packetgen-plugin-smb 0.6.2 → 0.7.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.github/workflows/specs.yml +7 -3
- data/.rubocop.yml +22 -4
- data/Gemfile +7 -7
- data/README.md +8 -4
- data/examples/llmnr-responder +2 -2
- data/examples/smb-responder +8 -8
- data/lib/packetgen/plugin/gssapi.rb +15 -9
- data/lib/packetgen/plugin/netbios/datagram.rb +25 -27
- data/lib/packetgen/plugin/netbios/name.rb +3 -3
- data/lib/packetgen/plugin/netbios/session.rb +3 -3
- data/lib/packetgen/plugin/netbios.rb +0 -2
- data/lib/packetgen/plugin/ntlm/authenticate.rb +7 -7
- data/lib/packetgen/plugin/ntlm/av_pair.rb +17 -17
- data/lib/packetgen/plugin/ntlm/challenge.rb +4 -4
- data/lib/packetgen/plugin/ntlm/negotiate.rb +6 -6
- data/lib/packetgen/plugin/ntlm/ntlmv2_response.rb +10 -10
- data/lib/packetgen/plugin/ntlm.rb +21 -22
- data/lib/packetgen/plugin/smb/blocks.rb +8 -8
- data/lib/packetgen/plugin/smb/browser/domain_announcement.rb +1 -1
- data/lib/packetgen/plugin/smb/browser/host_announcement.rb +12 -12
- data/lib/packetgen/plugin/smb/browser/local_master_announcement.rb +1 -1
- data/lib/packetgen/plugin/smb/browser.rb +5 -5
- data/lib/packetgen/plugin/smb/close/request.rb +4 -4
- data/lib/packetgen/plugin/smb/close/response.rb +3 -3
- data/lib/packetgen/plugin/smb/filetime.rb +4 -6
- data/lib/packetgen/plugin/smb/negotiate/dialect.rb +5 -5
- data/lib/packetgen/plugin/smb/negotiate/request.rb +4 -4
- data/lib/packetgen/plugin/smb/ntcreateandx/request.rb +23 -23
- data/lib/packetgen/plugin/smb/ntcreateandx/response.rb +21 -21
- data/lib/packetgen/plugin/smb/string.rb +1 -1
- data/lib/packetgen/plugin/smb/trans/request.rb +24 -23
- data/lib/packetgen/plugin/smb/trans/response.rb +18 -17
- data/lib/packetgen/plugin/smb.rb +52 -62
- data/lib/packetgen/plugin/smb2/base.rb +4 -4
- data/lib/packetgen/plugin/smb2/error.rb +6 -6
- data/lib/packetgen/plugin/smb2/guid.rb +12 -12
- data/lib/packetgen/plugin/smb2/negotiate/context.rb +19 -19
- data/lib/packetgen/plugin/smb2/negotiate/request.rb +27 -27
- data/lib/packetgen/plugin/smb2/negotiate/response.rb +31 -26
- data/lib/packetgen/plugin/smb2/session_setup/request.rb +9 -11
- data/lib/packetgen/plugin/smb2/session_setup/response.rb +5 -6
- data/lib/packetgen/plugin/smb2.rb +49 -55
- data/lib/packetgen/plugin/smb_version.rb +1 -1
- data/packetgen-plugin-smb.gemspec +3 -3
- metadata +12 -38
|
@@ -23,81 +23,81 @@ module PacketGen::Plugin
|
|
|
23
23
|
# @!attribute word_count
|
|
24
24
|
# The size, in 2-byte words, of the SMB parameters.
|
|
25
25
|
# @return [Integer]
|
|
26
|
-
|
|
26
|
+
define_attr :word_count, BinStruct::Int8, default: 34
|
|
27
27
|
# @!attribute and_xcommand
|
|
28
28
|
# 8-bit command code for the next SMB command in the
|
|
29
29
|
# packet.
|
|
30
30
|
# @return [Integer]
|
|
31
|
-
|
|
31
|
+
define_attr :and_xcommand, BinStruct::Int8Enum, enum: Request::COMMANDS
|
|
32
32
|
# @!attribute rsv1
|
|
33
33
|
# 8-bit reserved field.
|
|
34
34
|
# @return [Integer]
|
|
35
|
-
|
|
35
|
+
define_attr :rsv1, BinStruct::Int8, default: 0
|
|
36
36
|
# @!attribute and_xoffset
|
|
37
37
|
# 16-bit offset from the start of SMB header to the start of
|
|
38
38
|
# the {#word_count} field in the next SMB command in this
|
|
39
39
|
# packet.
|
|
40
40
|
# @return [Integer]
|
|
41
|
-
|
|
41
|
+
