RubyGems - ruby_smb - Versions diffs - 0.0.21 → 0.0.22 - Mend

ruby_smb 0.0.21 → 0.0.22

Files changed (62) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/examples/net_share_enum_all.rb +5 -2
data/lib/ruby_smb.rb +1 -1
data/lib/ruby_smb/client.rb +4 -35
data/lib/ruby_smb/dcerpc.rb +7 -22
data/lib/ruby_smb/dcerpc/bind.rb +30 -36
data/lib/ruby_smb/dcerpc/bind_ack.rb +72 -0
data/lib/ruby_smb/dcerpc/error.rb +15 -0
data/lib/ruby_smb/dcerpc/ndr.rb +31 -30
data/lib/ruby_smb/dcerpc/p_syntax_id_t.rb +11 -0
data/lib/ruby_smb/dcerpc/pdu_header.rb +29 -0
data/lib/ruby_smb/dcerpc/ptypes.rb +26 -0
data/lib/ruby_smb/dcerpc/request.rb +17 -30
data/lib/ruby_smb/dcerpc/response.rb +15 -34
data/lib/ruby_smb/dcerpc/srvsvc.rb +5 -7
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +8 -4
data/lib/ruby_smb/dcerpc/uuid.rb +31 -13
data/lib/ruby_smb/smb1/bit_field.rb +0 -1
data/lib/ruby_smb/smb1/bit_field/trans_flags.rb +3 -2
data/lib/ruby_smb/smb1/data_block.rb +5 -0
data/lib/ruby_smb/smb1/dcerpc.rb +67 -0
data/lib/ruby_smb/smb1/packet.rb +1 -0
data/lib/ruby_smb/smb1/packet/trans.rb +7 -1
data/lib/ruby_smb/smb1/packet/trans/data_block.rb +19 -7
data/lib/ruby_smb/smb1/packet/trans/request.rb +36 -25
data/lib/ruby_smb/smb1/packet/trans/response.rb +22 -21
data/lib/ruby_smb/smb1/packet/trans/subcommands.rb +1 -0
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +61 -0
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +44 -0
data/lib/ruby_smb/smb1/packet/trans2/request.rb +1 -1
data/lib/ruby_smb/smb1/pipe.rb +3 -0
data/lib/ruby_smb/smb2/dcerpc.rb +68 -0
data/lib/ruby_smb/smb2/pipe.rb +3 -0
data/lib/ruby_smb/version.rb +1 -1
data/spec/lib/ruby_smb/client_spec.rb +53 -6
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +224 -0
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +255 -7
data/spec/lib/ruby_smb/dcerpc/p_syntax_id_t_spec.rb +31 -0
data/spec/lib/ruby_smb/dcerpc/pdu_header_spec.rb +84 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +106 -13
data/spec/lib/ruby_smb/dcerpc/response_spec.rb +89 -8
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +176 -0
data/spec/lib/ruby_smb/dcerpc/uuid_spec.rb +97 -1
data/spec/lib/ruby_smb/smb1/data_block_spec.rb +43 -3
data/spec/lib/ruby_smb/smb1/packet/trans/data_block_spec.rb +137 -0
data/spec/lib/ruby_smb/smb1/packet/trans/request_spec.rb +239 -13
data/spec/lib/ruby_smb/smb1/packet/trans/response_spec.rb +122 -13
data/spec/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request_spec.rb +254 -0
data/spec/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response_spec.rb +122 -0
data/spec/lib/ruby_smb/smb1/packet/trans2/request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +199 -1
data/spec/lib/ruby_smb/smb2/file_spec.rb +2 -1
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +196 -1
metadata +25 -10
metadata.gz.sig +0 -0
data/lib/ruby_smb/dcerpc/handle.rb +0 -60
data/lib/ruby_smb/smb1/bit_field/trans2_flags.rb +0 -15
data/spec/lib/ruby_smb/dcerpc/handle_spec.rb +0 -31
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +0 -13
data/spec/lib/ruby_smb/smb1/bit_field/trans2_flags_spec.rb +0 -26

