wmi-1.3.16 from opsview.com

2019-02-16 00:16:52 +01:00
parent 163fdd3d1b
commit 17b3af2911
2146 changed files with 678824 additions and 0 deletions
@@ -0,0 +1,221 @@
+#!/usr/bin/python
+
+import sys
+import dcerpc, samr
+
+def test_Connect(pipe):
+
+    handle = samr.Connect(pipe)
+    handle = samr.Connect2(pipe)
+    handle = samr.Connect3(pipe)
+    handle = samr.Connect4(pipe)
+
+    # WIN2K3 only?
+    
+    try:
+        handle = samr.Connect5(pipe)
+    except dcerpc.NTSTATUS, arg:
+        if arg[0] != 0xc00000d2L:       # NT_STATUS_NET_WRITE_FAULT
+            raise
+
+    return handle
+    
+def test_UserHandle(user_handle):
+
+    # QuerySecurity()/SetSecurity()
+
+    user_handle.SetSecurity(user_handle.QuerySecurity())
+
+    # GetUserPwInfo()
+
+    user_handle.GetUserPwInfo()
+
+    # GetUserInfo()
+
+    for level in [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20,
+                  21, 23, 24, 25, 26]:
+
+        try:
+            user_handle.QueryUserInfo(level)
+            user_handle.QueryUserInfo2(level)
+        except dcerpc.NTSTATUS, arg:
+            if arg[0] != 0xc0000003L:   # NT_STATUS_INVALID_INFO_CLASS
+                raise
+
+    # GetGroupsForUser()
+
+    user_handle.GetGroupsForUser()
+
+    # TestPrivateFunctionsUser()
+
+    try:
+        user_handle.TestPrivateFunctionsUser()
+    except dcerpc.NTSTATUS, arg:
+        if arg[0] != 0xC0000002L:
+            raise
+
+def test_GroupHandle(group_handle):
+
+    # QuerySecurity()/SetSecurity()
+
+    group_handle.SetSecurity(group_handle.QuerySecurity())
+
+    # QueryGroupInfo()
+
+    for level in [1, 2, 3, 4, 5]:
+        info = group_handle.QueryGroupInfo(level)
+
+    # TODO: SetGroupinfo()
+
+    # QueryGroupMember()
+
+    group_handle.QueryGroupMember()
+
+def test_AliasHandle(alias_handle):
+
+    # QuerySecurity()/SetSecurity()
+
+    alias_handle.SetSecurity(alias_handle.QuerySecurity())
+
+    print alias_handle.GetMembersInAlias()
+
+def test_DomainHandle(name, sid, domain_handle):
+
+    print 'testing %s (%s)' % (name, sid)
+
+    # QuerySecurity()/SetSecurity()
+
+    domain_handle.SetSecurity(domain_handle.QuerySecurity())
+
+    # LookupNames(), none mapped
+
+    try:
+        domain_handle.LookupNames(['xxNONAMExx'])
+    except dcerpc.NTSTATUS, arg:
+        if arg[0] != 0xc0000073L:
+            raise dcerpc.NTSTATUS(arg)
+
+    # LookupNames(), some mapped
+
+    if name != 'Builtin':
+        domain_handle.LookupNames(['Administrator', 'xxNONAMExx'])
+
+    # QueryDomainInfo()/SetDomainInfo()
+
+    levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
+    set_ok = [1, 0, 1, 1, 0, 1, 1, 0, 1,  0,  1,  0]
+    
+    for i in range(len(levels)):
+
+        info = domain_handle.QueryDomainInfo(level = levels[i])
+
+        try:
+            domain_handle.SetDomainInfo(levels[i], info)
+        except dcerpc.NTSTATUS, arg:
+            if not (arg[0] == 0xc0000003L and not set_ok[i]):
+                raise
+
+    # QueryDomainInfo2()
+
+    levels = [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
+
+    for i in range(len(levels)):
+        domain_handle.QueryDomainInfo2(level = levels[i])
+
+    # EnumDomainUsers
+
+    print 'testing users'
+
+    users = domain_handle.EnumDomainUsers()
+    rids = domain_handle.LookupNames(users)
+    
+    for i in range(len(users)):
+        test_UserHandle(domain_handle.OpenUser(rids[0][i]))
+    
+    # QueryDisplayInfo
+
+    for i in [1, 2, 3, 4, 5]:
+        domain_handle.QueryDisplayInfo(level = i)
+        domain_handle.QueryDisplayInfo2(level = i)
+        domain_handle.QueryDisplayInfo3(level = i)
+            
+    # EnumDomainGroups
+
+    print 'testing groups'
+
+    groups = domain_handle.EnumDomainGroups()
+    rids = domain_handle.LookupNames(groups)
+
+    for i in range(len(groups)):
+        test_GroupHandle(domain_handle.OpenGroup(rids[0][i]))
+
+    # EnumDomainAliases
+
+    print 'testing aliases'
+
+    aliases = domain_handle.EnumDomainAliases()
+    rids = domain_handle.LookupNames(aliases)
+
+    for i in range(len(aliases)):
+        test_AliasHandle(domain_handle.OpenAlias(rids[0][i]))
+    
+    # CreateUser
+    # CreateUser2
+    # CreateDomAlias
+    # RidToSid
+    # RemoveMemberFromForeignDomain
+    # CreateDomainGroup
+    # GetAliasMembership
+
+    # GetBootKeyInformation()
+
+    try:
+        domain_handle.GetBootKeyInformation()
+    except dcerpc.NTSTATUS, arg:
+        pass
+
+    # TestPrivateFunctionsDomain()
+
+    try:
+        domain_handle.TestPrivateFunctionsDomain()
+    except dcerpc.NTSTATUS, arg:
+        if arg[0] != 0xC0000002L:
+            raise
+
+def test_ConnectHandle(connect_handle):
+
+    print 'testing connect handle'
+
+    # QuerySecurity/SetSecurity
+
+    connect_handle.SetSecurity(connect_handle.QuerySecurity())
+
+    # Lookup bogus domain
+
+    try:
+        connect_handle.LookupDomain('xxNODOMAINxx')
+    except dcerpc.NTSTATUS, arg:
+        if arg[0] != 0xC00000DFL:          # NT_STATUS_NO_SUCH_DOMAIN
+            raise
+
+    # Test all domains
+
+    for domain_name in connect_handle.EnumDomains():
+
+        connect_handle.GetDomPwInfo(domain_name)
+        sid = connect_handle.LookupDomain(domain_name)
+        domain_handle = connect_handle.OpenDomain(sid)
+
+        test_DomainHandle(domain_name, sid, domain_handle)
+
+    # TODO: Test Shutdown() function
+
+def runtests(binding, creds):
+
+    print 'Testing SAMR pipe'
+
+    pipe = dcerpc.pipe_connect(binding,
+            dcerpc.DCERPC_SAMR_UUID, int(dcerpc.DCERPC_SAMR_VERSION), creds)
+
+    handle = test_Connect(pipe)
+    test_ConnectHandle(handle)