define_attr :and_xoffset, BinStruct::Int16le, default: 0
|
|
42
42
|
# @!attribute oplock_level
|
|
43
43
|
# 8-bit OpLock level.
|
|
44
44
|
# @return [Integer]
|
|
45
|
-
|
|
45
|
+
define_attr :oplock_level, BinStruct::Int8Enum, enum: OP_LOCK_LEVELS
|
|
46
46
|
# @!attribute fid
|
|
47
47
|
# 16-bit FID.
|
|
48
48
|
# @return [Integer]
|
|
49
|
-
|
|
49
|
+
define_attr :fid, BinStruct::Int16le
|
|
50
50
|
# @!attribute disposition
|
|
51
51
|
# 32-bit value that represents the action to take if the file
|
|
52
52
|
# already exists or if the file is a new file and does not already
|
|
53
53
|
# exist.
|
|
54
54
|
# @return [Integer]
|
|
55
|
-
|
|
55
|
+
define_attr :disposition, BinStruct::Int32le
|
|
56
56
|
# @!attribute create_time
|
|
57
57
|
# 64-bit integer representing the time that the file was created.
|
|
58
58
|
# @return [Integer]
|
|
59
|
-
|
|
59
|
+
define_attr :create_time, SMB::Filetime
|
|
60
60
|
# @!attribute access_time
|
|
61
61
|
# 64-bit integer representing the time that the file was last accessed.
|
|
62
62
|
# @return [Integer]
|
|
63
|
-
|
|
63
|
+
define_attr :access_time, SMB::Filetime
|
|
64
64
|
# @!attribute write_time
|
|
65
65
|
# 64-bit integer representing the time that the file was last writen.
|
|
66
66
|
# @return [Integer]
|
|
67
|
-
|
|
67
|
+
define_attr :write_time, SMB::Filetime
|
|
68
68
|
# @!attribute change_time
|
|
69
69
|
# 64-bit integer representing the time that the file was last changed.
|
|
70
70
|
# @return [Integer]
|
|
71
|
-
|
|
72
|
-
# @!attribute
|
|
71
|
+
define_attr :change_time, SMB::Filetime
|
|
72
|
+
# @!attribute fattributes
|
|
73
73
|
# 32-bit extended file attributes.
|
|
74
74
|
# @return [Integer]
|
|
75
|
-
|
|
75
|
+
define_attr :fattributes, BinStruct::Int32le
|
|
76
76
|
# @!attribute alloc_size
|
|
77
77
|
# 64-bit integer representing the number of bytes allocated to the file.
|
|
78
78
|
# @return [Integer]
|
|
79
|
-
|
|
79
|
+
define_attr :alloc_size, BinStruct::Int64le
|
|
80
80
|
# @!attribute end_of_file
|
|
81
81
|
# 64-bit integer representing the end of file offset.
|
|
82
82
|
# @return [Integer]
|
|
83
|
-
|
|
83
|
+
define_attr :end_of_file, BinStruct::Int64le
|
|
84
84
|
# @!attribute res_type
|
|
85
85
|
# 16-bit file type.
|
|
86
86
|
# @return [Integer]
|
|
87
|
-
|
|
87
|
+
define_attr :res_type, BinStruct::Int16le
|
|
88
88
|
# @!attribute pipe_status
|
|
89
89
|
# 16-bit field that shows the status of the named pipe (if opened resource
|
|
90
90
|
# is a named pipe).
|
|
91
91
|
# @return [Integer]
|
|
92
|
-
|
|
92
|
+
define_attr :pipe_status, BinStruct::Int16le
|
|
93
93
|
# @!attribute directory
|
|
94
94
|
# 8-bit field indicating is the FID represents a directory.
|
|
95
95
|
# @return [Integer]
|
|
96
|
-
|
|
96
|
+
define_attr :directory, BinStruct::Int8
|
|
97
97
|
# @!attribute byte_count
|
|
98
98
|
# The size, in bytes, of the SMB data. Should be zero.
|
|
99
99
|
# @return [Integer]
|
|
100
|
-
|
|
100
|
+
define_attr :byte_count, BinStruct::Int16le, default: 0
|
|
101
101
|
|
|
102
102
|
# Give protocol name for this class
|
|
103
103
|
# @return [String]
|
|
@@ -108,7 +108,7 @@ module PacketGen::Plugin
|
|
|
108
108
|
# Say if FID is a directory
|
|
109
109
|
# @return [Boolean]
|
|
110
110
|
def directory?
|
|
111
|
-
self.directory
|
|
111
|
+
self.directory.positive?
