RubyGems - ruby_smb - Versions diffs - 2.0.12 → 2.0.13 - Mend

ruby_smb 2.0.12 → 2.0.13

Files changed (194) hide show

data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb CHANGED Viewed

@@ -12,27 +12,18 @@ module RubySMB
         endian :little
         rpc_hkey           :hkey
-        uint32             :dw_index
+        ndr_uint32         :dw_index
         rrp_unicode_string :lp_value_name
-        string             :pad, length: -> { pad_length }
-        ndr_lp_dword       :lp_type
-        ndr_lp_byte_array  :lp_data
-        ndr_lp_dword       :lpcb_data
-        ndr_lp_dword       :lpcb_len
+        ndr_uint32_ptr     :lp_type
+        ndr_byte_array_ptr :lp_data
+        ndr_uint32_ptr     :lpcb_data
+        ndr_uint32_ptr     :lpcb_len
         def initialize_instance
           super
           @opnum = REG_ENUM_VALUE
         end
-        # Determines the correct length for the padding in front of
-        # #lp_type. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_value_name.abs_offset + lp_value_name.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end
 end

data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb CHANGED Viewed

@@ -10,26 +10,17 @@ module RubySMB
         endian :little
         rrp_unicode_string :lp_value_name
-        string             :pad, length: -> { pad_length }
-        ndr_lp_dword       :lp_type
-        ndr_lp_byte_array  :lp_data
-        ndr_lp_dword       :lpcb_data
-        ndr_lp_dword       :lpcb_len
-        uint32             :error_status
+        ndr_uint32_ptr     :lp_type
+        ndr_byte_array_ptr :lp_data
+        ndr_uint32_ptr     :lpcb_data
+        ndr_uint32_ptr     :lpcb_len
+        ndr_uint32         :error_status
         def initialize_instance
           super
           @opnum = REG_ENUM_VALUE
         end
-        # Determines the correct length for the padding in front of
-        # #lp_type. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_value_name.abs_offset + lp_value_name.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end
 end

data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb CHANGED Viewed

@@ -13,21 +13,13 @@ module RubySMB
         rpc_hkey           :hkey
         rrp_unicode_string :lp_sub_key
-        string             :pad, length: -> { pad_length }
-        uint32             :dw_options
+        ndr_uint32         :dw_options
         regsam             :sam_desired
         def initialize_instance
           super
           @opnum = REG_OPEN_KEY
         end
-        # Determines the correct length for the padding in front of
-        # #dw_options. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_sub_key.abs_offset + lp_sub_key.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end

data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb CHANGED Viewed

@@ -9,9 +9,10 @@ module RubySMB
       class OpenKeyResponse < BinData::Record
         attr_reader :opnum
-        endian    :little
-        prpc_hkey :phk_result
-        uint32    :error_status
+        endian :little
+        prpc_hkey     :phk_result
+        ndr_uint32    :error_status
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb CHANGED Viewed

@@ -4,10 +4,9 @@ module RubySMB
       # This class represents a PREGISTRY_SERVER_NAME structure as defined in
       # [2.2.2 PREGISTRY_SERVER_NAME](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/8bcd15fd-1aa5-44e2-8662-112ec3e9817b)
-      class PRegistryServerName < Ndr::NdrPointer
-        endian :little
-        string16 :referent, onlyif: -> { self.referent_id != 0 }, read_length: -> { 4 }
+      class PRegistryServerName < BinData::Array
+        default_parameter type: :ndr_wide_char, referent_byte_align: 2
+        extend Ndr::PointerClassPlugin
       end
       # This class is a generic class that represents OpenXXX Request packet,
@@ -27,13 +26,13 @@ module RubySMB
         attr_reader :opnum
         endian :little
-        p_registry_server_name :p_registry_server_name
+        p_registry_server_name :server_name
         regsam                 :sam_desired
         def initialize_instance
           super
           @opnum = get_parameter(:opnum) if has_parameter?(:opnum)
-          self.p_registry_server_name = :null
+          self.server_name = :null
           self.sam_desired.maximum = 1 unless [OPEN_HKPD, OPEN_HKPT, OPEN_HKPN].include?(@opnum)
         end
       end

data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb CHANGED Viewed

@@ -21,8 +21,8 @@ module RubySMB
         attr_reader :opnum
         endian    :little
-        prpc_hkey :ph_key
-        uint32    :error_status
+        prpc_hkey  :ph_key
+        ndr_uint32 :error_status
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb CHANGED Viewed

