Module: RubySMB::Dcerpc::Samr
- Defined in:
- lib/ruby_smb/dcerpc/samr.rb,
lib/ruby_smb/dcerpc/samr/rpc_sid.rb,
lib/ruby_smb/dcerpc/samr/samr_connect_request.rb,
lib/ruby_smb/dcerpc/samr/samr_connect_response.rb,
lib/ruby_smb/dcerpc/samr/samr_open_user_request.rb,
lib/ruby_smb/dcerpc/samr/samr_open_user_response.rb,
lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request.rb,
lib/ruby_smb/dcerpc/samr/samr_open_domain_request.rb,
lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response.rb,
lib/ruby_smb/dcerpc/samr/samr_close_handle_request.rb,
lib/ruby_smb/dcerpc/samr/samr_open_domain_response.rb,
lib/ruby_smb/dcerpc/samr/samr_close_handle_response.rb,
lib/ruby_smb/dcerpc/samr/samr_get_groups_for_user_request.rb,
lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_request.rb,
lib/ruby_smb/dcerpc/samr/samr_get_groups_for_user_response.rb,
lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_response.rb,
lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request.rb,
lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response.rb,
lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request.rb,
lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response.rb
Defined Under Namespace
Classes: GroupMembership, KerbKeyDataNew, KerbStoredCredentialNew, PgroupMembershipArray, PrpcSid, PsamprEnumerationBuffer, PsamprGetGroupsBuffer, PsamprRidEnumerationArray, PsamprServerName, PsamprSidInformation, PsamprSidInformationArray, PsamprUlongArray, PulongArray, RpcSid, RpcSidIdentifierAuthority, SamprEnumerationBuffer, SamprGetGroupsBuffer, SamprHandle, SamprPsidArray, SamprRidEnumeration, SamprRidEnumerationArray, SamprSidInformation, SamrCloseHandleRequest, SamrCloseHandleResponse, SamrConnectRequest, SamrConnectResponse, SamrEnumerateUsersInDomainRequest, SamrEnumerateUsersInDomainResponse, SamrGetAliasMembershipRequest, SamrGetAliasMembershipResponse, SamrGetGroupsForUserRequest, SamrGetGroupsForUserResponse, SamrLookupDomainInSamServerRequest, SamrLookupDomainInSamServerResponse, SamrOpenDomainRequest, SamrOpenDomainResponse, SamrOpenUserRequest, SamrOpenUserResponse, SamrRidToSidRequest, SamrRidToSidResponse, UserProperties, UserProperty
Constant Summary collapse
- UUID =
'12345778-1234-abcd-ef00-0123456789ac'
- VER_MAJOR =
1
- VER_MINOR =
0
- SAMR_CONNECT =
Operation numbers
0x0000
- SAMR_CLOSE_HANDLE =
0x0001
- SAMR_LOOKUP_DOMAIN_IN_SAM_SERVER =
0x0005
- SAMR_OPEN_DOMAIN =
0x0007
- SAMR_ENUMERATE_USERS_IN_DOMAIN =
0x000D
- SAMR_GET_ALIAS_MEMBERSHIP =
0x0010
- SAMR_OPEN_USER =
0x0022
- SAMR_GET_GROUPS_FOR_USER =
0x0027
- SAMR_RID_TO_SID =
0x0041
- DELETE =
0x00010000
- READ_CONTROL =
0x00020000
- WRITE_DAC =
0x00040000
