packetgen-plugin-smb 0.3.0 → 0.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: cc233d3dcb94925757db9c4f5dde9647f97cce4d1e73001f3bbbcb41309ed435
-  data.tar.gz: 50d2ebf353a37d073bae3f6f7458057e4db8a7f2b5c0932094e1820056ab2746
+  metadata.gz: f3f0164d4068b3b829fac802f5ce944c33bf86275fb90aa46150e57926a236f3
+  data.tar.gz: 001d57bf0ec000e0e738b25d1116ea0b73bc7a2c0de61b68e6c16ef75a130d4b
 SHA512:
-  metadata.gz: 5862b573e7b9bba3826f10ef8e1ac8bbb34817e49f93338223ca5fbfcd0ad19cbeb65b64428fc1832c7603fe8a5a5cfc32cb6ac31d63c2e66de4a518ab89de6d
-  data.tar.gz: bb9a3e27eb4c36e3b6197d6450bef4efd73af1e3a0849c07383ea32924d155e0e21f975f7c91b4092ba70cce3d03cb368f92d38311a1a6585c946b5c1462dae5
+  metadata.gz: 661c09099b29c3c747e5b4d1831b05fb3945123e1d5ff7aaabc053221c100ed1113fd04a72af5fdbc245a9d0789419f6b6fc1c8a37a558c64da53ef1b30c4e8e
+  data.tar.gz: 06b857556ca716b954a4fb935ec3e6e91ab2a0416442b31e3ad7e9eec7631fe33d6c3bb96814fd949fbffd2d58c97fc80fbbd18dd4b66cd5a603663f58169bb9

data/.rubocop.yml

@@ -1,4 +1,3 @@
-TargetRubyVersion: 2.3
 Layout/SpaceAroundEqualsInParameterDefault:
   EnforcedStyle: no_space
 Lint/EmptyWhen:

data/Gemfile

@@ -1,6 +1,3 @@
 source 'https://rubygems.org'
 
-git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
-
-# Specify your gem's dependencies in packetgen-plugin-smb.gemspec
 gemspec

data/README.md

@@ -3,7 +3,20 @@
 
 # Packetgen::Plugin::SMB
 
-This is a plugin for [PacketGen gem](https://github.com/sdaubert/packetgen). It adds some support for SMB protocol suite.
+This is a plugin for [PacketGen gem](https://github.com/sdaubert/packetgen). It adds some support for SMB protocol suite:
+
+* SMB:
+    * SMB common header,
+    * Close command,
+    * NtCreateAndX command,
+    * Trans command,
+    * Browser subprotocol,
+* SMB2:
+    * SMB2 common header (support 2.x and 3.x dialects),
+    * Negotiate command,
+    * SessionSetup command,
+* GSSAPI, used to transport negotiation over SMB2 commands.
+
 
 ## Installation
 
@@ -25,6 +38,10 @@ Or install it yourself as:
 
 TODO
 
+## See also
+
+API documentation: http://www.rubydoc.info/gems/packetgen-plugin-smb
+
 ## License
 
 MIT License (see [LICENSE](https://github.com/sdaubert/packetgen-plugin-smb/blob/master/LICENSE))

data/lib/packetgen-plugin-smb.rb

@@ -8,5 +8,6 @@
 require 'packetgen'
 require_relative 'packetgen/plugin/smb_version'
 require_relative 'packetgen/plugin/gssapi'
+require_relative 'packetgen/plugin/netbios'
 require_relative 'packetgen/plugin/smb'
 require_relative 'packetgen/plugin/smb2'

data/lib/packetgen/plugin/gssapi.rb

@@ -86,7 +86,7 @@ module PacketGen::Plugin
         'accept-incomplete' => 1,
         'reject' => 2,
         'request-mic' => 3
-      }
+      }.freeze
       sequence :token, explicit: 1, class: :context, constructed: true,
                content: [enumerated(:negstate, enum: NEG_STATES, explicit: 0, class: :context, constructed: true, optional: true),
                          objectid(:supported_mech, explicit: 1, class: :context, constructed: true, optional: true),
@@ -106,8 +106,9 @@ module PacketGen::Plugin
     def initialize(args={})
       token = args.delete(:token)
       super
-      self[:gssapi].chosen = (token == :init) ? 0 : 1
+      self[:gssapi].chosen = token == :init ? 0 : 1
     end
+
     # Populate Object from +str+
     # @param [String] str
     # @return [self]

