hi=dZddlZddlZddlmZddlmZddlmZddl m Z ddl m Z ddl mZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZdd lm Z m!Z!m"Z"m#Z#m$Z$Gd d e%Z&Gd d e&Z'dS)z! DCE/RPC server as per [MS-RPCE] N)deque) get_if_addr)conf)MTU) RandShort)DceRpc5 DceRpcSession DceRpc5BindDceRpc5BindAckDceRpc5BindNak DceRpc5Auth3DceRpc5AlterContextDceRpc5AlterContextResp DceRpc5ResultDceRpc5RequestDceRpc5ResponseDceRpc5TransferSyntaxDceRpc5PortAnyCommonAuthVerifierDCE_RPC_INTERFACESDCERPC_TransportRPC_C_AUTHN_LEVEL)ept_map_Requestept_map_Responsetwr_p_tprotocol_tower_tprot_and_addr_tceZdZdZdS)_DCERPC_Server_metaclassc|dd|Dt||||S)Ndcerpc_commandsc>i|]}t|d|j|Sdcerpc_command)hasattrr$).0xs a/mounts/lovelace/software/anaconda3/lib/python3.11/site-packages/scapy/layers/msrpce/rpcserver.py z4_DCERPC_Server_metaclass.__new__..5s- W W WQ'!EU:V:V WQ q W W W) setdefaultvaluestype__new__)clsnamebasesdcts r(r.z _DCERPC_Server_metaclass.__new__2sN   W W#**,, W W W   ||Cuc222r*N)__name__ __module__ __qualname__r.r*r(rr1s#33333r*rceZdZ ddZdZedZdZdZe dd Z d Z d Z e ed ZdS) DCERPC_ServerFTNc ||_tdi||_t|_||_|rd|_nd|_||_||_|pi|_ ||_ dS)NNDR64zNDR 2.0r6) transportr sessionrqueuendr64ndr_namelocal_ipportportmapverb)selfr;r>rCr@rArBkwargss r(__init__zDCERPC_Server.__init__;sn#$..v.. WW   &#DMM%DM   }"  r*c |t}|sdS|| |}|sn#|t |:oN)recvr get_responsesendbytes)rDsockpktresps r(loopzDCERPC_Server.loopSsu '))C..C  IIcNNN '((** %++&&&  ' 'r*cfd}|S)z A decorator that registers a DCE/RPC responder to a command. See the DCE/RPC documentation. :param reqcls: the DCE/RPC packet class to respond to c|_|SrHr#)funcreqclss r(decoz"DCERPC_Server.answer..decois"(D Kr*r6)rTrUs` r(answerzDCERPC_Server.answer`s#      r*cD|j|jdS)z6 Extend a DCE/RPC server into another N)r!update)rD server_clss r(extendzDCERPC_Server.extendos$ ##J$>?????r*ct|tjj}||jvr|j|||SdSrH)rpayload __class__r!)rDreqr/s r( make_replyzDCERPC_Server.make_replyus?.!)3 $& & &,4',T377 7tr*c V |tjkr:tjtjtj t |p t j tj tj dn#t$rYnwxYw f dg ddr4tt jdjz fd}|r)t'j| S|d S|tjkr:dd lm}d g|jd|p t j|d St7d )a% Spawn a DCE/RPC server :param transport: one of DCERPC_Transport :param iface: the interface to spawn it on (default: conf.iface) :param port: the port to spawn it on (for IP_TCP or the SMB server) :param bg: background mode? (default: False) rCTzServer %s started. Waiting...c \}}|ttjdt |ztjfd}tj |j |f #t$r1td tjYnt"$rtdYnwxYwD]F} |tj|7#t&$rYCwxYw dS#D]F} |tj|7#t&$rYCwxYw wxYw)NTu┃ Connection received from %s)r@rA)targetargsz X Exiting.zX Server closed.)acceptappendprintr color_themegoldreprr NCACN_IP_TCP threadingThreadrPstartKeyboardInterruptshutdownsocket SHUT_RDWROSErrorclose Exception) clientsocketaddressserverrMr/rEr@rAsocketsssocks r(_runz!DCERPC_Server.spawn.._runs""05 - g|444 ,11 DtG}} T "%,9"%-!