(self, name, secretItem)
| 2165 | self.__perSecretCallback(LSASecrets.SECRET_TYPE.LSA_HASHED, answer) |
| 2166 | |
| 2167 | def __printSecret(self, name, secretItem): |
| 2168 | # Based on [MS-LSAD] section 3.1.1.4 |
| 2169 | |
| 2170 | # First off, let's discard NULL secrets. |
| 2171 | if len(secretItem) == 0: |
| 2172 | LOG.debug('Discarding secret %s, NULL Data' % name) |
| 2173 | return |
| 2174 | |
| 2175 | # We might have secrets with zero |
| 2176 | if secretItem.startswith(b'\x00\x00'): |
| 2177 | LOG.debug('Discarding secret %s, all zeros' % name) |
| 2178 | return |
| 2179 | |
| 2180 | upperName = name.upper() |
| 2181 | |
| 2182 | LOG.info('%s ' % name) |
| 2183 | |
| 2184 | secret = '' |
| 2185 | |
| 2186 | if upperName.startswith('_SC_'): |
| 2187 | # Service name, a password might be there |
| 2188 | # Let's first try to decode the secret |
| 2189 | try: |
| 2190 | strDecoded = secretItem.decode('utf-16le') |
| 2191 | except: |
| 2192 | pass |
| 2193 | else: |
| 2194 | # We have to get the account the service |
| 2195 | # runs under |
| 2196 | if hasattr(self.__remoteOps, 'getServiceAccount'): |
| 2197 | account = self.__remoteOps.getServiceAccount(name[4:]) |
| 2198 | if account is None: |
| 2199 | secret = self.UNKNOWN_USER + ':' |
| 2200 | else: |
| 2201 | secret = "%s:" % account |
| 2202 | else: |
| 2203 | # We don't support getting this info for local targets at the moment |
| 2204 | secret = self.UNKNOWN_USER + ':' |
| 2205 | secret += strDecoded |
| 2206 | elif upperName.startswith('DEFAULTPASSWORD'): |
| 2207 | # defaults password for winlogon |
| 2208 | # Let's first try to decode the secret |
| 2209 | try: |
| 2210 | strDecoded = secretItem.decode('utf-16le') |
| 2211 | except: |
| 2212 | pass |
| 2213 | else: |
| 2214 | # We have to get the account this password is for |
| 2215 | if hasattr(self.__remoteOps, 'getDefaultLoginAccount'): |
| 2216 | account = self.__remoteOps.getDefaultLoginAccount() |
| 2217 | if account is None: |
| 2218 | secret = self.UNKNOWN_USER + ':' |
| 2219 | else: |
| 2220 | secret = "%s:" % account |
| 2221 | else: |
| 2222 | # We don't support getting this info for local targets at the moment |
| 2223 | secret = self.UNKNOWN_USER + ':' |
| 2224 | secret += strDecoded |
no test coverage detected