|
|
112
112
|
end
|
|
113
113
|
|
|
114
114
|
# @!method human_create_time
|
|
@@ -120,7 +120,7 @@ module PacketGen::Plugin
|
|
|
120
120
|
# @!method human_change_time
|
|
121
121
|
# @return [String]
|
|
122
122
|
%i[create access write change].each do |type|
|
|
123
|
-
class_eval "def human_#{type}_time; self[:#{type}_time].to_human; end"
|
|
123
|
+
class_eval "def human_#{type}_time; self[:#{type}_time].to_human; end" # def human_create_time; self[:create_time].to_human; end
|
|
124
124
|
end
|
|
125
125
|
end
|
|
126
126
|
end
|
|
@@ -13,7 +13,7 @@ module PacketGen::Plugin
|
|
|
13
13
|
# @author Sylvain Daubert
|
|
14
14
|
class String
|
|
15
15
|
extend Forwardable
|
|
16
|
-
include
|
|
16
|
+
include BinStruct::Structable
|
|
17
17
|
|
|
18
18
|
def_delegators :@string, :[], :length, :size, :inspect, :==, :<<,
|
|
19
19
|
:unpack, :force_encoding, :encoding, :index, :empty?,
|
|
@@ -18,97 +18,98 @@ module PacketGen::Plugin
|
|
|
18
18
|
# The size, in 2-byte words, of the SMB command parameters. It should
|
|
19
19
|
# be +14 + setup_count+.
|
|
20
20
|
# @return [Integer]
|
|
21
|
-
|
|
21
|
+
define_attr :word_count, BinStruct::Int8, default: 14
|
|
22
22
|
# @!attribute total_param_count
|
|
23
23
|
# The total number of transaction parameter bytes.
|
|
24
24
|
# @return [Integer]
|
|
25
|
-
|
|
25
|
+
define_attr :total_param_count, BinStruct::Int16le
|
|
26
26
|
# @!attribute total_data_count
|
|
27
27
|
# The total number of transaction data bytes.
|
|
28
28
|
# @return [Integer]
|
|
29
|
-
|
|
29
|
+
define_attr :total_data_count, BinStruct::Int16le
|
|
30
30
|
# @!attribute max_param_count
|
|
31
31
|
# The maximum number of parameter bytes that the client will accept
|
|
32
32
|
# in transaction response.
|
|
33
33
|
# @return [Integer]
|
|
34
|
-
|
|
34
|
+
define_attr :max_param_count, BinStruct::Int16le
|
|
35
35
|
# @!attribute max_data_count
|
|
36
36
|
# The maximum number of data bytes that the client will accept
|
|
37
37
|
# in transaction response.
|
|
38
38
|
# @return [Integer]
|
|
39
|
-
|
|
39
|
+
define_attr :max_data_count, BinStruct::Int16le
|
|
40
40
|
# @!attribute max_setup_count
|
|
41
41
|
# The maximum number of setup bytes that the client will accept
|
|
42
42
|
# in transaction response.
|
|
43
43
|
# @return [Integer]
|
|
44
|
-
|
|
44
|
+
define_attr :max_setup_count, BinStruct::Int8
|
|
45
45
|
# @!attribute rsv1
|
|
46
46
|
# 8-bit reserved field
|
|
47
47
|
# @return [Integer]
|
|
48
|
-
|
|
48
|
+
define_attr :rsv1, BinStruct::Int8, default: 0
|
|
49
49
|
# @!attribute flags
|
|
50
50
|
# 16-bit flags
|
|
51
51
|
# @return [Integer]
|
|
52
|
-
|
|
52
|
+
define_attr :flags, BinStruct::Int16le
|
|
53
53
|
# @!attribute timeout
|
|
54
54
|
# 32-bit timeout
|
|
55
55
|
# @return [Integer]
|
|
56
|
-
|
|
56
|
+
define_attr :timeout, BinStruct::Int32le
|
|
57
57
|
# @!attribute rsv2
|
