本文整理汇总了Python中pysap.SAPRouter.SAPRoutedStreamSocket类的典型用法代码示例。如果您正苦于以下问题:Python SAPRoutedStreamSocket类的具体用法?Python SAPRoutedStreamSocket怎么用?Python SAPRoutedStreamSocket使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了SAPRoutedStreamSocket类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: recv
def recv(self):
"""Receive a packet at the Enqueue layer, performing reassemble of
fragmented packets if necessary.
:return: received :class:`SAPEnqueue` packet
:rtype: :class:`SAPEnqueue`
:raise socket.error: if the connection was close
"""
# Receive the NI packet
packet = SAPRoutedStreamSocket.recv(self)
if SAPEnqueue in packet and packet[SAPEnqueue].more_frags:
log_sapenqueue.debug("Received Enqueue fragmented packet")
head = str(packet[SAPEnqueue])[:20]
data = str(packet[SAPEnqueue])[20:]
total_length = packet[SAPEnqueue].len - 20
recvd_length = len(packet[SAPEnqueue]) - 20
log_sapenqueue.debug("Received %d up to %d bytes", recvd_length, total_length)
while recvd_length < total_length and packet[SAPEnqueue].more_frags == 1:
response = SAPRoutedStreamSocket.recv(self)[SAPEnqueue]
data += str(response)[20:]
recvd_length += len(response) - 20
log_sapenqueue.debug("Received %d up to %d bytes", recvd_length, total_length)
packet = SAPEnqueue(head + data)
return packet
开发者ID:CoreSecurity,项目名称:pysap,代码行数:29,代码来源:SAPEnqueue.py
示例2: send_crash
def send_crash(host, port, item, verbose, route=None):
# Create the connection to the SAP Netweaver server
if verbose:
print("[*] Sending crash")
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(host, port, route, base_cls=SAPEnqueue)
conn.send(item)
开发者ID:CoreSecurity,项目名称:pysap,代码行数:7,代码来源:enqueue_dos_exploit.py
示例3: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(
options.remote_host, options.remote_port, options.route_string, base_cls=SAPMS
)
print("[*] Connected to the message server %s:%d" % (options.remote_host, options.remote_port))
client_string = options.client
# Send MS_LOGIN_2 packet
p = SAPMS(flag=0x00, iflag=0x08, toname=client_string, fromname=client_string)
print("[*] Sending login packet")
response = conn.sr(p)[SAPMS]
print("[*] Login performed, server string: %s" % response.fromname)
print("[*] Listening to server messages")
try:
while True:
# Send MS_SERVER_LST packet
response = conn.recv()[SAPMS]
print("[*] Message received !")
response.show()
except SocketError:
print("[*] Connection error")
except KeyboardInterrupt:
print("[*] Cancelled by the user")
开发者ID:CoreSecurity,项目名称:pysap,代码行数:35,代码来源:ms_listener.py
示例4: do_connect
def do_connect(self, args):
""" Initiate the connection to the Message Server service. The
connection is registered using the client_string runtime option. """
# Create the socket connection
try:
self.connection = SAPRoutedStreamSocket.get_nisocket(self.options.remote_host,
self.options.remote_port,
self.options.route_string,
base_cls=SAPMS)
except SocketError as e:
self._error("Error connecting with the Message Server")
self._error(str(e))
return
self._print("Attached to %s / %d" % (self.options.remote_host, self.options.remote_port))
# Send MS_LOGIN_2 packet
p = SAPMS(flag=0x00, iflag=0x08, toname=self.runtimeoptions["client_string"],
fromname=self.runtimeoptions["client_string"])
self._debug("Sending login packet")
response = self.connection.sr(p)[SAPMS]
if response.errorno == 0:
self.runtimeoptions["server_string"] = response.fromname
self._debug("Login performed, server string: %s" % response.fromname)
self._print("pysap's Message Server monitor, connected to %s / %d" % (self.options.remote_host,
