RubyGems - ruby_smb - Versions diffs - 0.0.21 → 0.0.22 - Mend

ruby_smb 0.0.21 → 0.0.22

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (62) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/examples/net_share_enum_all.rb +5 -2
data/lib/ruby_smb.rb +1 -1
data/lib/ruby_smb/client.rb +4 -35
data/lib/ruby_smb/dcerpc.rb +7 -22
data/lib/ruby_smb/dcerpc/bind.rb +30 -36
data/lib/ruby_smb/dcerpc/bind_ack.rb +72 -0
data/lib/ruby_smb/dcerpc/error.rb +15 -0
data/lib/ruby_smb/dcerpc/ndr.rb +31 -30
data/lib/ruby_smb/dcerpc/p_syntax_id_t.rb +11 -0
data/lib/ruby_smb/dcerpc/pdu_header.rb +29 -0
data/lib/ruby_smb/dcerpc/ptypes.rb +26 -0
data/lib/ruby_smb/dcerpc/request.rb +17 -30
data/lib/ruby_smb/dcerpc/response.rb +15 -34
data/lib/ruby_smb/dcerpc/srvsvc.rb +5 -7
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +8 -4
data/lib/ruby_smb/dcerpc/uuid.rb +31 -13
data/lib/ruby_smb/smb1/bit_field.rb +0 -1
data/lib/ruby_smb/smb1/bit_field/trans_flags.rb +3 -2
data/lib/ruby_smb/smb1/data_block.rb +5 -0
data/lib/ruby_smb/smb1/dcerpc.rb +67 -0
data/lib/ruby_smb/smb1/packet.rb +1 -0
data/lib/ruby_smb/smb1/packet/trans.rb +7 -1
data/lib/ruby_smb/smb1/packet/trans/data_block.rb +19 -7
data/lib/ruby_smb/smb1/packet/trans/request.rb +36 -25
data/lib/ruby_smb/smb1/packet/trans/response.rb +22 -21
data/lib/ruby_smb/smb1/packet/trans/subcommands.rb +1 -0
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +61 -0
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +44 -0
data/lib/ruby_smb/smb1/packet/trans2/request.rb +1 -1
data/lib/ruby_smb/smb1/pipe.rb +3 -0
data/lib/ruby_smb/smb2/dcerpc.rb +68 -0
data/lib/ruby_smb/smb2/pipe.rb +3 -0
data/lib/ruby_smb/version.rb +1 -1
data/spec/lib/ruby_smb/client_spec.rb +53 -6
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +224 -0
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +255 -7
data/spec/lib/ruby_smb/dcerpc/p_syntax_id_t_spec.rb +31 -0
data/spec/lib/ruby_smb/dcerpc/pdu_header_spec.rb +84 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +106 -13
data/spec/lib/ruby_smb/dcerpc/response_spec.rb +89 -8
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +176 -0
data/spec/lib/ruby_smb/dcerpc/uuid_spec.rb +97 -1
data/spec/lib/ruby_smb/smb1/data_block_spec.rb +43 -3
data/spec/lib/ruby_smb/smb1/packet/trans/data_block_spec.rb +137 -0
data/spec/lib/ruby_smb/smb1/packet/trans/request_spec.rb +239 -13
data/spec/lib/ruby_smb/smb1/packet/trans/response_spec.rb +122 -13
data/spec/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request_spec.rb +254 -0
data/spec/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response_spec.rb +122 -0
data/spec/lib/ruby_smb/smb1/packet/trans2/request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +199 -1
data/spec/lib/ruby_smb/smb2/file_spec.rb +2 -1
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +196 -1
metadata +25 -10
metadata.gz.sig +0 -0
data/lib/ruby_smb/dcerpc/handle.rb +0 -60
data/lib/ruby_smb/smb1/bit_field/trans2_flags.rb +0 -15
data/spec/lib/ruby_smb/dcerpc/handle_spec.rb +0 -31
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +0 -13
data/spec/lib/ruby_smb/smb1/bit_field/trans2_flags_spec.rb +0 -26

