RubyGems - ruby_smb - Versions diffs - 1.0.5 → 2.0.3 - Mend

ruby_smb 1.0.5 → 2.0.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (191) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/anonymous_auth.rb +3 -3
data/examples/append_file.rb +10 -8
data/examples/authenticate.rb +9 -5
data/examples/delete_file.rb +8 -6
data/examples/enum_registry_key.rb +29 -0
data/examples/enum_registry_values.rb +31 -0
data/examples/list_directory.rb +8 -6
data/examples/negotiate.rb +51 -8
data/examples/negotiate_with_netbios_service.rb +9 -5
data/examples/net_share_enum_all.rb +6 -4
data/examples/pipes.rb +13 -13
data/examples/query_service_status.rb +64 -0
data/examples/read_file.rb +8 -6
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +33 -0
data/examples/rename_file.rb +9 -7
data/examples/tree_connect.rb +7 -5
data/examples/write_file.rb +9 -7
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +239 -21
data/lib/ruby_smb/client/authentication.rb +27 -8
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +154 -12
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +4 -4
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +40 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +6 -0
data/lib/ruby_smb/dcerpc/ndr.rb +260 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +41 -9
data/lib/ruby_smb/dcerpc/rpc_security_attributes.rb +34 -0
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +38 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/svcctl.rb +479 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request.rb +48 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_request.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request.rb +35 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_request.rb +31 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response.rb +44 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_request.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_response.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/service_status.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_request.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg.rb +421 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/create_key_request.rb +73 -0
data/lib/ruby_smb/dcerpc/winreg/create_key_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb +37 -0
data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb +23 -0
data/lib/ruby_smb/dispatcher/base.rb +1 -1
data/lib/ruby_smb/dispatcher/socket.rb +5 -4
data/lib/ruby_smb/error.rb +28 -1
data/lib/ruby_smb/field/stringz16.rb +17 -1
data/lib/ruby_smb/nbss/session_header.rb +4 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +8 -14
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +1 -1
data/lib/ruby_smb/smb1/pipe.rb +81 -3
data/lib/ruby_smb/smb1/tree.rb +12 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +51 -61
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/error_packet.rb +2 -4
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -14
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +50 -4
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +92 -6
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +8 -26
data/lib/ruby_smb/smb2/pipe.rb +80 -3
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +32 -20
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1583 -102
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +1729 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rpc_security_attributes_spec.rb +161 -0
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +135 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request_spec.rb +191 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request_spec.rb +78 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_request_spec.rb +59 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response_spec.rb +152 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/service_status_spec.rb +72 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_request_spec.rb +46 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_response_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl_spec.rb +512 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_request_spec.rb +110 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_response_spec.rb +44 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +104 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +95 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +138 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_request_spec.rb +57 -0
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_response_spec.rb +22 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +884 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +12 -12
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/field/stringz16_spec.rb +12 -0
data/spec/lib/ruby_smb/nbss/session_header_spec.rb +4 -11
data/spec/lib/ruby_smb/smb1/file_spec.rb +9 -1
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +216 -147
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +146 -68
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +3 -24
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -30
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +226 -148
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +88 -9
metadata +257 -81
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -72
data/lib/ruby_smb/smb2/dcerpc.rb +0 -75

