RubyGems - ruby_smb - Versions diffs - 1.0.5 → 2.0.3 - Mend

ruby_smb 1.0.5 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (191) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/anonymous_auth.rb +3 -3
data/examples/append_file.rb +10 -8
data/examples/authenticate.rb +9 -5
data/examples/delete_file.rb +8 -6
data/examples/enum_registry_key.rb +29 -0
data/examples/enum_registry_values.rb +31 -0
data/examples/list_directory.rb +8 -6
data/examples/negotiate.rb +51 -8
data/examples/negotiate_with_netbios_service.rb +9 -5
data/examples/net_share_enum_all.rb +6 -4
data/examples/pipes.rb +13 -13
data/examples/query_service_status.rb +64 -0
data/examples/read_file.rb +8 -6
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +33 -0
data/examples/rename_file.rb +9 -7
data/examples/tree_connect.rb +7 -5
data/examples/write_file.rb +9 -7
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +239 -21
data/lib/ruby_smb/client/authentication.rb +27 -8
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +154 -12
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +4 -4
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +40 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +6 -0
data/lib/ruby_smb/dcerpc/ndr.rb +260 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +41 -9
data/lib/ruby_smb/dcerpc/rpc_security_attributes.rb +34 -0
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +38 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/svcctl.rb +479 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request.rb +48 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_request.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request.rb +35 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_request.rb +31 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response.rb +44 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_request.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_response.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/service_status.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_request.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg.rb +421 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/create_key_request.rb +73 -0
data/lib/ruby_smb/dcerpc/winreg/create_key_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb +37 -0
data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb +23 -0
data/lib/ruby_smb/dispatcher/base.rb +1 -1
data/lib/ruby_smb/dispatcher/socket.rb +5 -4
data/lib/ruby_smb/error.rb +28 -1
data/lib/ruby_smb/field/stringz16.rb +17 -1
data/lib/ruby_smb/nbss/session_header.rb +4 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +8 -14
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +1 -1
data/lib/ruby_smb/smb1/pipe.rb +81 -3
data/lib/ruby_smb/smb1/tree.rb +12 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +51 -61
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/error_packet.rb +2 -4
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -14
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +50 -4
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +92 -6
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +8 -26
data/lib/ruby_smb/smb2/pipe.rb +80 -3
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +32 -20
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1583 -102
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +1729 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rpc_security_attributes_spec.rb +161 -0
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +135 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request_spec.rb +191 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request_spec.rb +78 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_request_spec.rb +59 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response_spec.rb +152 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/service_status_spec.rb +72 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_request_spec.rb +46 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_response_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl_spec.rb +512 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_request_spec.rb +110 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_response_spec.rb +44 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +104 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +95 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +138 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_request_spec.rb +57 -0
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_response_spec.rb +22 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +884 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +12 -12
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/field/stringz16_spec.rb +12 -0
data/spec/lib/ruby_smb/nbss/session_header_spec.rb +4 -11
data/spec/lib/ruby_smb/smb1/file_spec.rb +9 -1
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +216 -147
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +146 -68
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +3 -24
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -30
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +226 -148
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +88 -9
metadata +257 -81
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -72
data/lib/ruby_smb/smb2/dcerpc.rb +0 -75

data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb ADDED

@@ -0,0 +1,82 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::EnumValueResponse do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :lp_value_name }
+  it { is_expected.to respond_to :pad }
+  it { is_expected.to respond_to :lp_type }
+  it { is_expected.to respond_to :lp_data }
+  it { is_expected.to respond_to :lpcb_data }
+  it { is_expected.to respond_to :lpcb_len }
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#lp_value_name' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_value_name).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+  describe '#pad' do
+    it 'is a string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+    it 'should keep #lp_type 4-byte aligned' do
+      packet.lp_value_name = "test"
+      expect(packet.lp_type.abs_offset % 4).to eq 0
+    end
+  end
+  describe '#lp_type' do
+    it 'is a NdrLpDword structure' do
+      expect(packet.lp_type).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
+    end
+  end
+  describe '#lp_data' do
+    it 'is a NdrLpByteArray structure' do
+      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByteArray
+    end
+  end
+  describe '#lpcb_data' do
+    it 'is a NdrLpDword structure' do
+      expect(packet.lpcb_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
+    end
+  end
+  describe '#lpcb_len' do
+    it 'is a NdrLpDword structure' do
+      expect(packet.lpcb_len).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
+    end
+  end
+  describe '#error_status' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.error_status).to be_a BinData::Uint32le
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_ENUM_VALUE constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_ENUM_VALUE)
+    end
+  end
+  describe '#pad_length' do
+    it 'returns 0 when #lp_class is already 4-byte aligned' do
+      packet.lp_value_name = 'align'
+      expect(packet.pad_length).to eq 0
+    end
+    it 'returns 2 when #lp_class is only 2-byte aligned' do
+      packet.lp_value_name = 'align' + 'A'
+      expect(packet.pad_length).to eq 2
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb ADDED