data/lib/ruby_smb/smb1/packet/trans/response.rb CHANGED

@@ -2,32 +2,31 @@ module RubySMB
   module SMB1
     module Packet
       module Trans
-      # A SMB1 SMB_COM_TRANSACTION Response Packet as defined in
-      # [2.2.4.33.2 Response](https://msdn.microsoft.com/en-us/library/ee442061.aspx)
+        # This class represents a generic SMB1 Trans Response Packet as defined in
+        # [2.2.4.33.2 Response](https://msdn.microsoft.com/en-us/library/ee442061.aspx)
         class Response < RubySMB::GenericPacket
           # A SMB1 Parameter Block
           class ParameterBlock < RubySMB::SMB1::ParameterBlock
-            uint16 :total_parameter_count, label: 'Total Parameter Count(bytes)'
-            uint16        :total_data_count,        label: 'Total Data Count(bytes)'
-            uint16        :reserved,                label: 'Reserved Space',                 initial_value: 0x00
-            uint16        :parameter_count,         label: 'Parameter Count(bytes)',         initial_value: -> { parent.data_block.trans_parameters.length }
-            uint16        :parameter_offset,        label: 'Parameter Offset',               initial_value: -> { parent.data_block.trans_parameters.abs_offset }
-            uint16        :parameter_displacement,  label: 'Parameter Displacement'
-            uint16        :data_count,              label: 'Data Count(bytes)',              initial_value: -> { parent.data_block.trans_data.length }
-            uint16        :data_offset,             label: 'Data Offset',                    initial_value: -> { parent.data_block.trans_data.abs_offset }
-            uint16        :data_displacement,       label: 'Data Displacement'
-            uint8         :setup_count,             label: 'Setup Count',                    initial_value: -> { setup.length }
-            uint8         :reserved2,               label: 'Reserved Space',                 initial_value: 0x00
-            array :setup, type: :uint16, initial_length: 0
+            uint16 :total_parameter_count,  label: 'Total Parameter Count(bytes)', initial_value: -> { parameter_count }
+            uint16 :total_data_count,       label: 'Total Data Count(bytes)',      initial_value: -> { data_count }
+            uint16 :reserved,               label: 'Reserved Space',         value: 0x0000
+            uint16 :parameter_count,        label: 'Parameter Count(bytes)', initial_value: -> { parent.data_block.trans_parameters.length }
+            uint16 :parameter_offset,       label: 'Parameter Offset',       initial_value: -> { parent.data_block.trans_parameters.abs_offset }
+            uint16 :parameter_displacement, label: 'Parameter Displacement'
+            uint16 :data_count,             label: 'Data Count(bytes)',      initial_value: -> { parent.data_block.trans_data.length }
+            uint16 :data_offset,            label: 'Data Offset',            initial_value: -> { parent.data_block.trans_data.abs_offset }
+            uint16 :data_displacement,      label: 'Data Displacement'
+            uint8  :setup_count,            label: 'Setup Count',            initial_value: -> { setup.length }
+            uint8  :reserved2,              label: 'Reserved Space',         value: 0x00
+            array  :setup,                  type:  :uint16,                  initial_length: :setup_count
           end
-          # The {RubySMB::SMB1::DataBlock} specific to this packet type.
           class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
-            string :pad1,               length: -> { pad1_length }
-            string :trans_parameters,   label: 'Trans Parameters'
-            string :pad2,               length: -> { pad2_length }
-            string :trans_data,         label: 'Trans Data'
+            string :pad1,             length: lambda { pad1_length }
+            string :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string :pad2,             length: lambda { pad2_length }
+            string :trans_data,       label: 'Trans Data',       read_length: -> { parent.parameter_block.data_count }
           end
           smb_header        :smb_header
@@ -39,8 +38,10 @@ module RubySMB
             smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
             smb_header.flags.reply = 1
           end
         end
       end
     end
   end
-end
+end

data/lib/ruby_smb/smb1/packet/trans/subcommands.rb CHANGED

@@ -3,6 +3,7 @@ module RubySMB
     module Packet
       module Trans
         module Subcommands
+          TRANSACT_NMPIPE = 0x0026
           PEEK_NMPIPE        = 0x0023
         end
       end