data/lib/ruby_smb/dcerpc/svcctl/start_service_w_request.rb ADDED

@@ -0,0 +1,27 @@
+require 'ruby_smb/dcerpc/ndr'
+module RubySMB
+  module Dcerpc
+    module Svcctl
+      # [3.1.4.19 RStartServiceW (Opnum 19)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/d9be95a2-cf01-4bdc-b30f-6fe4b37ada16)
+      class StartServiceWRequest < BinData::Record
+        attr_reader :opnum
+        endian :little
+        sc_rpc_handle       :h_service
+        uint32              :argc
+        ndr_lp_string_ptrsw :argv
+        def initialize_instance
+          super
+          @opnum = START_SERVICE_W
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/svcctl/start_service_w_response.rb ADDED

@@ -0,0 +1,25 @@
+require 'ruby_smb/dcerpc/ndr'
+module RubySMB
+  module Dcerpc
+    module Svcctl
+      # [3.1.4.19 RStartServiceW (Opnum 19)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-scmr/d9be95a2-cf01-4bdc-b30f-6fe4b37ada16)
+      class StartServiceWResponse < BinData::Record
+        attr_reader :opnum
+        endian :little
+        uint32 :error_status
+        def initialize_instance
+          super
+          @opnum = START_SERVICE_W
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/winreg.rb ADDED

@@ -0,0 +1,421 @@
+module RubySMB
+  module Dcerpc
+    module Winreg
+      UUID = '338CD001-2244-31F1-AAAA-900038001003'
+      VER_MAJOR = 1
+      VER_MINOR = 0
+      # Operation numbers
+      OPEN_HKCR             = 0x00
+      OPEN_HKCU             = 0x01
+      OPEN_HKLM             = 0x02
+      OPEN_HKPD             = 0x03
+      OPEN_HKU              = 0x04
+      REG_CLOSE_KEY         = 0x05
+      REG_CREATE_KEY        = 0x06
+      REG_ENUM_KEY          = 0x09
+      REG_ENUM_VALUE        = 0x0a
+      REG_OPEN_KEY          = 0x0f
+      REG_QUERY_INFO_KEY    = 0x10
+      REG_QUERY_VALUE       = 0x11
+      REG_SAVE_KEY          = 0x14
+      OPEN_HKCC             = 0x1b
+      OPEN_HKPT             = 0x20
+      OPEN_HKPN             = 0x21
+      require 'ruby_smb/dcerpc/winreg/regsam'
+      require 'ruby_smb/dcerpc/winreg/open_root_key_request'
+      require 'ruby_smb/dcerpc/winreg/open_root_key_response'
+      require 'ruby_smb/dcerpc/winreg/close_key_request'
+      require 'ruby_smb/dcerpc/winreg/close_key_response'
+      require 'ruby_smb/dcerpc/winreg/enum_key_request'
+      require 'ruby_smb/dcerpc/winreg/enum_key_response'
+      require 'ruby_smb/dcerpc/winreg/enum_value_request'
+      require 'ruby_smb/dcerpc/winreg/enum_value_response'
+      require 'ruby_smb/dcerpc/winreg/open_key_request'
+      require 'ruby_smb/dcerpc/winreg/open_key_response'
+      require 'ruby_smb/dcerpc/winreg/query_info_key_request'
+      require 'ruby_smb/dcerpc/winreg/query_info_key_response'
+      require 'ruby_smb/dcerpc/winreg/query_value_request'
+      require 'ruby_smb/dcerpc/winreg/query_value_response'
+      require 'ruby_smb/dcerpc/winreg/create_key_request'
+      require 'ruby_smb/dcerpc/winreg/create_key_response'
+      require 'ruby_smb/dcerpc/winreg/save_key_request'
+      require 'ruby_smb/dcerpc/winreg/save_key_response'
+      ROOT_KEY_MAP = {
+        "HKEY_CLASSES_ROOT"         => OPEN_HKCR,
+        "HKCR"                      => OPEN_HKCR,
+        "HKEY_CURRENT_USER"         => OPEN_HKCU,
+        "HKCU"                      => OPEN_HKCU,
+        "HKEY_LOCAL_MACHINE"        => OPEN_HKLM,
+        "HKLM"                      => OPEN_HKLM,
+        "HKEY_PERFORMANCE_DATA"     => OPEN_HKPD,
+        "HKPD"                      => OPEN_HKPD,
+        "HKEY_USERS"                => OPEN_HKU,
+        "HKU"                       => OPEN_HKU,
+        "HKEY_CURRENT_CONFIG"       => OPEN_HKCC,
+        "HKCC"                      => OPEN_HKCC,
+        "HKEY_PERFORMANCE_TEXT"     => OPEN_HKPT,
+        "HKPT"                      => OPEN_HKPT,
+        "HKEY_PERFORMANCE_NLS_TEXT" => OPEN_HKPN,
+        "HKPN"                      => OPEN_HKPN
+      }
+      # Open the registry root key and return a handle for it. The key can be
+      # either a long format (e.g. HKEY_LOCAL_MACHINE) or a short format
+      # (e.g. HKLM)
+      #
+      # @param root_key [String] the root key to open
+      # @return [Ndr::NdrContextHandle] the RPC context handle for the root key
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a OpenRootKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def open_root_key(root_key)
+        root_key_opnum = RubySMB::Dcerpc::Winreg::ROOT_KEY_MAP[root_key]
+        raise ArgumentError, "Unknown Root Key: #{root_key}" unless root_key_opnum
+        root_key_request_packet = OpenRootKeyRequest.new(opnum: root_key_opnum)
+        response = dcerpc_request(root_key_request_packet)
+        begin
+          root_key_response_packet = OpenRootKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket,
+            "Error reading OpenRootKeyResponse (command = #{root_key_opnum})"
+        end
+        unless root_key_response_packet.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError,
+            "Error returned when opening root key #{root_key}: "\
+            "#{WindowsError::Win32.find_by_retval(root_key_response_packet.error_status.value).join(',')}"
+        end
+        root_key_response_packet.ph_key
+      end
+      # Open the registry key specified by a root key handle (previously open
+      # with #open_root_key) and a subkey. It returns a handle for the key.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the root key
