6 def test_Connect(pipe
):
8 print 'testing Connect'
10 handle
= samr
.Connect(pipe
)
11 handle
= samr
.Connect2(pipe
)
12 handle
= samr
.Connect3(pipe
)
13 handle
= samr
.Connect4(pipe
)
14 handle
= samr
.Connect5(pipe
)
18 def test_QuerySecurity(pipe
, handle
):
20 print 'testing QuerySecurity'
22 sdbuf
= handle
.QuerySecurity()
23 handle
.SetSecurity(sdbuf
)
26 def test_GetDomPwInfo(pipe
, handle
, domain
):
28 print 'testing GetDomPwInfo'
30 handle
.GetDomPwInfo(domain
)
31 handle
.GetDomPwInfo('__NONAME__')
32 handle
.GetDomPwInfo('Builtin')
34 def test_RemoveMemberFromForeignDomain(pipe
, domain_handle
):
36 print 'test RemoveMemberFromForeignDomain'
38 sid
= samr
.string_to_sid('S-1-5-32-12-34-56-78-9')
40 domain_handle
.RemoveMemberFromForeignDomain(sid
)
42 def test_CreateUser2(pipe
, domain_handle
):
44 print 'test CreateUser2'
46 username
= 'samrtorturemach$'
49 return domain_handle
.CreateUser2(username
, 0x0080) # WSTRUST
50 except dcerpc
.NTSTATUS
, arg
:
51 if arg
[0] == 0x0c0000063L
:
52 domain_handle
.OpenUser(username
).DeleteUser()
53 return domain_handle
.CreateUser2(username
)
56 def test_LookupName(pipe
, domain_handle
, name
):
58 print 'test samr_LookupNames'
61 r
['domain_handle'] = domain_handle
64 r
['names'].append({'name': name
})
66 result
= dcerpc
.samr_LookupNames(pipe
, r
)
68 rid
= result
['rids']['ids'][0]
71 r
['names'].append({'name': 'xxNONAMExx'})
75 dcerpc
.samr_LookupNames(pipe
, r
)
76 except dcerpc
.NTSTATUS
, arg
:
77 if arg
[0] != dcerpc
.STATUS_SOME_UNMAPPED
:
78 raise dcerpc
.NTSTATUS(arg
)
82 dcerpc
.samr_LookupNames(pipe
, r
)
86 def test_OpenUser_byname(pipe
, domain_handle
, user_name
):
88 rid
= test_LookupName(pipe
, domain_handle
, user_name
)
91 r
['domain_handle'] = domain_handle
92 r
['access_mask'] = 0x02000000
95 result
= dcerpc
.samr_OpenUser(pipe
, r
)
97 return result
['user_handle']
99 def test_DeleteUser_byname(pipe
, domain_handle
, user_name
):
101 user_handle
= test_OpenUser_byname(pipe
, domain_handle
, user_name
)
104 r
['user_handle'] = user_handle
106 dcerpc
.samr_DeleteUser(pipe
, r
)
108 def test_QueryUserInfo(pipe
, user_handle
):
110 print 'test samr_QueryUserInfo'
112 levels
= [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
116 r
['user_handle'] = user_handle
119 dcerpc
.samr_QueryUserInfo(pipe
, r
)
121 def test_QueryUserInfo2(pipe
, user_handle
):
123 print 'test samr_QueryUserInfo2'
125 levels
= [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 16, 17, 20, 21]
129 r
['user_handle'] = user_handle
132 dcerpc
.samr_QueryUserInfo2(pipe
, r
)
134 def test_SetUserInfo(pipe
, user_handle
):
137 r
['user_handle'] = user_handle
140 r
['info']['info2'] = {}
141 r
['info']['info2']['comment'] = {}
142 r
['info']['info2']['comment']['name'] = 'hello'
143 r
['info']['info2']['unknown'] = {}
144 r
['info']['info2']['unknown']['name'] = None
145 r
['info']['info2']['country_code'] = 0
146 r
['info']['info2']['code_page'] = 0
148 dcerpc
.samr_SetUserInfo(pipe
, r
)
150 def test_GetUserPwInfo(pipe
, user_handle
):
152 print 'test samr_GetUserpwInfo'
155 r
['user_handle'] = user_handle
157 dcerpc
.samr_GetUserPwInfo(pipe