self.options.remote_port))
self.connected = True
else:
if response.errorno in ms_errorno_values:
self._error("Error performing login: %s" % ms_errorno_values[response.errorno])
else:
self._error("Unknown error performing login: %d" % response.errorno)
开发者ID:,项目名称:,代码行数:35,代码来源:
示例5: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
domain = ms_domain_values_inv[options.domain]
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPMS)
print("[*] Connected to the message server %s:%d" % (options.remote_host, options.remote_port))
client_string = options.client
# Send MS_LOGIN_2 packet
p = SAPMS(flag=0x00, iflag=0x08, domain=domain, toname=client_string, fromname=client_string)
print("[*] Sending login packet")
response = conn.sr(p)[SAPMS]
print("[*] Login performed, server string: %s" % response.fromname)
# Sends a message to another client
p = SAPMS(flag=0x02, iflag=0x01, domain=domain, toname=options.target, fromname=client_string, opcode=1)
p /= Raw(options.message)
print("[*] Sending packet to: %s" % options.target)
conn.send(p)
开发者ID:CoreSecurity,项目名称:pysap,代码行数:31,代码来源:ms_messager.py
示例6: route_test
def route_test(rhost, rport, thost, tport, talk_mode, router_version):
print("[*] Routing connections to %s:%s" % (thost, tport))
# Build the route to the target host passing through the SAP Router
route = [SAPRouterRouteHop(hostname=rhost,
port=rport),
SAPRouterRouteHop(hostname=thost,
port=tport)]
# Try to connect to the target host using the routed stream socket
try:
conn = SAPRoutedStreamSocket.get_nisocket(route=route,
talk_mode=talk_mode,
router_version=router_version)
conn.close()
status = 'open'
# If an SAPRouteException is raised, the route was denied or an error
# occurred with the SAP router
except SAPRouteException:
status = 'denied'
# Another error occurred on the server (e.g. timeout), mark the target as error
except Exception:
status = 'error'
return status
开发者ID:aolihu,项目名称:pysap,代码行数:28,代码来源:router_scanner.py
示例7: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
print("[*] Testing IGS ZIPPER interpreter on %s:%d" % (options.remote_host,
options.remote_port))
# open input file
try:
with open(options.file_input, 'rb') as f:
file_input_content=f.read()
except IOError:
print("[!] Error reading %s file." % options.file_input)
exit(2)
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPIGS)
# the xml request for zipper interpreter
xml = '<?xml version="1.0"?><REQUEST><COMPRESS type="zip"><FILES>'
xml += '<FILE name="{}" '.format(options.file_input)
xml += 'path="{}" '.format(options.file_path)
xml += 'size="{}"/>'.format(len(file_input_content))
xml += '</FILES></COMPRESS></REQUEST>'
# create tables descriptions
# table with xml content
table_xml = SAPIGSTable.add_entry('XMLDESC', 1, len(xml), 1,
'XMLDESC', len(xml)
)
# table with file content
table_file = SAPIGSTable.add_entry('FILE1', 1, len(file_input_content), 1,
'FILE1', len(file_input_content)
)
# get the futur offset where table entries begin
offset = (len(table_xml) + len(table_file))
# filling tables
content_xml = xml
content_file = file_input_content
# total size of packet
# total_size need to be a multiple of 1024
total_size = offset + 244 # 244 IGS header size
total_size += 1023
total_size -= (total_size % 1024)
# Put all together
p = SAPIGS(function='ZIPPER', listener='L', offset_content=str(offset), packet_size=str(total_size))
p = p / table_xml / table_file / content_xml / content_file
# Send the IGS packet
print("[*] Send %s to ZIPPER interpreter..." % options.file_input)
conn.send(p)
print("[*] File sent.")