data/lib/ruby_smb/smb1/packet/trans/response.rb CHANGED

@@ -2,32 +2,31 @@ module RubySMB
   module SMB1
     module Packet
       module Trans
-      # A SMB1 SMB_COM_TRANSACTION Response Packet as defined in
-      # [2.2.4.33.2 Response](https://msdn.microsoft.com/en-us/library/ee442061.aspx)
+        # This class represents a generic SMB1 Trans Response Packet as defined in
+        # [2.2.4.33.2 Response](https://msdn.microsoft.com/en-us/library/ee442061.aspx)
         class Response < RubySMB::GenericPacket
           # A SMB1 Parameter Block
           class ParameterBlock < RubySMB::SMB1::ParameterBlock
-            uint16 :total_parameter_count, label: 'Total Parameter Count(bytes)'
-            uint16        :total_data_count,        label: 'Total Data Count(bytes)'
-            uint16        :reserved,                label: 'Reserved Space',                 initial_value: 0x00
-            uint16        :parameter_count,         label: 'Parameter Count(bytes)',         initial_value: -> { parent.data_block.trans_parameters.length }
-            uint16        :parameter_offset,        label: 'Parameter Offset',               initial_value: -> { parent.data_block.trans_parameters.abs_offset }
-            uint16        :parameter_displacement,  label: 'Parameter Displacement'
-            uint16        :data_count,              label: 'Data Count(bytes)',              initial_value: -> { parent.data_block.trans_data.length }
-            uint16        :data_offset,             label: 'Data Offset',                    initial_value: -> { parent.data_block.trans_data.abs_offset }
-            uint16        :data_displacement,       label: 'Data Displacement'
-            uint8         :setup_count,             label: 'Setup Count',                    initial_value: -> { setup.length }
-            uint8         :reserved2,               label: 'Reserved Space',                 initial_value: 0x00
-            array :setup, type: :uint16, initial_length: 0
+            uint16 :total_parameter_count,  label: 'Total Parameter Count(bytes)', initial_value: -> { parameter_count }
+            uint16 :total_data_count,       label: 'Total Data Count(bytes)',      initial_value: -> { data_count }
+            uint16 :reserved,               label: 'Reserved Space',         value: 0x0000
+            uint16 :parameter_count,        label: 'Parameter Count(bytes)', initial_value: -> { parent.data_block.trans_parameters.length }
+            uint16 :parameter_offset,       label: 'Parameter Offset',       initial_value: -> { parent.data_block.trans_parameters.abs_offset }
+            uint16 :parameter_displacement, label: 'Parameter Displacement'
+            uint16 :data_count,             label: 'Data Count(bytes)',      initial_value: -> { parent.data_block.trans_data.length }
+            uint16 :data_offset,            label: 'Data Offset',            initial_value: -> { parent.data_block.trans_data.abs_offset }
+            uint16 :data_displacement,      label: 'Data Displacement'
+            uint8  :setup_count,            label: 'Setup Count',            initial_value: -> { setup.length }
+            uint8  :reserved2,              label: 'Reserved Space',         value: 0x00
+            array  :setup,                  type:  :uint16,                  initial_length: :setup_count
           end
-          # The {RubySMB::SMB1::DataBlock} specific to this packet type.
           class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
-            string :pad1,               length: -> { pad1_length }
-            string :trans_parameters,   label: 'Trans Parameters'
-            string :pad2,               length: -> { pad2_length }
-            string :trans_data,         label: 'Trans Data'
+            string :pad1,             length: lambda { pad1_length }
+            string :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string :pad2,             length: lambda { pad2_length }
+            string :trans_data,       label: 'Trans Data',       read_length: -> { parent.parameter_block.data_count }
           end
           smb_header        :smb_header
@@ -39,8 +38,10 @@ module RubySMB
             smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
             smb_header.flags.reply = 1
           end
         end
       end
     end
   end
-end
+end

