asolino/scratch1.py

## scratch1.py
import sys
from pefile import PE
from impacket.smbconnection import SMBConnection, FILE_READ_DATA, FILE_WRITE_DATA

class RemoteFile:
    def __init__(self, smbConnection, fileName, share = 'ADMIN$'):
        self.__smbConnection = smbConnection
        self.__fileName = fileName
        self.__share = share
        self.__tid = self.__smbConnection.connectTree(share)
        self.__fid = None
        self.__currentOffset = 0
        self.__fileLen = None

    def __len__(self):
        # Get's the file len
        if self.__fileLen is None:
            self.__fileLen = self.__smbConnection.queryInfo(self.__tid, self.__fid)['EndOfFile']

        return self.__fileLen

    def __getitem__(self, index):
        # Get's portions of file
        # Uncomment this if you want to debug what's going on
        #print index
        if isinstance(index, int):
            # Asking for a single byte, odd
            offset = index
            bytesToRead = 1
        elif isinstance(index, slice):
            # Asking many byte, calculating and returning
            offset = index.start
            if index.stop == sys.maxint:
                # We have to read till the end of file
                bytesToRead = self.__len__()
            else:
                bytesToRead = index.stop - index.start


        return self.__smbConnection.readFile(self.__tid, self.__fid, offset=offset, bytesToRead=bytesToRead)

    def open(self, desiredAccess = FILE_READ_DATA | FILE_WRITE_DATA):
        self.__fid = self.__smbConnection.openFile(self.__tid, self.__fileName, desiredAccess=desiredAccess)
        self.__fileLen = self.__smbConnection.queryInfo(self.__tid, self.__fid)['EndOfFile']

    def seek(self, offset, whence):
        # Implement whence, for now it's always from the beginning of the file
        if whence == 0:
            self.__currentOffset = offset

    def read(self, bytesToRead):
        if bytesToRead > 0:
            data =  self.__smbConnection.readFile(self.__tid, self.__fid, self.__currentOffset, bytesToRead)
            self.__currentOffset += len(data)
            return data
        return ''

    def close(self, delete=True):
        if self.__fid is not None:
            self.__smbConnection.closeFile(self.__tid, self.__fid)
            if delete is True:
                self.__smbConnection.deleteFile(self.__share, self.__fileName)
            self.__fid = None

    def tell(self):
        return self.__currentOffset

    def __str__(self):
        return "\\\\%s\\ADMIN$\\%s" % (self.__smbConnection.getRemoteHost(), self.__fileName)

s = SMBConnection('172.16.123.170', '172.16.123.170')
s.login('Administrator', 'Admin123456')

remoteFile = RemoteFile(s, 'SYSTEM32\\kernel32.dll', 'ADMIN$' )
remoteFile.open(FILE_READ_DATA)

pe = PE(data = remoteFile)
print pe.dump_info()
	import sys
	from pefile import PE
	from impacket.smbconnection import SMBConnection, FILE_READ_DATA, FILE_WRITE_DATA

	class RemoteFile:
	def __init__(self, smbConnection, fileName, share = 'ADMIN$'):
	self.__smbConnection = smbConnection
	self.__fileName = fileName
	self.__share = share
	self.__tid = self.__smbConnection.connectTree(share)
	self.__fid = None
	self.__currentOffset = 0
	self.__fileLen = None

	def __len__(self):
	# Get's the file len
	if self.__fileLen is None:
	self.__fileLen = self.__smbConnection.queryInfo(self.__tid, self.__fid)['EndOfFile']

	return self.__fileLen

	def __getitem__(self, index):
	# Get's portions of file
	# Uncomment this if you want to debug what's going on
	#print index
	if isinstance(index, int):
	# Asking for a single byte, odd
	offset = index
	bytesToRead = 1
	elif isinstance(index, slice):
	# Asking many byte, calculating and returning
	offset = index.start
	if index.stop == sys.maxint:
	# We have to read till the end of file
	bytesToRead = self.__len__()
	else:
	bytesToRead = index.stop - index.start


	return self.__smbConnection.readFile(self.__tid, self.__fid, offset=offset, bytesToRead=bytesToRead)

	def open(self, desiredAccess = FILE_READ_DATA \| FILE_WRITE_DATA):
	self.__fid = self.__smbConnection.openFile(self.__tid, self.__fileName, desiredAccess=desiredAccess)
	self.__fileLen = self.__smbConnection.queryInfo(self.__tid, self.__fid)['EndOfFile']

	def seek(self, offset, whence):
	# Implement whence, for now it's always from the beginning of the file
	if whence == 0:
	self.__currentOffset = offset

	def read(self, bytesToRead):
	if bytesToRead > 0:
	data = self.__smbConnection.readFile(self.__tid, self.__fid, self.__currentOffset, bytesToRead)
	self.__currentOffset += len(data)
	return data
	return ''

	def close(self, delete=True):
	if self.__fid is not None:
	self.__smbConnection.closeFile(self.__tid, self.__fid)
	if delete is True:
	self.__smbConnection.deleteFile(self.__share, self.__fileName)
	self.__fid = None

	def tell(self):
	return self.__currentOffset

	def __str__(self):
	return "\\\\%s\\ADMIN$\\%s" % (self.__smbConnection.getRemoteHost(), self.__fileName)

	s = SMBConnection('172.16.123.170', '172.16.123.170')
	s.login('Administrator', 'Admin123456')

	remoteFile = RemoteFile(s, 'SYSTEM32\\kernel32.dll', 'ADMIN$' )
	remoteFile.open(FILE_READ_DATA)

	pe = PE(data = remoteFile)
	print pe.dump_info()