packetgen-plugin-smb 0.3.0 → 0.6.2

data/lib/packetgen/plugin/smb/filetime.rb

@@ -1,15 +1,17 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     # SMB FILETIME.
     # @author Sylvain Daubert
     class Filetime
+      include PacketGen::Types::Fieldable
+
       # Base time for SMB FILETIME.
       # This value also indicate no time.
       NO_TIME = Time.utc(1601).freeze
@@ -17,6 +19,17 @@ module PacketGen::Plugin
       # Numbers of 100ns in one second
       ONE_SEC = 10_000_000
 
+      # String to format time
+      FORMAT_TIME_STR = '%Y-%m-%d %H:%M:%S.%9N %Z'
+      # String to parse time
+      PARSE_TIME_STR = '%Y-%m-%d %H:%M:%S.%N %Z'
+
+      # Return a new Filetime object initialized to current time.
+      # @return [Filetime]
+      def self.now
+        new(time: Time.now.utc)
+      end
+
       # @param [Hash] options
       # @option options [Integer] :filetime
       # @option options [Time] :time
@@ -49,10 +62,24 @@ module PacketGen::Plugin
         if no_time?
           'no time'
         else
-          @time.strftime("%Y-%m-%d %H:%M:%S.%9N %Z")
+          @time.strftime(FORMAT_TIME_STR)
         end
       end
 
+      # @return [self]
+      def from_human(str)
+        return self if str.nil?
+
+        @time = if str == 'no time'
+                  Time.at(NO_TIME)
+                else
+                  DateTime.strptime(str, PARSE_TIME_STR).to_time
+                end
+        @int.value = time2filetime
+
+        self
+      end
+
       # Get filetime integer value
       # @return [Integer]
       def to_i

data/lib/packetgen/plugin/smb/negotiate.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+# This file is part of packetgen-plugin-smb.
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+module PacketGen::Plugin
+  class SMB
+    # Namespace for NEGOTIATE related classes
+    # @author Sylvain Daubert
+    module Negotiate; end
+  end
+end
+
+require_relative 'negotiate/dialect'
+require_relative 'negotiate/request'
+require_relative 'negotiate/response'
+
+PacketGen::Plugin::SMB.bind_command 'negotiate'

data/lib/packetgen/plugin/smb/negotiate/dialect.rb

@@ -0,0 +1,39 @@
+# frozen_string_literal: true
+
+# This file is part of packetgen-plugin-smb.
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+module PacketGen::Plugin
+  class SMB
+    module Negotiate
+      # A SMB_Dialect struct containing:
+      # * a 8-bit {#format} field, which should be set to 0x02,
+      # * a null-terminated string identifying a SMB dialect.
+      # @author Sylvain Daubert
+      class Dialect < PacketGen::Types::Fields
+        # @!attribute format
+        #  8-bit format. Should be +2+ to indicate a null-terminated string for
+        #  {#dialect} field.
+        #  @return [Integer]
+        define_field :format, PacketGen::Types::Int8, default: 2
+        # @!attribute dialect
+        #  Null-terminated string identifying a SMB dialect.
+        #  @return [String]
+        define_field :dialect,PacketGen::Types::CString
+
+        # @return [String]
+        def to_human
+          self[:dialect].to_human
+        end
+      end
+
+      # Specialized {PacketGen::Types::Array} to embed {Dialect Dialects}.
+      # @author Sylvain Daubert
+      class ArrayOfDialect < PacketGen::Types::Array
+        set_of Dialect
+      end
+    end
+  end
+end

