How to use the pypykatz.logger function in pypykatz
To help you get started, we’ve selected a few pypykatz examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
skelsec / pypykatz / pypykatz / remote / live / localgroup / enumerator.py View on Github 
def run(self):
while True:
target = self.inQ.get()
if not target:
break
if self.pre_check is True:
if is_port_up(target, 445, timeout = self.timeout) is False:
continue
try:
for groupname in self.groups:
for group in NetLocalGroupGetMembers(target, groupname, level=2):
self.outQ.put((target, groupname, group))
except Exception as e:
logger.debug('LocalGroupEnumThread error: %s' % str(e))
continuetoken_infos = []
for pid in self.api.psapi.EnumProcesses():
proc_handle = None
try:
proc_handle = self.api.kernel32.OpenProcess(PROCESS_QUERY_INFORMATION, False, pid)
logger.log(1, '[ProcessManipulator] Proc handle for PID %s is: %s' % (proc_handle, pid))
except Exception as e:
logger.log(1, '[ProcessManipulator] Failed to open process pid %s Reason: %s' % (pid, str(e)))
continue
else:
token_handle = None
try:
token_handle = self.api.advapi32.OpenProcessToken(proc_handle, TOKEN_MANIP_ACCESS)
except Exception as e:
logger.log(1, '[ProcessManipulator] Failed get token from process pid %s Reason: %s' % (pid, str(e)))
continue
else:
ptr_sid = self.api.advapi32.GetTokenInformation_sid(token_handle)
sid_str = self.api.advapi32.ConvertSidToStringSid(ptr_sid)
if sid_str == target_sid:
logger.debug('[ProcessManipulator] Found token with target sid!')
cloned_token = self.api.advapi32.DuplicateTokenEx(
token_handle,
dwDesiredAccess = dwDesiredAccess,
ImpersonationLevel = ImpersonationLevel,
TokenType = TokenType
)
yield cloned_token
finally:
if token_handle is not None:def run(self):
while True:
target = self.inQ.get()
if not target:
break
if self.pre_check is True:
if is_port_up(target, 445, timeout = self.timeout) is False:
continue
try:
for share in NetSessionEnum(target, level=1):
self.outQ.put((target, share))
except Exception as e:
logger.debug('SessionMonitor error: %s' % str(e))
continuedef get_lsa(self):
#trying with automatic template detection
try:
lsa_dec_template = LsaTemplate.get_template(self.sysinfo)
lsa_dec = LsaDecryptor.choose(self.reader, lsa_dec_template, self.sysinfo)
logger.debug(lsa_dec.dump())
except:
logger.exception('Failed to automatically detect correct LSA template!')
lsa_dec = self.get_lsa_bruteforce()
if lsa_dec is None:
raise Exception('All detection methods failed.')
return lsa_dec
else:
return lsa_decexcept Exception as e:
logger.log(1, '[ProcessManipulator] Failed to open process pid %s Reason: %s' % (pid, str(e)))
continue
else:
token_handle = None
try:
token_handle = self.api.advapi32.OpenProcessToken(proc_handle, TOKEN_MANIP_ACCESS)
except Exception as e:
logger.log(1, '[ProcessManipulator] Failed get token from process pid %s Reason: %s' % (pid, str(e)))
continue
else:
ptr_sid = self.api.advapi32.GetTokenInformation_sid(token_handle)
sid_str = self.api.advapi32.ConvertSidToStringSid(ptr_sid)
if sid_str == target_sid:
logger.debug('[ProcessManipulator] Found token with target sid!')