data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb ADDED

@@ -0,0 +1,61 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # A Trans TRANSACT_NMPIPE Request Packet as defined in
+        # [2.2.5.6.1 Request](https://msdn.microsoft.com/en-us/library/ee441832.aspx)
+        class TransactNmpipeRequest < RubySMB::GenericPacket
+          class ParameterBlock < RubySMB::SMB1::Packet::Trans::Request::ParameterBlock
+          end
+          class TransData < BinData::Record
+            string  :write_data, label: 'Write Data', read_length: -> { parent.parent.parameter_block.data_count }
+            # Returns the length of the TransData struct in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            # If unicode is set, the name field must be aligned to start on a 2-byte
+            # boundary from the start of the SMB header:
+            string :pad_name, length: -> { pad_name_length },
+                              onlyif: -> { parent.smb_header.flags2.unicode.to_i == 1 }
+            choice :name, :selection      => lambda { parent.smb_header.flags2.unicode.to_i },
+                          :copy_on_change => true do
+              stringz   0, label: 'Name', initial_value: "\\PIPE\\"
+              stringz16 1, label: 'Name', initial_value: "\\PIPE\\".encode('utf-16le')
+            end
+            string     :pad1,             length: lambda { pad1_length }
+            string     :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string     :pad2,             length: lambda { pad2_length }
+            trans_data :trans_data,       label: 'Trans Data'
+          end
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            parameter_block.max_parameter_count = 0x0000
+            parameter_block.max_setup_count = 0x00
+            parameter_block.setup << RubySMB::SMB1::Packet::Trans::Subcommands::TRANSACT_NMPIPE
+            # FID: must be set to a valid FID from a server response for a
+            # previous SMB command to open or create a named pipe.
+            parameter_block.setup << 0x0000
+          end
+          def set_fid(fid)
+            parameter_block.setup[1] = fid
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb ADDED

@@ -0,0 +1,44 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # A Trans TRANSACT_NMPIPE Response Packet as defined in
+        # [2.2.5.6.2 Response](https://msdn.microsoft.com/en-us/library/ee442003.aspx)
+        class TransactNmpipeResponse < RubySMB::GenericPacket
+          class ParameterBlock < RubySMB::SMB1::Packet::Trans::Response::ParameterBlock
+          end
+          class TransData < BinData::Record
+            string :read_data, label: 'Read Data', read_length: -> { parent.parameter_block.data_count }
+            # Returns the length of the TransData struct in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            string     :pad1,             length: lambda { pad1_length }
+            string     :trans_parameters, label: 'Trans Parameters', read_length: -> { parent.parameter_block.parameter_count }
+            string     :pad2,             length: lambda { pad2_length }
+            trans_data :trans_data,       label: 'Trans Data'
+          end
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            smb_header.flags.reply = 1
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans2/request.rb CHANGED

@@ -13,7 +13,7 @@ module RubySMB
             uint16        :max_data_count,        label: 'Max Data Count(bytes)'
             uint8         :max_setup_count,       label: 'Max Setup Count'
             uint8         :reserved,              label: 'Reserved Space',         initial_value: 0x00
-            trans2_flags  :flags
+            trans_flags   :flags
             uint32        :timeout,               label: 'Timeout',                initial_value: 0x00000000
             uint16        :reserved2,             label: 'Reserved Space',         initial_value: 0x00
             uint16        :parameter_count,       label: 'Parameter Count(bytes)', initial_value: -> { parent.data_block.trans2_parameters.length }

data/lib/ruby_smb/smb1/pipe.rb CHANGED

@@ -3,6 +3,9 @@ module RubySMB
     # Represents a pipe on the Remote server that we can perform
     # various I/O operations on.
     class Pipe < File
+      require 'ruby_smb/smb1/dcerpc'
+      include RubySMB::SMB1::Dcerpc
       # Reference: https://msdn.microsoft.com/en-us/library/ee441883.aspx
       STATUS_DISCONNECTED = 0x0001

