Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def _create_dummy_stopped_service(self, session):
service = Service("pypsexectest", session)
service.open()
service.create("C:\\Windows\\PAExec.exe -service")
service.close()
return service
def test_open_service_with_invalid_name(self, session):
service = Service(b"\x00 a service".decode('utf-8'), session)
service.open()
with pytest.raises(SCMRException) as exc:
service.stop()
service.close()
assert str(exc.value) == "Exception calling ROpenServiceW. " \
"Code: 123, Msg: ERROR_INVALID_NAME"
def test_open_service_missing(self, session):
service = Service("missing-service", session)
service.open()
assert service._handle is None
with pytest.raises(PypsexecException) as exc:
service.start()
assert str(exc.value) == "Cannot start service missing-service as " \
"it does not exist"
with pytest.raises(PypsexecException) as exc:
service.stop()
assert str(exc.value) == "Cannot stop service missing-service as " \
"it does not exist"
service.close()
def _get_new_generic_client(self, client):
username = os.environ['PYPSEXEC_USERNAME']
password = os.environ['PYPSEXEC_PASSWORD']
new_client = Client(client.server, username, password)
new_client.pid = 1234
new_client.current_host = "other-host"
new_client.service_name = "PAExec-%d-%s"\
% (new_client.pid, new_client.current_host)
new_client._exe_file = "%s.exe" % new_client.service_name
new_client._service = Service(new_client.service_name,
new_client.session)
return new_client
Cleans up any old services or payloads that may have been left behind
on a previous failure. This will search C:\\Windows for any files
starting with PAExec-*.exe and delete them. It will also stop and
remove any services that start with PAExec-* if they exist.
Before calling this function, the connect() function must have already
been called.
"""
scmr = self._service._scmr
services = scmr.enum_services_status_w(
self._service._scmr_handle,
ServiceType.SERVICE_WIN32_OWN_PROCESS,
EnumServiceState.SERVICE_STATE_ALL)
for service in services:
if service['service_name'].lower().startswith("paexec"):
svc = Service(service['service_name'], self.session)
svc.open()
svc.delete()
smb_tree = TreeConnect(self.session,
r"\\%s\ADMIN$" % self.connection.server_name)
smb_tree.connect()
share = Open(smb_tree, "")
query_msgs = [
share.create(ImpersonationLevel.Impersonation,
DirectoryAccessMask.FILE_READ_ATTRIBUTES |
DirectoryAccessMask.SYNCHRONIZE |
DirectoryAccessMask.FILE_LIST_DIRECTORY,
FileAttributes.FILE_ATTRIBUTE_DIRECTORY,
ShareAccess.FILE_SHARE_READ |
ShareAccess.FILE_SHARE_WRITE |
self.session = Session(self.connection, username, password,
require_encryption=encrypt)
self.service_name = "PAExec-%d-%s" % (self.pid, self.current_host)
log.info("Creating PyPsexec Client with unique name: %s"
% self.service_name)
self._exe_file = "%s.exe" % self.service_name
self._stdout_pipe_name = "PaExecOut%s%d"\
% (self.current_host, self.pid)
self._stderr_pipe_name = "PaExecErr%s%d"\
% (self.current_host, self.pid)
self._stdin_pipe_name = "PaExecIn%s%d" % (self.current_host, self.pid)
self._unique_id = get_unique_id(self.pid, self.current_host)
log.info("Generated unique ID for PyPsexec Client: %d"
% self._unique_id)
self._service = Service(self.service_name, self.session)