开发者ID:CoreSecurity,项目名称:pysap,代码行数:60,代码来源:igs_rfc_zipper.py
示例8: test_saproutedstreamsocket_getnisocket
def test_saproutedstreamsocket_getnisocket(self):
"""Test SAPRoutedStreamSocket get nisocket class method"""
self.start_server(SAPRouterServerTestHandler)
# Test using a complete route
route = [SAPRouterRouteHop(hostname=self.test_address,
port=self.test_port),
SAPRouterRouteHop(hostname="10.0.0.1",
port="3200")]
self.client = SAPRoutedStreamSocket.get_nisocket(route=route,
router_version=40)
packet = self.client.sr(self.test_string)
self.assertIn(SAPNI, packet)
self.assertEqual(packet[SAPNI].length, len(self.test_string) + 4)
self.assertEqual(unpack("!I", packet[SAPNI].payload.load[:4]), (len(self.test_string), ))
self.assertEqual(packet[SAPNI].payload.load[4:], self.test_string)
# Test using a route and a target host/port
route = [SAPRouterRouteHop(hostname=self.test_address,
port=self.test_port)]
self.client = SAPRoutedStreamSocket.get_nisocket("10.0.0.1",
"3200",
route=route,
router_version=40)
packet = self.client.sr(self.test_string)
self.assertIn(SAPNI, packet)
self.assertEqual(packet[SAPNI].length, len(self.test_string) + 4)
self.assertEqual(unpack("!I", packet[SAPNI].payload.load[:4]), (len(self.test_string), ))
self.assertEqual(packet[SAPNI].payload.load[4:], self.test_string)
# Test using a route string
route = "/H/%s/S/%s/H/10.0.0.1/S/3200" % (self.test_address,
self.test_port)
self.client = SAPRoutedStreamSocket.get_nisocket(route=route,
router_version=40)
packet = self.client.sr(self.test_string)
self.assertIn(SAPNI, packet)
self.assertEqual(packet[SAPNI].length, len(self.test_string) + 4)
self.assertEqual(unpack("!I", packet[SAPNI].payload.load[:4]), (len(self.test_string), ))
self.assertEqual(packet[SAPNI].payload.load[4:], self.test_string)
self.client.close()
self.stop_server()
开发者ID:,项目名称:,代码行数:46,代码来源:
示例9: connect
def connect(self):
"""Creates a :class:`SAPNIStreamSocket` connection to the host/port. If a route
was specified, connect to the target Diag server through the SAP Router.
"""
self._connection = SAPRoutedStreamSocket.get_nisocket(self.host,
self.port,
self.route,
base_cls=SAPDiag)
开发者ID:HPxpat,项目名称:pysap,代码行数:8,代码来源:SAPDiagClient.py
示例10: test_saproutedstreamsocket_error
def test_saproutedstreamsocket_error(self):
"""Test SAPRoutedStreamSocket throwing of Exception if an invalid
or unexpected packet is received"""
self.start_server(SAPRouterServerTestHandler)
sock = socket.socket()
sock.connect((self.test_address, self.test_port))
with self.assertRaises(Exception):
self.client = SAPRoutedStreamSocket(sock, route=None,
router_version=40)
self.stop_server()
开发者ID:,项目名称:,代码行数:13,代码来源:
示例11: do_connect
def do_connect(self, args):
""" Initiate the connection to the Gateway service. The connection is
registered using the client_string runtime option. """
# Create the socket connection
try:
self.connection = SAPRoutedStreamSocket.get_nisocket(self.options.remote_host,
self.options.remote_port,
self.options.route_string,
base_cls=SAPRFC)
except SocketError as e:
self._error("Error connecting with the Gateway service")
self._error(str(e))
return
self._print("Attached to %s / %d" % (self.options.remote_host, self.options.remote_port))
开发者ID:HPxpat,项目名称:pysap,代码行数:16,代码来源:rfc_monitor.py
示例12: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
print("[*] Testing IGS ZIPPER interpreter on %s:%d" % (options.remote_host,
options.remote_port))
# open input file
try:
with open(options.file_input, 'rb') as f:
file_input_content = f.read()
except IOError:
print("[!] Error reading %s file." % options.file_input)
exit(2)
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
talk_mode=1)
# the xml request for zipper interpreter
xml = '<?xml version="1.0"?><REQUEST><COMPRESS type="zip"><FILES>'
xml += '<FILE name="%s" ' % (options.file_input)
xml += 'path="%s" ' % (options.file_path)
xml += 'size="%s"/>' % (len(file_input_content))
xml += '</FILES></COMPRESS></REQEST>'
