dcerpc | DCE / RPC Implementation in Go

 by   gentlemanautomaton Go Version: Current License: MIT

kandi X-RAY | dcerpc Summary

kandi X-RAY | dcerpc Summary

dcerpc is a Go library typically used in Web Services applications. dcerpc has no bugs, it has no vulnerabilities, it has a Permissive License and it has low support. You can download it from GitHub.

A DCE / RPC Implementation in Golang. The dcerpc project aims to provide a native Go language implementation of the Distributed Computing Environment RPC specification as published by the Open Group in technical publication "[C706] DCE 1.1: Remote Procedure Call". It also aims to support the modifications published in "[MS-RPCE] Remote Procedure Call Protocol Extensions" that are used in various protocols such as [MS-DCOM]. This project is not a port of any existing implementation; it is an original work of the Gentleman Automaton collaborative. It is published under the MIT license.
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              dcerpc has a low active ecosystem.
              It has 12 star(s) with 1 fork(s). There are 6 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              dcerpc has no issues reported. There are no pull requests.
              It has a neutral sentiment in the developer community.
              The latest version of dcerpc is current.

            kandi-Quality Quality

              dcerpc has no bugs reported.

            kandi-Security Security

              dcerpc has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.

            kandi-License License

              dcerpc is licensed under the MIT License. This license is Permissive.
              Permissive licenses have the least restrictions, and you can use them in most projects.

            kandi-Reuse Reuse

              dcerpc releases are not available. You will need to build from source code and install.

            Top functions reviewed by kandi - BETA

            kandi has reviewed dcerpc and discovered the below as its top functions. This is intended to give you an instant insight into dcerpc implemented functionality, and help decide if they suit your requirements.
            • EncSlSliceElements encodes v into w .
            • SliceSubsets returns a slice of SliceSubsets .
            • EncOpForSliceField creates an encOp for a slice .
            • EncOpForStruct returns an encOp for a struct .
            • EncOpForSliceConformance is the same as EncOpForSliceConformance
            • EncOpForField returns an encOp for a field .
            • EncOpForPrimitive returns an EncOp for a given primitive type .
            • EncOpForConformantField takes a struct and returns an EncOp for a struct and a slice of struct fields .
            • EncOpForArray returns an EncOp for the given reflect . Type .
            • encOpForSliceWithFirstLast returns an encOp for the first field and lastField .
            Get all kandi verified functions for this library.

            dcerpc Key Features

            No Key Features are available at this moment for dcerpc.

            dcerpc Examples and Code Snippets

            No Code Snippets are available at this moment for dcerpc.

            Community Discussions

            QUESTION

            How to convert a pcap into hex stream using tshark?
            Asked 2019-Sep-12 at 18:43

            All I tried is this in Python:

            First, I read the pcap file and used this command in Python:

            ...

            ANSWER

            Answered 2019-Sep-12 at 18:41

            As you are using python, you may want to look at PyShark, which leverages tshark.

            Setup: Create a File

            Let's create a one-packet file for demonstration purposes:

            Source https://stackoverflow.com/questions/57848983

            QUESTION

            Understanding smb and DCERPC for remote command execution capabilities
            Asked 2018-Sep-11 at 22:18

            I'm trying to understand all the methods available to execute remote commands on Windows through the impacket scripts:

            https://www.coresecurity.com/corelabs-research/open-source-tools/impacket

            https://github.com/CoreSecurity/impacket

            I understand the high level explanation of psexec.py and smbexec.py, how they create a service on the remote end and run commands through cmd.exe -c but I can't understand how can you create a service on a remote windows host through SMB. Wasn't smb supposed to be mainly for file transfers and printer sharing? Reading the source code I see in the notes that they use DCERPC to create this services, is this part of the smb protocol? All the resources on DCERPC i've found were kind of confusing, and not focused on its service creating capabilities. Looking at the sourcecode of atexec.py, it says that it interacts with the task scheduler service of the windows host, also through DCERPC. Can it be used to interact with all services running on the remote box?

            Thanks!

            ...

            ANSWER

            Answered 2018-Jul-15 at 17:56

            DCERPC (https://en.wikipedia.org/wiki/DCE/RPC) : the initial protocol, which was used as a template for MSRPC (https://en.wikipedia.org/wiki/Microsoft_RPC).

            MSRPC is a way to execute functions on the remote end and to transfer data (parameters to these functions). It is not a way to directly execute remote OS commands on the remote side.

            SMB (https://en.wikipedia.org/wiki/Server_Message_Block ) is the file sharing protocol mainly used to access files on Windows file servers. In addition, it provides Named Pipes (https://msdn.microsoft.com/en-us/library/cc239733.aspx), a way to transfer data between a local process and a remote process.

            One common way for MSRPC is to use it via Named Pipes over SMB, which has the advantage that the security layer provided by SMB is directly approached for MSRPC.

            In fact, MSRPC is one of the most important, yet very less known protocols in the Windows world.

            Neither MSRPC, nor SMB has something to do with remote execution of shell commands.

            One common way to execute remote commands is:

            • Copy files (via SMB) to the remote side (Windows service EXE)
            • Create registry entries on the remote side (so that the copied Windows Service is installed and startable)
            • Start the Windows service. The started Windows service can use any network protocol (e.g. MSRPC) to receive commands and to execute them.
            • After the work is done, the Windows service can be uninstalled (remove registry entries and delete the files).

            In fact, this is what PSEXEC does.

            All the resources on DCERPC i've found were kind of confusing, and not focused on its service creating capabilities.

            Yes, It’s just a remote procedure call protocol. But it can be used to start a procedure on the remote side, which can just do anything, e.g. creating a service.

            Looking at the sourcecode of atexec.py, it says that it interacts with the task scheduler service of the windows host, also through DCERPC. Can it be used to interact with all services running on the remote box?

            There are some MSRPC commands which handle Task Scheduler, and others which handle generic service start and stop commands.

            A few final words at the end:

            SMB / CIFS and the protocols around are really complex and hard to understand. It seems ok trying to understand how to deal with e.g. remote service control, but this can be a very long journey.

            Perhaps this page (which uses Java for trying to control Windows service) may also help understanding.

            https://dev.c-ware.de/confluence/pages/viewpage.action?pageId=15007754

            Source https://stackoverflow.com/questions/51346269

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install dcerpc

            You can download it from GitHub.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/gentlemanautomaton/dcerpc.git

          • CLI

            gh repo clone gentlemanautomaton/dcerpc

          • sshUrl

            git@github.com:gentlemanautomaton/dcerpc.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Go Libraries

            go

            by golang

            kubernetes

            by kubernetes

            awesome-go

            by avelino

            moby

            by moby

            hugo

            by gohugoio

            Try Top Libraries by gentlemanautomaton

            smb

            by gentlemanautomatonGo

            volmgmt

            by gentlemanautomatonGo

            netcore

            by gentlemanautomatonGo

            winsession

            by gentlemanautomatonGo

            windevice

            by gentlemanautomatonGo