|
58
58
|
# 16-bit reserved field
|
|
59
59
|
# @return [Integer]
|
|
60
|
-
|
|
60
|
+
define_attr :rsv2, BinStruct::Int16le, default: 0
|
|
61
61
|
# @!attribute param_count
|
|
62
62
|
# 16-bit number of transaction parameter bytes that the clients attempts to
|
|
63
63
|
# send to the server in this request.
|
|
64
64
|
# @return [Integer]
|
|
65
|
-
|
|
65
|
+
define_attr :param_count, BinStruct::Int16le
|
|
66
66
|
# @!attribute param_offset
|
|
67
67
|
# 16-bit offset (in bytes) from the start of the SMB header to the start of the
|
|
68
68
|
# transaction parameters.
|
|
69
69
|
# @return [Integer]
|
|
70
|
-
|
|
70
|
+
define_attr :param_offset, BinStruct::Int16le
|
|
71
71
|
# @!attribute data_count
|
|
72
72
|
# 16-bit number of transaction data bytes that the clients sends to
|
|
73
73
|
# the server in this request.
|
|
74
74
|
# @return [Integer]
|
|
75
|
-
|
|
75
|
+
define_attr :data_count, BinStruct::Int16le
|
|
76
76
|
# @!attribute data_offset
|
|
77
77
|
# 16-bit offset (in bytes) from the start of the SMB header to the start
|
|
78
78
|
# of the data field.
|
|
79
79
|
# @return [Integer]
|
|
80
|
-
|
|
80
|
+
define_attr :data_offset, BinStruct::Int16le
|
|
81
81
|
# @!attribute setup_count
|
|
82
82
|
# 8-bit number of setup words (ie 16-bit words) contained in {#setup} field.
|
|
83
|
-
|
|
83
|
+
define_attr :setup_count, BinStruct::Int8
|
|
84
84
|
# @!attribute rsv3
|
|
85
85
|
# 8-bit reserved field
|
|
86
86
|
# @return [Integer]
|
|
87
|
-
|
|
87
|
+
define_attr :rsv3, BinStruct::Int8
|
|
88
88
|
# @!attribute setup
|
|
89
89
|
# Array of 2-byte words.
|
|
90
90
|
# @return [Array]
|
|
91
|
-
|
|
91
|
+
define_attr :setup, BinStruct::ArrayOfInt16le, builder: ->(h, t) { t.new(counter: h[:setup_count]) }
|
|
92
92
|
# @!attribute byte_count
|
|
93
93
|
# @return [Integer]
|
|
94
|
-
|
|
94
|
+
define_attr :byte_count, BinStruct::Int16le
|
|
95
95
|
# @!attribute padname
|
|
96
96
|
# 8-bit optional padding to align {#name} on a 2-byte boundary. Only present
|
|
97
97
|
# if {SMB#flags2_unicode?} is +true+.
|
|
98
98
|
# @return [Integer]
|
|
99
|
-
|
|
99
|
+
define_attr :padname, BinStruct::Int8, optional: ->(h) { h&.packet&.smb&.flags2_unicode? } # rubocop:disable Style/SafeNavigationChainLength
|
|
100
100
|
# @!attribute name
|
|
101
101
|
# Pathname of the mailslot or named pipe.
|
|
102
102
|
# @return [String]
|
|
103
|
-
|
|
103
|
+
define_attr :name, SMB::String, builder: ->(h, t) { t.new(unicode: !h.packet || h.packet.smb.flags2_unicode?) }
|
|
104
104
|
# @!attribute pad1
|
|
105
105
|
# Padding to align {#body} on 4-byte boundary.
|
|
106
106
|
# @return [String]
|
|
107
|
-
|
|
108
|
-
|
|
107
|
+
define_attr :pad1, BinStruct::String,
|
|
108
|
+
default: "\0" * 4,
|
|
109
|
+
builder: ->(h, t) { t.new(length_from: -> { h.data_offset - SMB.new.sz - (h.offset_of(:name) + h[:name].sz) }) }