# http request type multipart/form-data
files = {"xml": ("xml", xml), "zipme": ("zipme", file_input_content)}
p = SAPIGS.http(options.remote_host, options.remote_port, 'ZIPPER', files)
# Send/Receive request
print("[*] Send %s to ZIPPER interpreter..." % options.file_input)
conn.send(p)
print("[*] Response :")
response = conn.recv(1024)
response.show()
# Extract zip from response
print("[*] Generated file(s) :")
for url in str(response).split('href='):
if "output" in url:
print("http://%s:%d%s" % (options.remote_host,
options.remote_port,
url.split('"')[1]))
开发者ID:CoreSecurity,项目名称:pysap,代码行数:47,代码来源:igs_http_zipper.py
示例13: test_saproutedstreamsocket_route_error
def test_saproutedstreamsocket_route_error(self):
"""Test SAPRoutedStreamSocket throwing of SAPRouteException if
a route denied return error is received"""
self.start_server(SAPRouterServerTestHandler)
sock = socket.socket()
sock.connect((self.test_address, self.test_port))
route = [SAPRouterRouteHop(hostname=self.test_address,
port=self.test_port),
SAPRouterRouteHop(hostname="10.0.0.2",
port="3200")]
with self.assertRaises(SAPRouteException):
self.client = SAPRoutedStreamSocket(sock, route=route,
router_version=40)
self.stop_server()
开发者ID:,项目名称:,代码行数:18,代码来源:
示例14: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
print("[*] Testing XXE over IGS XMLCHART on http://%s:%d" % (options.remote_host,
options.remote_port))
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
talk_mode=1)
# XML Data content
data = '''<?xml version="1.0" encoding="utf-8"?>
<ChartData>
<Categories>
<Category>Fus Ro Dah</Category>
</Categories>
<Series label="bla">
<Point><Value type="y">42</Value></Point>
</Series>
</ChartData>'''
# http POST request type multipart/form-data
files = {'data': ('data', data)}
p = SAPIGS.http(options.remote_host, options.remote_port, 'XMLCHART', files)
# Send/Receive request
print("[*] Send request to IGS...")
conn.send(p)
print("[*] Response :")
response = conn.recv(1024)
response.show()
# Extract picture from response
print("[*] Generated file(s) :")
for url in str(response).split('href='):
if "output" in url:
print("http://%s:%d%s" % (options.remote_host,
options.remote_port,
url.split('"')[1]))
开发者ID:CoreSecurity,项目名称:pysap,代码行数:44,代码来源:igs_http_xmlchart.py
示例15: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPMS)
print("[*] Connected to the message server %s:%d" % (options.remote_host, options.remote_port))
client_string = options.client
# Send MS_LOGIN_2 packet
p = SAPMS(flag=0x00, iflag=0x08, toname=client_string, fromname=client_string)
print("[*] Sending login packet:")
response = conn.sr(p)[SAPMS]
print("[*] Login OK, Server string: %s" % response.fromname)
server_string = response.fromname
# Send a Dump Info packet for each possible Dump
for i in ms_dump_command_values.keys():
# Skip MS_DUMP_MSADM and MS_DUMP_COUNTER commands as the info
# is included in other dump commands
if i in [1, 12]:
continue
p = SAPMS(flag=0x02, iflag=0x01, toname=server_string,
fromname=client_string, opcode=0x1e, dump_dest=0x02,
dump_command=i)
print("[*] Sending dump info", ms_dump_command_values[i])
response = conn.sr(p)[SAPMS]
if (response.opcode_error != 0):
print("Error:", ms_opcode_error_values[response.opcode_error])
print(response.opcode_value)
开发者ID:,项目名称:,代码行数:42,代码来源:
示例16: test_saproutedstreamsocket
def test_saproutedstreamsocket(self):
"""Test SAPRoutedStreamSocket"""
self.start_server(SAPRouterServerTestHandler)
sock = socket.socket()
sock.connect((self.test_address, self.test_port))
route = [SAPRouterRouteHop(hostname=self.test_address,
port=self.test_port),
SAPRouterRouteHop(hostname="10.0.0.1",
port="3200")]
self.client = SAPRoutedStreamSocket(sock, route=route,
router_version=40)
packet = self.client.sr(self.test_string)
self.assertIn(SAPNI, packet)
self.assertEqual(packet[SAPNI].length, len(self.test_string) + 4)
self.assertEqual(unpack("!I", packet[SAPNI].payload.load[:4]), (len(self.test_string), ))
self.assertEqual(packet[SAPNI].payload.load[4:], self.test_string)
self.client.close()