@@ -9,30 +9,21 @@ module RubySMB
         endian :little
         rrp_unicode_string :lp_class, initial_value: 0
-        string             :pad,      length: -> { pad_length }
-        uint32             :lpc_sub_keys
-        uint32             :lpc_max_sub_key_len
-        uint32             :lpc_max_class_len
-        uint32             :lpc_values
-        uint32             :lpcb_max_value_name_len
-        uint32             :lpcb_max_value_len
-        uint32             :lpcb_security_descriptor
-        file_time          :lpft_last_write_time
-        uint32             :error_status
+        ndr_uint32         :lpc_sub_keys
+        ndr_uint32         :lpc_max_sub_key_len
+        ndr_uint32         :lpc_max_class_len
+        ndr_uint32         :lpc_values
+        ndr_uint32         :lpcb_max_value_name_len
+        ndr_uint32         :lpcb_max_value_len
+        ndr_uint32         :lpcb_security_descriptor
+        ndr_file_time      :lpft_last_write_time
+        ndr_uint32         :error_status
         def initialize_instance
           super
           @opnum = REG_QUERY_INFO_KEY
         end
-        # Determines the correct length for the padding in front of
-        # #lpc_sub_keys. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_class.abs_offset + lp_class.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end
 end

data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb CHANGED Viewed

@@ -13,26 +13,16 @@ module RubySMB
         rpc_hkey           :hkey
         rrp_unicode_string :lp_value_name
-        string             :pad1, length: -> { pad_length(self.lp_value_name) }
-        ndr_lp_dword       :lp_type
-        ndr_lp_byte_array  :lp_data
-        string             :pad2, length: -> { pad_length(self.lp_data) }
-        ndr_lp_dword       :lpcb_data
-        ndr_lp_dword       :lpcb_len
+        ndr_uint32_ptr     :lp_type
+        ndr_byte_array_ptr :lp_data
+        ndr_uint32_ptr     :lpcb_data
+        ndr_uint32_ptr     :lpcb_len
         def initialize_instance
           super
           @opnum = REG_QUERY_VALUE
         end
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end
 end

data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb CHANGED Viewed

@@ -9,29 +9,21 @@ module RubySMB
         endian :little
-        ndr_lp_dword      :lp_type
-        ndr_lp_byte_array :lp_data
-        string            :pad, length: -> { pad_length(self.lp_data) }
-        ndr_lp_dword      :lpcb_data
-        ndr_lp_dword      :lpcb_len
-        uint32            :error_status
+        ndr_uint32_ptr     :lp_type
+        ndr_byte_array_ptr :lp_data
+        ndr_uint32_ptr     :lpcb_data
+        ndr_uint32_ptr     :lpcb_len
+        ndr_uint32         :error_status
         def initialize_instance
           super
           @opnum = REG_QUERY_VALUE
         end
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
         # Returns the data portion of the registry value formatted according to its type:
         # [3.1.1.5 Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/3d64dbea-f016-4373-8cac-e43bf343837d)
         def data
-          bytes = lp_data.bytes.to_a.pack('C*')
+          bytes = lp_data.to_a.pack('C*')
           case lp_type
           when 1,2
             bytes.force_encoding('utf-16le').strip
@@ -47,7 +39,7 @@ module RubySMB
           when 11
             bytes.unpack('Q<').first
           else
-            ""
+            ''
           end
         end

data/lib/ruby_smb/dcerpc/winreg/regsam.rb CHANGED Viewed

@@ -5,8 +5,10 @@ module RubySMB
       # This class represents a REGSAM structure as defined in
       # [2.2.3 REGSAM](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/fefbc801-b141-4bb1-9dcb-bf366da3ae7e)
       # [2.4.3 ACCESS_MASK](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/7a53f60e-e730-4dfe-bbe9-b21b62eb790b)
-      class Regsam < BinData::Record
+      class Regsam < Ndr::NdrStruct
+        default_parameter byte_align: 4
         endian  :little
         bit2    :reserved,               label: 'Reserved Space'
         bit1    :key_create_link,        label: 'Key Create Link'
         bit1    :key_notify,             label: 'Key Notify'