|
|
109
110
|
# @!attribute body
|
|
110
111
|
# @return [String]
|
|
111
|
-
|
|
112
|
+
define_attr :body, BinStruct::String
|
|
112
113
|
|
|
113
114
|
# Give protocol name for this class
|
|
114
115
|
# @return [String]
|
|
@@ -18,70 +18,71 @@ module PacketGen::Plugin
|
|
|
18
18
|
# The size, in 2-byte words, of the SMB command parameters. It should
|
|
19
19
|
# be +14 + setup_count+.
|
|
20
20
|
# @return [Integer]
|
|
21
|
-
|
|
21
|
+
define_attr :word_count, BinStruct::Int8, default: 10
|
|
22
22
|
# @!attribute total_param_count
|
|
23
23
|
# The total number of transaction parameter bytes.
|
|
24
24
|
# @return [Integer]
|
|
25
|
-
|
|
25
|
+
define_attr :total_param_count, BinStruct::Int16le
|
|
26
26
|
# @!attribute total_data_count
|
|
27
27
|
# The total number of transaction data bytes.
|
|
28
28
|
# @return [Integer]
|
|
29
|
-
|
|
29
|
+
define_attr :total_data_count, BinStruct::Int16le
|
|
30
30
|
# @!attribute rsv1
|
|
31
31
|
# 16-bit reserved field
|
|
32
32
|
# @return [Integer]
|
|
33
|
-
|
|
33
|
+
define_attr :rsv1, BinStruct::Int16le, default: 0
|
|
34
34
|
# @!attribute param_count
|
|
35
35
|
# 16-bit number of transaction parameter bytes sent in this response.
|
|
36
36
|
# @return [Integer]
|
|
37
|
-
|
|
37
|
+
define_attr :param_count, BinStruct::Int16le
|
|
38
38
|
# @!attribute param_offset
|
|
39
39
|
# 16-bit offset (in bytes) from the start of the SMB header to the start of the
|
|
40
40
|
# transaction parameters.
|
|
41
41
|
# @return [Integer]
|
|
42
|
-
|
|
42
|
+
define_attr :param_offset, BinStruct::Int16le
|
|
43
43
|
# @!attribute param_displacement
|
|
44
44
|
# 16-bit offset (in bytes) relative to all of the transaction
|
|
45
45
|
# parameter bytes in this transaction response at which this block of
|
|
46
46
|
# parameter bytes SHOULD be placed.
|
|
47
47
|
# @return [Integer]
|
|
48
|
-
|
|
48
|
+
define_attr :param_displacement, BinStruct::Int16le
|
|
49
49
|
# @!attribute data_count
|
|
50
50
|
# 16-bit number of transaction data bytes sent in this response.
|
|
51
51
|
# @return [Integer]
|
|
52
|
-
|
|
52
|
+
define_attr :data_count, BinStruct::Int16le
|
|
53
53
|
# @!attribute data_offset
|
|
54
54
|
# 16-bit offset (in bytes) from the start of the SMB header to the start
|
|
55
55
|
# of the data field.
|
|
56
56
|
# @return [Integer]
|
|
57
|
-
|
|
57
|
+
define_attr :data_offset, BinStruct::Int16le
|
|
58
58
|
# @!attribute data_displacement
|
|
59
59
|
# 16-bit offset (in bytes) relative to all of the transaction data bytes in
|
|
60
60
|
# this transaction response at which this block of data bytes SHOULD be placed.
|
|
61
61
|
# @return [Integer]
|
|
62
|
-
|
|
62
|
+
define_attr :data_displacement, BinStruct::Int16le
|
|
63
63
|
# @!attribute setup_count
|
|
64
64
|
# 8-bit number of setup words (ie 16-bit words) contained in {#setup} field.
|
|
65
|
-
|
|
65
|
+
define_attr :setup_count, BinStruct::Int8
|
|
66
66
|
# @!attribute rsv3
|
|
67
67
|
# 8-bit reserved field
|
|
68
68
|
# @return [Integer]
|
|
69
|
-
|
|
69
|
+
define_attr :rsv2, BinStruct::Int8
|
|
70
70
|
# @!attribute setup
|
|
71
71
|
# Array of 2-byte words.
|
|
72
72
|
# @return [ArrayPacketGen::]
|
|
73
|
-
|
|
73
|
+
define_attr :setup, BinStruct::ArrayOfInt16le, builder: ->(h, t) { t.new(counter: h[:setup_count]) }
|
|
74
74
|
# @!attribute byte_count
|
|
75
75
|
# @return [Integer]
|
|
76
|
-
|
|
76
|
+
define_attr :byte_count, BinStruct::Int16le
|
|
77
77
|
# @!attribute pad1
|
|
78
78
|
# Padding before {#body} to align it on 32-bit boundary
|
|
79
79
|
# @return [Integer]
|
|
80
|
-
|
|
81
|
-
|
|
80
|
+
define_attr :pad1, BinStruct::String,
|
|
81
|
+
default: "\0" * 4,
|
|
82
|
+
builder: ->(h, t) { t.new(length_from: -> { h.data_offset - SMB.new.sz - (h.offset_of(:byte_count) + h[:byte_count].sz) }) }