data/lib/packetgen/plugin/netbios.rb

@@ -0,0 +1,17 @@
+# This file is part of PacketGen
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen::Plugin
+  # Module to group all NetBIOS headers
+  # @author Sylvain Daubert
+  module NetBIOS
+  end
+end
+
+require_relative 'netbios/name'
+require_relative 'netbios/session'
+require_relative 'netbios/datagram'

data/lib/packetgen/plugin/netbios/datagram.rb

@@ -0,0 +1,108 @@
+# This file is part of PacketGen
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen::Plugin
+  # Module to group all NetBIOS headers
+  # @author Sylvain Daubert
+  module NetBIOS
+    # NetBIOS Session Service messages.
+    # @author Sylvain Daubert
+    class Datagram < PacketGen::Header::Base
+      # Give protocol name
+      # @return [String]
+      def self.protocol_name
+        'NetBIOS::Datagram'
+      end
+
+      # Port number for NetBIOS Session Service over TCP
+      UDP_PORT = 138
+
+      # Datagram packet types
+      TYPES = {
+        'direct_unique' => 0x10,
+        'direct_group' => 0x11,
+        'broadcast' => 0x12,
+        'error' => 0x13,
+        'query_request' => 0x14,
+        'positive_query_resp' => 0x15,
+        'negative_query_resp' => 0x16,
+      }.freeze
+
+      # @!attribute type
+      #  8-bit session packet type
+      #  @return [Integer]
+      define_field :type, PacketGen::Types::Int8Enum, enum: TYPES
+      # @!attribute flags
+      #  8-bit flags
+      #  @return [Integer]
+      define_field :flags, PacketGen::Types::Int8
+      # @!attribute dgm_id
+      #  16-bit next transaction ID for datagrams
+      #  @return [Integer]
+      define_field :dgm_id, PacketGen::Types::Int16
+      # @!attribute src_ip
+      #  Source IP address
+      # @return [IP::Addr]
+      define_field :src_ip, PacketGen::Header::IP::Addr
+      # @!attribute src_port
+      #  Source port
+      # @return [IP::Addr]
+      define_field :src_port, PacketGen::Types::Int16
+      # @!attribute dgm_length
+      #  Length of data + second level of encoded names. Not present in error datagram.
+      # @return [Integer]
+      define_field :dgm_length, PacketGen::Types::Int16, optional: ->(h) { h.type != 0x13 }
+      # @!attribute packet_offset
+      # Not present in error datagram.
+      # @return [Integer]
+      define_field :packet_offset, PacketGen::Types::Int16, optional: ->(h) { h.type != 0x13 }
+      # @!attribute error_code
+      #  Error code. Only present in error datagrams.
+      #  @return [Integer]
+      define_field :error_code, PacketGen::Types::Int16, optional: ->(h) { h.type == 0x13 }
+      # @!attribute src_name
+      #  NetBIOS source name. Only present in direct_unique, direct_group and broadcast datagrams.
+      #  @return []
+      define_field :src_name, Name, default: '', optional: ->(h) { (h.type >= 0x10) && (h.type <= 0x12) }
+      # @!attribute dst_name
+      #  NetBIOS destination name. Present in all but error datagrams.
+      #  @return []
+      define_field :dst_name, Name, default: '', optional: ->(h) { h.type != 0x13 }
+      # @!attribute body
+      #  User data. Ony present in direct_unique, direct_group and broadcast datagrams.
+      #  @return [String]
+      define_field :body, PacketGen::Types::String, optional: ->(h) { (h.type >= 0x10) && (h.type <= 0x12) }
+
+      # @!attribute :rsv
+      #  4-bit rsv field. 4 upper bits of {#flags}
+      #  @return [Integer]
+      # @!attribute :snt
+      #  2-bit SNT (Source end-Node Type) field from {#flags}.
+      #  @return [Integer]
+      # @!attribute f
+      #  First packet flag. If set then this is first
+      #  (and possibly only) fragment of NetBIOS datagram.
+      #  @return [Boolean]
+      # @!attribute m
+      #  More flag. If set then more NetBIOS datagram
+      #  fragments follow.
+      #  @return [Boolean]
+      define_bit_fields_on :flags, :rsv, 4, :snt, 2, :f, :m
+
+      # Compute and set {#dgm_length} field
+      # @return [Integer] calculated length
+      def calc_length
+        length = self[:body].sz
+        length += self[:src_name].sz if present?(:src_name)
+        length += self[:dst_name].sz if present?(:dst_name)
+        self.dgm_length = length
+      end
+    end
+    PacketGen::Header.add_class Datagram
+    PacketGen::Header::UDP.bind Datagram, dport: Datagram::UDP_PORT, sport: Datagram::UDP_PORT
+  end
+end