, r
)
159 def test_TestPrivateFunctionsUser(pipe
, user_handle
):
161 print 'test samr.TestPrivateFunctionsUser'
164 r
['user_handle'] = user_handle
167 dcerpc
.samr_TestPrivateFunctionsUser(pipe
, r
)
168 except dcerpc
.NTSTATUS
, arg
:
169 if arg
[0] != dcerpc
.NT_STATUS_NOT_IMPLEMENTED
:
170 raise dcerpc
.NTSTATUS(arg
)
172 def test_user_ops(pipe
, user_handle
):
174 test_QuerySecurity(pipe
, user_handle
)
176 test_QueryUserInfo(pipe
, user_handle
)
178 test_QueryUserInfo2(pipe
, user_handle
)
180 test_SetUserInfo(pipe
, user_handle
)
182 test_GetUserPwInfo(pipe
, user_handle
)
184 test_TestPrivateFunctionsUser(pipe
, user_handle
)
186 def test_CreateUser(pipe
, domain_handle
):
188 print 'test samr_CreateUser'
191 r
['domain_handle'] = domain_handle
192 r
['account_name'] = {}
193 r
['account_name']['name'] = 'samrtorturetest'
194 r
['access_mask'] = 0x02000000
197 result
= dcerpc
.samr_CreateUser(pipe
, r
)
198 except dcerpc
.NTSTATUS
, arg
:
199 if arg
[0] == dcerpc
.NT_STATUS_ACCESS_DENIED
:
201 elif arg
[0] == dcerpc
.NT_STATUS_USER_EXISTS
:
202 test_DeleteUser_byname(pipe
, domain_handle
, 'samrtorturetest')
203 result
= dcerpc
.samr_CreateUser(pipe
, r
)
205 raise dcerpc
.NTSTATUS(arg
)
207 user_handle
= result
['user_handle']
210 q
['user_handle'] = user_handle
213 dcerpc
.samr_QueryUserInfo(pipe
, q
)
215 test_user_ops(pipe
, user_handle
)
219 def test_DeleteAlias_byname(pipe
, domain_handle
, alias_name
):
221 rid
= test_LookupName(pipe
, domain_handle
, alias_name
)
224 r
['domain_handle'] = domain_handle
225 r
['access_mask'] = 0x02000000
228 result
= dcerpc
.samr_OpenAlias(pipe
, r
)
231 s
['alias_handle'] = result
['alias_handle']
233 dcerpc
.samr_DeleteDomAlias(pipe
, s
)
235 def test_QueryAliasInfo(pipe
, alias_handle
):
239 for i
in range(0, len(levels
)):
242 r
['alias_handle'] = alias_handle
243 r
['level'] = levels
[i
]
245 dcerpc
.samr_QueryAliasInfo(pipe
, r
)
247 def test_SetAliasInfo(pipe
, alias_handle
):
250 r
['alias_handle'] = alias_handle
253 r
['info']['name'] = {}
254 r
['info']['name']['name'] = 'hello'
256 dcerpc
.samr_SetAliasInfo(pipe
, r
)
258 del(r
['info']['name'])
261 r
['info']['description'] = {}
262 r
['info']['description']['name'] = 'this is a description'
264 dcerpc
.samr_SetAliasInfo(pipe
, r
)
266 def test_AddMemberToAlias(pipe
, alias_handle
, domain_sid
):
269 r
['alias_handle'] = alias_handle
270 r
['sid'] = domain_sid
272 r
['sid']['num_auths'] = r
['sid']['num_auths'] + 1
273 r
['sid']['sub_auths'].append(512)
275 dcerpc
.samr_AddAliasMember(pipe
, r
)
277 dcerpc
.samr_DeleteAliasMember(pipe
, r
)
279 def test_AddMultipleMembersToAlias(pipe
, alias_handle
):
282 r
['alias_handle'] = alias_handle
284 r
['sids']['num_sids'] = 2
285 r
['sids']['sids'] = []
289 sid
['sid_rev_num'] = 1
290 sid
['id_auth'] = [0, 0, 0, 0, 0, 5]
292 sid
['sub_auths'] = [21, 737922324, -1292160505, 1285293260, 512 + i
]
294 r
['sids']['sids'].append({'sid': sid
})
296 dcerpc
.samr_AddMultipleMembersToAlias(pipe
, r
)
298 dcerpc
.samr_RemoveMultipleMembersFromAlias(pipe
, r
)
300 def test_alias_ops(pipe
, alias_handle
, domain_sid
):
302 test_QuerySecurity(pipe