data/lib/ruby_smb/smb2/dcerpc.rb ADDED

@@ -0,0 +1,68 @@
+module RubySMB
+  module SMB2
+    module Dcerpc
+      def net_share_enum_all(host)
+        bind(endpoint: RubySMB::Dcerpc::Srvsvc)
+        response = request(RubySMB::Dcerpc::Srvsvc::NET_SHARE_ENUM_ALL, host: host)
+        shares = RubySMB::Dcerpc::Srvsvc::NetShareEnumAll.parse_response(response.stub.to_binary_s)
+        shares.map{|s|{name: s[0], type: s[1], comment: s[2]}}
+      end
+      def bind(options={})
+        bind_req = RubySMB::Dcerpc::Bind.new(options)
+        ioctl_response = ioctl_send_recv(bind_req, options)
+        begin
+          dcerpc_response = RubySMB::Dcerpc::BindAck.read(ioctl_response.output_data)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
+        end
+        unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::BIND_ACK
+          raise RubySMB::Dcerpc::Error::BindError, "Not a BindAck packet"
+        end
+        res_list = dcerpc_response.p_result_list
+        if res_list.n_results == 0 ||
+           res_list.p_results[0].result != RubySMB::Dcerpc::BindAck::ACCEPTANCE
+          raise RubySMB::Dcerpc::Error::BindError,
+            "Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
+        end
+        dcerpc_response
+      end
+      def request(opnum, options={})
+        dcerpc_request = RubySMB::Dcerpc::Request.new({ :opnum => opnum }, options)
+        ioctl_response = ioctl_send_recv(dcerpc_request, options)
+        begin
+          dcerpc_response = RubySMB::Dcerpc::Response.read(ioctl_response.output_data)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
+        end
+        unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::RESPONSE
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Not a Response packet"
+        end
+        dcerpc_response
+      end
+      def ioctl_send_recv(action, options={})
+        request = set_header_fields(RubySMB::SMB2::Packet::IoctlRequest.new(options))
+        request.ctl_code = 0x0011C017
+        request.flags.is_fsctl = 0x00000001
+        request.buffer = action.to_binary_s
+        ioctl_raw_response = @tree.client.send_recv(request)
+        ioctl_response = RubySMB::SMB2::Packet::IoctlResponse.read(ioctl_raw_response)
+        unless ioctl_response.smb2_header.command == RubySMB::SMB2::Commands::IOCTL
+          raise RubySMB::Error::InvalidPacket, 'Not a IoctlResponse packet'
+        end
+        unless ioctl_response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Error::UnexpectedStatusCode, ioctl_response.status_code.name
+        end
+        ioctl_response
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb2/pipe.rb CHANGED

@@ -3,6 +3,9 @@ module RubySMB
     # Represents a pipe on the Remote server that we can perform
     # various I/O operations on.
     class Pipe < File
+      require 'ruby_smb/smb2/dcerpc'
+      include RubySMB::SMB2::Dcerpc
       STATUS_CONNECTED = 0x00000003
       STATUS_CLOSING   = 0x00000004

data/lib/ruby_smb/version.rb CHANGED

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '0.0.21'.freeze
+  VERSION = '0.0.22'.freeze
 end