- WRITE_OWNER =
0x00080000
- ACCESS_SYSTEM_SECURITY =
0x01000000
- MAXIMUM_ALLOWED =
0x02000000
- SAM_SERVER_CONNECT =
0x00000001
- SAM_SERVER_SHUTDOWN =
0x00000002
- SAM_SERVER_INITIALIZE =
0x00000004
- SAM_SERVER_CREATE_DOMAIN =
0x00000008
- SAM_SERVER_ENUMERATE_DOMAINS =
0x00000010
- SAM_SERVER_LOOKUP_DOMAIN =
0x00000020
- SAM_SERVER_ALL_ACCESS =
0x000F003F
- SAM_SERVER_READ =
0x00020010
- SAM_SERVER_WRITE =
0x0002000E
- SAM_SERVER_EXECUTE =
0x00020021
- DOMAIN_READ_PASSWORD_PARAMETERS =
0x00000001
- DOMAIN_WRITE_PASSWORD_PARAMS =
0x00000002
- DOMAIN_READ_OTHER_PARAMETERS =
0x00000004
- DOMAIN_WRITE_OTHER_PARAMETERS =
0x00000008
- DOMAIN_CREATE_USER =
0x00000010
- DOMAIN_CREATE_GROUP =
0x00000020
- DOMAIN_CREATE_ALIAS =
0x00000040
- DOMAIN_GET_ALIAS_MEMBERSHIP =
0x00000080
- DOMAIN_LIST_ACCOUNTS =
0x00000100
- DOMAIN_LOOKUP =
0x00000200
- DOMAIN_ADMINISTER_SERVER =
0x00000400
- DOMAIN_ALL_ACCESS =
0x000F07FF
- DOMAIN_READ =
0x00020084
- DOMAIN_WRITE =
0x0002047A
- DOMAIN_EXECUTE =
0x00020301
- GROUP_READ_INFORMATION =
0x00000001
- GROUP_WRITE_ACCOUNT =
0x00000002
- GROUP_ADD_MEMBER =
0x00000004
- GROUP_REMOVE_MEMBER =
0x00000008
- GROUP_LIST_MEMBERS =
0x00000010
- GROUP_ALL_ACCESS =
0x000F001F
- GROUP_READ =
0x00020010
- GROUP_WRITE =
0x0002000E
- GROUP_EXECUTE =
0x00020001
- ALIAS_ADD_MEMBER =
0x00000001
- ALIAS_REMOVE_MEMBER =
0x00000002
- ALIAS_LIST_MEMBERS =
0x00000004
- ALIAS_READ_INFORMATION =
0x00000008
- ALIAS_WRITE_ACCOUNT =
0x00000010
- ALIAS_ALL_ACCESS =
0x000F001F
- ALIAS_READ =
0x00020004
- ALIAS_WRITE =
0x00020013
- ALIAS_EXECUTE =
0x00020008
- USER_READ_GENERAL =
0x00000001
- USER_READ_PREFERENCES =
0x00000002
- USER_WRITE_PREFERENCES =
0x00000004
- USER_READ_LOGON =
0x00000008
- USER_READ_ACCOUNT =
0x00000010
- USER_WRITE_ACCOUNT =
0x00000020
- USER_CHANGE_PASSWORD =
0x00000040
- USER_FORCE_PASSWORD_CHANGE =
0x00000080
- USER_LIST_GROUPS =
0x00000100
- USER_READ_GROUP_INFORMATION =
0x00000200
- USER_WRITE_GROUP_INFORMATION =
0x00000400
- USER_ALL_ACCESS =
0x000F07FF
- USER_READ =
0x0002031A
- USER_WRITE =
0x00020044
- USER_EXECUTE =
0x00020041
- USER_ALL_USERNAME =
0x00000001
- USER_ALL_FULLNAME =
0x00000002
- USER_ALL_USERID =
0x00000004
- USER_ALL_PRIMARYGROUPID =
0x00000008
- USER_ALL_ADMINCOMMENT =
0x00000010
- USER_ALL_USERCOMMENT =
0x00000020
- USER_ALL_HOMEDIRECTORY =
0x00000040
- USER_ALL_HOMEDIRECTORYDRIVE =
0x00000080
- USER_ALL_SCRIPTPATH =
0x00000100
- USER_ALL_PROFILEPATH =
0x00000200
- USER_ALL_WORKSTATIONS =
0x00000400
- USER_ALL_LASTLOGON =
0x00000800
- USER_ALL_LASTLOGOFF =
0x00001000
- USER_ALL_LOGONHOURS =
0x00002000
- USER_ALL_BADPASSWORDCOUNT =
0x00004000
- USER_ALL_LOGONCOUNT =
0x00008000