data/lib/ruby_smb/smb1/packet/trans/subcommands.rb CHANGED

@@ -3,6 +3,7 @@ module RubySMB
     module Packet
       module Trans
         module Subcommands
+          TRANSACT_NMPIPE = 0x0026
           PEEK_NMPIPE        = 0x0023
         end
       end

data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb ADDED

@@ -0,0 +1,61 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # A Trans TRANSACT_NMPIPE Request Packet as defined in
+        # [2.2.5.6.1 Request](https://msdn.microsoft.com/en-us/library/ee441832.aspx)
+        class TransactNmpipeRequest < RubySMB::GenericPacket
+          class ParameterBlock < RubySMB::SMB1::Packet::Trans::Request::ParameterBlock
+          end
+          class TransData < BinData::Record
+            string  :write_data, label: 'Write Data', read_length: -> { parent.parent.parameter_block.data_count }
+            # Returns the length of the TransData struct in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            # If unicode is set, the name field must be aligned to start on a 2-byte
+            # boundary from the start of the SMB header:
+            string :pad_name, length: -> { pad_name_length },
+                              onlyif: -> { parent.smb_header.flags2.unicode.to_i == 1 }
+            choice :name, :selection      => lambda { parent.smb_header.flags2.unicode.to_i },
+                          :copy_on_change => true do
+              stringz   0, label: 'Name', initial_value: "\\PIPE\\"
+              stringz16 1, label: 'Name', initial_value: "\\PIPE\\".encode('utf-16le')
+            end
+            string     :pad1,             length: lambda { pad1_length }
+            string     :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string     :pad2,             length: lambda { pad2_length }
+            trans_data :trans_data,       label: 'Trans Data'
+          end
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            parameter_block.max_parameter_count = 0x0000
+            parameter_block.max_setup_count = 0x00
+            parameter_block.setup << RubySMB::SMB1::Packet::Trans::Subcommands::TRANSACT_NMPIPE
+            # FID: must be set to a valid FID from a server response for a
+            # previous SMB command to open or create a named pipe.
+            parameter_block.setup << 0x0000
+          end
+          def set_fid(fid)
+            parameter_block.setup[1] = fid
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb ADDED

@@ -0,0 +1,44 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # A Trans TRANSACT_NMPIPE Response Packet as defined in
+        # [2.2.5.6.2 Response](https://msdn.microsoft.com/en-us/library/ee442003.aspx)
+        class TransactNmpipeResponse < RubySMB::GenericPacket
+          class ParameterBlock < RubySMB::SMB1::Packet::Trans::Response::ParameterBlock
+          end
+          class TransData < BinData::Record
+            string :read_data, label: 'Read Data', read_length: -> { parent.parameter_block.data_count }
+            # Returns the length of the TransData struct in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            string     :pad1,             length: lambda { pad1_length }
+            string     :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string     :pad2,             length: lambda { pad2_length }
+            trans_data :trans_data,       label: 'Trans Data'
+          end
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            smb_header.flags.reply = 1
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans2/request.rb CHANGED

@@ -13,7 +13,7 @@ module RubySMB
             uint16        :max_data_count,        label: 'Max Data Count(bytes)'
             uint8         :max_setup_count,       label: 'Max Setup Count'
             uint8         :reserved,              label: 'Reserved Space',         initial_value: 0x00
-            trans2_flags  :flags
+            trans_flags   :flags
             uint32        :timeout,               label: 'Timeout',                initial_value: 0x00000000
             uint16        :reserved2,             label: 'Reserved Space',         initial_value: 0x00
             uint16        :parameter_count,       label: 'Parameter Count(bytes)', initial_value: -> { parent.data_block.trans2_parameters.length }

data/lib/ruby_smb/smb1/pipe.rb CHANGED

@@ -3,6 +3,9 @@ module RubySMB
     # Represents a pipe on the Remote server that we can perform
     # various I/O operations on.
     class Pipe < File
+      require 'ruby_smb/smb1/dcerpc'
+      include RubySMB::SMB1::Dcerpc
       # Reference: https://msdn.microsoft.com/en-us/library/ee441883.aspx
       STATUS_DISCONNECTED = 0x0001

