ruby_smb 2.0.12 → 2.0.13

data/spec/lib/ruby_smb/dcerpc/rrp_rpc_unicode_string_spec.rb

@@ -0,0 +1,340 @@
+RSpec.describe RubySMB::Dcerpc::RrpUnicodeString do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :buffer_length }
+  it { is_expected.to respond_to :maximum_length }
+  it { is_expected.to respond_to :buffer }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+
+  it 'has :byte_align parameter set to the expected value' do
+    expect(described_class.default_parameters[:byte_align]).to eq(4)
+  end
+
+  describe '#buffer_length' do
+    it 'should be a NdrUint16' do
+      expect(packet.buffer_length).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
+    end
+    it 'is 0 by default' do
+      expect(packet.buffer_length).to eq(0)
+    end
+  end
+
+  describe '#maximum_length' do
+    it 'should be a NdrUint16' do
+      expect(packet.maximum_length).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
+    end
+    it 'is 0 by default' do
+      expect(packet.maximum_length).to eq(0)
+    end
+  end
+
+  describe '#buffer' do
+    it 'should be a NdrWideStringzPtr' do
+      expect(packet.buffer).to be_a RubySMB::Dcerpc::Ndr::NdrWideStringzPtr
+    end
+    it 'is :null by default' do
+      expect(packet.buffer).to eq(:null)
+    end
+  end
+
+  describe '#assign' do
+    context 'with a string' do
+      before :example do
+        packet.assign('spec_test')
+      end
+
+      [BinData::Stringz, BinData::String, String].each do |klass|
+        context "with a #{klass}" do
+          it 'sets #buffer to the expected value' do
+            expect(packet.buffer).to eq(RubySMB::Dcerpc::Ndr::NdrWideStringPtr.new(klass.new('spec_test')))
+          end
+
+          it 'sets #buffer_length to the expected value' do
+            expect(packet.buffer_length).to eq(('spec_test'.size + 1) * 2)
+          end
+
+          it 'sets #maximum_length to the expected value' do
+            expect(packet.maximum_length).to eq(('spec_test'.size + 1) * 2)
+          end
+        end
+      end
+    end
+
+    context 'with a :null pointer' do
+      before :example do
+        packet.assign(:null)
+      end
+      it 'sets #buffer to :null' do
+        expect(packet.buffer).to eq(:null)
+      end
+
+      it 'sets #buffer_length to 0' do
+        expect(packet.buffer_length).to eq(0)
+      end
+
+      it 'sets #maximum_length to 0' do
+        expect(packet.maximum_length).to eq(0)
+      end
+    end
+  end
+
+  describe '#read' do
+    context 'with a null pointer' do
+      it 'reads its own binary representation' do
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+
+    context 'with a normal string' do
+      it 'reads its own binary representation' do
+        packet.assign('my_test')
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+  end
+
+  describe '#set_max_buffer_size' do
+    it 'sets buffer.max_count to the expected value' do
+      packet.set_max_buffer_size(4)
+      expect(packet.buffer.max_count).to eq(4 / 2)
+    end
+
+    it 'sets #maximum_length to the expected value' do
+      packet.set_max_buffer_size(4)
+      expect(packet.maximum_length).to eq(4)
+    end
+
+    it 'instantiates `buffer` if it is a null pointer' do
+      expect(packet.buffer).to eq(:null)
+      packet.set_max_buffer_size(4)
+      expect(packet.buffer).to eq('')
+    end
+  end
+
+  describe '#to_s' do
+    it 'returns a unicode string' do
+      packet.assign('Test')
+      expect(packet.to_s).to eq('Test'.encode('utf-16le'))
+    end
+
+    it 'returns a unicode encoded empty string if `buffer` is a null pointer' do
+      expect(packet.buffer).to eq(:null)
+      expect(packet.to_s).to eq(''.encode('utf-16le'))
+    end
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::PrrpUnicodeString do
+  it 'is RrpUnicodeString subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::RrpUnicodeString
+  end
+
+  subject(:packet) { described_class.new }
+
+  it 'is a NDR pointer' do
+    expect(subject).to be_a RubySMB::Dcerpc::Ndr::PointerPlugin
+  end
+
+  it { is_expected.to respond_to :ref_id }
+
+  it 'is :null if #ref_id is zero' do
+    packet.ref_id = 0
+    expect(packet).to eq(:null)
+  end
+
+  describe '#read' do
+    context 'with a null pointer' do
+      it 'reads its own binary representation' do
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+
+    context 'with a normal string' do
+      it 'reads its own binary representation' do
+        packet.assign('my_test')
