How to use the pypykatz.logging function in pypykatz
To help you get started, we’ve selected a few pypykatz examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
skelsec / pypykatz / pypykatz / registry / cmdhelper.py View on Github 
def run_live(self, args):
from pypykatz.registry.live_parser import LiveRegistry
lr = None
try:
lr = LiveRegistry.go_live()
except Exception as e:
traceback.print_exc()
logging.debug('Failed to obtain registry secrets via direct registry reading method. Reason: %s' % str(e))
try:
from pypykatz.registry.offline_parser import OffineRegistry
lr = OffineRegistry.from_live_system()
except Exception as e:
logging.debug('Failed to obtain registry secrets via filedump method')
if lr is not None:
self.process_results(lr, args)
else:
print('Registry parsing failed!')if args.out_file:
with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
for user in connection.get_all_service_user_objects():
cnt += 1
f.write('%s/%s\r\n' % (domain, user.sAMAccountName))
else:
print('[+] SPN users')
for user in connection.get_all_service_user_objects():
cnt += 1
print('%s/%s' % (domain, user.sAMAccountName))
logging.debug('Enumerated %d SPN user accounts' % cnt)
elif args.cmd == 'asrep':
logging.debug('Enumerating ASREP user accounts...')
ctr = 0
if args.out_file:
with open(os.path.join(basefolder,basefile+'_asrep_users.txt'), 'w', newline='') as f:
for user in connection.get_all_knoreq_user_objects():
ctr += 1
f.write('%s/%s\r\n' % (domain, user.sAMAccountName))
else:
print('[+] ASREP users')
for user in connection.get_all_knoreq_user_objects():
ctr += 1
print('%s/%s' % (domain, user.sAMAccountName))
logging.debug('Enumerated %d ASREP user accounts' % ctr)
elif args.cmd == 'dump':
logging.debug('Enumerating ALL user accounts, this will take some time depending on the size of the domain')ctr = 0
if args.out_file:
with open(os.path.join(basefolder,basefile+'_asrep_users.txt'), 'w', newline='') as f:
for user in connection.get_all_knoreq_user_objects():
ctr += 1
f.write('%s/%s\r\n' % (domain, user.sAMAccountName))
else:
print('[+] ASREP users')
for user in connection.get_all_knoreq_user_objects():
ctr += 1
print('%s/%s' % (domain, user.sAMAccountName))
logging.debug('Enumerated %d ASREP user accounts' % ctr)
elif args.cmd == 'dump':
logging.debug('Enumerating ALL user accounts, this will take some time depending on the size of the domain')
ctr = 0
attrs = args.attrs if args.attrs is not None else MSADUser.TSV_ATTRS
if args.out_file:
with open(os.path.join(basefolder,basefile+'_ldap_users.tsv'), 'w', newline='', encoding ='utf8') as f:
writer = csv.writer(f, delimiter = '\t')
writer.writerow(attrs)
for user in connection.get_all_user_objects():
ctr += 1
writer.writerow(user.get_row(attrs))
else:
logging.debug('Are you sure about this?')
print('[+] Full user dump')
print('\t'.join(attrs))
for user in connection.get_all_user_objects():
ctr += 1results = ar.run(targets)
if args.out_file:
with open(args.out_file, 'w') as f:
for thash in results:
f.write(thash + '\r\n')
else:
for thash in results:
print(thash)
for err in errors:
print('Failed to get ticket for %s. Reason: %s' % (err[0], err[1]))
logging.info('SSPI based Kerberoast complete')def run_live(self, args):
from pypykatz.registry.live_parser import LiveRegistry
lr = None
try:
lr = LiveRegistry.go_live()
except Exception as e:
traceback.print_exc()
logging.debug('Failed to obtain registry secrets via direct registry reading method. Reason: %s' % str(e))
try:
from pypykatz.registry.offline_parser import OffineRegistry
lr = OffineRegistry.from_live_system()
except Exception as e:
logging.debug('Failed to obtain registry secrets via filedump method')
if lr is not None:
self.process_results(lr, args)
else:
print('Registry parsing failed!')if len(results[result].orphaned_creds) > 0:
print('== Orphaned credentials ==')
for cred in results[result].orphaned_creds:
print(str(cred))
if len(files_with_error) > 0:
print('\n==== Parsing errors:')
for filename in files_with_error:
print(filename)
if args.kerberos_dir:
dir = os.path.abspath(args.kerberos_dir)
logging.info('Writing kerberos tickets to %s' % dir)
for filename in results:
base_filename = ntpath.basename(filename)
ccache_filename = '%s_%s.ccache' % (base_filename, os.urandom(4).hex()) #to avoid collisions
results[filename].kerberos_ccache.to_file(os.path.join(dir, ccache_filename))
for luid in results[filename].logon_sessions:
for kcred in results[filename].logon_sessions[luid].kerberos_creds:
for ticket in kcred.tickets:
ticket.to_kirbi(dir)
for cred in results[filename].orphaned_creds:
if cred.credtype == 'kerberos':
for ticket in cred.tickets:
ticket.to_kirbi(dir)else:
creds = MSLDAPCredential.get_dummy_sspi()
if args.dc_ip:
target = MSLDAPTarget(args.dc_ip)
else:
target = MSLDAPTarget(machine.get_domain())
connection = MSLDAPConnection(creds, target)
connection.connect()
try:
adinfo = connection.get_ad_info()
domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
except Exception as e:
logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
domain = machine.get_domain()
if args.cmd == 'spn':
logging.debug('Enumerating SPN user accounts...')