data/lib/packetgen/plugin/netbios/name.rb

@@ -0,0 +1,64 @@
+# This file is part of PacketGen
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen::Plugin
+    # Module to group all NetBIOS headers
+    # @author Sylvain Daubert
+  module NetBIOS
+    # NetBIOS Name.
+    # @author Sylvain Daubert
+    class Name < PacketGen::Header::DNS::Name
+      # Size, in bytes, of an encoded NetBIOS name
+      ENCODED_NAME_SIZE = 32
+
+      # Read a NetBIOS name from a string
+      # @param [String] str
+      # @return [Name] self
+      def from_human(str)
+        clear
+        return self if str.nil?
+
+        encoded_name = encode_name(str)
+        super(encoded_name)
+      end
+
+      # Get a human readable string
+      # @return [String]
+      def to_human
+        encoded_name = super
+        decode_name(encoded_name)
+      end
+
+      private
+
+      def encode_name(name)
+        basename, *scope_id = name.split('.')
+        basename = '' if basename.nil?
+        scope_id = scope_id.join('.')
+        encoded_name = +''
+        basename.each_byte do |byte|
+          a = (byte >> 4) + 0x41
+          b = (byte & 0xf) + 0x41
+          encoded_name << [a, b].pack('C2')
+        end
+        encoded_name << 'CA' * ((ENCODED_NAME_SIZE - encoded_name.size) / 2) if encoded_name.size < ENCODED_NAME_SIZE
+        encoded_name << ".#{scope_id}" if scope_id
+        encoded_name
+      end
+
+      def decode_name(encoded_name)
+        name = +''
+        encoded_name.partition('.').first.scan(/../).map do |duo|
+          a = (duo[0].ord - 0x41) & 0xf
+          b = (duo[1].ord - 0x41) & 0xf
+          name << (a << 4 | b).chr
+        end
+        name.strip
+      end
+    end
+  end
+end