- USER_ALL_PASSWORDCANCHANGE =
0x00010000
- USER_ALL_PASSWORDMUSTCHANGE =
0x00020000
- USER_ALL_PASSWORDLASTSET =
0x00040000
- USER_ALL_ACCOUNTEXPIRES =
0x00080000
- USER_ALL_USERACCOUNTCONTROL =
0x00100000
- USER_ALL_PARAMETERS =
0x00200000
- USER_ALL_COUNTRYCODE =
0x00400000
- USER_ALL_CODEPAGE =
0x00800000
- USER_ALL_NTPASSWORDPRESENT =
0x01000000
- USER_ALL_LMPASSWORDPRESENT =
0x02000000
- USER_ALL_PRIVATEDATA =
0x04000000
- USER_ALL_PASSWORDEXPIRED =
0x08000000
- USER_ALL_SECURITYDESCRIPTOR =
0x10000000
- USER_ALL_UNDEFINED_MASK =
0xC0000000
- SAM_DOMAIN_OBJECT =
0x00000000
- SAM_GROUP_OBJECT =
0x10000000
- SAM_NON_SECURITY_GROUP_OBJECT =
0x10000001
- SAM_ALIAS_OBJECT =
0x20000000
- SAM_NON_SECURITY_ALIAS_OBJECT =
0x20000001
- SAM_USER_OBJECT =
0x30000000
- SAM_MACHINE_ACCOUNT =
0x30000001
- SAM_TRUST_ACCOUNT =
0x30000002
- SAM_APP_BASIC_GROUP =
0x40000000
- SAM_APP_QUERY_GROUP =
0x40000001
- SE_GROUP_MANDATORY =
0x00000001
- SE_GROUP_ENABLED_BY_DEFAULT =
0x00000002
- SE_GROUP_ENABLED =
0x00000004
- GROUP_TYPE_ACCOUNT_GROUP =
0x00000002
- GROUP_TYPE_RESOURCE_GROUP =
0x00000004
- GROUP_TYPE_UNIVERSAL_GROUP =
0x00000008
- GROUP_TYPE_SECURITY_ENABLED =
0x80000000
- GROUP_TYPE_SECURITY_ACCOUNT =
0x80000002
- GROUP_TYPE_SECURITY_RESOURCE =
0x80000004
- GROUP_TYPE_SECURITY_UNIVERSAL =
0x80000008
- USER_ACCOUNT_DISABLED =
0x00000001
- USER_HOME_DIRECTORY_REQUIRED =
0x00000002
- USER_PASSWORD_NOT_REQUIRED =
0x00000004
- USER_TEMP_DUPLICATE_ACCOUNT =
0x00000008
- USER_NORMAL_ACCOUNT =
0x00000010
- USER_MNS_LOGON_ACCOUNT =
0x00000020
- USER_INTERDOMAIN_TRUST_ACCOUNT =
0x00000040
- USER_WORKSTATION_TRUST_ACCOUNT =
0x00000080
- USER_SERVER_TRUST_ACCOUNT =
0x00000100
- USER_DONT_EXPIRE_PASSWORD =
0x00000200
- USER_ACCOUNT_AUTO_LOCKED =
0x00000400
- USER_ENCRYPTED_TEXT_PASSWORD_ALLOWED =
0x00000800
- USER_SMARTCARD_REQUIRED =
0x00001000
- USER_TRUSTED_FOR_DELEGATION =
0x00002000
- USER_NOT_DELEGATED =
0x00004000
- USER_USE_DES_KEY_ONLY =
0x00008000
- USER_DONT_REQUIRE_PREAUTH =
0x00010000
- USER_PASSWORD_EXPIRED =
0x00020000
- USER_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION =
0x00040000
- USER_NO_AUTH_DATA_REQUIRED =
0x00080000
- USER_PARTIAL_SECRETS_ACCOUNT =
0x00100000
- USER_USE_AES_KEYS =
0x00200000
- UF_SCRIPT =
0x00000001
- UF_ACCOUNTDISABLE =
0x00000002
- UF_HOMEDIR_REQUIRED =
0x00000008
- UF_LOCKOUT =
0x00000010
- UF_PASSWD_NOTREQD =
0x00000020
- UF_PASSWD_CANT_CHANGE =
0x00000040
- UF_ENCRYPTED_TEXT_PASSWORD_ALLOWED =
0x00000080
- UF_TEMP_DUPLICATE_ACCOUNT =
0x00000100
- UF_NORMAL_ACCOUNT =
0x00000200
- UF_INTERDOMAIN_TRUST_ACCOUNT =
0x00000800
- UF_WORKSTATION_TRUST_ACCOUNT =
0x00001000
- UF_SERVER_TRUST_ACCOUNT =
0x00002000