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::RpcUnicodeString do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :buffer_length }
+  it { is_expected.to respond_to :maximum_length }
+  it { is_expected.to respond_to :buffer }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+
+  it 'has :byte_align parameter set to the expected value' do
+    expect(described_class.default_parameters[:byte_align]).to eq(4)
+  end
+
+  describe '#buffer_length' do
+    it 'should be a NdrUint16' do
+      expect(packet.buffer_length).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
+    end
+    it 'is 0 by default' do
+      expect(packet.buffer_length).to eq(0)
+    end
+  end
+
+  describe '#maximum_length' do
+    it 'should be a NdrUint16' do
+      expect(packet.maximum_length).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
+    end
+    it 'is 0 by default' do
+      expect(packet.maximum_length).to eq(0)
+    end
+  end
+
+  describe '#buffer' do
+    it 'should be a NdrWideStringPtr' do
+      expect(packet.buffer).to be_a RubySMB::Dcerpc::Ndr::NdrWideStringPtr
+    end
+    it 'is :null by default' do
+      expect(packet.buffer).to eq(:null)
+    end
+  end
+
+  describe '#assign' do
+    context 'with a string' do
+      before :example do
+        packet.assign('spec_test')
+      end
+
+      [BinData::Stringz, BinData::String, String].each do |klass|
+        context "with a #{klass}" do
+          it 'sets #buffer to the expected value' do
+            expect(packet.buffer).to eq(RubySMB::Dcerpc::Ndr::NdrWideStringPtr.new('spec_test'))
+          end
+
+          it 'sets #buffer_length to the expected value' do
+            expect(packet.buffer_length).to eq(('spec_test'.size) * 2)
+          end
+
+          it 'sets #maximum_length to the expected value' do
+            expect(packet.maximum_length).to eq(('spec_test'.size) * 2)
+          end
+        end
+      end
+    end
+    context 'with a :null pointer' do
+      before :example do
+        packet.assign(:null)
+      end
+      it 'sets #buffer to :null' do
+        expect(packet.buffer).to eq(:null)
+      end
+
+      it 'sets #buffer_length to 0' do
+        expect(packet.buffer_length).to eq(0)
+      end
+
+      it 'sets #maximum_length to 0' do
+        expect(packet.maximum_length).to eq(0)
+      end
+    end
+  end
+
+  describe '#read' do
+    context 'with a null pointer' do
+      it 'reads its own binary representation' do
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+
+    context 'with a normal string' do
+      it 'reads its own binary representation' do
+        packet.assign('my_test')
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+  end
+
+  describe '#set_max_buffer_size' do
+    it 'sets buffer.max_count to the expected value' do
+      packet.set_max_buffer_size(4)
+      expect(packet.buffer.max_count).to eq(4 / 2)
+    end
+
+    it 'sets #maximum_length to the expected value' do
+      packet.set_max_buffer_size(4)
+      expect(packet.maximum_length).to eq(4)
+    end
+
+    it 'instantiates `buffer` if it is a null pointer' do
+      expect(packet.buffer).to eq(:null)
+      packet.set_max_buffer_size(4)
+      expect(packet.buffer).to eq('')
+    end
+  end
+
+  describe '#to_s' do
+    it 'returns a unicode string' do
+      packet.assign('Test')
+      expect(packet.to_s).to eq('Test'.encode('utf-16le'))
+    end
+
+    it 'returns a unicode encoded empty string if `buffer` is a null pointer' do
+      expect(packet.buffer).to eq(:null)
+      expect(packet.to_s).to eq(''.encode('utf-16le'))
+    end
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::PrpcUnicodeString do
+  it 'is RpcUnicodeString subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::RpcUnicodeString
+  end
+
+  subject(:packet) { described_class.new }
+
+  it 'is a NDR pointer' do
+    expect(subject).to be_a RubySMB::Dcerpc::Ndr::PointerPlugin
+  end
+
+  it { is_expected.to respond_to :ref_id }
+
+  it 'is :null if #ref_id is zero' do
+    packet.ref_id = 0
+    expect(packet).to eq(:null)
+  end
+
+  describe '#read' do
+    context 'with a null pointer' do
+      it 'reads its own binary representation' do
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+
+    context 'with a normal string' do
+      it 'reads its own binary representation' do
+        packet.assign('my_test')
+        raw = packet.to_binary_s
+        expect(described_class.read(raw)).to eq(packet)
+        expect(described_class.read(raw).to_binary_s).to eq(raw)
+      end
+    end
+  end
+end