, alias_handle
)
304 test_QueryAliasInfo(pipe
, alias_handle
)
306 test_SetAliasInfo(pipe
, alias_handle
)
308 test_AddMemberToAlias(pipe
, alias_handle
, domain_sid
)
310 test_AddMultipleMembersToAlias(pipe
, alias_handle
)
312 def test_CreateAlias(pipe
, domain_handle
, domain_sid
):
314 print 'test samr_CreateAlias'
316 alias_name
= 'samrtorturetestalias'
319 r
['domain_handle'] = domain_handle
321 r
['aliasname']['name'] = alias_name
322 r
['access_mask'] = 0x02000000
325 result
= dcerpc
.samr_CreateDomAlias(pipe
, r
)
326 except dcerpc
.NTSTATUS
, arg
:
327 if arg
[0] == dcerpc
.NT_STATUS_ACCESS_DENIED
:
329 if arg
[0] != dcerpc
.NT_STATUS_USER_EXISTS
:
330 raise dcerpc
.NTSTATUS(arg
)
331 test_DeleteAlias_byname(pipe
, domain_handle
, alias_name
)
332 result
= dcerpc
.samr_CreateDomAlias(pipe
, r
)
334 alias_handle
= result
['alias_handle']
336 test_alias_ops(pipe
, alias_handle
, domain_sid
)
340 def test_DeleteGroup_byname(pipe
, domain_handle
, group_name
):
342 rid
= test_LookupName(pipe
, domain_handle
, group_name
)
345 r
['domain_handle'] = domain_handle
346 r
['access_mask'] = 0x02000000
349 result
= dcerpc
.samr_OpenGroup(pipe
, r
)
352 s
['group_handle'] = result
['group_handle']
354 dcerpc
.samr_DeleteDomainGroup(pipe
, s
)
356 def test_CreateDomainGroup(pipe
, domain_handle
):
358 print 'testing samr_CreateDomainGroup'
361 r
['domain_handle'] = domain_handle
363 r
['name']['name'] = 'samrtorturetestgroup'
364 r
['access_mask'] = 0x02000000
367 result
= dcerpc
.samr_CreateDomainGroup(pipe
, r
)
368 except dcerpc
.NTSTATUS
, arg
:
369 if arg
[0] == dcerpc
.NT_STATUS_ACCESS_DENIED
:
371 if arg
[0] != dcerpc
.NT_STATUS_GROUP_EXISTS
:
372 raise dcerpc
.NTSTATUS(arg
)
374 test_DeleteGroup_byname(pipe
, domain_handle
, 'samrtorturetestgroup')
376 result
= dcerpc
.samr_CreateDomainGroup(pipe
, r
)
378 return result
['group_handle']
380 def test_QueryDomainInfo(pipe
, domain_handle
):
382 print 'testing samr_QueryDomainInfo'
384 levels
= [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
385 set_ok
= [1, 0, 1, 1, 0, 1, 1, 0, 1, 0, 1, 0]
387 for i
in range(0, len(levels
)):
390 r
['domain_handle'] = domain_handle
391 r
['level'] = levels
[i
]
393 result
= dcerpc
.samr_QueryDomainInfo(pipe
, r
)
396 s
['domain_handle'] = domain_handle
397 s
['level'] = levels
[i
]
398 s
['info'] = result
['info']
401 dcerpc
.samr_SetDomainInfo(pipe
, s
)
402 except dcerpc
.NTSTATUS
, arg
:
404 raise dcerpc
.NTSTATUS(arg
)
405 if arg
[0] != dcerpc
.NT_STATUS_INVALID_INFO_CLASS
:
406 raise dcerpc
.NTSTATUS(arg
)
408 def test_QueryDomainInfo2(pipe
, domain_handle
):
410 print 'testing samr_QueryDomainInfo'
412 levels
= [1, 2, 3, 4, 5, 6, 7, 8, 9, 11, 12, 13]
414 for i
in range(0, len(levels
)):
417 r
['domain_handle'] = domain_handle
418 r
['level'] = levels
[i
]
420 dcerpc
.samr_QueryDomainInfo2(pipe
, r
)
422 def test_EnumDomainUsers(pipe
, domain_handle
):
424 print 'testing samr_EnumDomainUsers'
427 r
['domain_handle'] = domain_handle
428 r
['resume_handle'] = 0
433 result
= dcerpc
.samr_EnumDomainUsers(pipe
, r
)
434 if result
['result'] == dcerpc
.STATUS_MORE_ENTRIES
:
435 r
['resume_handle'] = result
