3 # script to enumerate LSA privileges on a server
6 from optparse
import OptionParser
8 sys
.path
.insert(0, "bin/python")
11 import samba
.getopt
as options
12 from samba
.dcerpc
import lsa
, security
14 def get_display_name(lsaconn
, pol_handle
, name
):
15 '''get the display name for a privilege'''
19 (disp_names
, ret_lang
) = lsaconn
.LookupPrivDisplayName(pol_handle
, string
, 0x409, 0)
20 return disp_names
.string
25 ########### main code ###########
26 if __name__
== "__main__":
27 parser
= OptionParser("enumprivs [options] server")
28 sambaopts
= options
.SambaOptions(parser
)
29 credopts
= options
.CredentialsOptionsDouble(parser
)
30 parser
.add_option_group(credopts
)
32 (opts
, args
) = parser
.parse_args()
34 lp
= sambaopts
.get_loadparm()
35 creds
= credopts
.get_credentials(lp
)
38 parser
.error("You must supply a server")
40 if not creds
.authentication_requested():
41 parser
.error("You must supply credentials")
45 binding_str
= "ncacn_np:%s[print]" % server
47 lsaconn
= lsa
.lsarpc(binding_str
, lp
, creds
)
49 objectAttr
= lsa
.ObjectAttribute()
50 objectAttr
.sec_qos
= lsa
.QosInfo()
52 pol_handle
= lsaconn
.OpenPolicy2(''.decode('utf-8'),
53 objectAttr
, security
.SEC_FLAG_MAXIMUM_ALLOWED
)
55 (handle
, privs
) = lsaconn
.EnumPrivs(pol_handle
, 0, 100)
57 disp_name
= get_display_name(lsaconn
, pol_handle
, p
.name
.string
)
58 print "0x%08x %31s \"%s\"" % (p
.luid
.low
, p
.name
.string
, disp_name
)