- UF_DONT_EXPIRE_PASSWD =
0x00010000
- UF_MNS_LOGON_ACCOUNT =
0x00020000
- UF_SMARTCARD_REQUIRED =
0x00040000
- UF_TRUSTED_FOR_DELEGATION =
0x00080000
- UF_NOT_DELEGATED =
0x00100000
- UF_USE_DES_KEY_ONLY =
0x00200000
- UF_DONT_REQUIRE_PREAUTH =
0x00400000
- UF_PASSWORD_EXPIRED =
0x00800000
- UF_TRUSTED_TO_AUTHENTICATE_FOR_DELEGATION =
0x01000000
- UF_NO_AUTH_DATA_REQUIRED =
0x02000000
- UF_PARTIAL_SECRETS_ACCOUNT =
0x04000000
- UF_USE_AES_KEYS =
0x08000000
- DOMAIN_USER_RID_ADMIN =
0x000001F4
- DOMAIN_USER_RID_GUEST =
0x000001F5
- DOMAIN_USER_RID_KRBTGT =
0x000001F6
- DOMAIN_GROUP_RID_ADMINS =
0x00000200
- DOMAIN_GROUP_RID_USERS =
0x00000201
- DOMAIN_GROUP_RID_COMPUTERS =
0x00000203
- DOMAIN_GROUP_RID_CONTROLLERS =
0x00000204
- DOMAIN_ALIAS_RID_ADMINS =
0x00000220
- DOMAIN_GROUP_RID_READONLY_CONTROLLERS =
0x00000209
- KERBEROS_TYPE =
{ 1 => 'dec-cbc-crc', 3 => 'des-cbc-md5', 17 => 'aes128-cts-hmac-sha1-96', 18 => 'aes256-cts-hmac-sha1-96', 0xffffff74 => 'rc4_hmac' }
- WELL_KNOWN_SID_NAME =
{ [0,0] => 'NULL SID', [1,0] => 'Everyone', [2,0] => 'LOCAL', [2,1] => 'CONSOLE LOGON', [3,0] => 'CREATOR OWNER', [3,1] => 'CREATOR GROUP', [3,2] => 'CREATOR OWNER SERVER', [3,3] => 'CREATOR GROUP SERVER', [3,4] => 'OWNER RIGHTS', [5,1] => 'NT AUTHORITY\\DIALUP', [5,2] => 'NT AUTHORITY\\NETWORK', [5,3] => 'NT AUTHORITY\\BATCH', [5,4] => 'NT AUTHORITY\\INTERACTIVE', [5,6] => 'NT AUTHORITY\\SERVICE', [5,7] => 'NT AUTHORITY\\ANONYMOUS LOGON', [5,8] => 'NT AUTHORITY\\PROXY', [5,9] => 'NT AUTHORITY\\ENTERPRISE DOMAIN CONTROLLERS', [5,10] => 'NT AUTHORITY\\SELF', [5,11] => 'NT AUTHORITY\\Authenticated Users', [5,12] => 'NT AUTHORITY\\RESTRICTED', [5,13] => 'NT AUTHORITY\\TERMINAL SERVER USER', [5,14] => 'NT AUTHORITY\\REMOTE INTERACTIVE LOGON', [5,15] => 'NT AUTHORITY\\This Organization', [5,17] => 'NT AUTHORITY\\IUSR', [5,18] => 'NT AUTHORITY\\SYSTEM', [5,19] => 'NT AUTHORITY\\LOCAL SERVICE', [5,20] => 'NT AUTHORITY\\NETWORK SERVICE', [5,22] => 'NT AUTHORITY\\ENTERPRISE READ-ONLY DOMAIN CONTROLLERS BETA', [5,33] => 'NT AUTHORITY\\WRITE RESTRICTED', [5,32] => 'Builtin Domain' }
- WELL_KNOWN_RID_NAME =
{ 498 => '(domain)\\Enterprise Read-only Domain Controllers', 500 => '(domain)\\Administrator', 501 => '(domain)\\Guest', 502 => '(domain)\\krbtgt', 512 => '(domain)\\Domain Admins', 513 => '(domain)\\Domain Users', 514 => '(domain)\\Domain Guests', 515 => '(domain)\\Domain Computers', 516 => '(domain)\\Domain Controllers', 517 => '(domain)\\Cert Publishers', 518 => '(domain)\\Schema Admins', 519 => '(domain)\\Enterprise Admins', 520 => '(domain)\\Group Policy Creator Owners', 521 => '(domain)\\Read-only Domain Controllers', 522 => '(domain)\\Cloneable Domain Controllers', 