data/lib/ruby_smb/smb2/dcerpc.rb ADDED

@@ -0,0 +1,68 @@
+module RubySMB
+  module SMB2
+    module Dcerpc
+      def net_share_enum_all(host)
+        bind(endpoint: RubySMB::Dcerpc::Srvsvc)
+        response = request(RubySMB::Dcerpc::Srvsvc::NET_SHARE_ENUM_ALL, host: host)
+        shares = RubySMB::Dcerpc::Srvsvc::NetShareEnumAll.parse_response(response.stub.to_binary_s)
+        shares.map{|s|{name: s[0], type: s[1], comment: s[2]}}
+      end
+      def bind(options={})
+        bind_req = RubySMB::Dcerpc::Bind.new(options)
+        ioctl_response = ioctl_send_recv(bind_req, options)
+        begin
+          dcerpc_response = RubySMB::Dcerpc::BindAck.read(ioctl_response.output_data)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
+        end
+        unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::BIND_ACK
+          raise RubySMB::Dcerpc::Error::BindError, "Not a BindAck packet"
+        end
+        res_list = dcerpc_response.p_result_list
+        if res_list.n_results == 0 ||
+           res_list.p_results[0].result != RubySMB::Dcerpc::BindAck::ACCEPTANCE
+          raise RubySMB::Dcerpc::Error::BindError,
+            "Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
+        end
+        dcerpc_response
+      end
+      def request(opnum, options={})
+        dcerpc_request = RubySMB::Dcerpc::Request.new({ :opnum => opnum }, options)
+        ioctl_response = ioctl_send_recv(dcerpc_request, options)
+        begin
+          dcerpc_response = RubySMB::Dcerpc::Response.read(ioctl_response.output_data)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
+        end
+        unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::RESPONSE
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Not a Response packet"
+        end
+        dcerpc_response
+      end
+      def ioctl_send_recv(action, options={})
+        request = set_header_fields(RubySMB::SMB2::Packet::IoctlRequest.new(options))
+        request.ctl_code = 0x0011C017
+        request.flags.is_fsctl = 0x00000001
+        request.buffer = action.to_binary_s
+        ioctl_raw_response = @tree.client.send_recv(request)
+        ioctl_response = RubySMB::SMB2::Packet::IoctlResponse.read(ioctl_raw_response)
+        unless ioctl_response.smb2_header.command == RubySMB::SMB2::Commands::IOCTL
+          raise RubySMB::Error::InvalidPacket, 'Not a IoctlResponse packet'
+        end
+        unless ioctl_response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, ioctl_response.status_code.name
+        end
+        ioctl_response
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb2/pipe.rb CHANGED

@@ -3,6 +3,9 @@ module RubySMB
     # Represents a pipe on the Remote server that we can perform
     # various I/O operations on.
     class Pipe < File
+      require 'ruby_smb/smb2/dcerpc'
+      include RubySMB::SMB2::Dcerpc
       STATUS_CONNECTED = 0x00000003
       STATUS_CLOSING   = 0x00000004

data/lib/ruby_smb/version.rb CHANGED

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '0.0.21'.freeze
+  VERSION = '0.0.22'.freeze
 end