data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb CHANGED Viewed

@@ -13,22 +13,13 @@ module RubySMB
         rpc_hkey                 :hkey
         rrp_unicode_string       :lp_file
-        string                   :pad, length: -> { pad_length(self.lp_file) }
         prpc_security_attributes :lp_security_attributes
         def initialize_instance
           super
           @opnum = REG_SAVE_KEY
         end
-        # Determines the correct length for the padding, so that the next
-        # field is 4-byte aligned.
-        def pad_length(prev_element)
-          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
-          (4 - offset) % 4
-        end
       end
     end
   end
 end

data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb CHANGED Viewed

@@ -9,7 +9,7 @@ module RubySMB
         endian :little
-        uint32       :error_status
+        ndr_uint32 :error_status
         def initialize_instance
           super

data/lib/ruby_smb/dcerpc/winreg.rb CHANGED Viewed

@@ -63,6 +63,8 @@ module RubySMB
         "HKPN"                      => OPEN_HKPN
       }
+      BUFFER_SIZE = 1024
       # Open the registry root key and return a handle for it. The key can be
       # either a long format (e.g. HKEY_LOCAL_MACHINE) or a short format
       # (e.g. HKLM)
@@ -147,7 +149,7 @@ module RubySMB
         query_value_request_packet.lpcb_data = query_value_response.lpcb_data
         query_value_request_packet.lp_data = []
-        query_value_request_packet.lp_data.referent.max_count = query_value_response.lpcb_data.referent
+        query_value_request_packet.lp_data.max_count = query_value_response.lpcb_data.to_i
         response = dcerpc_request(query_value_request_packet)
         begin
           query_value_response = RubySMB::Dcerpc::Winreg::QueryValueResponse.read(response)
@@ -193,10 +195,7 @@ module RubySMB
       # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
       def query_info_key(handle)
         query_info_key_request_packet = RubySMB::Dcerpc::Winreg::QueryInfoKeyRequest.new(hkey: handle)
-        query_info_key_request_packet.lp_class = ''
-        query_info_key_request_packet.lp_class.referent.actual_count = 0
-        query_info_key_request_packet.lp_class.maximum_length = 1024
-        query_info_key_request_packet.lp_class.buffer.referent.max_count = 1024 / 2
+        query_info_key_request_packet.lp_class.set_max_buffer_size(BUFFER_SIZE)
         response = dcerpc_request(query_info_key_request_packet)
         begin
           query_info_key_response = RubySMB::Dcerpc::Winreg::QueryInfoKeyResponse.read(response)
@@ -220,11 +219,9 @@ module RubySMB
       # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
       def enum_key(handle, index)
         enum_key_request_packet = RubySMB::Dcerpc::Winreg::EnumKeyRequest.new(hkey: handle, dw_index: index)
-        enum_key_request_packet.lpft_last_write_time = 0
-        enum_key_request_packet.lp_class = ''
-        enum_key_request_packet.lp_class.referent.buffer = :null
-        enum_key_request_packet.lp_name.buffer = ''
-        enum_key_request_packet.lp_name.buffer.referent.max_count = 256
+        # `lp_class` cannot be null, even if it contains no value
+        enum_key_request_packet.lp_class.instantiate_referent
+        enum_key_request_packet.lp_name.set_max_buffer_size(BUFFER_SIZE)
         response = dcerpc_request(enum_key_request_packet)
         begin
           enum_key_response = RubySMB::Dcerpc::Winreg::EnumKeyResponse.read(response)
@@ -236,7 +233,7 @@ module RubySMB
             "#{WindowsError::Win32.find_by_retval(enum_key_response.error_status.value).join(',')}"
         end
-        enum_key_response.lp_name.to_s
+        enum_key_response.lp_name[:buffer]
       end
       # Enumerate the value at the specified index for the specified registry key.
@@ -248,8 +245,7 @@ module RubySMB
       # @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
       def enum_value(handle, index)
         enum_value_request_packet = RubySMB::Dcerpc::Winreg::EnumValueRequest.new(hkey: handle, dw_index: index)
-        enum_value_request_packet.lp_value_name.buffer = ''
-        enum_value_request_packet.lp_value_name.buffer.referent.max_count = 256
+        enum_value_request_packet.lp_value_name.set_max_buffer_size(BUFFER_SIZE)
         response = dcerpc_request(enum_value_request_packet)
         begin
           enum_value_response = RubySMB::Dcerpc::Winreg::EnumValueResponse.read(response)
@@ -261,7 +257,7 @@ module RubySMB
             "#{WindowsError::Win32.find_by_retval(enum_value_response.error_status.value).join(',')}"
         end
-        enum_value_response.lp_value_name.to_s
+        enum_value_response.lp_value_name[:buffer]
       end
       # Creates the specified registry key and returns a handle to the newly created key

data/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_request.rb ADDED Viewed