data/spec/lib/ruby_smb/client_spec.rb CHANGED

@@ -201,8 +201,8 @@ RSpec.describe RubySMB::Client do
         allow(dispatcher).to receive(:send_packet) do |packet, _opts|
           expect(packet).to be_a(RubySMB::Nbss::SessionRequest)
           expect(packet.session_header.session_packet_type).to eq RubySMB::Nbss::SESSION_REQUEST
-          expect(packet.called_name).to eq encoded_called_name
-          expect(packet.calling_name).to eq encoded_calling_name
+          expect(packet.called_name).to eq encoded_called_name
+          expect(packet.calling_name).to eq encoded_calling_name
           expect(packet.session_header.packet_length).to eq (encoded_called_name.size + encoded_calling_name.size)
         end
         client.session_request
@@ -1123,11 +1123,58 @@ RSpec.describe RubySMB::Client do
       end
       describe '#net_share_enum_all' do
-        let(:shares){{}}
+        let(:tree){ double("Tree") }
+        let(:named_pipe){ double("Named Pipe") }
-        it 'it calls the smb2 method' do
-          expect(smb2_client).to receive(:smb2_net_share_enum_all).with(sock.peeraddr).and_return(shares)
-          smb2_client.net_share_enum_all(sock.peeraddr)
+        before :example do
+          allow(tree).to receive(:open_file).and_return(named_pipe)
+          allow(named_pipe).to receive(:net_share_enum_all)
+        end
+        context 'with SMB1' do
+          before :example do
+            allow(smb1_client).to receive(:tree_connect).and_return(tree)
+          end
+          it 'it calls the #tree_connect method to connect to the "host" IPC$ share' do
+            ipc_share = "\\\\#{sock.peeraddr}\\IPC$"
+            expect(smb1_client).to receive(:tree_connect).with(ipc_share).and_return(tree)
+            smb1_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the Tree #open_file method to open "srvsvc" named pipe' do
+            expect(tree).to receive(:open_file).with(filename: "srvsvc", write: true, read: true).and_return(named_pipe)
+            smb1_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the File #net_share_enum_all method with the correct host' do
+            host = "1.2.3.4"
+            expect(named_pipe).to receive(:net_share_enum_all).with(host)
+            smb1_client.net_share_enum_all(host)
+          end
+        end
+        context 'with SMB2' do
+          before :example do
+            allow(smb2_client).to receive(:tree_connect).and_return(tree)
+          end
+          it 'it calls the #tree_connect method to connect to the "host" IPC$ share' do
+            ipc_share = "\\\\#{sock.peeraddr}\\IPC$"
+            expect(smb2_client).to receive(:tree_connect).with(ipc_share).and_return(tree)
+            smb2_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the Tree #open_file method to open "srvsvc" named pipe' do
+            expect(tree).to receive(:open_file).with(filename: "srvsvc", write: true, read: true).and_return(named_pipe)
+            smb2_client.net_share_enum_all(sock.peeraddr)
+          end
+          it 'it calls the File #net_share_enum_all method with the correct host' do
+            host = "1.2.3.4"
+            expect(named_pipe).to receive(:net_share_enum_all).with(host)
+            smb2_client.net_share_enum_all(host)
+          end
         end
       end
     end