|
|
82
83
|
# @!attribute body
|
|
83
84
|
# @return [String]
|
|
84
|
-
|
|
85
|
+
define_attr :body, BinStruct::String
|
|
85
86
|
|
|
86
87
|
# Give protocol name for this class
|
|
87
88
|
# @return [String]
|
data/lib/packetgen/plugin/smb.rb
CHANGED
|
@@ -28,64 +28,22 @@ module PacketGen::Plugin
|
|
|
28
28
|
'nt_trans' => 0xa0,
|
|
29
29
|
'nt_create_and_x' => 0xa2
|
|
30
30
|
}.freeze
|
|
31
|
+
|
|
31
32
|
# SMB marker, on start of header
|
|
32
|
-
MARKER =
|
|
33
|
+
MARKER = "\xffSMB".b.freeze
|
|
33
34
|
|
|
34
35
|
# @!attribute protocol
|
|
35
36
|
# This field must contain {MARKER SMB marker}
|
|
36
37
|
# @return [String]
|
|
37
|
-
|
|
38
|
+
define_attr :protocol, BinStruct::String, static_length: 4, default: MARKER
|
|
38
39
|
# @!attribute command
|
|
39
40
|
# 8-bit SMB command
|
|
40
41
|
# @return [Integer]
|
|
41
|
-
|
|
42
|
+
define_attr :command, BinStruct::Int8Enum, enum: COMMANDS
|
|
42
43
|
# @!attribute status
|
|
43
44
|
# 32-bit status field. Used to communicate errors from server to client.
|
|
44
45
|
# @return [Integer]
|
|
45
|
-
|
|
46
|
-
# @!attribute flags
|
|
47
|
-
# 8-bit flags field
|
|
48
|
-
# @return [Integer]
|
|
49
|
-
define_field :flags, PacketGen::Types::Int8
|
|
50
|
-
# @!attribute flags2
|
|
51
|
-
# 16-bit flags field
|
|
52
|
-
# @return [Integer]
|
|
53
|
-
define_field :flags2, PacketGen::Types::Int16le
|
|
54
|
-
# @!attribute pid_high
|
|
55
|
-
# 16 high order bits of a process identifier (PID)
|
|
56
|
-
# @return [Integer]
|
|
57
|
-
define_field :pid_high, PacketGen::Types::Int16le
|
|
58
|
-
# @!attribute sec_features
|
|
59
|
-
# 64-bit field. May be:
|
|
60
|
-
# * a 64-bit cryptographic message signature if signature was negotiated,
|
|
61
|
-
# * a SecurityFeatures structure, only over connectionless transport,
|
|
62
|
-
# composed of:
|
|
63
|
-
# * a 16-bit sequence number,
|
|
64
|
-
# * a 16-bit connection identifier (CID),
|
|
65
|
-
# * a 32-bit key to validate message,
|
|
66
|
-
# * a reserved field in all others cases.
|
|
67
|
-
# @return [Integer]
|
|
68
|
-
define_field :sec_features, PacketGen::Types::Int64le
|
|
69
|
-
# @!attribute reserved
|
|
70
|
-
# 16-bit reserved field
|
|
71
|
-
# @return [Integer]
|
|
72
|
-
define_field :reserved, PacketGen::Types::Int16le
|
|
73
|
-
# @!attribute tid
|
|
74
|
-
# 16-bit tree identifier (TID)
|
|
75
|
-
define_field :tid, PacketGen::Types::Int16le
|
|
76
|
-
# @!attribute pid
|
|
77
|
-
# 16 low order bits of a process identifier (PID)
|
|
78
|
-
# @return [Integer]
|
|
79
|
-
define_field :pid, PacketGen::Types::Int16le
|
|
80
|
-
# @!attribute uid
|
|
81
|
-
# 16-bit user identifier (UID)
|
|
82
|
-
define_field :uid, PacketGen::Types::Int16le
|
|
83
|
-
# @!attribute mid
|
|
84
|
-
# 16-bit multiplex identifier (MID)
|
|
85
|
-
define_field :mid, PacketGen::Types::Int16le
|
|
86
|
-
# @!attribute body
|
|
87
|
-
# @return [String]
|
|
88
|
-
define_field :body, PacketGen::Types::String
|
|
46
|
+
define_attr :status, BinStruct::Int32le
|
|
89
47
|
# @!attribute flags_reply?
|
|
90
48
|
# When set, the message is a reply from server to client.
|
|
91
49
|
# @return [Boolean]
|
|
@@ -110,9 +68,9 @@ module PacketGen::Plugin
|
|
|
110
68
|
# When set in SMB_COM_NEGOTIATE response, the server supports
|
|
111
69
|
# SMB_COM_LOCK_AND_READ and SNB_COM_WRITE_AND_UNLOCK commands.
|
|
112
70
|
# @return [Boolean]
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
71
|
+
define_bit_attr :flags, flags_reply: 1, flags_opbatch: 1, flags_oplock: 1,
|
|
72
|
+
flags_canon_paths: 1, flags_case_insensitive: 1,
|
|
73
|
+
flags_reserved: 1, flags_buf_avail: 1, flags_locknread: 1
|
|
116
74
|
# @!attribute flags2_unicode?
|
|
117
75
|
# If set, each field that contains a string in this message is encoded
|
|
118
76
|
# as UTF-16.
|
|
@@ -151,12 +109,47 @@ module PacketGen::Plugin
|
|
|
151
109
|
# @!attribute flags2_long_names?
|