@@ -0,0 +1,26 @@
+module RubySMB
+  module Dcerpc
+    module Wkssvc
+      # [2.2.2.1 WKSSVC_IDENTIFY_HANDLE](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/9ef94a11-0e5c-49d7-9ac7-68d6f03565de)
+      class WkssvcIdentifyHandle < Ndr::NdrWideStringPtr; end
+      # [3.2.4.1 NetrWkstaGetInfo (Opnum 0)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/4af41d6f-b800-4de1-af5b-0b15a85f8e04)
+      class NetrWkstaGetInfoRequest < BinData::Record
+        attr_reader :opnum
+        endian :little
+        wkssvc_identify_handle :server_name
+        ndr_uint32             :level
+        def initialize_instance
+          super
+          @opnum = NETR_WKSTA_GET_INFO
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_response.rb ADDED Viewed

@@ -0,0 +1,88 @@
+module RubySMB
+  module Dcerpc
+    module Wkssvc
+      # [2.2.5.3 WKSTA_INFO_102](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/49c75566-2d4f-481a-bf32-7eb5627cb4ea)
+      class WkstaInfo102 < Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+        ndr_uint32           :wki102_platform_id
+        ndr_wide_stringz_ptr :wki102_computername
+        ndr_wide_stringz_ptr :wki102_langroup
+        ndr_uint32           :wki102_ver_major
+        ndr_uint32           :wki102_ver_minor
+        ndr_wide_stringz_ptr :wki102_lanroot
+        ndr_uint32           :wki102_logged_on_users
+      end
+      class PwkstaInfo102 < WkstaInfo102
+        extend Ndr::PointerClassPlugin
+      end
+      # [2.2.5.2 WKSTA_INFO_101](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/98876691-3684-4b0c-bb43-3a8ac4705149)
+      class WkstaInfo101 < Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+        ndr_uint32           :wki101_platform_id
+        ndr_wide_stringz_ptr :wki101_computername
+        ndr_wide_stringz_ptr :wki101_langroup
+        ndr_uint32           :wki101_ver_major
+        ndr_uint32           :wki101_ver_minor
+        ndr_wide_stringz_ptr :wki101_lanroot
+      end
+      class PwkstaInfo101 < WkstaInfo101
+        extend Ndr::PointerClassPlugin
+      end
+      # [2.2.5.1 WKSTA_INFO_100](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/23275f4a-4e51-49d6-bdb5-f58519a3ea8a)
+      class WkstaInfo100 < Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+        ndr_uint32           :wki100_platform_id
+        ndr_wide_stringz_ptr :wki100_computername
+        ndr_wide_stringz_ptr :wki100_langroup
+        ndr_uint32           :wki100_ver_major
+        ndr_uint32           :wki100_ver_minor
+      end
+      class PwkstaInfo100 < WkstaInfo100
+        extend Ndr::PointerClassPlugin
+      end
+      class LpwkstaInfo < Ndr::NdrStruct
+        default_parameter byte_align: 4
+        endian :little
+        ndr_uint32 :level
+        choice     :info, selection: :level, byte_align: 4 do
+          pwksta_info100 WKSTA_INFO_100
+          pwksta_info101 WKSTA_INFO_101
+          pwksta_info102 WKSTA_INFO_102
+          #TODO: pwksta_info_502 0x000001F6
+        end
+      end
+      # [3.2.4.1 NetrWkstaGetInfo (Opnum 0)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/4af41d6f-b800-4de1-af5b-0b15a85f8e04)
+      class NetrWkstaGetInfoResponse < BinData::Record
+        attr_reader :opnum
+        endian :little
+        lpwksta_info :wksta_info
+        ndr_uint32   :error_status
+        def initialize_instance
+          super
+          @opnum = NETR_WKSTA_GET_INFO
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/wkssvc.rb ADDED Viewed