%""% "" "(#);l_%'''!"")555,'''NN6#344444...,-----.!(!!! MM&*:;;; JJLLLL(!!! D!KKMMMMM !(!!! MM&*:;;; JJLLLL(!!! D!KKMMMMsfB.B118D)E(+DE(DE(3E EE(G.3F"!G" F/ ,G.F/ /G)rer) SMB_Servershares)ifacerAbgDCERPC_SERVER_CLSzUnsupported transport :(Nr6)rrmrsAF_INET SOCK_STREAMrrr setsockopt SOL_SOCKET SO_REUSEADDRrubindlistengetrirjgreenr3rnrorpNCACN_NPscapy.layers.smbserverr~r+spawn ValueError) r/r;rrArrEr}r~r@r{r|s ` ` ` @@@r(rzDCERPC_Server.spawn|s (5 5 5M&.&2DEEE"5#6DJ77H   !2F4GKKKK     JJ$' ( ( ( LLOOOGzz&$'' $**7#,F " " " " " " " " " "D  ---33555  *3 3 3 9 9 9 9 9 9   h + + +#:#)tz"%  788 8s+B BBc  t|trt|}n|}d}tj|vr@|tjj}|tjjj |}t|j |j |j |j }t|vst|vs t |vrjrt%tjd|jjjzjjr.get_result"s03;;KHHDt},,,#$#$,A(+(=a(@(H+.+@+C+N---   !@@@,#$#$,A(.+,---    -#$#$,A(.+,---   r*c&g|] }|Sr6r6)r&r'rs r( z&DCERPC_Server.recv..Bs!CCCQ::a==CCCr*s \\PIPE\\%s) port_spec)assoc_group_idsec_addrresultsz>>  z is on port 'z' using z<< REQUEST: %s) alloc_hintcont_idz>> RESPONSE: %s): isinstancerLrr padding_layerload underlayerremove_payloadr<in_pktrrrrr rr rCrirjopeningr\r]r3ssprr0rpc_bind_interfacer=rZout_pktr fail auth_verifierrGSS_Accept_sec_context sspcontextrrrIrr context_elemrAencodestrr rrrsuccessdecoder?rr_rlenr) rDdatar^padhdrrstatusrrr/rOrs ` @r(rIzDCERPC_Server.recvs dE " " $--CCC   $ $d().C " # . = = ? ? ?l!!#&&:\)K     #  !4!;!;|s?R?Ry $,,#+"7"@@ $|/ $ $ $ 0 : C C(,|'>'J%I$,*A*F$H$H$H)+%,%, "$ $<2h  !!$,"6"6s^=M=M7M"N"NOOO9Y$*//0VWWXXX%," FL$))4 (?? /1B1M  /"/@)4//DL+473D3TDL0#s**!Q;;!$"2"7"78O"P"PQQQ? IIcNNN"-,>&)&7&A'*'8'C,/,=,M'1 ---)@DCCC#2BCCC9$,,9>EEGGHI !$DI 5 5 7 7' AI#%%(CC1C !!L((#+4;;%3*3&&&%,      9(00X#,XX1P1UXX,5,<,<,>,>XXHL XX s " "y $,,(n-5?HI??3''D  !!L(()'*4yy$'K     9(00-1HI ? IIcNNNNN ?r*cX |jS#t$rYdSwxYwrH)r=popleft IndexError)rDs r(rJzDCERPC_Server.get_responses= :%%'' '   44 s  ))c|jtjkrtdt |t d}|jdj}|jdj dz|jdj z}d}||ftvr%t||f}||j vr |j |}|ttt |jd|jd|jdtddd| tdd d |jpd g }t#|g|j}|j|j_n |S)z, Answer to ept_map_Request. Unimplementedzmap_tower.tower_octet_stringrNrbrrm) lhs_lengthprotocol_identifier rhs_lengthrhsIPz0.0.0.0)floors)tower_octet_string)ITowersr>)r;rrmrrrvalueofruuidrversionrrBrrLrr@rr> max_towersr max_count) rDr^towerrrrA interface resp_towerrOs r(ept_mapzDCERPC_Server.ept_maps >-: : :_-- -  ( ()G H H  |A#l1o)R/5<?3JJ  * !3 3 3*D*+=>IDL((|I.   #($!LO!LO!LO++,4B+,$(  ,+,48+,$(M$>Y  $$J.$ZL KKKD%(^DL " "  r*)FTNNN)Nr`F)r3r4r5rFrP staticmethodrVrZr_ classmethodrrIrJ__func__rrr6r*r(r8r8:s  0 ' ' '  \ @@@ S9S9S9[S9jnnn` ___%%22&%222r*r8) metaclass)(__doc__rsrn collectionsr scapy.archr scapy.configr scapy.datarscapy.volatilerscapy.layers.dcerpcrr r r r r rrrrrrrrrrrscapy.layers.msrpce.eptrrrrrr-rr8r6r*r(rs  """"""$$$$$$*33333t333CCCCC6CCCCCCr*