data/spec/lib/ruby_smb/dcerpc/samr/rpc_sid_spec.rb

@@ -0,0 +1,116 @@
+RSpec.describe RubySMB::Dcerpc::Samr::RpcSidIdentifierAuthority do
+  subject(:packet) { described_class.new }
+
+  it 'is a Ndr::NdrFixArray' do
+    expect(packet).to be_a(RubySMB::Dcerpc::Ndr::NdrFixArray)
+  end
+  it 'has element of type :ndr_uint8' do
+    expect(packet[0]).to be_a(RubySMB::Dcerpc::Ndr::NdrUint8)
+  end
+  it 'has 6 elements by default' do
+    expect(packet.size).to eq(6)
+  end
+  it 'is one-byte aligned' do
+    expect(packet.eval_parameter(:byte_align)).to eq(1)
+  end
+  it 'reads itself' do
+    expect(packet.read(described_class.new([1, 2, 3, 4, 5, 6]).to_binary_s)).to eq([1, 2, 3, 4, 5, 6])
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Samr::RpcSid do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :revision }
+  it { is_expected.to respond_to :sub_authority_count }
+  it { is_expected.to respond_to :identifier_authority }
+  it { is_expected.to respond_to :sub_authority }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  it 'is a Ndr::NdrStruct' do
+    expect(packet).to be_a(RubySMB::Dcerpc::Ndr::NdrStruct)
+  end
+  it 'is four-byte aligned' do
+    expect(packet.eval_parameter(:byte_align)).to eq(4)
+  end
+  describe '#revision' do
+    it 'is a NdrUint8 structure' do
+      expect(packet.revision).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+  end
+  describe '#sub_authority_count' do
+    it 'is a NdrUint8 structure' do
+      expect(packet.sub_authority_count).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+    it 'is set the the number of #sub_authority elements by default' do
+      packet.sub_authority = [21, 419547006, 9459028, 4093171872, 500]
+      expect(packet.sub_authority_count).to eq(5)
+    end
+  end
+  describe '#identifier_authority' do
+    it 'is a RpcSidIdentifierAuthority structure' do
+      expect(packet.identifier_authority).to be_a RubySMB::Dcerpc::Samr::RpcSidIdentifierAuthority
+    end
+  end
+  describe '#sub_authority' do
+    it 'is a NdrConfArray structure' do
+      expect(packet.sub_authority).to be_a RubySMB::Dcerpc::Ndr::NdrConfArray
+    end
+    it 'has element of type :ndr_uint32' do
+      packet.sub_authority << 1
+      expect(packet.sub_authority[0]).to be_a(RubySMB::Dcerpc::Ndr::NdrUint32)
+    end
+  end
+  describe '#snapshot' do
+    it 'outputs the expected SID' do
+      packet.revision = 1
+      packet.identifier_authority = [0, 0, 0, 0, 0, 5]
+      packet.sub_authority = [21, 419547006, 9459028, 4093171872, 500]
+      expect(packet.snapshot).to eq('S-1-5-21-419547006-9459028-4093171872-500')
+    end
+  end
+  describe '#assign' do
+    it 'assign the correct fields from a String' do
+      packet.assign('S-1-5-21-419547006-9459028-4093171872-500')
+      expect(packet.revision).to eq(1)
+      expect(packet.sub_authority_count).to eq(5)
+      expect(packet.identifier_authority).to eq([0, 0, 0, 0, 0, 5])
+      expect(packet.sub_authority).to eq([21, 419547006, 9459028, 4093171872, 500])
+    end
+    it 'assign the correct fields from another RpcSid object' do
+      packet2 = described_class.new
+      packet2.revision = 1
+      packet2.identifier_authority = [0, 0, 0, 0, 0, 5]
+      packet2.sub_authority = [21, 419547006, 9459028, 4093171872, 500]
+      packet.assign(packet2)
+      expect(packet.revision).to eq(1)
+      expect(packet.sub_authority_count).to eq(5)
+      expect(packet.identifier_authority).to eq([0, 0, 0, 0, 0, 5])
+      expect(packet.sub_authority).to eq([21, 419547006, 9459028, 4093171872, 500])
+      expect(packet.snapshot).to eq('S-1-5-21-419547006-9459028-4093171872-500')
+    end
+  end
+  it 'reads itself' do
+    expect(packet.read(described_class.new('S-1-5-21-419547006-9459028-4093171872-500').to_binary_s)).to eq('S-1-5-21-419547006-9459028-4093171872-500')
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Samr::PrpcSid do
+  subject(:packet) { described_class.new }
+
+  it 'is a RpcSid' do
+    expect(packet).to be_a(RubySMB::Dcerpc::Samr::RpcSid)
+  end
+  it 'is a NdrPointer' do
+    expect(described_class).to be_a(RubySMB::Dcerpc::Ndr::PointerClassPlugin)
+    expect(packet).to be_a(RubySMB::Dcerpc::Ndr::PointerPlugin)
+  end
+  it 'is four-byte aligned' do
+    expect(packet.eval_parameter(:byte_align)).to eq(4)
+  end
+  it 'reads itself' do
+    expect(packet.read(described_class.new('S-1-5-21-419547006-9459028-4093171872-500').to_binary_s)).to eq('S-1-5-21-419547006-9459028-4093171872-500')
+  end
+end