+      # @param sub_key [String] the subkey to open
+      # @return [Ndr::NdrContextHandle] the RPC context handle for the key
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a OpenKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def open_key(handle, sub_key)
+        openkey_request_packet = RubySMB::Dcerpc::Winreg::OpenKeyRequest.new(hkey: handle, lp_sub_key: sub_key)
+        openkey_request_packet.sam_desired.read_control = 1
+        openkey_request_packet.sam_desired.key_query_value = 1
+        openkey_request_packet.sam_desired.key_enumerate_sub_keys = 1
+        openkey_request_packet.sam_desired.key_notify = 1
+        response = dcerpc_request(openkey_request_packet)
+        begin
+          open_key_response = RubySMB::Dcerpc::Winreg::OpenKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the OpenKey response"
+        end
+        unless open_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when opening subkey #{sub_key}: "\
+            "#{WindowsError::Win32.find_by_retval(open_key_response.error_status.value).join(',')}"
+        end
+        open_key_response.phk_result
+      end
+      # Retrieve the data associated with the named value of a specified
+      # registry open key.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @param value_name [String] the name of the value
+      # @return [String] the data of the value entry
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a QueryValueResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def query_value(handle, value_name)
+        query_value_request_packet = RubySMB::Dcerpc::Winreg::QueryValueRequest.new(hkey: handle, lp_value_name: value_name)
+        query_value_request_packet.lp_type = 0
+        query_value_request_packet.lpcb_data = 0
+        query_value_request_packet.lpcb_len = 0
+        response = dcerpc_request(query_value_request_packet)
+        begin
+          query_value_response = RubySMB::Dcerpc::Winreg::QueryValueResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the QueryValue response"
+        end
+        unless query_value_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when reading value #{value_name}: "\
+            "#{WindowsError::Win32.find_by_retval(query_value_response.error_status.value).join(',')}"
+        end
+        query_value_request_packet.lpcb_data = query_value_response.lpcb_data
+        query_value_request_packet.lp_data = []
+        query_value_request_packet.lp_data.referent.max_count = query_value_response.lpcb_data.referent
+        response = dcerpc_request(query_value_request_packet)
+        begin
+          query_value_response = RubySMB::Dcerpc::Winreg::QueryValueResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the QueryValue response"
+        end
+        unless query_value_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when reading value #{value_name}: "\
+            "#{WindowsError::Win32.find_by_retval(query_value_response.error_status.value).join(',')}"
+        end
+        query_value_response.data
+      end
+      # Close the handle to the registry key.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @return [WindowsError::Win32] the response error status
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a CloseKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def close_key(handle)
+        close_key_request_packet = RubySMB::Dcerpc::Winreg::CloseKeyRequest.new(hkey: handle)
+        response = dcerpc_request(close_key_request_packet)
+        begin
+          close_key_response = RubySMB::Dcerpc::Winreg::CloseKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the CloseKey response"
+        end
+        unless close_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when closing the key: "\
+            "#{WindowsError::Win32.find_by_retval(close_key_response.error_status.value).join(',')}"
+        end
+        close_key_response.error_status
+      end
+      # Retrive relevant information on the key that corresponds to the
+      # specified key handle.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @return [RubySMB::Dcerpc::Winreg::QueryInfoKeyResponse] the QueryInfoKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a QueryInfoKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def query_info_key(handle)
+        query_info_key_request_packet = RubySMB::Dcerpc::Winreg::QueryInfoKeyRequest.new(hkey: handle)
+        query_info_key_request_packet.lp_class = ''
+        query_info_key_request_packet.lp_class.referent.actual_count = 0
+        query_info_key_request_packet.lp_class.maximum_length = 1024
+        query_info_key_request_packet.lp_class.buffer.referent.max_count = 1024 / 2
+        response = dcerpc_request(query_info_key_request_packet)
+        begin
+          query_info_key_response = RubySMB::Dcerpc::Winreg::QueryInfoKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the query_infoKey response"
+        end
+        unless query_info_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when querying information: "\
+            "#{WindowsError::Win32.find_by_retval(query_info_key_response.error_status.value).join(',')}"
+        end
+        query_info_key_response
+      end
+      # Enumerate the subkey at the specified index.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @param index [Numeric] the index of the subkey