data/spec/lib/ruby_smb/client_spec.rb CHANGED

@@ -201,8 +201,8 @@ RSpec.describe RubySMB::Client do
         allow(dispatcher).to receive(:send_packet) do |packet, _opts|
           expect(packet).to be_a(RubySMB::Nbss::SessionRequest)
           expect(packet.session_header.session_packet_type).to eq RubySMB::Nbss::SESSION_REQUEST
-          expect(packet.called_name).to eq encoded_called_name
-          expect(packet.calling_name).to eq encoded_calling_name
+          expect(packet.called_name).to eq encoded_called_name
+          expect(packet.calling_name).to eq encoded_calling_name
           expect(packet.session_header.packet_length).to eq (encoded_called_name.size + encoded_calling_name.size)
         end
         client.session_request
@@ -1123,11 +1123,58 @@ RSpec.describe RubySMB::Client do
       end
       describe '#net_share_enum_all' do
-        let(:shares){{}}
+        let(:tree){ double("Tree") }
+        let(:named_pipe){ double("Named Pipe") }
-        it 'it calls the smb2 method' do
-          expect(smb2_client).to receive(:smb2_net_share_enum_all).with(sock.peeraddr).and_return(shares)
-          smb2_client.net_share_enum_all(sock.peeraddr)
+        before :example do
+          allow(tree).to receive(:open_file).and_return(named_pipe)
+          allow(named_pipe).to receive(:net_share_enum_all)
+        end
+        context 'with SMB1' do
+          before :example do
+            allow(smb1_client).to receive(:tree_connect).and_return(tree)
+          end
+          it 'it calls the #tree_connect method to connect to the "host" IPC$ share' do
+            ipc_share = "\\\\#{sock.peeraddr}\\IPC$"
+            expect(smb1_client).to receive(:tree_connect).with(ipc_share).and_return(tree)
+            smb1_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the Tree #open_file method to open "srvsvc" named pipe' do
+            expect(tree).to receive(:open_file).with(filename: "srvsvc", write: true, read: true).and_return(named_pipe)
+            smb1_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the File #net_share_enum_all method with the correct host' do
+            host = "1.2.3.4"
+            expect(named_pipe).to receive(:net_share_enum_all).with(host)
+            smb1_client.net_share_enum_all(host)
+          end
+        end
+        context 'with SMB2' do
+          before :example do
+            allow(smb2_client).to receive(:tree_connect).and_return(tree)
+          end
+          it 'it calls the #tree_connect method to connect to the "host" IPC$ share' do
+            ipc_share = "\\\\#{sock.peeraddr}\\IPC$"
+            expect(smb2_client).to receive(:tree_connect).with(ipc_share).and_return(tree)
+            smb2_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the Tree #open_file method to open "srvsvc" named pipe' do
+            expect(tree).to receive(:open_file).with(filename: "srvsvc", write: true, read: true).and_return(named_pipe)
+            smb2_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the File #net_share_enum_all method with the correct host' do
+            host = "1.2.3.4"
+            expect(named_pipe).to receive(:net_share_enum_all).with(host)
+            smb2_client.net_share_enum_all(host)
+          end
         end
       end
     end