['resume_handle']
439 def test_EnumDomainGroups(pipe
, domain_handle
):
441 print 'testing samr_EnumDomainGroups'
444 r
['domain_handle'] = domain_handle
445 r
['resume_handle'] = 0
450 result
= dcerpc
.samr_EnumDomainGroups(pipe
, r
)
451 if result
['result'] == dcerpc
.STATUS_MORE_ENTRIES
:
452 r
['resume_handle'] = result
['resume_handle']
456 def test_EnumDomainAliases(pipe
, domain_handle
):
458 print 'testing samr_EnumDomainAliases'
461 r
['domain_handle'] = domain_handle
462 r
['resume_handle'] = 0
467 result
= dcerpc
.samr_EnumDomainAliases(pipe
, r
)
468 if result
['result'] == dcerpc
.STATUS_MORE_ENTRIES
:
469 r
['resume_handle'] = result
['resume_handle']
473 def test_QueryDisplayInfo(pipe
, domain_handle
):
475 print 'testing samr_QueryDisplayInfo'
477 levels
= [1, 2, 3, 4, 5]
479 for i
in range(0, len(levels
)):
482 r
['domain_handle'] = domain_handle
483 r
['level'] = levels
[i
]
485 r
['max_entries'] = 1000
488 dcerpc
.samr_QueryDisplayInfo(pipe
, r
)
490 def test_QueryDisplayInfo2(pipe
, domain_handle
):
492 print 'testing samr_QueryDisplayInfo2'
494 levels
= [1, 2, 3, 4, 5]
496 for i
in range(0, len(levels
)):
499 r
['domain_handle'] = domain_handle
500 r
['level'] = levels
[i
]
502 r
['max_entries'] = 1000
505 dcerpc
.samr_QueryDisplayInfo2(pipe
, r
)
507 def test_QueryDisplayInfo3(pipe
, domain_handle
):
509 print 'testing samr_QueryDisplayInfo3'
511 levels
= [1, 2, 3, 4, 5]
513 for i
in range(0, len(levels
)):
516 r
['domain_handle'] = domain_handle
517 r
['level'] = levels
[i
]
519 r
['max_entries'] = 1000
522 dcerpc
.samr_QueryDisplayInfo3(pipe
, r
)
524 def test_GetDisplayEnumerationIndex(pipe
, domain_handle
):
526 print 'testing samr_GetDisplayEnumerationIndex'
528 levels
= [1, 2, 3, 4, 5]
529 ok_lvl
= [1, 1, 1, 0, 0]
531 for i
in range(0, len(levels
)):
534 r
['domain_handle'] = domain_handle
535 r
['level'] = levels
[i
]
537 r
['name']['name'] = 'samrtorturetest'
540 dcerpc
.samr_GetDisplayEnumerationIndex(pipe
, r
)
541 except dcerpc
.NTSTATUS
, arg
:
543 raise dcerpc
.NTSTATUS(arg
)
545 r
['name']['name'] = 'zzzzzzzz'
548 dcerpc
.samr_GetDisplayEnumerationIndex(pipe
, r
)
549 except dcerpc
.NTSTATUS
, arg
:
551 raise dcerpc
.NTSTATUS(arg
)
553 def test_GetDisplayEnumerationIndex2(pipe
, domain_handle
):
555 print 'testing samr_GetDisplayEnumerationIndex2'
557 levels
= [1, 2, 3, 4, 5]
558 ok_lvl
= [1, 1, 1, 0, 0]
560 for i
in range(0, len(levels
)):
563 r
['domain_handle'] = domain_handle
564 r
['level'] = levels
[i
]
566 r
['name']['name'] = 'samrtorturetest'
569 dcerpc
.samr_GetDisplayEnumerationIndex2(pipe
, r
)
570 except dcerpc
.NTSTATUS
, arg
:
572 raise dcerpc
.NTSTATUS(arg
)
574 r
['name']['name'] = 'zzzzzzzz'
577 dcerpc
.samr_GetDisplayEnumerationIndex2(pipe
, r
)
578 except dcerpc
.NTSTATUS
, arg
:
580 raise dcerpc
.NTSTATUS(arg
)
582 def test_TestPrivateFunctionsDomain(pipe
, domain_handle
):
584 print 'test samr.TestPrivateFunctionsDomain'
587 r
['domain_handle'] = domain_handle
590 dcerpc
.samr_TestPrivateFunctionsDomain(pipe
, r
)
591 except dcerpc
.NTSTATUS
, arg
:
592 if arg
[0] != dcerpc
.NT_STATUS_NOT_IMPLEMENTED
:
593 raise dcerpc