data/lib/packetgen/plugin/smb/negotiate/request.rb

@@ -0,0 +1,35 @@
+# frozen_string_literal: true
+
+# This file is part of packetgen-plugin-smb.
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+module PacketGen::Plugin
+  class SMB
+    module Negotiate
+      # SMB Negotiation Request header.
+      #
+      # See also {Blocks}, as {Negotiate::Request} is a specialization of {Blocks#words}
+      # and {Blocks#bytes}.
+      # @author Sylvain Daubert
+      class Request < PacketGen::Header::Base
+        # @!attribute word_count
+        #  The size, in 2-byte words, of the SMB command parameters. It should
+        #  be +0+ setup_count+.
+        #  @return [Integer]
+        define_field :word_count, PacketGen::Types::Int8, default: 0
+        # @!attribute byte_count
+        #  @return [Integer]
+        define_field :byte_count, PacketGen::Types::Int16le
+        # @!attribute dialects
+        #  @return [ArrayOfDialect]
+        define_field :dialects, ArrayOfDialect
+
+        def self.protocol_name
+          'SMB::Negotiate::Request'
+        end
+      end
+    end
+  end
+end

data/lib/packetgen/plugin/smb/negotiate/response.rb

@@ -0,0 +1,29 @@
+# frozen_string_literal: true
+
+# This file is part of packetgen-plugin-smb.
+# See https://github.com/sdaubert/packetgen-plugin-smb for more informations
+# Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
+# This program is published under MIT license.
+
+module PacketGen::Plugin
+  class SMB
+    module Negotiate
+      # SMB Negotiation Response header.
+      #
+      # See also {Blocks}, as {Negotiate::Response} is a specialization of {Blocks#words}
+      # and {Blocks#bytes}.
+      # @author Sylvain Daubert
+      class Response < Blocks
+        # Get index of the dialect selected by the server from the list presented in the request.
+        # @return [Integer]
+        def dialect_index
+          words.first.to_i
+        end
+
+        def self.protocol_name
+          'SMB::Negotiate::Response'
+        end
+      end
+    end
+  end
+end

data/lib/packetgen/plugin/smb/nt_create_and_x.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     # Namespace for NT_CREATE_ANDX related classes

data/lib/packetgen/plugin/smb/ntcreateandx/request.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     # Namespace for NT_CREATE_ANDX related classes
@@ -128,7 +128,7 @@ module PacketGen::Plugin
         #  Padding before {#filename} to align it on 16-bit boundary. Only present
         #  if {SMB#flags2_unicode?} is +true+.
         #  @return [Integer]
-        define_field :pad1, PacketGen::Types::Int8, optional: ->(h) { h.packet && h.packet.smb.flags2_unicode? }
+        define_field :pad1, PacketGen::Types::Int8, optional: ->(h) { h&.packet&.smb&.flags2_unicode? }
         # @!attribute filename
         #  A string that represents the fully qualified name of the file
         #  relative to the supplied TID
@@ -141,7 +141,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::NtCreateAndX::Request'
         end
 
@@ -154,6 +154,6 @@ module PacketGen::Plugin
           self.byte_count = bcount
         end
       end
-      end
+    end
   end
 end

data/lib/packetgen/plugin/smb/ntcreateandx/response.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     # Namespace for NT_CREATE_ANDX related classes
@@ -101,7 +101,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::NtCreateAndX::Response'
         end
 

data/lib/packetgen/plugin/smb/string.rb

@@ -1,28 +1,39 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
+require 'forwardable'
 
 module PacketGen::Plugin
   class SMB
-    # SMB strings (UTF-16 little-endian).
+    # SMB strings (UTF-16 little-endian or OEM).
     # @author Sylvain Daubert
-    class String < PacketGen::Types::CString
-      # @param [Boolean] value
+    class String
+      extend Forwardable
+      include PacketGen::Types::Fieldable
+
+      def_delegators :@string, :[], :length, :size, :inspect, :==, :<<,
+                     :unpack, :force_encoding, :encoding, :index, :empty?,
+                     :encode
+
+      # @return [::String]
+      attr_reader :string
+      # @param [Boolean] null_terminated
       # @return [Boolean]
-      attr_writer :unicode
+      attr_writer :null_terminated
 