self.stop_server()
开发者ID:,项目名称:,代码行数:23,代码来源:
示例17: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
domain = ms_domain_values_inv[options.domain]
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPMS)
print("[*] Connected to the message server %s:%d" % (options.remote_host, options.remote_port))
# Set release information
prop = SAPMSProperty(id=7, release="720", patchno=70, supplvl=0, platform=0)
p = SAPMS(flag=0x01, iflag=0x01, domain=domain, toname="MSG_SERVER", fromname=options.client, opcode=0x43, property=prop)
print("[*] Setting release information")
conn.send(p)
# Perform the login enabling the DIA+BTC+ICM services
p = SAPMS(flag=0x08, iflag=0x08, msgtype=0x89, domain=domain, toname="-", fromname=options.client)
print("[*] Sending login packet")
conn.sr(p)[SAPMS]
print("[*] Login performed")
# Changing the status to starting
p = SAPMS(flag=0x01, iflag=0x09, msgtype=0x05, domain=domain, toname="-", fromname=options.client)
print("[*] Changing server's status to starting")
conn.send(p)
# Set IP address
p = SAPMS(flag=0x01, iflag=0x01, domain=domain, toname="MSG_SERVER", fromname=options.client, opcode=0x06,
opcode_version=0x01, change_ip_addressv4=options.logon_address)
print("[*] Setting IP address")
response = conn.sr(p)[SAPMS]
print("[*] IP address set")
response.show()
# Set logon information
l = SAPMSLogon(type=2, port=3200, address=options.logon_address, host=options.client, misc="LB=3")
p = SAPMS(flag=0x01, iflag=0x01, msgtype=0x01, domain=domain, toname="MSG_SERVER", fromname=options.client,
opcode=0x2b, logon=l)
print("[*] Setting logon information")
response = conn.sr(p)[SAPMS]
print("[*] Logon information set")
response.show()
# Set the IP Address property
prop = SAPMSProperty(client=options.client, id=0x03, address=options.logon_address)
p = SAPMS(flag=0x02, iflag=0x01, domain=domain, toname="-", fromname=options.client,
opcode=0x43, property=prop)
print("[*] Setting IP address property")
response = conn.sr(p)[SAPMS]
print("[*] IP Address property set")
response.show()
# Changing the status to active
p = SAPMS(flag=0x01, iflag=0x09, msgtype=0x01, domain=domain, toname="-", fromname=options.client)
print("[*] Changing server's status to active")
conn.send(p)
# Wait for connections
try:
while True:
response = conn.recv()[SAPMS]
response.show()
except KeyboardInterrupt:
print("[*] Cancelled by the user !")
# Send MS_LOGOUT packet
p = SAPMS(flag=0x00, iflag=0x04, domain=domain, toname="MSG_SERVER", fromname=options.client)
print("[*] Sending logout packet")
conn.send(p)
开发者ID:CoreSecurity,项目名称:pysap,代码行数:76,代码来源:ms_impersonator.py
示例18: __init__
def __init__(self, sock, *args, **kwargs):
"""Initialization defaults to SAPEnqueue as base class"""
if "base_cls" not in kwargs:
kwargs["base_cls"] = SAPEnqueue
SAPRoutedStreamSocket.__init__(self, sock, *args, **kwargs)
开发者ID:CoreSecurity,项目名称:pysap,代码行数:5,代码来源:SAPEnqueue.py
示例19: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
domain = ms_domain_values_inv[options.domain]
# Initiate the connection
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPMS)
print("[*] Connected to the message server %s:%d" % (options.remote_host, options.remote_port))
# Generate a random client string to differentiate our connection
client_string = options.client
# Send MS_LOGIN_2 packet
print("[*] Sending login packet")
p = SAPMS(flag=0x00, iflag=0x08, domain=domain, toname=client_string, fromname=client_string)
response = conn.sr(p)[SAPMS]
print("[*] Login performed, server string: %s" % response.fromname)
server_string = response.fromname
# Send MS_SERVER_CHG packet
print("[*] Sending server change packet")
p = SAPMS(flag=0x02, iflag=0x01, domain=domain, toname=server_string, fromname=client_string, opcode=0x01,
opcode_version=4)
response = conn.sr(p)[SAPMS]
# Send MS_SERVER_LONG_LIST packet
print("[*] Sending server long list packet")
p = SAPMS(flag=0x01, iflag=0x01, domain=domain, toname=server_string, fromname=client_string, opcode=0x40,
opcode_charset=0x00)
conn.send(p)