cloned_token = self.api.advapi32.DuplicateTokenEx(
token_handle,
dwDesiredAccess = dwDesiredAccess,
ImpersonationLevel = ImpersonationLevel,
TokenType = TokenType
)
yield cloned_token
finally:
if token_handle is not None:
self.api.kernel32.CloseHandle(token_handle)
finally:
if proc_handle is not None:
self.api.kernel32.CloseHandle(proc_handle)def log_basic_info(self):
"""
In case of error, please attach this to the issues page
"""
logger.info('===== BASIC INFO. SUBMIT THIS IF THERE IS AN ISSUE =====')
logger.info('CPU arch: %s' % self.sysinfo.architecture.name)
logger.info('OS: %s' % self.sysinfo.operating_system)
logger.info('BuildNumber: %s' % self.sysinfo.buildnumber)
logger.info('MajorVersion: %s ' % self.sysinfo.major_version)
logger.info('MSV timestamp: %s' % self.sysinfo.msv_dll_timestamp)
logger.info('===== BASIC INFO END =====')self.results[target].append(session.to_dict())
else:
ip = session.computername.replace('\\\\','')
result = '%s %s %s' % (target, ip, session.username)
if self.out_file is not None:
if target not in self.results:
self.results[target] = []
self.results[target].append(result)
else:
print(result)
if self.out_file is None and self.to_json is False:
return
logger.info('Writing results...')
if self.out_file is not None:
with open(self.out_file,'w', newline = '') as f:
if self.to_json is True:
f.write(json.dumps(self.results, cls = UniversalEncoder, indent=4, sort_keys=True))
else:
for target in self.results:
for res in self.results[target]:
f.write( '%s %s\r\n' % (target, res))
else:
print(json.dumps(self.results, cls = UniversalEncoder, indent=4, sort_keys=True))def __get_registry_secrets(self, lr):
"""
Gets the pre-keys from an already parsed OffineRegistry or LiveRegistry object, populates the userkey/machinekey lists, returns the obtained keys
lr: OffineRegistry or LiveRegistry object
return: touple of two lists, [0] userkeys [1] machinekeys
"""
user = []
machine = []
from pypykatz.registry.security.common import LSASecretDPAPI
if lr.security:
for secret in lr.security.cached_secrets:
if isinstance(secret, LSASecretDPAPI):
logger.debug('[DPAPI] Found DPAPI user key in registry! Key: %s' % secret.user_key)
logger.debug('[DPAPI] Found DPAPI machine key in registry! Key: %s' % secret.machine_key)
self.user_keys.append(secret.user_key)
user.append(secret.user_key)
self.machine_keys.append(secret.machine_key)
machine.append(secret.machine_key)
if lr.sam is not None:
for secret in lr.sam.secrets:
if secret.nt_hash:
sid = '%s-%s' % (lr.sam.machine_sid, secret.rid)
x, key2, key3 = self.get_prekeys_from_password(sid, nt_hash = secret.nt_hash)
logger.debug('[DPAPI] NT hash method. Calculated user key for user %s! Key2: %s Key3: %s' % (sid, key2, key3))
user.append(key2)
user.append(key3)
continuedef get_lsa(self):
#trying with automatic template detection
try:
lsa_dec_template = LsaTemplate.get_template(self.sysinfo)
lsa_dec = LsaDecryptor.choose(self.reader, lsa_dec_template, self.sysinfo)
logger.debug(lsa_dec.dump())
except:
logger.exception('Failed to automatically detect correct LSA template!')
lsa_dec = self.get_lsa_bruteforce()
if lsa_dec is None:
raise Exception('All detection methods failed.')
return lsa_dec
else:
return lsa_dec
Popular pypykatz functions
- pypykatz.commons.common.UniversalEncoder
- pypykatz.commons.winapi.processmanipulator.ProcessManipulator
- pypykatz.crypto.aes.AESModeOfOperationCBC
- pypykatz.crypto.aes.AESModeOfOperationECB
- pypykatz.crypto.des.des
- pypykatz.crypto.RC4.RC4
- pypykatz.crypto.unified.common.SYMMETRIC_MODE
- pypykatz.dpapi.structures.blob.DPAPI_BLOB.from_bytes
- pypykatz.logger
- pypykatz.logger.debug
- pypykatz.logger.info
- pypykatz.logging
- pypykatz.logging.debug
- pypykatz.pypykatz.pypykatz
- pypykatz.pypykatz.pypykatz.parse_minidump_file
- pypykatz.registry.logger
- pypykatz.registry.logger.debug
- pypykatz.registry.logger.error
- pypykatz.registry.logger.warning
- pypykatz.registry.offline_parser.OffineRegistry