544 => 'BUILTIN\\Administrators', 545 => 'BUILTIN\\Users', 546 => 'BUILTIN\\Guests', 548 => 'BUILTIN\\Account Operators', 549 => 'BUILTIN\\Server Operators', 550 => 'BUILTIN\\Print Operators', 551 => 'BUILTIN\\Backup Operators', 552 => 'BUILTIN\\Replicator', 553 => '(domain)\\RAS and IAS Servers', 554 => 'BUILTIN\\Pre-Windows 2000 Compatible Access', 555 => 'BUILTIN\\Remote Desktop Users', 556 => 'BUILTIN\\Network Configuration Operators', 557 => 'BUILTIN\\Incoming Forest Trust Builders', 558 => 'BUILTIN\\Performance Monitor Users', 559 => 'BUILTIN\\Performance Log Users', 560 => 'BUILTIN\\Windows Authorization Access Group', 561 => 'BUILTIN\\Terminal Server License Servers', 562 => 'BUILTIN\\Distributed COM Users', 568 => 'BUILTIN\\IIS_IUSRS', 569 => 'BUILTIN\\Cryptographic Operators', 571 => '(domain)\\Allowed RODC Password Replication Group', 572 => '(domain)\\Denied RODC Password Replication Group', 573 => 'BUILTIN\\Event Log Readers', 574 => 'BUILTIN\\Certificate Service DCOM Access', 575 => 'BUILTIN\\RDS Remote Access Servers', 576 => 'BUILTIN\\RDS Endpoint Servers', 577 => 'BUILTIN\\RDS Management Servers', 578 => 'BUILTIN\\Hyper-V Administrators', 579 => 'BUILTIN\\Access Control Assistance Operators', 580 => 'BUILTIN\\Remote Management Users' }
Instance Method Summary collapse
-
#close_handle(sam_handle) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Closes (that is, releases server-side resources used by) any context handle obtained from this RPC interface.
-
#samr_connect(server_name: '', access: MAXIMUM_ALLOWED) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a server object.
-
#samr_enumerate_users_in_domain(domain_handle:, enumeration_context: 0, user_account_control: USER_NORMAL_ACCOUNT | USER_WORKSTATION_TRUST_ACCOUNT | USER_SERVER_TRUST_ACCOUNT | USER_INTERDOMAIN_TRUST_ACCOUNT) ⇒ Hash
Enumerates all users in the specified domain.
-
#samr_get_alias_membership(domain_handle:, sids:) ⇒ Array<RubySMB::Dcerpc::Ndr::NdrUint32>
Returns the union of all aliases that a given set of SIDs is a member of.
-
#samr_get_group_for_user(user_handle:) ⇒ Array<RubySMB::Dcerpc::Samr::GroupMembership>
Returns a listing of groups that a user is a member of.
-
#samr_lookup_domain(server_handle:, name:) ⇒ RubySMB::Dcerpc::RpcSid
Obtains the SID of a domain object.
-
#samr_open_domain(server_handle:, access: MAXIMUM_ALLOWED, domain_id:) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a domain object.
-
#samr_open_user(domain_handle:, access: MAXIMUM_ALLOWED, user_id:) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a user, given a RID.
-
#samr_rid_to_sid(object_handle:, rid:) ⇒ String
Returns the SID of an account, given a RID.