+      # @return [String] the subkey name
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a EnumKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def enum_key(handle, index)
+        enum_key_request_packet = RubySMB::Dcerpc::Winreg::EnumKeyRequest.new(hkey: handle, dw_index: index)
+        enum_key_request_packet.lpft_last_write_time = 0
+        enum_key_request_packet.lp_class = ''
+        enum_key_request_packet.lp_class.referent.buffer = :null
+        enum_key_request_packet.lp_name.buffer = ''
+        enum_key_request_packet.lp_name.buffer.referent.max_count = 256
+        response = dcerpc_request(enum_key_request_packet)
+        begin
+          enum_key_response = RubySMB::Dcerpc::Winreg::EnumKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the EnumKey response"
+        end
+        unless enum_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when enumerating the key: "\
+            "#{WindowsError::Win32.find_by_retval(enum_key_response.error_status.value).join(',')}"
+        end
+        enum_key_response.lp_name.to_s
+      end
+      # Enumerate the value at the specified index for the specified registry key.
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @param index [Numeric] the index of the subkey
+      # @return [String] the data of the value entry
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a EnumValueResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def enum_value(handle, index)
+        enum_value_request_packet = RubySMB::Dcerpc::Winreg::EnumValueRequest.new(hkey: handle, dw_index: index)
+        enum_value_request_packet.lp_value_name.buffer = ''
+        enum_value_request_packet.lp_value_name.buffer.referent.max_count = 256
+        response = dcerpc_request(enum_value_request_packet)
+        begin
+          enum_value_response = RubySMB::Dcerpc::Winreg::EnumValueResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the Enumvalue response"
+        end
+        unless enum_value_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when enumerating values: "\
+            "#{WindowsError::Win32.find_by_retval(enum_value_response.error_status.value).join(',')}"
+        end
+        enum_value_response.lp_value_name.to_s
+      end
+      # Creates the specified registry key and returns a handle to the newly created key
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @param sub_key [String] the name of the key
+      # @param opts [Hash] options for the CreateKeyRequest
+      # @return [RubySMB::Dcerpc::Winreg::PrpcHkey] the handle to the opened or created key
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a CreateKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def create_key(handle, sub_key, opts = {})
+        opts = {
+          hkey:                   handle,
+          lp_sub_key:             sub_key,
+          lp_class:               opts[:lp_class] || :null,
+          dw_options:             opts[:dw_options] || RubySMB::Dcerpc::Winreg::CreateKeyRequest::REG_KEY_TYPE_VOLATILE,
+          sam_desired:            opts[:sam_desired] || RubySMB::Dcerpc::Winreg::Regsam.new(maximum: 1),
+          lp_security_attributes: opts[:lp_security_attributes] || RubySMB::Dcerpc::RpcSecurityAttributes.new,
+          lpdw_disposition:       opts[:lpdw_disposition] || RubySMB::Dcerpc::Winreg::CreateKeyRequest::REG_CREATED_NEW_KEY,
+        }
+        create_key_request_packet = RubySMB::Dcerpc::Winreg::CreateKeyRequest.new(opts)
+        response = dcerpc_request(create_key_request_packet)
+        begin
+          create_key_response = RubySMB::Dcerpc::Winreg::CreateKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the CreateKey response"
+        end
+        unless create_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when creating key #{sub_key}: "\
+            "#{WindowsError::Win32.find_by_retval(create_key_response.error_status.value).join(',')}"
+        end
+        create_key_response.hkey
+      end
+      # Saves the specified key, subkeys, and values to a new file
+      #
+      # @param handle [Ndr::NdrContextHandle] the handle for the key
+      # @param file_name [String] the name of the registry file in which the specified key and subkeys are to be saved
+      # @param opts [Hash] options for the SaveKeyRequest
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a SaveKeyResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
+      def save_key(handle, file_name, opts = {})
+        opts = {
+          hkey:                   handle,
+          lp_file:                file_name,
+          lp_security_attributes: opts[:lp_security_attributes] || :null,
+        }
+        save_key_request_packet = RubySMB::Dcerpc::Winreg::SaveKeyRequest.new(opts)
+        response = dcerpc_request(save_key_request_packet)
+        begin
+          save_key_response = RubySMB::Dcerpc::Winreg::SaveKeyResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the SaveKeyResponse response"
+        end
+        unless save_key_response.error_status == WindowsError::Win32::ERROR_SUCCESS
+          raise RubySMB::Dcerpc::Error::WinregError, "Error returned when saving key to #{file_name}: "\
+            "#{WindowsError::Win32.find_by_retval(save_key_response.error_status.value).join(',')}"
+        end
+      end
+      # Checks if the specified registry key exists. It returns true if it
+      # exists, false otherwise.
