RubyGems - ruby_smb - Versions diffs - 1.0.2 → 2.0.0 - Mend

ruby_smb 1.0.2 → 2.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/enum_registry_key.rb +28 -0
data/examples/enum_registry_values.rb +30 -0
data/examples/negotiate.rb +51 -8
data/examples/pipes.rb +2 -1
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +32 -0
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +200 -20
data/lib/ruby_smb/client/authentication.rb +70 -33
data/lib/ruby_smb/client/echo.rb +20 -2
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +160 -24
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +24 -18
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +38 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +3 -0
data/lib/ruby_smb/dcerpc/ndr.rb +95 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +28 -9
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +35 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/winreg.rb +340 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dispatcher/socket.rb +5 -3
data/lib/ruby_smb/error.rb +68 -2
data/lib/ruby_smb/generic_packet.rb +33 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +66 -15
data/lib/ruby_smb/smb1/packet/close_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/empty_packet.rb +10 -1
data/lib/ruby_smb/smb1/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/negotiate_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/negotiate_response.rb +3 -7
data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +4 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/read_andx_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/read_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_request.rb +0 -1
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/request.rb +2 -5
data/lib/ruby_smb/smb1/packet/trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/find_next2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/open2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/open2_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/request_secondary.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/tree_connect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_connect_response.rb +13 -3
data/lib/ruby_smb/smb1/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +3 -6
data/lib/ruby_smb/smb1/packet/write_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/pipe.rb +87 -6
data/lib/ruby_smb/smb1/tree.rb +41 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +103 -25
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/close_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/create_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/create_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/error_packet.rb +15 -3
data/lib/ruby_smb/smb2/packet/ioctl_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/ioctl_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -17
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +51 -4
data/lib/ruby_smb/smb2/packet/query_directory_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/query_directory_response.rb +8 -2
data/lib/ruby_smb/smb2/packet/read_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/read_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/set_info_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/set_info_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +93 -10
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +10 -22
data/lib/ruby_smb/smb2/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/write_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/write_response.rb +2 -1
data/lib/ruby_smb/smb2/pipe.rb +86 -12
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +65 -21
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1563 -104
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +410 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +98 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +108 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +90 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +150 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +710 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +3 -1
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/generic_packet_spec.rb +52 -4
data/spec/lib/ruby_smb/smb1/file_spec.rb +191 -2
data/spec/lib/ruby_smb/smb1/packet/empty_packet_spec.rb +68 -0
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/packet/trans2/find_first2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/trans2/find_next2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/tree_connect_response_spec.rb +40 -0
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +272 -149
data/spec/lib/ruby_smb/smb1/tree_spec.rb +44 -7
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +323 -6
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +78 -0
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/query_directory_response_spec.rb +8 -0
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -22
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +286 -149
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +261 -2
metadata +191 -83
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -67
data/lib/ruby_smb/smb2/dcerpc.rb +0 -70
data/spec/lib/ruby_smb/smb1/packet/error_packet_spec.rb +0 -37

data/spec/lib/ruby_smb/crypto_spec.rb ADDED

@@ -0,0 +1,25 @@
+require 'spec_helper'
+RSpec.describe RubySMB::Crypto::KDF do
+  describe '.counter_mode' do
+    it 'generates the expected 128-bit key' do
+      expected_key = "\x3c\x5e\x0a\x1b\x0a\xce\xa5\xb2\x64\x3f\xab\x78\xdc\x82\x31\x3b".b
+      expect(described_class.counter_mode('ki', 'label', 'context')).to eq(expected_key)
+    end
+    it 'generates the expected 256-bit key' do
+      expected_key =
+        "\x33\x4d\xa9\x6d\x24\x7e\xcb\x14\xf6\x24\x00\x97\x26\x51\xd5\xb4"\
+        "\x54\x5f\xda\x95\xf0\x5a\xcb\x25\x92\x57\xae\x71\x1c\x37\x20\x5b".b
+      expect(described_class.counter_mode('ki', 'label', 'context', length: 256)).to eq(expected_key)
+    end
+    it 'raises the expected exception when an error occurs' do
+      allow(OpenSSL::Digest).to receive(:new).and_raise(OpenSSL::OpenSSLError)
+      expect { described_class.counter_mode('ki', 'label', 'context') }.to raise_error(
+        RubySMB::Error::EncryptionError,
+        "Crypto::KDF.counter_mode OpenSSL error: OpenSSL::OpenSSLError"
+      )
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb CHANGED