clients = []
def print_client(msg, client):
if options.verbose:
print("[*] %s %s (host=%s, service=%s, port=%d)" % (msg,
client.client.strip(),
client.host.strip(),
client.service.strip(),
client.servno))
# Send MS_SERVER_LST packet
print("[*] Retrieving list of current clients")
p = SAPMS(flag=0x02, iflag=0x01, domain=domain, toname=server_string, fromname=client_string, opcode=0x05,
opcode_version=0x68)
response = conn.sr(p)[SAPMS]
for client in response.clients:
if client.client != client_string:
clients.append(("LIST", client))
print_client("Client", client)
try:
while (True):
response = conn.recv()[SAPMS]
response.show()
if response.opcode == 0x02: # Added client
client = response.clients[0]
clients.append(("ADD", client))
print_client("Added client", client)
elif response.opcode == 0x03: # Deleted client
client = response.clients[0]
clients.append(("DEL", client))
print_client("Deleted client", client)
elif response.opcode == 0x04: # Modified client
client = response.clients[0]
clients.append(("MOD", client))
print_client("Modified client", client)
except SocketError:
print("[*] Connection error")
except KeyboardInterrupt:
print("[*] Cancelled by the user")
finally:
print("[*] Observed clients:")
for action, client in clients:
print("\t%s\tclient %s (host=%s, service=%s, port=%d)" % (action,
client.client.strip(),
client.host.strip(),
client.service.strip(),
client.servno))
开发者ID:CoreSecurity,项目名称:pysap,代码行数:89,代码来源:ms_observer.py
示例20: main
def main():
options = parse_options()
if options.verbose:
logging.basicConfig(level=logging.DEBUG)
# initiate the connection :
print("[*] Initiate connection to message server %s:%d" % (options.remote_host, options.remote_port))
try:
conn = SAPRoutedStreamSocket.get_nisocket(options.remote_host,
options.remote_port,
options.route_string,
base_cls=SAPMS)
except Exception as e:
print(e)
print ("Error during MS connection. Is internal ms port %d reachable ?" % options.remote_port)
else:
print ("[*] Connected. I check parameters...")
client_string = options.client
# Send MS_LOGIN_2 packet
p = SAPMS(flag=0x00, iflag=0x08, toname=client_string, fromname=client_string)
print("[*] Sending login packet:")
response = conn.sr(p)[SAPMS]
print("[*] Login OK, Server string: %s\n" % response.fromname)
server_string = response.fromname
try:
with open(options.file_param) as list_param:
for line in list_param.readlines():
line = line.strip()
# Check for comments or empty lines
if len(line) == 0 or line.startswith("#"):
continue
# Get parameters, check type and expected value
# param2c = the SAP parameter to check
# check_type = EQUAL, SUP, INF, REGEX, <none>
# value2c = the expect value for 'ok' status
(param2c, check_type, value2c) = line.split(':')
status = '[!]'
# create request
adm = SAPMSAdmRecord(opcode=0x1, parameter=param2c)
p = SAPMS(toname=server_string, fromname=client_string, version=4, flag=0x04, iflag=0x05,
adm_records=[adm])
# send request
respond = conn.sr(p)[SAPMS]
value = respond.adm_records[0].parameter.replace(respond.adm_records[0].parameter.split('=')[0] +
'=', '')
# Verify if value match with expected value
if value == '':
value = 'NOT_EXIST'
status = '[ ]'
elif check_type == 'EQUAL':
if value.upper() == str(value2c).upper():
status = '[+]'
elif check_type == 'NOTEQUAL':
if value.upper() != str(value2c).upper():
status = '[+]'
elif check_type == 'REGEX':
if re.match(value2c.upper(), value.upper()) and value2c != 'NOT_EXIST':
status = '[+]'
elif check_type == 'SUP':
if float(value) >= float(value2c):
status = '[+]'
elif check_type == 'INF':
if float(value) <= float(value2c):
status = '[+]'
else:
status = '[ ]'
# display result
print ("%s %s = %s" % (status, param2c, value))
except IOError:
print("Error reading parameters file !")
exit(0)
except ValueError:
print("Invalid parameters file format or access denied!")
exit(0)
开发者ID:CoreSecurity,项目名称:pysap,代码行数:83,代码来源:ms_dump_param.py
注:本文中的pysap.SAPRouter.SAPRoutedStreamSocket类示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论