data/lib/packetgen/plugin/netbios/session.rb

@@ -0,0 +1,71 @@
+# This file is part of PacketGen
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+# frozen_string_literal: true
+
+module PacketGen::Plugin
+  # Module to group all NetBIOS headers
+  # @author Sylvain Daubert
+  module NetBIOS
+    # NetBIOS Session Service messages.
+    # @author Sylvain Daubert
+    class Session < PacketGen::Header::Base
+      # Give protocol name
+      # @return [String]
+      def self.protocol_name
+        'NetBIOS::Session'
+      end
+
+      # Port number for NetBIOS Session Service over TCP
+      TCP_PORT = 139
+      # Port number for NetBIOS Session Service over TCP (mainly used yb {SMB2})
+      TCP_PORT2 = 445
+
+      # Session packet types
+      TYPES = {
+        'message'           => 0,
+        'request'           => 0x81,
+        'positive_response' => 0x82,
+        'negative_response' => 0x83,
+        'retarget_response' => 0x84,
+        'keep_alive'        => 0x85,
+      }.freeze
+
+      # @!attribute type
+      #  8-bit session packet type
+      #  @return [Integer]
+      define_field :type, PacketGen::Types::Int8Enum, enum: TYPES
+      # @!attribute length
+      #  17-bit session packet length
+      #  @return [Integer]
+      define_field :length, PacketGen::Types::Int24
+      # @!attribute body
+      #  @return [String]
+      define_field :body, PacketGen::Types::String
+
+      # Compute and set {#length} field
+      # @return [Integer] calculated length
+      def calc_length
+        PacketGen::Header::Base.calculate_and_set_length(self, header_in_size: false)
+      end
+
+      # @api private
+      # @note This method is used internally by PacketGen and should not be
+      #       directly called
+      # @since 2.7.0 Set TCP sport according to bindings, only if sport is 0.
+      #  Needed by new bind API.
+      def added_to_packet(packet)
+        return unless packet.is? 'TCP'
+        return unless packet.tcp.sport.zero?
+        packet.tcp.sport = TCP_PORT
+      end
+    end
+    PacketGen::Header.add_class Session
+    PacketGen::Header::TCP.bind Session, dport: Session::TCP_PORT
+    PacketGen::Header::TCP.bind Session, sport: Session::TCP_PORT
+    PacketGen::Header::TCP.bind Session, dport: Session::TCP_PORT2
+    PacketGen::Header::TCP.bind Session, sport: Session::TCP_PORT2
+    end
+end

data/lib/packetgen/plugin/smb.rb

@@ -190,8 +190,8 @@ module PacketGen::Plugin
     end
   end
   PacketGen::Header.add_class SMB
-  PacketGen::Header::NetBIOS::Session.bind SMB, body: ->(val) { val.nil? ? SMB::MARKER : val[0..3] == SMB::MARKER }
-  PacketGen::Header::NetBIOS::Datagram.bind SMB, body: ->(val) { val.nil? ? SMB::MARKER : val[0..3] == SMB::MARKER }
+  NetBIOS::Session.bind SMB, body: ->(val) { val.nil? ? SMB::MARKER : val[0..3] == SMB::MARKER }
+  NetBIOS::Datagram.bind SMB, body: ->(val) { val.nil? ? SMB::MARKER : val[0..3] == SMB::MARKER }
 end
 
 require_relative 'smb/string'

data/lib/packetgen/plugin/smb/browser.rb

@@ -11,6 +11,12 @@ module PacketGen::Plugin
     # See subclasses.
     # @author Sylvain Daubert
     class Browser < PacketGen::Header::Base
+      # Give protocol name for this class
+      # @return [String]
+      def self.protocol_name
+        'SMB::Browser'
+      end
+
       OPCODES = {
         'HostAnnouncement' => 1,
         'HostAnnouncementReq' => 2,
@@ -57,12 +63,6 @@ module PacketGen::Plugin
         end
       end
 
-      # Give protocol name for this class
-      # @return [String]
-      def protocol_name
-        'SMB::Browser'
-      end
-
       # Callback called when a Browser header is added to a packet.
       # Here, add +#smb_browser+ method as a shortcut to existing
       # +#smb_browser_*+ method.

data/lib/packetgen/plugin/smb/browser/domain_announcement.rb

@@ -20,11 +20,6 @@ module PacketGen::Plugin
         alias browser_conf_ver_min os_ver_min
         alias machine_group server_name
         alias local_master_name comment
-
-        # @return [String]
-        def protocol_name
-          'SMB::Browser::DomainAnnouncement'
-        end
       end
       PacketGen::Header.add_class DomainAnnouncement
       SMB::Trans::Request.bind DomainAnnouncement, name: '\\MAILSLOT\\BROWSE', body: ->(v) { v[0] == OPCODES['DomainAnnouncement'] }