@@ -31,7 +31,7 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
     end
     it 'should have a default value of 0xFFFF' do
-      expect(packet.max_xmit_frag).to eq 0xFFFF
+      expect(packet.max_xmit_frag).to eq RubySMB::Dcerpc::MAX_XMIT_FRAG
     end
   end
@@ -41,7 +41,7 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
     end
     it 'should have a default value of 0xFFFF' do
-      expect(packet.max_recv_frag).to eq 0xFFFF
+      expect(packet.max_recv_frag).to eq RubySMB::Dcerpc::MAX_RECV_FRAG
     end
   end

data/spec/lib/ruby_smb/dcerpc/bind_spec.rb CHANGED

@@ -41,7 +41,7 @@ RSpec.describe RubySMB::Dcerpc::Bind do
     end
     it 'should have a default value of 0xFFFF' do
-      expect(packet.max_xmit_frag).to eq 0xFFFF
+      expect(packet.max_xmit_frag).to eq RubySMB::Dcerpc::MAX_XMIT_FRAG
     end
   end
@@ -51,7 +51,7 @@ RSpec.describe RubySMB::Dcerpc::Bind do
     end
     it 'should have a default value of 0xFFFF' do
-      expect(packet.max_recv_frag).to eq 0xFFFF
+      expect(packet.max_recv_frag).to eq RubySMB::Dcerpc::MAX_RECV_FRAG
     end
   end