+      #
+      # @param key [String] the registry key to check
+      # @return [Boolean]
+      def has_registry_key?(key, bind: true)
+        bind(endpoint: RubySMB::Dcerpc::Winreg) if bind
+        root_key, sub_key = key.gsub(/\//, '\\').split('\\', 2)
+        begin
+          root_key_handle = open_root_key(root_key)
+          subkey_handle = open_key(root_key_handle, sub_key)
+        rescue RubySMB::Dcerpc::Error::WinregError
+          return false
+        end
+        return true
+      ensure
+        close_key(subkey_handle) if subkey_handle
+        close_key(root_key_handle) if root_key_handle
+      end
+      # Retrieve the data associated with the named value of a specified
+      # registry key.
+      #
+      # @param key [String] the registry key
+      # @param value_name [String] the name of the value to read
+      # @return [String] the data of the value entry
+      def read_registry_key_value(key, value_name, bind: true)
+        bind(endpoint: RubySMB::Dcerpc::Winreg) if bind
+        root_key, sub_key = key.gsub(/\//, '\\').split('\\', 2)
+        root_key_handle = open_root_key(root_key)
+        subkey_handle = open_key(root_key_handle, sub_key)
+        value = query_value(subkey_handle, value_name)
+        value
+      ensure
+        close_key(subkey_handle) if subkey_handle
+        close_key(root_key_handle) if root_key_handle
+      end
+      # Enumerate the subkeys of a specified registry key. If only a root key
+      # is provided, it enumerates its subkeys.
+      #
+      # @param key [String] the registry key
+      # @return [Array<String>] the subkeys
+      def enum_registry_key(key, bind: true)
+        bind(endpoint: RubySMB::Dcerpc::Winreg) if bind
+        root_key, sub_key = key.gsub(/\//, '\\').split('\\', 2)
+        root_key_handle = open_root_key(root_key)
+        subkey_handle = if sub_key.nil? || sub_key.empty?
+                          root_key_handle
+                        else
+                          open_key(root_key_handle, sub_key)
+                        end
+        query_info_key_response = query_info_key(subkey_handle)
+        key_count = query_info_key_response.lpc_sub_keys.to_i
+        enum_result = []
+        key_count.times do |i|
+          enum_result << enum_key(subkey_handle, i)
+        end
+        enum_result
+      ensure
+        close_key(subkey_handle) if subkey_handle
+        close_key(root_key_handle) if root_key_handle
+      end
+      # Enumerate the values for the specified registry key.
+      #
+      # @param key [String] the registry key
+      # @return [Array<String>] the values
+      def enum_registry_values(key, bind: true)
+        bind(endpoint: RubySMB::Dcerpc::Winreg) if bind
+        root_key, sub_key = key.gsub(/\//, '\\').split('\\', 2)
+        root_key_handle = open_root_key(root_key)
+        subkey_handle = if sub_key.nil? || sub_key.empty?
+                          root_key_handle
+                        else
+                          open_key(root_key_handle, sub_key)
+                        end
+        query_info_key_response = query_info_key(subkey_handle)
+        value_count = query_info_key_response.lpc_values.to_i
+        enum_result = []
+        value_count.times do |i|
+          enum_result << enum_value(subkey_handle, i)
+        end
+        enum_result
+      ensure
+        close_key(subkey_handle) if subkey_handle
+        close_key(root_key_handle) if root_key_handle
+      end
+    end
+  end
+end