def __init__(self, hostname, username, domain="", password="", lmhash="", nthash="", log_options=Logger.Options(), dump_options=Dumper.Options(), parse_options=Parser.Options(), write_options=Writer.Options()): self.conn_options = ImpacketConnection.Options(hostname, domain, username, password, lmhash, nthash) self.log_options = log_options self.dump_options = dump_options self.parse_options = parse_options self.write_options = write_options self._target = hostname self._log = Logger(self._target, log_options) self._conn = None self._dumper = None self._parser = None self._dumpfile = None self._credentials = [] self._writer = None
def test_dumpert_upload_error(self): dump_option = Dumper.Options() dump_option.dumpert_path = dumpert_path dump_option.share = "INVALID_SHARE" ret = Dumper(self.conn, dump_option).dumpert_dump(()) self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_DUMPERT_NOT_UPLOADED[1], ret.error_msg)
def __init__(self, target): self.conn_options = ImpacketConnection.Options() self.log_options = Logger.Options() self.dump_options = Dumper.Options() self.parse_options = Parser.Options() self.write_options = Writer.Options() self.lsassy = None self.target = target
def test_dumpert_execute_error(self): dump_option = Dumper.Options() dump_option.dumpert_path = dumpert_path dumper = Dumper(self.conn, dump_option) ret = dumper.dumpert_dump(()) self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_DUMPERT_NO_EXECUTE[1], ret.error_msg) dumper.clean()
def test_procdump_execute_error(self): dump_option = Dumper.Options() dump_option.procdump_path = procdump_path dump = Dumper(self.conn, dump_option) ret = dump.procdump_dump(()) self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_PROCDUMP_NO_EXECUTE[1], ret.error_msg) dump.clean()
def parse_lsass(self, options=Dumper.Options()): self._parser = Parser(self._dumpfile, options) parse_result = self._parser.parse() if not parse_result.success(): return parse_result self._credentials = self._parser.get_credentials() self._log.info("Process lsass.exe has been parsed") return RetCode(ERROR_SUCCESS)
def test_dump_protected(self): dump_option = Dumper.Options() dump_option.method = 2 dump_option.procdump_path = procdump_path dumper = Dumper(self.conn, dump_option) ret = dumper.dump() self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_LSASS_PROTECTED[1], ret.error_msg) dumper.clean()
def dump_lsass(self, options=Dumper.Options()): is_admin = self._conn.isadmin() if not is_admin.success(): self._conn.close() return is_admin self._dumper = Dumper(self._conn, options) dump_result = self._dumper.dump() if not dump_result.success(): return dump_result self._dumpfile = self._dumper.getfile() self._log.info("Process lsass.exe has been dumped") return RetCode(ERROR_SUCCESS)
def test_dump_method_unknown(self): dump_option = Dumper.Options() dump_option.method = 99 ret = Dumper(self.conn, dump_option).dump() self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_METHOD_NOT_SUPPORTED[1], ret.error_msg)
def test_dumpert_invalid_parameter(self): dump_option = Dumper.Options() dump_option.dumpert_path = "/invalid/path" ret = Dumper(self.conn, dump_option).dumpert_dump(()) self.assertIsInstance(ret, RetCode) self.assertEqual(ERROR_DUMPERT_NOT_FOUND[1], ret.error_msg)