1. Advisor
  2. smbprotocol
  3. functions
  4. smbprotocol.open.Open
View all smbprotocol analysis

How to use the smbprotocol.open.Open function in smbprotocol

To help you get started, we’ve selected a few smbprotocol examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github jborean93 / pypsexec / tests / test_client.py View on Github external
scmr_handle = client._service._scmr_handle

        services = scmr.enum_services_status_w(scmr_handle,
                                               ServiceType.
                                               SERVICE_WIN32_OWN_PROCESS,
                                               EnumServiceState.
                                               SERVICE_STATE_ALL)
        for service in services:
            if service['service_name'].lower().startswith("paexec"):
                paexec_services.append(service['service_name'])

        smb_tree = TreeConnect(client.session,
                               r"\\%s\ADMIN$" % client.connection.server_name)
        smb_tree.connect()

        share = Open(smb_tree, "")
        share.create(ImpersonationLevel.Impersonation,
                     DirectoryAccessMask.FILE_READ_ATTRIBUTES |
                     DirectoryAccessMask.SYNCHRONIZE |
                     DirectoryAccessMask.FILE_LIST_DIRECTORY,
                     FileAttributes.FILE_ATTRIBUTE_DIRECTORY,
                     ShareAccess.FILE_SHARE_READ |
                     ShareAccess.FILE_SHARE_WRITE |
                     ShareAccess.FILE_SHARE_DELETE,
                     CreateDisposition.FILE_OPEN,
                     CreateOptions.FILE_DIRECTORY_FILE)
        try:
            paexec_files = share.query_directory("PAExec-*.exe",
                                                 FileInformationClass.
                                                 FILE_NAMES_INFORMATION)
        except SMBResponseException as exc:
            if exc.status != NtStatus.STATUS_NO_SUCH_FILE:
github jborean93 / pypsexec / pypsexec / client.py View on Github external
def _delete_file(self, tree, name):
        file_open = Open(tree, name)
        msgs = [
            file_open.create(ImpersonationLevel.Impersonation,
                             FilePipePrinterAccessMask.DELETE,
                             FileAttributes.FILE_ATTRIBUTE_NORMAL,
                             0,
                             CreateDisposition.FILE_OPEN_IF,
                             CreateOptions.FILE_NON_DIRECTORY_FILE |
                             CreateOptions.FILE_DELETE_ON_CLOSE,
                             send=False),
            file_open.close(get_attributes=False, send=False)
        ]
        reqs = self.connection.send_compound([x[0] for x in msgs],
                                             sid=self.session.session_id,
                                             tid=tree.tree_connect_id,
                                             related=True)
        # remove the responses from the SMB outstanding requests
github jborean93 / pypsexec / pypsexec / exec.py View on Github external
def create_pipe(tree, name, access_mask):
    pipe = Open(tree, name)
    pipe.open(ImpersonationLevel.Impersonation,
              access_mask,
              FileAttributes.FILE_ATTRIBUTE_NORMAL,
              ShareAccess.FILE_SHARE_READ |
              ShareAccess.FILE_SHARE_WRITE |
              ShareAccess.FILE_SHARE_DELETE,
              CreateDisposition.FILE_OPEN,
              CreateOptions.FILE_NON_DIRECTORY_FILE |
              CreateOptions.FILE_SYNCHRONOUS_IO_NONALERT)
    return pipe
github jborean93 / pypsexec / pypsexec / exec.py View on Github external
else:
                # delete the service as it already exists
                service_status = scmr_api.query_service_status(service_handle)
                if service_status.current_state != CurrentState.SERVICE_STOPPED:
                    scmr_api.control_service(service_handle,
                                             ControlCode.SERVICE_CONTROL_STOP)
                scmr_api.delete_service(service_handle)
                scmr_api.close_service_handle_w(service_handle)

            # copy the executable across and overwrite the existing file
            tree_admin = TreeConnect(session, r"\\%s\ADMIN$"
                                     % session.connection.server_name)
            tree_admin.connect()

            # Copy the paexec payload to the host
            paexec = Open(tree_admin, exe_path)
            paexec.open(ImpersonationLevel.Impersonation,
                        FilePipePrinterAccessMask.FILE_WRITE_DATA,
                        FileAttributes.FILE_ATTRIBUTE_NORMAL,
                        ShareAccess.FILE_SHARE_READ,
                        CreateDisposition.FILE_OVERWRITE_IF,
                        CreateOptions.FILE_NON_DIRECTORY_FILE)
            try:
                for (payload, offset) in exe_payload(65536):
                    paexec.write(payload, offset)
            finally:
                paexec.close(False)

            # now create a branch new service here
            service_handle = scmr_api.create_service_wow64_w(
                scm_handle,
                svc_name,
github jborean93 / pypsexec / pypsexec / scmr.py View on Github external
def __init__(self, smb_session):
        # connect to the IPC tree and open a handle at svcctl
        self.tree = TreeConnect(smb_session, r"\\%s\IPC$"
                                % smb_session.connection.server_name)
        self.handle = Open(self.tree, "svcctl")
        self.call_id = 0

smbprotocol

Interact with a server using the SMB 2/3 Protocol

GitHub
MIT
Latest version published 1 month ago

Package Health Score

76 / 100
Full package analysis

Popular smbprotocol functions

Similar packages