data/lib/packetgen/plugin/smb/browser/host_announcement.rb

@@ -14,6 +14,14 @@ module PacketGen::Plugin
       # specify the types of resources and services it supports.
       # @author Sylvain Daubert
       class HostAnnouncement < Browser
+        # @return [String]
+        def self.protocol_name
+          return @protocol_name if @protocol_name
+
+          basename = to_s.sub(/^.*::/, '')
+          @protocol_name = "SMB::Browser::#{basename}"
+        end
+
         remove_field :body
         update_field :opcode, default: 1
         # @!attribute update_count
@@ -58,11 +66,6 @@ module PacketGen::Plugin
         #  Null-terminated ASCII string.
         #  @return [String]
         define_field :comment, PacketGen::Types::CString
-
-        # @return [String]
-        def protocol_name
-          'SMB::Browser::HostAnnouncement'
-        end
       end
       PacketGen::Header.add_class HostAnnouncement
       SMB::Trans::Request.bind HostAnnouncement, name: '\\MAILSLOT\\BROWSE', body: ->(v) { v[0] == OPCODES['HostAnnouncement'] }

data/lib/packetgen/plugin/smb/browser/local_master_announcement.rb

@@ -15,11 +15,6 @@ module PacketGen::Plugin
       # @author Sylvain Daubert
       class LocalMasterAnnouncement < HostAnnouncement
         update_field :opcode, default: 15
-
-        # @return [String]
-        def protocol_name
-          'SMB::Browser::LocalMasterAnnouncement'
-        end
       end
       PacketGen::Header.add_class LocalMasterAnnouncement
       SMB::Trans::Request.bind LocalMasterAnnouncement, name: '\\MAILSLOT\\BROWSE', body: ->(v) { v[0] == OPCODES['LocalMasterAnnouncement'] }

data/lib/packetgen/plugin/smb/close/request.rb

@@ -36,7 +36,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Close::Request'
         end
       end

data/lib/packetgen/plugin/smb/close/response.rb

@@ -27,7 +27,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Close::Response'
         end
       end

data/lib/packetgen/plugin/smb/filetime.rb

@@ -17,6 +17,11 @@ module PacketGen::Plugin
       # Numbers of 100ns in one second
       ONE_SEC = 10_000_000
 
+      # String to format time
+      FORMAT_TIME_STR = '%Y-%m-%d %H:%M:%S.%9N %Z'
+      # String to parse time
+      PARSE_TIME_STR = '%Y-%m-%d %H:%M:%S.%N %Z'
+
       # @param [Hash] options
       # @option options [Integer] :filetime
       # @option options [Time] :time
@@ -49,10 +54,24 @@ module PacketGen::Plugin
         if no_time?
           'no time'
         else
-          @time.strftime("%Y-%m-%d %H:%M:%S.%9N %Z")
+          @time.strftime(FORMAT_TIME_STR)
         end
       end
 
+      # @return [self]
+      def from_human(str)
+        return self if str.nil?
+
+        @time = if str == 'no time'
+                  Time.at(NO_TIME)
+                else
+                  DateTime.strptime(str, PARSE_TIME_STR).to_time
+                end
+        @int.value = time2filetime
+
+        self
+      end
+
       # Get filetime integer value
       # @return [Integer]
       def to_i

data/lib/packetgen/plugin/smb/ntcreateandx/request.rb

@@ -141,7 +141,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::NtCreateAndX::Request'
         end
 

data/lib/packetgen/plugin/smb/ntcreateandx/response.rb

@@ -101,7 +101,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::NtCreateAndX::Response'
         end
 

data/lib/packetgen/plugin/smb/trans/request.rb

@@ -112,7 +112,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Trans::Request'
         end
       end

data/lib/packetgen/plugin/smb/trans/response.rb

@@ -85,7 +85,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Trans::Response'
         end
       end

data/lib/packetgen/plugin/smb2.rb

@@ -148,6 +148,12 @@ module PacketGen::Plugin
       self.bind kresponse, command: SMB2::COMMANDS[command], flags: ->(v) { v.nil? ? 0 : (v & 1 == 1) }
     end
 
+    # Invert {#flags_response?}
+    # @return [self]
+    def reply!
+      self.flags_response = !flags_response?
+    end
+
     # @return [String]
     def inspect
       super do |attr|
@@ -166,13 +172,9 @@ module PacketGen::Plugin
       end
     end
   end
-  # TODO: move this in netbios file when packetgen3 will be out
-  PacketGen::Header::TCP.bind PacketGen::Header::NetBIOS::Session, dport: 445
-  PacketGen::Header::TCP.bind PacketGen::Header::NetBIOS::Session, sport: 445
 