@@ -0,0 +1,65 @@
+module RubySMB
+  module Dcerpc
+    module Wkssvc
+      UUID = '6BFFD098-A112-3610-9833-46C3F87E345A'
+      VER_MAJOR = 1
+      VER_MINOR = 0
+      # Operation numbers
+      NETR_WKSTA_GET_INFO = 0x0000
+      PLATFORM_ID = {
+        0x0000012C => "DOS",
+        0x00000190 => "OS2",
+        0x000001F4 => "Win",
+        0x00000258 => "OSF",
+        0x000002BC => "VMS"
+      }
+      # Information Level
+      WKSTA_INFO_100 = 0x00000064
+      WKSTA_INFO_101 = 0x00000065
+      WKSTA_INFO_102 = 0x00000066
+      #TODO: WKSTA_INFO_502 = 0x000001F6
+      require 'ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_request'
+      require 'ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_response'
+      # Returns details about a computer environment, including
+      # platform-specific information, the names of the domain and local
+      # computer, and the operating system version.
+      #
+      # @param server_name [optional, String] String that identifies the server (optional
+      #   since it is ignored by the server)
+      # @param server_name [optional, Integer] The information level of the data (default: WKSTA_INFO_100)
+      # @return [RubySMB::Dcerpc::Wkssvc::WkstaInfo100, RubySMB::Dcerpc::Wkssvc::WkstaInfo101,
+      #   RubySMB::Dcerpc::Wkssvc::WkstaInfo102] The structure containing the requested information
+      # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a
+      #   NetrWkstaGetInfoResponse packet
+      # @raise [RubySMB::Dcerpc::Error::WkssvcError] if the response error status
+      #   is not STATUS_SUCCESS
+      def netr_wksta_get_info(server_name: "\x00", level: WKSTA_INFO_100)
+        wkst_netr_wksta_get_info_request = NetrWkstaGetInfoRequest.new(
+          server_name: server_name,
+          level: level
+        )
+        response = dcerpc_request(wkst_netr_wksta_get_info_request)
+        begin
+          wkst_netr_wksta_get_info_response = NetrWkstaGetInfoResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading WkstNetrWkstaGetInfoResponse'
+        end
+        unless wkst_netr_wksta_get_info_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Dcerpc::Error::WkssvcError,
+            "Error returned with netr_wksta_get_info: "\
+            "#{WindowsError::NTStatus.find_by_retval(wkst_netr_wksta_get_info_response.error_status.value).join(',')}"
+        end
+        wkst_netr_wksta_get_info_response.wksta_info.info
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc.rb CHANGED Viewed

