DB') # export page export_parser = subparsers.add_parser('export', help='dumps the catalog info for the DB') export_parser.add_argument('-table', action='store', required=True, help='table to dump') if len(sys.argv)==1: parser.print_help() sys.exit(1) options = parser.parse_args() if options.debug is True: logging.getLogger().setLevel(logging.DEBUG) # Print the Library's installation path logging.debug(version.getInstallationPath()) else: logging.getLogger().setLevel(logging.INFO) ese = ESENT_DB(options.databaseFile) try: if options.action.upper() == 'INFO': ese.printCatalog() elif options.action.upper() == 'DUMP': dumpPage(ese, int(options.page)) elif options.action.upper() == 'EXPORT': exportTable(ese, options.table) else: raise Exception('Unknown action %s ' % options.action) except Exception as e: if logging.getLogger().level == logging.DEBUG: import traceback traceback.print_exc() print(e) ese.close()
def main(): print(version.BANNER) # Init the example's logger theme logger.init() parser = argparse.ArgumentParser(add_help = True, description = "Extensive Storage Engine utility. Allows dumping " "catalog, pages and tables.") parser.add_argument('databaseFile', action='store', help='ESE to open') parser.add_argument('-debug', action='store_true', help='Turn DEBUG output ON') parser.add_argument('-page', action='store', help='page to open') subparsers = parser.add_subparsers(help='actions', dest='action') # dump page dump_parser = subparsers.add_parser('dump', help='dumps an specific page') dump_parser.add_argument('-page', action='store', required=True, help='page to dump') # info page subparsers.add_parser('info', help='dumps the catalog info for the DB') # export page export_parser = subparsers.add_parser('export', help='dumps the catalog info for the DB') export_parser.add_argument('-table', action='store', required=True, help='table to dump') if len(sys.argv)==1: parser.print_help() sys.exit(1) options = parser.parse_args() if options.debug is True: logging.getLogger().setLevel(logging.DEBUG) else: logging.getLogger().setLevel(logging.INFO) ese = ESENT_DB(options.databaseFile) try: if options.action.upper() == 'INFO': ese.printCatalog() elif options.action.upper() == 'DUMP': dumpPage(ese, int(options.page)) elif options.action.upper() == 'EXPORT': exportTable(ese, options.table) else: raise Exception('Unknown action %s ' % options.action) except Exception as e: if logging.getLogger().level == logging.DEBUG: import traceback traceback.print_exc() print(e) ese.close()
class NTDSHashes: class SECRET_TYPE: NTDS = 0 NTDS_CLEARTEXT = 1 NTDS_KERBEROS = 2 NAME_TO_INTERNAL = { 'uSNCreated': 'ATTq131091', 'uSNChanged': 'ATTq131192', 'name': 'ATTm3', 'objectGUID': 'ATTk589826', 'objectSid': 'ATTr589970', 'userAccountControl': 'ATTj589832', 'primaryGroupID': 'ATTj589922', 'accountExpires': 'ATTq589983', 'logonCount': 'ATTj589993', 'sAMAccountName': 'ATTm590045', 'sAMAccountType': 'ATTj590126', 'lastLogonTimestamp': 'ATTq589876', 'userPrincipalName': 'ATTm590480', 'unicodePwd': 'ATTk589914', 'dBCSPwd': 'ATTk589879', 'ntPwdHistory': 'ATTk589918', 'lmPwdHistory': 'ATTk589984', 'pekList': 'ATTk590689', 'supplementalCredentials': 'ATTk589949', 'pwdLastSet': 'ATTq589920', } INTERNAL_TO_NAME = dict((v, k) for k, v in NAME_TO_INTERNAL.iteritems()) SAM_NORMAL_USER_ACCOUNT = 0x30000000 SAM_MACHINE_ACCOUNT = 0x30000001 SAM_TRUST_ACCOUNT = 0x30000002 ACCOUNT_TYPES = (SAM_NORMAL_USER_ACCOUNT, SAM_MACHINE_ACCOUNT, SAM_TRUST_ACCOUNT) def __init__(self, ntdsFile, isRemote=False): self.__NTDS = ntdsFile try: if self.__NTDS is not None: self.__ESEDB = ESENT_DB(ntdsFile, isRemote=isRemote) self.__cursor = self.__ESEDB.openTable('datatable') except Exception as e: raise e def getNextRecord(self): record = self.__ESEDB.getNextRow(self.__cursor) if record is None: return None, False elif self.NAME_TO_INTERNAL['sAMAccountType'] not in record: raise Exception('InvalidFile') try: if record[self.NAME_TO_INTERNAL[ 'sAMAccountType']] in self.ACCOUNT_TYPES: if record[self.NAME_TO_INTERNAL['sAMAccountName']] is not None: userName = '******' % record[ self.NAME_TO_INTERNAL['sAMAccountName']] else: userName = '******' return None, True if record[self.NAME_TO_INTERNAL['name']] is not None: displayName = '%s' % record[self.NAME_TO_INTERNAL['name']] else: displayName = 'N/A' return None, True if record[self.NAME_TO_INTERNAL['objectGUID']] is not None: objectGuid = '%s' % record[ self.NAME_TO_INTERNAL['objectGUID']] else: objectGuid = 'N/A' return None, True fields = "%s:%s:%s" % (displayName, userName, objectGuid) return fields, True else: return None, True except Exception as e: raise Exception('NextRecordFetchFailed') def finish(self): if self.__NTDS is not None: self.__ESEDB.close()