       # @param [Hash] options
-      # @option options [Integer] :static_length set a static length for this string
       # @option options [Boolean] :unicode If +true+, string is encoded as a UTF-16
       #    unicode string. If +false+, string is encode in ASCII. Defaults to +true+.
+      # @option options [Boolean] :null_terminated If +true+, string is null-terminated.
+      #    If +false+, string is not null-terminated. Defaults to +true+.
       def initialize(options={})
-        super
         @unicode = options.key?(:unicode) ? options[:unicode] : true
-        self.encode!('UTF-16LE') if @unicode
-        self.encode!('ASCII-8BIT') unless @unicode
+        @null_terminated = options.key?(:null_terminated) ? options[:null_terminated] : true
+        @string = +''.encode(self_encoding)
       end
 
       # @return [Boolean]
@@ -30,6 +41,19 @@ module PacketGen::Plugin
         @unicode
       end
 
+      # @param [Boolean] bool
+      # @return [Boolean]
+      def unicode=(bool)
+        @unicode = bool
+        @string.force_encoding(self_encoding)
+        bool
+      end
+
+      # @return [Boolean]
+      def null_terminated?
+        @null_terminated
+      end
+
       # @param [::String] str
       # @return [String] self
       def read(str)
@@ -37,34 +61,47 @@ module PacketGen::Plugin
 
         str2 = case str.encoding
                when Encoding::BINARY
-                 binidx = nil
-                 0.step(to: str.size, by: 2) do |i|
-                   binidx = i if str[i, 2] == binary_terminator
-                 end
-                 s = if binidx.nil?
-                       str
-                     else
-                       str[0, binidx]
-                     end
-                 s.force_encoding(self_encoding)
+                 str.dup.force_encoding(self_encoding)
                else
                  str.encode(self_encoding)
                end
-        str2 = str2[0, @static_length / 2] if @static_length.is_a? Integer
         idx = str2.index(+"\x00".encode(self_encoding))
         str2 = str2[0, idx] unless idx.nil?
-        self.replace str2
+        @string = str2
         self
       end
 
+      # @return [String]
+      def to_s
+        str = string.dup.force_encoding('BINARY')
+        return str unless null_terminated?
+
+        str << binary_terminator.force_encoding('BINARY')
+      end
+
+      # Populate String from a human readable (ie UTF-8) string
+      # @param [String] str
+      # @return [self]
+      def from_human(str)
+        return self if str.nil?
+
+        @string = str.encode(self_encoding)
+        self
+      end
+
+      # @return [String]
+      def to_human
+        string.encode('UTF-8')
+      end
+
       private
 
       def self_encoding
-        @unicode ? Encoding::UTF_16LE : Encoding:: ASCII_8BIT
+        @unicode ? Encoding::UTF_16LE : Encoding::ASCII_8BIT
       end
 
       def binary_terminator
-        @unicode ? "\x00\x00" : "\x00"
+        [0].pack('C').encode(self_encoding)
       end
     end
   end

data/lib/packetgen/plugin/smb/trans.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     # Namespace for TRANS related classes

data/lib/packetgen/plugin/smb/trans/request.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     module Trans
@@ -96,7 +96,7 @@ module PacketGen::Plugin
         #  8-bit optional padding to align {#name} on a 2-byte boundary. Only present
         #  if {SMB#flags2_unicode?} is +true+.
         #  @return [Integer]
-        define_field :padname, PacketGen::Types::Int8, optional: ->(h) { h.packet && h.packet.smb.flags2_unicode? }
+        define_field :padname, PacketGen::Types::Int8, optional: ->(h) { h&.packet&.smb&.flags2_unicode? }
         # @!attribute name
         #  Pathname of the mailslot or named pipe.
         #  @return [String]
@@ -112,7 +112,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Trans::Request'
         end
       end

data/lib/packetgen/plugin/smb/trans/response.rb

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
+
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
 
-# frozen_string_literal: true
-
 module PacketGen::Plugin
   class SMB
     module Trans
@@ -85,7 +85,7 @@ module PacketGen::Plugin
 
         # Give protocol name for this class
         # @return [String]
-        def protocol_name
+        def self.protocol_name
           'SMB::Trans::Response'
         end
       end