|
152
110
|
# If unset, file names must adhere to the 8.3 naming convention.
|
|
153
111
|
# @return [Boolean]
|
|
154
|
-
|
|
155
|
-
|
|
156
|
-
|
|
157
|
-
|
|
158
|
-
|
|
159
|
-
|
|
112
|
+
define_bit_attr :flags2, endian: :little, flags2_unicode: 1, flags2_ntstatus: 1,
|
|
113
|
+
flags2_paging_io: 1, flags2_dfs: 1, flags2_extended_security: 1,
|
|
114
|
+
flags2_reparse_path: 1, flags2_reserved: 3,
|
|
115
|
+
flags2_is_long_name: 1, flags2_rsv: 1,
|
|
116
|
+
flags2_security_signature_required: 1, flags2_compresses: 1,
|
|
117
|
+
flags2_signature: 1, flags2_eas: 1, flags2_long_names: 1
|
|
118
|
+
# @!attribute pid_high
|
|
119
|
+
# 16 high order bits of a process identifier (PID)
|
|
120
|
+
# @return [Integer]
|
|
121
|
+
define_attr :pid_high, BinStruct::Int16le
|
|
122
|
+
# @!attribute sec_features
|
|
123
|
+
# 64-bit field. May be:
|
|
124
|
+
# * a 64-bit cryptographic message signature if signature was negotiated,
|
|
125
|
+
# * a SecurityFeatures structure, only over connectionless transport,
|
|
126
|
+
# composed of:
|
|
127
|
+
# * a 16-bit sequence number,
|
|
128
|
+
# * a 16-bit connection identifier (CID),
|
|
129
|
+
# * a 32-bit key to validate message,
|
|
130
|
+
# * a reserved field in all others cases.
|
|
131
|
+
# @return [Integer]
|
|
132
|
+
define_attr :sec_features, BinStruct::Int64le
|
|
133
|
+
# @!attribute reserved
|
|
134
|
+
# 16-bit reserved field
|
|
135
|
+
# @return [Integer]
|
|
136
|
+
define_attr :reserved, BinStruct::Int16le
|
|
137
|
+
# @!attribute tid
|
|
138
|
+
# 16-bit tree identifier (TID)
|
|
139
|
+
define_attr :tid, BinStruct::Int16le
|
|
140
|
+
# @!attribute pid
|
|
141
|
+
# 16 low order bits of a process identifier (PID)
|
|
142
|
+
# @return [Integer]
|
|
143
|
+
define_attr :pid, BinStruct::Int16le
|
|
144
|
+
# @!attribute uid
|
|
145
|
+
# 16-bit user identifier (UID)
|
|
146
|
+
define_attr :uid, BinStruct::Int16le
|
|
147
|
+
# @!attribute mid
|
|
148
|
+
# 16-bit multiplex identifier (MID)
|
|
149
|
+
define_attr :mid, BinStruct::Int16le
|
|
150
|
+
# @!attribute body
|
|
151
|
+
# @return [String]
|
|
152
|
+
define_attr :body, BinStruct::String
|
|
160
153
|
|
|
161
154
|
# Helper to bind a SMB command to {SMB} header.
|
|
162
155
|
# @param [String] command name
|
|
@@ -166,7 +159,7 @@ module PacketGen::Plugin
|
|
|
166
159
|
krequest = self.const_get("#{contantized}::Request")
|
|
167
160
|
kresponse = self.const_get("#{contantized}::Response")
|
|
168
161
|
PacketGen::Header.add_class krequest
|
|
169
|
-
self.bind krequest, command: SMB::COMMANDS[command], flags: ->(v) { v.nil? ? 0 : (
|
|
162
|
+
self.bind krequest, command: SMB::COMMANDS[command], flags: ->(v) { v.nil? ? 0 : v.nobits?(0x80) }
|
|
170
163
|
PacketGen::Header.add_class kresponse
|
|
171
164
|
self.bind kresponse, command: SMB::COMMANDS[command], flags: ->(v) { v.nil? ? 0 : (v & 0x80 == 0x80) }
|
|
172
165
|
end
|
|
@@ -182,16 +175,13 @@ module PacketGen::Plugin
|
|
|
182
175
|
super do |attr|
|
|
183
176
|
case attr
|
|
184
177
|
when :flags, :flags2
|
|
185
|
-
value = bits_on(attr).
|
|
186
|
-
.keys
|
|
187
|
-
.select { |b| send("#{b}?") }
|
|
178
|
+
value = bits_on(attr).select { |b| respond_to?("#{b}?") && send("#{b}?") }
|
|
188
179
|
.map(&:to_s)
|
|
189
180
|
.join(',')
|
|
190
181
|
.gsub!(/#{attr}_/, '')
|
|
191
182
|
value = '%-16s (0x%02x)' % [value, self[attr].to_i]
|
|
192
183
|
str = PacketGen::Inspect.shift_level
|
|
193
|
-
str << PacketGen::Inspect::FMT_ATTR % [self[attr].
|
|
194
|
-
attr, value]
|
|
184
|
+
str << (PacketGen::Inspect::FMT_ATTR % [self[attr].type_name, attr, value])
|
|
195
185
|
end
|
|
196
186
|
end
|
|
197
187
|
end
|
|
@@ -17,12 +17,12 @@ module PacketGen::Plugin
|
|
|
17
17
|
# @param [Symbol] name name of padding field
|
|
18
18
|
# @return [void]
|
|
19
19
|
def self.define_smb2_pad_field(name)
|
|
20
|
-
prev_field = self.