   PacketGen::Header.add_class SMB2
-  PacketGen::Header::NetBIOS::Session.bind SMB2, body: ->(val) { val.nil? ? SMB2::MARKER : val[0..3] == SMB2::MARKER }
-  PacketGen::Header::NetBIOS::Datagram.bind SMB2, body: ->(val) { val.nil? ? SMB2::MARKER : val[0..3] == SMB2::MARKER }
+  NetBIOS::Session.bind SMB2, body: ->(val) { val.nil? ? SMB2::MARKER : val[0..3] == SMB2::MARKER }
 end
 
 require_relative 'smb2/base'

data/lib/packetgen/plugin/smb2/negotiate/context.rb

@@ -47,31 +47,11 @@ module PacketGen::Plugin
         # @!attribute pad
         #  Padding to align next context on a 8-byte offset
         #  @return [String]
-        define_field :pad, PacketGen::Types::String, builder: ->(h, t) { t.new(length_from: -> { v = 8 - (h.offset_of(:data) + h.data_length) % 8; v == 8 ? 0 : v }) }
+        define_field :pad, PacketGen::Types::String, builder: ->(h, t) { t.new(length_from: -> { (8 - (h.offset_of(:data) + h.data_length) % 8) % 8 }) }
 
         # @private
         alias old_read read
 
-        # Populate object from a binary string
-        # @param [String] str
-        # @return [Context]
-        def read(str)
-          return self if str.nil?
-          if self.instance_of? Context
-            self[:type].read str[0, 2]
-            name = TYPES.key(type)
-            return old_read(str) if name.nil?
-
-            klassname = name.downcase.capitalize.gsub(/_(\w)/) { $1.upcase }
-            return old_read(str) unless Negotiate.const_defined? klassname
-
-            klass = Negotiate.const_get(klassname)
-            klass.new.read str
-          else
-            old_read str
-          end
-        end
-
         # Get human-readable type
         # @return [String]
         def human_type
@@ -104,7 +84,7 @@ module PacketGen::Plugin
         #  Salt value for hash
         #  @return [String]
         define_field_before :pad, :salt, PacketGen::Types::String, builder: ->(h, t) { t.new(length_from: h[:salt_length]) }
-        update_field :pad, builder: ->(h, t) { t.new(length_from: -> { v = 8 - (h.offset_of(:salt) + h.salt_length) % 8; v == 8 ? 0 : v }) }
+        update_field :pad, builder: ->(h, t) { t.new(length_from: -> { (8 - (h.offset_of(:salt) + h.salt_length) % 8) % 8 }) }
       end
 
       class EncryptionCap < Context
@@ -118,14 +98,22 @@ module PacketGen::Plugin
         #  algorithms
         #  @return [PacketGen::Types::ArrayOfInt16le]
         define_field_before :pad, :ciphers, PacketGen::Types::ArrayOfInt16le, builder: ->(h, t) { t.new(counter: h[:hash_alg_count]) }
-        update_field :pad, builder: ->(h, t) { t.new(length_from: -> { v = 8 - (h.offset_of(:cipher_count) + h[:cipher_count].sz) % 8; v == 8 ? 0 : v }) }
+        update_field :pad, builder: ->(h, t) { t.new(length_from: -> { (8 - (h.offset_of(:cipher_count) + h[:cipher_count].sz) % 8) % 8 }) }
       end
 
       # Array of {Context}
       # @author Sylvain Daubert
       class ArrayOfContext < PacketGen::Types::Array
         set_of Context
+
+        private
+
+        def real_type(ctx)
+          name = Context::TYPES.key(ctx.type)
+          klassname = name.downcase.capitalize.gsub(/_(\w)/) { $1.upcase }
+          Negotiate.const_defined?(klassname) ? Negotiate.const_get(klassname) : ctx.class
+        end
       end
     end
   end
-end
+end

data/lib/packetgen/plugin/smb2/negotiate/request.rb

@@ -124,6 +124,12 @@ module PacketGen::Plugin
         #  @return [ArrayOfContext]
         define_field :context_list, ArrayOfContext, builder: ->(h, t) { t.new(counter: h[:context_count]) }
 