Instance Method Details
#close_handle(sam_handle) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Closes (that is, releases server-side resources used by) any context handle obtained from this RPC interface
499 500 501 502 503 504 505 506 507 508 509 510 511 512 513 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 499 def close_handle(sam_handle) samr_close_handle_request = SamrCloseHandleRequest.new(sam_handle: sam_handle) response = dcerpc_request(samr_close_handle_request) begin samr_close_handle_response = SamrCloseHandleResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrCloseHandleResponse' end unless samr_close_handle_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned with samr_connect: "\ "#{WindowsError::NTStatus.find_by_retval(samr_close_handle_response.error_status.value).join(',')}" end samr_close_handle_response.sam_handle end |
#samr_connect(server_name: '', access: MAXIMUM_ALLOWED) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a server object.
336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 336 def samr_connect(server_name: '', access: MAXIMUM_ALLOWED) samr_connect_request = SamrConnectRequest.new( server_name: server_name, desired_access: access ) response = dcerpc_request(samr_connect_request) begin samr_connect_response = SamrConnectResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrConnectResponse' end unless samr_connect_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned with samr_connect: "\ "#{WindowsError::NTStatus.find_by_retval(samr_connect_response.error_status.value).join(',')}" end samr_connect_response.server_handle end |
#samr_enumerate_users_in_domain(domain_handle:, enumeration_context: 0, user_account_control: USER_NORMAL_ACCOUNT | USER_WORKSTATION_TRUST_ACCOUNT | USER_SERVER_TRUST_ACCOUNT | USER_INTERDOMAIN_TRUST_ACCOUNT) ⇒ Hash
Enumerates all users in the specified domain.
427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 427 def samr_enumerate_users_in_domain(domain_handle:, enumeration_context: 0, user_account_control: USER_NORMAL_ACCOUNT | USER_WORKSTATION_TRUST_ACCOUNT | USER_SERVER_TRUST_ACCOUNT | USER_INTERDOMAIN_TRUST_ACCOUNT) samr_enum_users_request = SamrEnumerateUsersInDomainRequest.new( domain_handle: domain_handle, user_account_control: user_account_control, prefered_maximum_length: 0xFFFFFFFF ) res = {} loop do samr_enum_users_request.enumeration_context = enumeration_context response = dcerpc_request(samr_enum_users_request) begin samr_enum_users_reponse= SamrEnumerateUsersInDomainResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrEnumerateUsersInDomainResponse' end unless samr_enum_users_reponse.error_status == WindowsError::NTStatus::STATUS_SUCCESS || samr_enum_users_reponse.error_status == WindowsError::NTStatus::STATUS_MORE_ENTRIES raise RubySMB::Dcerpc::Error::SamrError, "Error returned during users enumeration in SAM server: "\ "#{WindowsError::NTStatus.find_by_retval(samr_enum_users_reponse.error_status.value).join(',')}" end samr_enum_users_reponse.buffer.buffer.each_with_object(res) do |entry, hash| hash[entry.relative_id] = entry.name.buffer end break unless samr_enum_users_reponse.error_status == WindowsError::NTStatus::STATUS_MORE_ENTRIES enumeration_context = samr_enum_users_reponse.enumeration_context end res end |
#samr_get_alias_membership(domain_handle:, sids:) ⇒ Array<RubySMB::Dcerpc::Ndr::NdrUint32>
Returns the union of all aliases that a given set of SIDs is a member of.