data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb ADDED

@@ -0,0 +1,224 @@
+RSpec.describe RubySMB::Dcerpc::BindAck do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :pdu_header }
+  it { is_expected.to respond_to :max_xmit_frag }
+  it { is_expected.to respond_to :max_recv_frag }
+  it { is_expected.to respond_to :assoc_group_id }
+  it { is_expected.to respond_to :sec_addr }
+  it { is_expected.to respond_to :p_result_list }
+  it { is_expected.to respond_to :auth_verifier }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#pdu_header' do
+    subject(:header) { packet.pdu_header }
+    it 'is a standard PDU Header' do
+      expect(header).to be_a RubySMB::Dcerpc::PDUHeader
+    end
+    it 'should have the #ptype field set to PTypes::BIND_ACK' do
+      expect(header.ptype).to eq RubySMB::Dcerpc::PTypes::BIND_ACK
+    end
+  end
+  describe '#max_xmit_frag' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.max_xmit_frag).to be_a BinData::Uint16le
+    end
+    it 'should have a default value of 0xFFFF' do
+      expect(packet.max_xmit_frag).to eq 0xFFFF
+    end
+  end
+  describe '#max_recv_frag' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.max_recv_frag).to be_a BinData::Uint16le
+    end
+    it 'should have a default value of 0xFFFF' do
+      expect(packet.max_recv_frag).to eq 0xFFFF
+    end
+  end
+  describe '#assoc_group_id' do
+    it 'should be a 32-bit unsigned integer' do
+      expect(packet.assoc_group_id).to be_a BinData::Uint32le
+    end
+  end
+  describe '#pad' do
+    it 'should keep #p_result_list 4-byte aligned' do
+      packet.sec_addr.port_spec = "test"
+      expect(packet.p_result_list.abs_offset % 4).to eq 0
+    end
+  end
+  describe '#p_result_list' do
+    it 'should be a PContListT structure' do
+      expect(packet.p_result_list).to be_a RubySMB::Dcerpc::PResultListT
+    end
+  end
+  describe '#auth_verifier' do
+    it 'should be a string' do
+      expect(packet.auth_verifier).to be_a BinData::String
+    end
+    it 'should not exist if the #auth_length PDU header field is 0' do
+      packet.pdu_header.auth_length = 0
+      expect(packet.auth_verifier?).to be false
+    end
+    it 'should exist only if the #auth_length PDU header field is greater than 0' do
+      packet.pdu_header.auth_length = 10
+      expect(packet.auth_verifier?).to be true
+    end
+    it 'reads #auth_length bytes' do
+      auth_verifier = '12345678'
+      packet.pdu_header.auth_length = 6
+      packet.auth_verifier.read(auth_verifier)
+      expect(packet.auth_verifier).to eq(auth_verifier[0,6])
+    end
+  end
+  describe '#pad_length' do
+    it 'returns 0 when #p_result_list is already 4-byte aligned' do
+      packet.sec_addr.port_spec = 'align'
+      expect(packet.pad_length).to eq 0
+    end
+    it 'returns 2 when #p_result_list is only 2-byte aligned' do
+      packet.sec_addr.port_spec = 'align' + 'AA'
+      expect(packet.pad_length).to eq 2
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.sec_addr.port_spec = "port spec"
+    packet.p_result_list.n_results = 2
+    packet.auth_verifier = '123456'
+    packet.pdu_header.auth_length = 6
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PortAnyT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :str_length }
+  it { is_expected.to respond_to :port_spec }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#str_length' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.str_length).to be_a BinData::Uint16le
+    end
+    it 'should be the size of #port_spec string, including the NULL terminator' do
+      str = 'test'
+      packet.port_spec = str
+      expect(packet.str_length).to eq(str.size + 1)
+    end
+  end
+  describe '#port_spec' do
+    it 'should be a Stringz' do
+      expect(packet.port_spec).to be_a BinData::Stringz
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.port_spec = "port spec"
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PResultListT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :n_results }
+  it { is_expected.to respond_to :p_results }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#n_results' do
+    it 'should be a 8-bit unsigned integer' do
+      expect(packet.n_results).to be_a BinData::Uint8
+    end
+  end
+  describe '#p_results' do
+    it 'should be an array of type PResultT' do
+      expect(packet.p_results).to be_a BinData::Array
+      type = packet.p_results.get_parameter(:type)
+      expect(type.instantiate).to be_a RubySMB::Dcerpc::PResultT
+    end
+    it 'should have #n_results elements' do
+      n_elements = 4
+      packet.n_results = n_elements
+      expect(packet.p_results.size).to eq n_elements
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.n_results = 4
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PResultT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :result }
+  it { is_expected.to respond_to :reason }
+  it { is_expected.to respond_to :transfer_syntax }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#result' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.result).to be_a BinData::Uint16le
+    end
+  end
+  describe '#reason' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.reason).to be_a BinData::Uint16le
+    end
+  end
+  describe '#transfer_syntax' do
+    it 'should be a PSyntaxIdT' do
+      expect(packet.transfer_syntax).to be_a RubySMB::Dcerpc::PSyntaxIdT
+    end
+    it 'is set to the NDR presentation syntax' do
+      expect(packet.transfer_syntax.if_uuid).to eq RubySMB::Dcerpc::Ndr::UUID
+      expect(packet.transfer_syntax.if_ver_major).to eq RubySMB::Dcerpc::Ndr::VER_MAJOR
+      expect(packet.transfer_syntax.if_ver_minor).to eq RubySMB::Dcerpc::Ndr::VER_MINOR
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end