+        # Protocol name
+        # @return [String]
+        def self.protocol_name
+          'SMB2::Negotiate::Request'
+        end
+
         # @return [String]
         def inspect
           super do |attr|
@@ -154,12 +160,6 @@ module PacketGen::Plugin
         def calc_length
           self.context_offset = SMB2.new.sz + offset_of(:context_list)
         end
-
-        # Protocol name
-        # @return [String]
-        def protocol_name
-          'SMB2::Negotiate::Request'
-        end
       end
     end
   end

data/lib/packetgen/plugin/smb2/negotiate/response.rb

@@ -152,10 +152,17 @@ module PacketGen::Plugin
         #  @return [ArrayOfContext]
         define_field :context_list, ArrayOfContext, builder: ->(h, t) { t.new(counter: h[:context_count]) }
 
+        # Protocol name
+        # @return [String]
+        def self.protocol_name
+          'SMB2::Negotiate::Response'
+        end
+
         # @return [String]
         def inspect
           super do |attr|
             next unless attr == :capabilities
+
             value = bits_on(attr).reject { |_, v| v > 1 }
                                  .keys
                                  .select { |b| send("#{b}?") }
@@ -178,12 +185,6 @@ module PacketGen::Plugin
           self.buffer_length = buffer.sz
           context_list.each { |ctx| ctx.calc_length if ctx.respond_to? :calc_length }
         end
-
-        # Protocol name
-        # @return [String]
-        def protocol_name
-          'SMB2::Negotiate::Response'
-        end
       end
     end
   end

data/lib/packetgen/plugin/smb2/session_setup/request.rb

@@ -89,7 +89,7 @@ module PacketGen::Plugin
 
         # Protocol name
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB2::SessionSetup::Request'
         end
       end

data/lib/packetgen/plugin/smb2/session_setup/response.rb

@@ -60,7 +60,7 @@ module PacketGen::Plugin
 
         # Protocol name
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB2::SessionSetup::Response'
         end
       end

data/lib/packetgen/plugin/smb_version.rb

@@ -1,5 +1,5 @@
 module PacketGen
   module Plugin
-    SMB_VERSION = "0.3.0"
+    SMB_VERSION = "0.4.0"
   end
 end

data/packetgen-plugin-smb.gemspec

@@ -19,7 +19,7 @@ Gem::Specification.new do |spec|
 
   spec.required_ruby_version = '>= 2.3.0'
 
-  spec.add_dependency 'packetgen', '~>2.8', '>= 2.8.7'
+  spec.add_dependency 'packetgen', '~>3.0'
   spec.add_dependency 'rasn1', '~>0.6', '>= 0.6.7'
 
   spec.add_development_dependency 'bundler', '~> 1.16'

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: packetgen-plugin-smb
 version: !ruby/object:Gem::Version
-  version: 0.3.0
+  version: 0.4.0
 platform: ruby
 authors:
 - Sylvain Daubert
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-10-18 00:00:00.000000000 Z
+date: 2018-10-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: packetgen
@@ -16,20 +16,14 @@ dependencies:
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.8'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.8.7
+        version: '3.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2.8'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 2.8.7
+        version: '3.0'
 - !ruby/object:Gem::Dependency
   name: rasn1
   requirement: !ruby/object:Gem::Requirement
@@ -136,6 +130,10 @@ files:
 - Rakefile
 - lib/packetgen-plugin-smb.rb
 - lib/packetgen/plugin/gssapi.rb
+- lib/packetgen/plugin/netbios.rb
+- lib/packetgen/plugin/netbios/datagram.rb
+- lib/packetgen/plugin/netbios/name.rb
+- lib/packetgen/plugin/netbios/session.rb
 - lib/packetgen/plugin/smb.rb
 - lib/packetgen/plugin/smb/blocks.rb
 - lib/packetgen/plugin/smb/browser.rb