pysap.SAPCredv2 module¶
-
pysap.SAPCredv2.
CIPHER_ALGORITHM_3DES
= 0¶ Constant for 3DES encryption algorithm
-
pysap.SAPCredv2.
CIPHER_ALGORITHM_AES256
= 1¶ Constant for AES256 encryption algorithm
-
class
pysap.SAPCredv2.
SAPCredv2
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.asn1packet.ASN1_Packet
SAP Credv2 Credential set definition
-
ASN1_codec
= <ASN1Codec BER[1]>¶
-
ASN1_root
= <ASN1F_SEQUENCE_OF creds>¶
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2'>, <class 'scapy.asn1packet.ASN1_Packet'>, <class 'scapy.packet.Packet'>]¶
-
fields_desc
= [<ASN1F_SEQUENCE_OF creds>]¶
-
-
class
pysap.SAPCredv2.
SAPCredv2Cred
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.asn1packet.ASN1_Packet
SAP Credv2 Credential definition
-
ASN1_codec
= <ASN1Codec BER[1]>¶
-
ASN1_root
= <pysap.utils.fields.ASN1F_CHOICE_SAFE object>¶
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2Cred'>, <class 'scapy.asn1packet.ASN1_Packet'>, <class 'scapy.packet.Packet'>]¶
-
fields_desc
= [<pysap.utils.fields.ASN1F_CHOICE_SAFE object>]¶
-
-
class
pysap.SAPCredv2.
SAPCredv2_Cred
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.asn1packet.ASN1_Packet
SAP Credv2 Credential without LPS definition
-
ASN1_codec
= <ASN1Codec BER[1]>¶
-
ASN1_root
= <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_BIT_STRING object>)>¶
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2_Cred'>, <class 'scapy.asn1packet.ASN1_Packet'>, <class 'scapy.packet.Packet'>]¶
-
cipher_algorithm
¶
-
cipher_format_version
¶
-
common_name
¶
-
decrypt
(username)[source]¶ Decrypt a credential given a particular username. Tries to identify the credential format and choose the decryption method to use.
Parameters: username (string) – Username to use when decrypting Returns: decrypted object Return type: SAPCredv2_Cred_Plain
-
decrypt_simple
(username)[source]¶ Decrypt a credential using the simple approach. It only handles 3DES. Tries to parse the decrypted object into a plain credential object type. If it fails, probably due to an invalid username use to decrypt it, raises an exception.
Parameters: username (string) – Username to use when decrypting Returns: decrypted object Return type: SAPCredv2_Cred_Plain
-
decrypt_with_header
(username)[source]¶ Decrypt a credential file using the header. It handles 3DES and AES256 algorithms. Tries to parse the decrypted object into a plain credential object type. If it fails, probably due to an invalid username use to decrypt it, raises an exception.
Parameters: username (string) – Username to use when decrypting Returns: decrypted object Return type: SAPCredv2_Cred_Plain Raises: SAPCredv2_Decryption_Error – if there’s an error decrypting the object
-
derive_key
(key, blob, header, username)[source]¶ Derive a key using SAP’s algorithm. The key is derived using SHA256 and xor from an initial key, a header, salt and username.
-
fields_desc
= [<scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_BIT_STRING object>]¶
-
lps_type
¶
-
lps_type_str
¶
-
pse_file_path
¶
-
-
class
pysap.SAPCredv2.
SAPCredv2_Cred_Cipher
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.packet.Packet
SAP Cred cipher packet. This is the header of an encrypted credential format 1. It contains all the required data to decrypt the stored credential.
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2_Cred_Cipher'>, <class 'scapy.packet.Packet'>]¶
-
fields_desc
= [<Field (SAPCredv2_Cred_Cipher).version>, <Field (SAPCredv2_Cred_Cipher).algorithm>, <Field (SAPCredv2_Cred_Cipher).unknown>, <Field (SAPCredv2_Cred_Cipher).salt>, <Field (SAPCredv2_Cred_Cipher).iv>, <Field (SAPCredv2_Cred_Cipher).cipher_text>]¶
-
-
class
pysap.SAPCredv2.
SAPCredv2_Cred_LPS
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.asn1packet.ASN1_Packet
SAP Credv2 Credential with LPS definition
-
ASN1_codec
= <ASN1Codec BER[1]>¶
-
ASN1_root
= <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_INTEGER object>, <ASN1F_SEQUENCE_OF subject>, <scapy.asn1fields.ASN1F_UTF8_STRING object>, <scapy.asn1fields.ASN1F_BIT_STRING object>)>¶
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2_Cred_LPS'>, <class 'scapy.asn1packet.ASN1_Packet'>, <class 'scapy.packet.Packet'>]¶
-
cipher_algorithm
¶
-
cipher_format_version
¶
-
common_name
¶ This reassembles the issuer construction from Scapy’s X.509 Certificate class.
-
decrypt
(username=None)[source]¶ Decrypt a credential file using LPS.
Parameters: username (string) – Username to use when decrypting. Not used but kept to match signature Returns: decrypted object Return type: SAPCredv2_Cred_Plain
-
fields_desc
= [<scapy.asn1fields.ASN1F_INTEGER object>, <ASN1F_SEQUENCE_OF subject>, <scapy.asn1fields.ASN1F_UTF8_STRING object>, <scapy.asn1fields.ASN1F_BIT_STRING object>]¶
-
lps_type
¶
-
lps_type_str
¶
-
pse_file_path
¶
-
-
class
pysap.SAPCredv2.
SAPCredv2_Cred_Plain
(_pkt='', post_transform=None, _internal=0, _underlayer=None, **fields)[source]¶ Bases:
scapy.asn1packet.ASN1_Packet
-
ASN1_codec
= <ASN1Codec BER[1]>¶
-
ASN1_root
= <ASN1F_SEQUENCE(<scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>, <scapy.asn1fields.ASN1F_optional object>)>¶
-
PROVIDER_MSCryptProtect
= 'MSCryptProtect'¶ Provider for Windows hosts using DPAPI
-
aliastypes
= [<class 'pysap.SAPCredv2.SAPCredv2_Cred_Plain'>, <class 'scapy.asn1packet.ASN1_Packet'>, <class 'scapy.packet.Packet'>]¶
-
static
decrypt_MSCryptProtect
(plain, cred)[source]¶ Decrypts a credential using the Windows DP API. Requires the current logged-in user to have permissions to decrypt the blob stored in the credentials file.
Parameters: - plain (SAPCredv2_Cred_Plain) – plain credential extracted
- cred (SAPCredv2_Cred) – credential from where the blob was extracted
Returns: the content in the blob decrypted using the provider
Return type: string
-
decrypt_provider
(cred)[source]¶ Decrypts a credential file already decrypted using the specified provider. This is platform dependent.
Parameters: cred (SAPCredv2_Cred) – credential from where the blob was extracted Returns: the content in the blob decrypted using the provider Return type: string Raises: Exception – if the provider is invalid or unsupported
-
fields_desc
= [<scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>, <scapy.asn1fields.ASN1F_IA5_STRING object>]¶
-
providers
= {'MSCryptProtect': <staticmethod object>}¶ Definition of implemented providers
-
-
pysap.SAPCredv2.
cipher_algorithms
= {0: '3DES', 1: 'AES256'}¶ Dict with encryption algorithms supported
-
pysap.SAPCredv2.
cred_key_fmt
= '240657rsga&/%srwthgrtawe45hhtrtrsr35467b2dx3456j67mv67f89656f75'¶ Fixed key embedded in CommonCryptoLib for encrypted credentials