.NTSTATUS(arg
)
595 def test_RidToSid(pipe
, domain_handle
):
597 print 'testing samr_RidToSid'
600 r
['domain_handle'] = domain_handle
603 dcerpc
.samr_RidToSid(pipe
, r
)
605 def test_GetBootKeyInformation(pipe
, domain_handle
):
607 print 'testing samr_GetBootKeyInformation'
610 r
['domain_handle'] = domain_handle
613 dcerpc
.samr_GetBootKeyInformation(pipe
, r
)
614 except dcerpc
.NTSTATUS
, arg
:
617 def test_DeleteUser(pipe
, user_handle
):
620 r
['user_handle'] = user_handle
622 dcerpc
.samr_DeleteUser(pipe
, r
)
624 def test_DeleteAlias(pipe
, alias_handle
):
627 r
['alias_handle'] = alias_handle
629 dcerpc
.samr_DeleteDomAlias(pipe
, r
)
631 def test_DeleteDomainGroup(pipe
, group_handle
):
634 r
['group_handle'] = group_handle
636 dcerpc
.samr_DeleteDomainGroup(pipe
, r
)
638 def test_Close(pipe
, handle
):
643 dcerpc
.samr_Close(pipe
, r
)
645 def test_OpenDomain(pipe
, connect_handle
, domain_sid
):
647 print 'testing OpenDomain'
649 domain_handle
= connect_handle
.OpenDomain(domain_sid
)
651 test_QuerySecurity(pipe
, domain_handle
)
653 test_RemoveMemberFromForeignDomain(pipe
, domain_handle
)
655 test_CreateUser2(pipe
, domain_handle
)
659 user_handle
= test_CreateUser(pipe
, domain_handle
)
661 alias_handle
= test_CreateAlias(pipe
, domain_handle
, domain_sid
)
663 group_handle
= test_CreateDomainGroup(pipe
, domain_handle
)
665 test_QueryDomainInfo(pipe
, domain_handle
)
667 test_QueryDomainInfo2(pipe
, domain_handle
)
669 test_EnumDomainUsers(pipe
, domain_handle
)
671 test_EnumDomainGroups(pipe
, domain_handle
)
673 test_EnumDomainAliases(pipe
, domain_handle
)
675 test_QueryDisplayInfo(pipe
, domain_handle
)
677 test_QueryDisplayInfo2(pipe
, domain_handle
)
679 test_QueryDisplayInfo3(pipe
, domain_handle
)
681 test_GetDisplayEnumerationIndex(pipe
, domain_handle
)
683 test_GetDisplayEnumerationIndex2(pipe
, domain_handle
)
685 test_TestPrivateFunctionsDomain(pipe
, domain_handle
)
687 test_RidToSid(pipe
, domain_handle
)
689 test_GetBootKeyInformation(pipe
, domain_handle
)
691 if user_handle
!= None:
692 test_DeleteUser(pipe
, user_handle
)
694 if alias_handle
!= None:
695 test_DeleteAlias(pipe
, alias_handle
)
697 if group_handle
!= None:
698 test_DeleteDomainGroup(pipe
, group_handle
)
700 test_Close(pipe
, domain_handle
)
702 def test_LookupDomain(pipe
, connect_handle
, domain
):
704 print 'testing LookupDomain'
706 sid
= connect_handle
.LookupDomain(domain
)
709 connect_handle
.LookupDomain('xxNODOMAINxx')
710 except dcerpc
.NTSTATUS
, arg
:
711 if arg
[0] != 0xC00000DFL
: # NT_STATUS_NO_SUCH_DOMAIN
714 test_GetDomPwInfo(pipe
, connect_handle
, domain
)
715 test_OpenDomain(pipe
, connect_handle
, sid
)
717 def test_EnumDomains(pipe
, connect_handle
):
719 print 'testing EnumDomains'
721 for domain
in connect_handle
.EnumDomains():
722 test_LookupDomain(pipe
, connect_handle
, domain
)
724 def runtests(binding
, creds
):
726 print 'Testing SAMR pipe'
728 pipe
= dcerpc
.pipe_connect(binding
,
729 dcerpc
.DCERPC_SAMR_UUID
, int(dcerpc
.DCERPC_SAMR_VERSION
), creds
)
731 handle
= test_Connect(pipe
)
733 test_QuerySecurity(pipe
, handle
)
735 test_EnumDomains(pipe
, handle
)