data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb ADDED

@@ -0,0 +1,410 @@
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrTopLevelFullPointer do
+  subject(:packet) do
+    Class.new(described_class) do
+      endian :little
+      string :referent
+    end.new
+  end
+  it { is_expected.to respond_to :referent_identifier }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent_identifier' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.referent_identifier).to be_a BinData::Uint32le
+    end
+    it 'has an initial value of 0x00020000' do
+      expect(packet.referent_identifier).to eq(0x00020000)
+    end
+  end
+  describe '#get' do
+    it 'returns 0 when #referent_identifier is 0' do
+      packet.referent_identifier = 0
+      expect(packet.get).to eq(0)
+    end
+    it 'returns #referent when #referent_identifier is greater than 0' do
+      packet.set('spec_test')
+      expect(packet.get).to eq(packet.referent)
+    end
+  end
+  describe '#set' do
+    context 'when the value is 0' do
+      it 'sets #referent_identifier to 0' do
+        packet.set(0)
+        expect(packet.referent_identifier).to eq(0)
+      end
+    end
+    context 'when the value is a string' do
+      it 'sets #referent to the value' do
+        str = 'spec_test'
+        packet.set(str)
+        expect(packet.referent).to eq(str)
+      end
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrString do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :max_count }
+  it { is_expected.to respond_to :offset }
+  it { is_expected.to respond_to :actual_count }
+  it { is_expected.to respond_to :str }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#max_count' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.max_count).to be_a BinData::Uint32le
+    end
+  end
+  describe '#offset' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.offset).to be_a BinData::Uint32le
+    end
+    it 'has an initial valu of 0' do
+      expect(packet.offset).to eq(0)
+    end
+  end
+  describe '#actual_count' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.actual_count).to be_a BinData::Uint32le
+    end
+  end
+  describe '#str' do
+    it 'is a RubySMB::Field::Stringz16' do
+      expect(packet.str).to be_a RubySMB::Field::Stringz16
+    end
+    it 'exists if #actual_count is greater than 0' do
+      packet.actual_count = 4
+      expect(packet.str?).to be true
+    end
+    it 'does not exist if #actual_count is 0' do
+      expect(packet.str?).to be false
+    end
+  end
+  describe '#get' do
+    it 'returns 0 when #actual_count is 0' do
+      expect(packet.get).to eq(0)
+    end
+    it 'returns #str when #actual_count is greater than 0' do
+      str = 'spec_test'
+      strz16 = RubySMB::Field::Stringz16.new(str)
+      packet.set(str)
+      expect(packet.get).to eq(strz16)
+    end
+  end
+  describe '#set' do
+    context 'when the value is 0' do
+      it 'sets #actual_count to 0' do
+        packet.set(0)
+        expect(packet.actual_count).to eq(0)
+      end
+    end
+    context 'when the value is a string' do
+      let(:str) { 'spec_test' }
+      it 'sets #str to the value' do
+        packet.set(str)
+        strz16 = RubySMB::Field::Stringz16.new(str)
+        expect(packet.str).to eq(strz16)
+      end
+      it 'sets #max_count and #actual_count to the expected value' do
+        packet.set(str)
+        expect(packet.max_count).to eq(str.length + 1)
+        expect(packet.actual_count).to eq(str.length + 1)
+      end
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrLpStr do
+  it 'is NdrTopLevelFullPointer subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrTopLevelFullPointer
+  end
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :referent }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent' do
+    it 'is a NdrString' do
+      expect(packet.referent).to be_a RubySMB::Dcerpc::Ndr::NdrString
+    end
+    it 'exists if superclass #referent_identifier is not zero' do
+      expect(packet.referent?).to be true
+    end
+    it 'does not exist if superclass #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.referent?).to be false
+    end
+  end
+  describe '#to_s' do
+    it 'returns "\0" when #referent_identifier is 0' do
+      packet.referent_identifier = 0
+      expect(packet.to_s).to eq("\0")
+    end
+    it 'returns #referent when #referent_identifier is greater than 0' do
+      packet.set('spec_test')
+      expect(packet.to_s).to eq(packet.referent)
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrContextHandle do
+  let(:uuid) { 'c3bce70d-5155-472b-9f2f-b824e5fc9b60' }
+  let(:attr) { 123 }
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :context_handle_attributes }
+  it { is_expected.to respond_to :context_handle_uuid }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#context_handle_attributes' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.context_handle_attributes).to be_a BinData::Uint32le
+    end
+  end
+  describe '#context_handle_uuid' do
+    it 'is a UUID' do
+      expect(packet.context_handle_uuid).to be_a RubySMB::Dcerpc::Uuid
+    end
+  end
+  describe '#get' do
+    it 'returns the expeted hash' do
+      packet.context_handle_attributes = attr
+      packet.context_handle_uuid = uuid
+      expect(packet.get).to eq({context_handle_attributes: attr, context_handle_uuid: uuid})
+    end
+  end
+  describe '#set' do
+    let(:handle) { {context_handle_attributes: attr, context_handle_uuid: uuid} }
+    context 'when the value is a hash' do
+      it 'sets #context_handle_attributes and #context_handle_uuid to the expected values' do
+        packet.set(handle)
+        expect(packet.context_handle_attributes).to eq(attr)
+        expect(packet.context_handle_uuid).to eq(uuid)
+      end
+    end
+    context 'when the value is a NdrContextHandle'do
+      it 'reads the value binary representaion ' do
+        ndr_context_handle = described_class.new(handle)
+        allow(ndr_context_handle).to receive(:to_binary_s).and_call_original
+        packet.set(ndr_context_handle)
+        expect(ndr_context_handle).to have_received(:to_binary_s)
+        expect(packet.get).to eq(ndr_context_handle)
+      end
+    end
+    context 'when the value is a binary string'do
+      it 'reads the value' do
+        ndr_context_handle = described_class.new(handle)
+        packet.set(ndr_context_handle.to_binary_s)
+        expect(packet.get).to eq(ndr_context_handle)
+      end
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrLpDword do
+  it 'is NdrTopLevelFullPointer subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrTopLevelFullPointer
+  end
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :referent }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.referent).to be_a BinData::Uint32le
+    end
+    it 'exists if superclass #referent_identifier is not zero' do
+      expect(packet.referent?).to be true
+    end
+    it 'does not exist if superclass #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.referent?).to be false
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrLpByte do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :referent_identifier }
+  it { is_expected.to respond_to :max_count }
+  it { is_expected.to respond_to :offset }
+  it { is_expected.to respond_to :actual_count }
+  it { is_expected.to respond_to :bytes }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent_identifier' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.referent_identifier).to be_a BinData::Uint32le
+    end
+    it 'has an initial value of 0x00020000' do
+      expect(packet.referent_identifier).to eq(0x00020000)
+    end
+  end
+  describe '#max_count' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.max_count).to be_a BinData::Uint32le
+    end
+    it 'has an initial value equal to #actual_count' do
+      packet.actual_count = 345
+      expect(packet.max_count).to eq(345)
+    end
+    it 'exists if #referent_identifier is not zero' do
+      expect(packet.max_count?).to be true
+    end
+    it 'does not exist if #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.max_count?).to be false
+    end
+  end
+  describe '#offset' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.offset).to be_a BinData::Uint32le
+    end
+    it 'has an initial value of 0' do
+      expect(packet.offset).to eq(0)
+    end
+    it 'exists if #referent_identifier is not zero' do
+      expect(packet.offset?).to be true
+    end
+    it 'does not exist if #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.offset?).to be false
+    end
+  end
+  describe '#actual_count' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.actual_count).to be_a BinData::Uint32le
+    end
+    it 'has an initial value equal to #bytes size' do
+      packet.bytes << 2 << 3 << 4 << 5
+      expect(packet.actual_count).to eq(4)
+    end
+    it 'exists if #referent_identifier is not zero' do
+      expect(packet.actual_count?).to be true
+    end
+    it 'does not exist if #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.actual_count?).to be false
+    end
+  end
+  describe '#bytes' do
+    it 'is a Bindata::Array' do
+      expect(packet.bytes).to be_a BinData::Array
+    end
+    it 'has an initial length equal to #actual_count' do
+      packet.actual_count = 3
+      expect(packet.bytes.size).to eq(3)
+    end
+    it 'is 8-bit unsigned integer elements' do
+      expect(packet.bytes[0]).to be_a BinData::Uint8
+    end
+    it 'exists if #referent_identifier is not zero' do
+      expect(packet.bytes?).to be true
+    end
+    it 'does not exist if #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.bytes?).to be false
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Ndr::NdrLpFileTime do
+  it 'is NdrTopLevelFullPointer subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrTopLevelFullPointer
+  end
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :referent }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent' do
+    it 'is a FileTime' do
+      expect(packet.referent).to be_a RubySMB::Field::FileTime
+    end
+    it 'exists if superclass #referent_identifier is not zero' do
+      expect(packet.referent?).to be true
+    end
+    it 'does not exist if superclass #referent_identifier is zero' do
+      packet.referent_identifier = 0
+      expect(packet.referent?).to be false
+    end
+  end
+end