@@ -0,0 +1,74 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::RpcHkey do
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Winreg::OpenKeyRequest do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :hkey }
+  it { is_expected.to respond_to :lp_sub_key }
+  it { is_expected.to respond_to :pad }
+  it { is_expected.to respond_to :dw_options }
+  it { is_expected.to respond_to :sam_desired }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#hkey' do
+    it 'is a RpcHkey structure' do
+      expect(packet.hkey).to be_a RubySMB::Dcerpc::Winreg::RpcHkey
+    end
+  end
+  describe '#lp_sub_key' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_sub_key).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+  describe '#pad' do
+    it 'is a string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+    it 'should keep #dw_options 4-byte aligned' do
+      packet.lp_sub_key = "test"
+      expect(packet.dw_options.abs_offset % 4).to eq 0
+    end
+  end
+  describe '#dw_options' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.dw_options).to be_a BinData::Uint32le
+    end
+  end
+  describe '#sam_desired' do
+    it 'is a Regsam structure' do
+      expect(packet.sam_desired).to be_a RubySMB::Dcerpc::Winreg::Regsam
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_OPEN_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_OPEN_KEY)
+    end
+  end
+  describe '#pad_length' do
+    it 'returns 0 when #dw_options is already 4-byte aligned' do
+      packet.lp_sub_key = 'align'
+      expect(packet.pad_length).to eq 0
+    end
+    it 'returns 2 when #dw_options is only 2-byte aligned' do
+      packet.lp_sub_key = 'align' + 'A'
+      expect(packet.pad_length).to eq 2
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb ADDED

@@ -0,0 +1,35 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::PrpcHkey do
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Winreg::OpenKeyResponse do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :phk_result }
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#phk_result' do
+    it 'is a PrpcHkey structure' do
+      expect(packet.phk_result).to be_a RubySMB::Dcerpc::Winreg::PrpcHkey
+    end
+  end
+  describe '#error_status' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.error_status).to be_a BinData::Uint32le
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_OPEN_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_OPEN_KEY)
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb ADDED

@@ -0,0 +1,95 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::PRegistryServerName do
+  it 'is NdrPointer subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrPointer
+  end
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :referent }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#referent' do
+    it 'is a string in UTF-16LE' do
+      expect(packet.referent).to be_a RubySMB::Field::String16
+    end
+    it 'only exists if #referent_id is not 0' do
+      packet.referent_id = 0
+      expect(packet.referent?).to be false
+    end
+    it 'reads 4-bytes' do
+      str = 'spec_test'.encode('utf-16le')
+      packet.referent.read(str)
+      expect(packet.referent.to_binary_s.bytes).to eq(str.bytes[0,4])
+    end
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Winreg::OpenRootKeyRequest do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :p_registry_server_name }
+  it { is_expected.to respond_to :sam_desired }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#p_registry_server_name' do
+    it 'is a PRegistryServerName structure' do
+      expect(packet.p_registry_server_name).to be_a RubySMB::Dcerpc::Winreg::PRegistryServerName
+    end
+  end
+  describe '#sam_desired' do
+    it 'is a Regsam structure' do
+      expect(packet.sam_desired).to be_a RubySMB::Dcerpc::Winreg::Regsam
+    end
+  end
+  describe '#initialize_instance' do
+    context 'when an #opnum parameter is provided' do
+      it 'sets #opnum to the parameter\'s value' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKLM)
+        expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::OPEN_HKLM)
+      end
+    end
+    it 'sets #p_registry_server_name.referent to :null' do
+      expect(packet.p_registry_server_name).to eq(:null)
+    end
+    context 'when #opnum is not OPEN_HKPD, OPEN_HKPT or OPEN_HKPN' do
+      it 'sets the #sam_desired.maximum flag' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKCR)
+        expect(packet.sam_desired.maximum).to eq(1)
+      end
+    end
+    context 'when #opnum is OPEN_HKPD' do
+      it 'does not set the #sam_desired.maximum flag' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPD)
+        expect(packet.sam_desired.maximum).to eq(0)
+      end
+    end
+    context 'when #opnum is OPEN_HKPT' do
+      it 'does not set the #sam_desired.maximum flag' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPT)
+        expect(packet.sam_desired.maximum).to eq(0)
+      end
+    end
+    context 'when #opnum is OPEN_HKPN' do
+      it 'does not set the #sam_desired.maximum flag' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKPN)
+        expect(packet.sam_desired.maximum).to eq(0)
+      end
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb ADDED