cnt = 0
if args.out_file:
with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
for user in connection.get_all_service_user_objects():
cnt += 1
f.write('%s/%s\r\n' % (domain, user.sAMAccountName))
else:
print('[+] SPN users')
for user in connection.get_all_service_user_objects():
cnt += 1
print('%s/%s' % (domain, user.sAMAccountName))from msldap import logger as msldaplogger
if not args.credential:
raise Exception('You must provide credentials when using ldap in platform independent mode.')
creds = MSLDAPCredential.from_connection_string(args.credential)
target = MSLDAPTarget.from_connection_string(args.credential)
connection = MSLDAPConnection(creds, target)
connection.connect()
try:
adinfo = connection.get_ad_info()
domain = adinfo.distinguishedName.replace('DC=','').replace(',','.')
except Exception as e:
logging.warning('[LDAP] Failed to get domain name from LDAP server. This is not normal, but happens. Reason: %s' % e)
domain = machine.get_domain()
if args.cmd == 'spn':
logging.debug('Enumerating SPN user accounts...')
cnt = 0
if args.out_file:
with open(os.path.join(basefolder,basefile+'_spn_users.txt'), 'w', newline='') as f:
for user in connection.get_all_service_user_objects():
cnt += 1
f.write('%s/%s\r\n' % (domain, user.sAMAccountName))
else:
print('[+] SPN users')
for user in connection.get_all_service_user_objects():
cnt += 1
print('%s/%s' % (domain, user.sAMAccountName))logging.info('Parsing folder %s' % dir_fullpath)
for filename in glob.glob(globdata, recursive=args.recursive):
logging.info('Parsing file %s' % filename)
try:
mimi = pypykatz.parse_minidump_file(filename)
results[filename] = mimi
except Exception as e:
files_with_error.append(filename)
logging.exception('Error parsing file %s ' % filename)
if args.halt_on_error == True:
raise e
else:
pass
else:
logging.info('Parsing file %s' % args.memoryfile)
try:
mimi = pypykatz.parse_minidump_file(args.memoryfile)
results[args.memoryfile] = mimi
except Exception as e:
logging.exception('Error while parsing file %s' % args.memoryfile)
if args.halt_on_error == True:
raise e
else:
traceback.print_exc()
self.process_results(results, files_with_error, args)dir_fullpath = os.path.abspath(args.memoryfile)
file_pattern = '*.dmp'
if args.recursive == True:
globdata = os.path.join(dir_fullpath, '**', file_pattern)
else:
globdata = os.path.join(dir_fullpath, file_pattern)
logging.info('Parsing folder %s' % dir_fullpath)
for filename in glob.glob(globdata, recursive=args.recursive):
logging.info('Parsing file %s' % filename)
try:
mimi = pypykatz.parse_minidump_file(filename)
results[filename] = mimi
except Exception as e:
files_with_error.append(filename)
logging.exception('Error parsing file %s ' % filename)
if args.halt_on_error == True:
raise e
else:
pass
else:
logging.info('Parsing file %s' % args.memoryfile)
try:
mimi = pypykatz.parse_minidump_file(args.memoryfile)
results[args.memoryfile] = mimi
except Exception as e:
logging.exception('Error while parsing file %s' % args.memoryfile)
if args.halt_on_error == True:
raise e
else:
traceback.print_exc()
Popular pypykatz functions
- pypykatz.commons.common.UniversalEncoder
- pypykatz.commons.winapi.processmanipulator.ProcessManipulator
- pypykatz.crypto.aes.AESModeOfOperationCBC
- pypykatz.crypto.aes.AESModeOfOperationECB
- pypykatz.crypto.des.des
- pypykatz.crypto.RC4.RC4
- pypykatz.crypto.unified.common.SYMMETRIC_MODE
- pypykatz.dpapi.structures.blob.DPAPI_BLOB.from_bytes
- pypykatz.logger
- pypykatz.logger.debug
- pypykatz.logger.info
- pypykatz.logging
- pypykatz.logging.debug
- pypykatz.pypykatz.pypykatz
- pypykatz.pypykatz.pypykatz.parse_minidump_file
- pypykatz.registry.logger
- pypykatz.registry.logger.debug
- pypykatz.registry.logger.error
- pypykatz.registry.logger.warning
- pypykatz.registry.offline_parser.OffineRegistry