525 526 527 528 529 530 531 532 533 534 535 536 537 538 539 540 541 542 543 544 545 546 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 525 def samr_get_alias_membership(domain_handle:, sids:) sids = [sids] unless sids.is_a?(::Array) samr_get_alias_membership_request = SamrGetAliasMembershipRequest.new( domain_handle: domain_handle ) sids.each do |sid| samr_get_alias_membership_request.sid_array.sids << {sid_pointer: sid} end response = dcerpc_request(samr_get_alias_membership_request) begin samr_get_alias_membership_reponse= SamrGetAliasMembershipResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrGetAliasMembershipResponse' end unless samr_get_alias_membership_reponse.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned while getting alias membership: "\ "#{WindowsError::NTStatus.find_by_retval(samr_get_alias_membership_reponse.error_status.value).join(',')}" end return [] if samr_get_alias_membership_reponse.membership.elem_count == 0 samr_get_alias_membership_reponse.membership.elements.to_ary end |
#samr_get_group_for_user(user_handle:) ⇒ Array<RubySMB::Dcerpc::Samr::GroupMembership>
Returns a listing of groups that a user is a member of
592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 592 def samr_get_group_for_user(user_handle:) samr_get_groups_for_user_request = SamrGetGroupsForUserRequest.new( user_handle: user_handle ) response = dcerpc_request(samr_get_groups_for_user_request) begin samr_get_groups_for_user_reponse= SamrGetGroupsForUserResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrGetGroupsForUserResponse' end unless samr_get_groups_for_user_reponse.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned while getting user groups: "\ "#{WindowsError::NTStatus.find_by_retval(samr_get_groups_for_user_reponse.error_status.value).join(',')}" end samr_get_groups_for_user_reponse.groups.groups.to_ary end |
#samr_lookup_domain(server_handle:, name:) ⇒ RubySMB::Dcerpc::RpcSid
Obtains the SID of a domain object
366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 366 def samr_lookup_domain(server_handle:, name:) samr_lookup_domain_in_sam_server_request = SamrLookupDomainInSamServerRequest.new( server_handle: server_handle, name: name ) response = dcerpc_request(samr_lookup_domain_in_sam_server_request) begin samr_lookup_domain_in_sam_server_response = SamrLookupDomainInSamServerResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrLookupDomainInSamServerResponse' end unless samr_lookup_domain_in_sam_server_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned during domain lookup in SAM server: "\ "#{WindowsError::NTStatus.find_by_retval(samr_lookup_domain_in_sam_server_response.error_status.value).join(',')}" end samr_lookup_domain_in_sam_server_response.domain_id end |
#samr_open_domain(server_handle:, access: MAXIMUM_ALLOWED, domain_id:) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a domain object.
398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 398 def samr_open_domain(server_handle:, access: MAXIMUM_ALLOWED, domain_id:) samr_open_domain_request = SamrOpenDomainRequest.new( server_handle: server_handle, desired_access: access, domain_id: domain_id ) response = dcerpc_request(samr_open_domain_request) begin samr_open_domain_response = SamrOpenDomainResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrLookupDomainInSamServerResponse' end unless samr_open_domain_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned during domain lookup in SAM server: "\ "#{WindowsError::NTStatus.find_by_retval(samr_open_domain_response.error_status.value).join(',')}" end samr_open_domain_response.domain_handle end |
#samr_open_user(domain_handle:, access: MAXIMUM_ALLOWED, user_id:) ⇒ RubySMB::Dcerpc::Samr::SamprHandle
Returns a handle to a user, given a RID
562 563 564 565 566 567 568 569 570 571 572 573 574 575 576 577 578 579 580 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 562 def samr_open_user(domain_handle:, access: MAXIMUM_ALLOWED, user_id:) samr_open_user_request = SamrOpenUserRequest.new( domain_handle: domain_handle, desired_access: access, user_id: user_id ) response = dcerpc_request(samr_open_user_request) begin samr_open_user_response = SamrOpenUserResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrOpenUserResponse' end unless samr_open_user_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned when getting a handle to user #{user_id}: "\ "#{WindowsError::NTStatus.find_by_retval(samr_open_user_response.error_status.value).join(',')}" end samr_open_user_response.user_handle end |
#samr_rid_to_sid(object_handle:, rid:) ⇒ String
Returns the SID of an account, given a RID.
470 471 472 473 474 475 476 477 478 479 480 481 482 483 484 485 486 487 |
# File 'lib/ruby_smb/dcerpc/samr.rb', line 470 def samr_rid_to_sid(object_handle:, rid:) samr_rid_to_sid_request = SamrRidToSidRequest.new( object_handle: object_handle, rid: rid ) response = dcerpc_request(samr_rid_to_sid_request) begin samr_rid_to_sid_response = SamrRidToSidResponse.read(response) rescue IOError raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrRidToSidResponse' end unless samr_rid_to_sid_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS raise RubySMB::Dcerpc::Error::SamrError, "Error returned during SID lookup in SAM server: "\ "#{WindowsError::NTStatus.find_by_retval(samr_rid_to_sid_response.error_status.value).join(',')}" end samr_rid_to_sid_response.sid end |