@@ -0,0 +1,38 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::PrpcHkey do
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Winreg::OpenRootKeyResponse do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :ph_key}
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#ph_key' do
+    it 'is a PrpcHkey structure' do
+      expect(packet.ph_key).to be_a RubySMB::Dcerpc::Winreg::PrpcHkey
+    end
+  end
+  describe '#error_status' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.error_status).to be_a BinData::Uint32le
+    end
+  end
+  describe '#initialize_instance' do
+    context 'when an #opnum parameter is provided' do
+      it 'sets #opnum to the parameter\'s value' do
+        packet = described_class.new(opnum: RubySMB::Dcerpc::Winreg::OPEN_HKLM)
+        expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::OPEN_HKLM)
+      end
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb ADDED

@@ -0,0 +1,35 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::RpcHkey do
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+RSpec.describe RubySMB::Dcerpc::Winreg::QueryInfoKeyRequest do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :hkey }
+  it { is_expected.to respond_to :lp_class }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#hkey' do
+    it 'is a RpcHkey structure' do
+      expect(packet.hkey).to be_a RubySMB::Dcerpc::Winreg::RpcHkey
+    end
+  end
+  describe '#lp_class' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_class).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_QUERY_INFO_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_QUERY_INFO_KEY)
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb ADDED

@@ -0,0 +1,113 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::QueryInfoKeyResponse do
+  subject(:packet) { described_class.new }
+  it { is_expected.to respond_to :lp_class }
+  it { is_expected.to respond_to :pad }
+  it { is_expected.to respond_to :lpc_sub_keys }
+  it { is_expected.to respond_to :lpc_max_sub_key_len }
+  it { is_expected.to respond_to :lpc_max_class_len }
+  it { is_expected.to respond_to :lpc_values }
+  it { is_expected.to respond_to :lpcb_max_value_name_len }
+  it { is_expected.to respond_to :lpcb_max_value_len }
+  it { is_expected.to respond_to :lpcb_security_descriptor }
+  it { is_expected.to respond_to :lpft_last_write_time }
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  describe '#lp_class' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_class).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+    it 'has an initial value of 0' do
+      expect(packet.lp_class).to eq(0)
+    end
+  end
+  describe '#pad' do
+    it 'is a string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+    it 'should keep #lpc_sub_keys 4-byte aligned' do
+      packet.lp_class = 'test'
+      expect(packet.lpc_sub_keys.abs_offset % 4).to eq 0
+    end
+  end
+  describe '#lpc_sub_keys' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpc_sub_keys).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpc_max_sub_key_len' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpc_max_sub_key_len).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpc_max_class_len' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpc_max_class_len).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpc_values' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpc_values).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpcb_max_value_name_len' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpcb_max_value_name_len).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpcb_max_value_len' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpcb_max_value_len).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpcb_security_descriptor' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.lpcb_security_descriptor).to be_a BinData::Uint32le
+    end
+  end
+  describe '#lpft_last_write_time' do
+    it 'is a FileTime structure' do
+      expect(packet.lpft_last_write_time).to be_a RubySMB::Field::FileTime
+    end
+  end
+  describe '#error_status' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.error_status).to be_a BinData::Uint32le
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_QUERY_INFO_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_QUERY_INFO_KEY)
+    end
+  end
+  describe '#pad_length' do
+    it 'returns 0 when #lpc_sub_keys is already 4-byte aligned' do
+      packet.lp_class = 'align'
+      expect(packet.pad_length).to eq 0
+    end
+    it 'returns 2 when #lpc_sub_keys is only 2-byte aligned' do
+      packet.lp_class = 'align' + 'A'
+      expect(packet.pad_length).to eq 2
+    end
+  end
+end