data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb ADDED

@@ -0,0 +1,224 @@
+RSpec.describe RubySMB::Dcerpc::BindAck do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :pdu_header }
+  it { is_expected.to respond_to :max_xmit_frag }
+  it { is_expected.to respond_to :max_recv_frag }
+  it { is_expected.to respond_to :assoc_group_id }
+  it { is_expected.to respond_to :sec_addr }
+  it { is_expected.to respond_to :p_result_list }
+  it { is_expected.to respond_to :auth_verifier }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#pdu_header' do
+    subject(:header) { packet.pdu_header }
+    it 'is a standard PDU Header' do
+      expect(header).to be_a RubySMB::Dcerpc::PDUHeader
+    end
+    it 'should have the #ptype field set to PTypes::BIND_ACK' do
+      expect(header.ptype).to eq RubySMB::Dcerpc::PTypes::BIND_ACK
+    end
+  end
+  describe '#max_xmit_frag' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.max_xmit_frag).to be_a BinData::Uint16le
+    end
+    it 'should have a default value of 0xFFFF' do
+      expect(packet.max_xmit_frag).to eq 0xFFFF
+    end
+  end
+  describe '#max_recv_frag' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.max_recv_frag).to be_a BinData::Uint16le
+    end
+    it 'should have a default value of 0xFFFF' do
+      expect(packet.max_recv_frag).to eq 0xFFFF
+    end
+  end
+  describe '#assoc_group_id' do
+    it 'should be a 32-bit unsigned integer' do
+      expect(packet.assoc_group_id).to be_a BinData::Uint32le
+    end
+  end
+  describe '#pad' do
+    it 'should keep #p_result_list 4-byte aligned' do
+      packet.sec_addr.port_spec = "test"
+      expect(packet.p_result_list.abs_offset % 4).to eq 0
+    end
+  end
+  describe '#p_result_list' do
+    it 'should be a PContListT structure' do
+      expect(packet.p_result_list).to be_a RubySMB::Dcerpc::PResultListT
+    end
+  end
+  describe '#auth_verifier' do
+    it 'should be a string' do
+      expect(packet.auth_verifier).to be_a BinData::String
+    end
+    it 'should not exist if the #auth_length PDU header field is 0' do
+      packet.pdu_header.auth_length = 0
+      expect(packet.auth_verifier?).to be false
+    end
+    it 'should exist only if the #auth_length PDU header field is greater than 0' do
+      packet.pdu_header.auth_length = 10
+      expect(packet.auth_verifier?).to be true
+    end
+    it 'reads #auth_length bytes' do
+      auth_verifier = '12345678'
+      packet.pdu_header.auth_length = 6
+      packet.auth_verifier.read(auth_verifier)
+      expect(packet.auth_verifier).to eq(auth_verifier[0,6])
+    end
+  end
+  describe '#pad_length' do
+    it 'returns 0 when #p_result_list is already 4-byte aligned' do
+      packet.sec_addr.port_spec = 'align'
+      expect(packet.pad_length).to eq 0
+    end
+    it 'returns 2 when #p_result_list is only 2-byte aligned' do
+      packet.sec_addr.port_spec = 'align' + 'AA'
+      expect(packet.pad_length).to eq 2
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.sec_addr.port_spec = "port spec"
+    packet.p_result_list.n_results = 2
+    packet.auth_verifier = '123456'
+    packet.pdu_header.auth_length = 6
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PortAnyT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :str_length }
+  it { is_expected.to respond_to :port_spec }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#str_length' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.str_length).to be_a BinData::Uint16le
+    end
+    it 'should be the size of #port_spec string, including the NULL terminator' do
+      str = 'test'
+      packet.port_spec = str
+      expect(packet.str_length).to eq(str.size + 1)
+    end
+  end
+  describe '#port_spec' do
+    it 'should be a Stringz' do
+      expect(packet.port_spec).to be_a BinData::Stringz
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.port_spec = "port spec"
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PResultListT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :n_results }
+  it { is_expected.to respond_to :p_results }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#n_results' do
+    it 'should be a 8-bit unsigned integer' do
+      expect(packet.n_results).to be_a BinData::Uint8
+    end
+  end
+  describe '#p_results' do
+    it 'should be an array of type PResultT' do
+      expect(packet.p_results).to be_a BinData::Array
+      type = packet.p_results.get_parameter(:type)
+      expect(type.instantiate).to be_a RubySMB::Dcerpc::PResultT
+    end
+    it 'should have #n_results elements' do
+      n_elements = 4
+      packet.n_results = n_elements
+      expect(packet.p_results.size).to eq n_elements
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    packet.n_results = 4
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end
+RSpec.describe RubySMB::Dcerpc::PResultT do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :result }
+  it { is_expected.to respond_to :reason }
+  it { is_expected.to respond_to :transfer_syntax }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#result' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.result).to be_a BinData::Uint16le
+    end
+  end
+  describe '#reason' do
+    it 'should be a 16-bit unsigned integer' do
+      expect(packet.reason).to be_a BinData::Uint16le
+    end
+  end
+  describe '#transfer_syntax' do
+    it 'should be a PSyntaxIdT' do
+      expect(packet.transfer_syntax).to be_a RubySMB::Dcerpc::PSyntaxIdT
+    end
+    it 'is set to the NDR presentation syntax' do
+      expect(packet.transfer_syntax.if_uuid).to eq RubySMB::Dcerpc::Ndr::UUID
+      expect(packet.transfer_syntax.if_ver_major).to eq RubySMB::Dcerpc::Ndr::VER_MAJOR
+      expect(packet.transfer_syntax.if_ver_minor).to eq RubySMB::Dcerpc::Ndr::VER_MINOR
+    end
+  end
+  it 'reads its own binary representation and output the same packet' do
+    binary = packet.to_binary_s
+    expect(described_class.read(binary)).to eq(packet)
+  end
+end