@@ -3,21 +3,51 @@ module RubySMB
     MAX_XMIT_FRAG = 4280
     MAX_RECV_FRAG = 4280
+    # Auth Levels
+    #[2.2.1.1.8 Authentication Levels](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/425a7c53-c33a-4868-8e5b-2a850d40dc73)
+    RPC_C_AUTHN_LEVEL_DEFAULT       = 0
+    RPC_C_AUTHN_LEVEL_NONE          = 1
+    RPC_C_AUTHN_LEVEL_CONNECT       = 2
+    RPC_C_AUTHN_LEVEL_CALL          = 3
+    RPC_C_AUTHN_LEVEL_PKT           = 4
+    RPC_C_AUTHN_LEVEL_PKT_INTEGRITY = 5
+    RPC_C_AUTHN_LEVEL_PKT_PRIVACY   = 6
+    ## Auth Types
+    # [2.2.1.1.7 Security Providers](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/d4097450-c62f-484b-872f-ddf59a7a0d36)
+    RPC_C_AUTHN_NONE          = 0x00
+    RPC_C_AUTHN_GSS_NEGOTIATE = 0x09
+    RPC_C_AUTHN_WINNT         = 0x0A
+    RPC_C_AUTHN_GSS_SCHANNEL  = 0x0E
+    RPC_C_AUTHN_GSS_KERBEROS  = 0x10
+    RPC_C_AUTHN_NETLOGON      = 0x44
+    RPC_C_AUTHN_DEFAULT       = 0xFF
+    #[Authorisation Services](https://pubs.opengroup.org/onlinepubs/9629399/chap13.htm#tagcjh_18_01_02_03)
+    DCE_C_AUTHZ_NAME = 1
+    DCE_C_AUTHZ_DCE  = 2
     require 'windows_error/win32'
     require 'ruby_smb/dcerpc/error'
     require 'ruby_smb/dcerpc/uuid'
     require 'ruby_smb/dcerpc/ndr'
     require 'ruby_smb/dcerpc/ptypes'
     require 'ruby_smb/dcerpc/p_syntax_id_t'
-    require 'ruby_smb/dcerpc/rrp_unicode_string'
+    require 'ruby_smb/dcerpc/rrp_rpc_unicode_string'
     require 'ruby_smb/dcerpc/rpc_security_attributes'
     require 'ruby_smb/dcerpc/pdu_header'
     require 'ruby_smb/dcerpc/srvsvc'
     require 'ruby_smb/dcerpc/svcctl'
     require 'ruby_smb/dcerpc/winreg'
     require 'ruby_smb/dcerpc/netlogon'
+    require 'ruby_smb/dcerpc/samr'
+    require 'ruby_smb/dcerpc/wkssvc'
+    require 'ruby_smb/dcerpc/epm'
+    require 'ruby_smb/dcerpc/drsr'
+    require 'ruby_smb/dcerpc/sec_trailer'
     require 'ruby_smb/dcerpc/request'
     require 'ruby_smb/dcerpc/response'
+    require 'ruby_smb/dcerpc/rpc_auth3'
     require 'ruby_smb/dcerpc/bind'
     require 'ruby_smb/dcerpc/bind_ack'
@@ -26,27 +56,27 @@ module RubySMB
     # Bind to the remote server interface endpoint.
     #
     # @param options [Hash] the options to pass to the Bind request packet. At least, :endpoint must but provided with an existing Dcerpc class
-    # @return [RubySMB::Dcerpc::BindAck] the BindAck response packet
-    # @raise [RubySMB::Dcerpc::Error::InvalidPacket] if an invalid packet is received
-    # @raise [RubySMB::Dcerpc::Error::BindError] if the response is not a BindAck packet or if the Bind result code is not ACCEPTANCE
+    # @return [BindAck] the BindAck response packet
+    # @raise [Error::InvalidPacket] if an invalid packet is received
+    # @raise [Error::BindError] if the response is not a BindAck packet or if the Bind result code is not ACCEPTANCE
     def bind(options={})
-      bind_req = RubySMB::Dcerpc::Bind.new(options)
+      bind_req = Bind.new(options)
       write(data: bind_req.to_binary_s)
       @size = 1024
       dcerpc_raw_response = read()
       begin
-        dcerpc_response = RubySMB::Dcerpc::BindAck.read(dcerpc_raw_response)
+        dcerpc_response = BindAck.read(dcerpc_raw_response)
       rescue IOError
-        raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
+        raise Error::InvalidPacket, "Error reading the DCERPC response"
       end
-      unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::BIND_ACK
-        raise RubySMB::Dcerpc::Error::BindError, "Not a BindAck packet"
+      unless dcerpc_response.pdu_header.ptype == PTypes::BIND_ACK
+        raise Error::BindError, "Not a BindAck packet"
       end
       res_list = dcerpc_response.p_result_list
       if res_list.n_results == 0 ||
-         res_list.p_results[0].result != RubySMB::Dcerpc::BindAck::ACCEPTANCE
-        raise RubySMB::Dcerpc::Error::BindError,
+         res_list.p_results[0].result != BindAck::ACCEPTANCE
+        raise Error::BindError,
           "Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
       end
       @tree.client.max_buffer_size = dcerpc_response.max_xmit_frag

data/lib/ruby_smb/field/file_time.rb CHANGED Viewed

@@ -3,7 +3,7 @@ require 'date'
 module RubySMB
   module Field
     # Represents a Windows FILETIME structure as defined in
-    # [FILETIME structure](https://msdn.microsoft.com/en-us/library/windows/desktop/ms724284(v=vs.85).aspx)
+    # [2.3.3 FILETIME](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/2c57429b-fdd4-488f-b5fc-9e4cf020fcdf).aspx)
     class FileTime < BinData::Primitive
       # Difference between the Windows and Unix epochs, in 100ns intervals
       EPOCH_DIFF_100NS = 116_444_736_000_000_000