|
|
20
|
+
prev_field = self.attributes.last
|
|
21
21
|
lf = lambda do |hdr|
|
|
22
|
-
(8 - (hdr.offset_of(prev_field) + hdr[prev_field].sz) % 8) % 8
|
|
22
|
+
(8 - ((hdr.offset_of(prev_field) + hdr[prev_field].sz) % 8)) % 8
|
|
23
23
|
end
|
|
24
|
-
|
|
25
|
-
|
|
24
|
+
define_attr name, BinStruct::String, default: SMB2::MAX_PADDING,
|
|
25
|
+
builder: ->(h, t) { t.new(length_from: -> { lf[h] }) }
|
|
26
26
|
end
|
|
27
27
|
end
|
|
28
28
|
end
|
|
@@ -24,26 +24,26 @@ module PacketGen::Plugin
|
|
|
24
24
|
# @!attribute structure_size
|
|
25
25
|
# 16-bit error response structure. Should be 9.
|
|
26
26
|
# @return [Integer]
|
|
27
|
-
|
|
27
|
+
define_attr :structure_size, BinStruct::Int16le, default: 9
|
|
28
28
|
# !@attribute context_count
|
|
29
29
|
# Only for SMB3 dialect. If non zero, this is the number of element
|
|
30
30
|
# in {#data}, formatted as a variable length array.
|
|
31
31
|
# @return [Integer]
|
|
32
|
-
|
|
32
|
+
define_attr :context_count, BinStruct::Int8
|
|
33
33
|
# !@attribute reserved
|
|
34
34
|
# 8-bit reserved value
|
|
35
35
|
# @return [Integer]
|
|
36
|
-
|
|
36
|
+
define_attr :reserved, BinStruct::Int8
|
|
37
37
|
# @!attribute byte_count
|
|
38
38
|
# 32-bit value indicating the number of bytes contained in {#data}
|
|
39
39
|
# @return [Integer]
|
|
40
|
-
|
|
40
|
+
define_attr :byte_count, BinStruct::Int32le
|
|
41
41
|
# @!attribute data
|
|
42
42
|
# Variable-length data field.
|
|
43
43
|
# @return [String]
|
|
44
|
-
|
|
44
|
+
define_attr :data, BinStruct::String
|
|
45
45
|
end
|
|
46
46
|
end
|
|
47
47
|
PacketGen::Header.add_class SMB2::ErrorResponse
|
|
48
|
-
SMB2.bind SMB2::ErrorResponse, status:
|
|
48
|
+
SMB2.bind SMB2::ErrorResponse, status: lambda(&:positive?)
|
|
49
49
|
end
|
|
@@ -21,25 +21,25 @@ module PacketGen::Plugin
|
|
|
21
21
|
# | |
|
|
22
22
|
# +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|
|
23
23
|
# @author Sylvain Daubert
|
|
24
|
-
class GUID <
|
|
25
|
-
include
|
|
24
|
+
class GUID < BinStruct::Struct
|
|
25
|
+
include BinStruct::Structable
|
|
26
26
|
|
|
27
27
|
# @!attribute data1
|
|
28
28
|
# 32-bit little-endian data1
|
|
29
29
|
# @return [Integer]
|
|
30
|
-
|
|
30
|
+
define_attr :data1, BinStruct::Int32le
|
|
31
31
|
# @!attribute data2
|
|
32
32
|
# 16-bit little-endian data2
|
|
33
33
|
# @return [Integer]
|
|
34
|
-
|
|
34
|
+
define_attr :data2, BinStruct::Int16le
|
|
35
35
|
# @!attribute data3
|
|
36
36
|
# 16-bit little-endian data3
|
|
37
37
|
# @return [Integer]
|
|
38
|
-
|
|
38
|
+
define_attr :data3, BinStruct::Int16le
|
|
39
39
|
# @!attribute data4
|
|
40
40
|
# 64-bit big-endian data4
|
|
41
41
|
# @return [Integer]
|
|
42
|
-
|
|
42
|
+
define_attr :data4, BinStruct::Int64
|
|
43
43
|
|
|
44
44
|
# Get a human-readable GUID, as specified in RFC 4122
|
|
45
45
|
# guid.to_human # => "7aedb437-01b9-41d4-a5f7-9e6c06e16c8a"
|
|
@@ -47,7 +47,7 @@ module PacketGen::Plugin
|
|
|
47
47
|
def to_human
|
|
48
48
|
data4p1 = data4 >> 48
|
|
49
49
|
data4p2 = data4 & 0xffff_ffff_ffff
|
|
50
|
-
|
|
50
|
+
'%08x-%04x-%04x-%04x-%012x' % [data1, data2, data3, data4p1, data4p2] # rubocop:disable Style/FormatStringToken
|
|
51
51
|
end
|
|
52
52
|
|
|
53
53
|
# Set GUID from a human-readable string
|
|
@@ -56,13 +56,13 @@ module PacketGen::Plugin
|
|
|
56
56
|
def from_human(guid)
|
|
57
57
|
return self if guid.nil? || guid.empty?
|
|
58
58
|
|
|
59
|
-
values = guid.split('-')
|
|
59
|
+
values = guid.split('-').map { |v| v.to_i(16) }
|
|
60
60
|
return self if values.size != 5
|
|
61
61
|
|
|
62
|
-
self.data1 = values[0]
|
|
63
|
-
self.data2 = values[1]
|
|
64
|
-
self.data3 = values[2]
|
|
65
|
-
self.data4 = values[3]
|
|
62
|
+
self.data1 = values[0]
|
|
63
|
+
self.data2 = values[1]
|
|
64
|
+
self.data3 = values[2]
|
|
65
|
+
self.data4 = (values[3] << 48) | values[4]
|
|
66
66
|
self
|
|
67
67
|
end
|
|
68
68
|
end
|