data/spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_request_spec.rb

@@ -0,0 +1,40 @@
+RSpec.describe RubySMB::Dcerpc::Samr::SamrCloseHandleRequest do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :sam_handle }
+  it { is_expected.to respond_to :opnum }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  it 'is a BinData::Record' do
+    expect(packet).to be_a(BinData::Record)
+  end
+  describe '#sam_handle' do
+    it 'is a SamprHandle structure' do
+      expect(packet.sam_handle).to be_a RubySMB::Dcerpc::Samr::SamprHandle
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to SAMR_CLOSE_HANDLE constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CLOSE_HANDLE)
+    end
+  end
+  it 'reads itself' do
+    new_packet = described_class.new({
+      sam_handle: {
+        context_handle_attributes: 0,
+        context_handle_uuid: "fc873b90-d9a9-46a4-b9ea-f44bb1c272a7"
+      }
+    })
+    expected_output = {
+      sam_handle: {
+        context_handle_attributes: 0,
+        context_handle_uuid: "fc873b90-d9a9-46a4-b9ea-f44bb1c272a7"
+      }
+    }
+    expect(packet.read(new_packet.to_binary_s)).to eq(expected_output)
+  end
+end
+
+

data/spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_response_spec.rb

@@ -0,0 +1,48 @@
+RSpec.describe RubySMB::Dcerpc::Samr::SamrCloseHandleResponse do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :sam_handle }
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  it 'is a BinData::Record' do
+    expect(packet).to be_a(BinData::Record)
+  end
+  describe '#sam_handle' do
+    it 'is a SamprHandle structure' do
+      expect(packet.sam_handle).to be_a RubySMB::Dcerpc::Samr::SamprHandle
+    end
+  end
+  describe '#error_status' do
+    it 'is a NdrUint32 structure' do
+      expect(packet.error_status).to be_a RubySMB::Dcerpc::Ndr::NdrUint32
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to SAMR_CLOSE_HANDLE constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CLOSE_HANDLE)
+    end
+  end
+  it 'reads itself' do
+    new_packet = described_class.new({
+      sam_handle: {
+        context_handle_attributes: 0,
+        context_handle_uuid: "fc873b90-d9a9-46a4-b9ea-f44bb1c272a7"
+      },
+      error_status: 4
+    })
+    expected_output = {
+      sam_handle: {
+        context_handle_attributes: 0,
+        context_handle_uuid: "fc873b90-d9a9-46a4-b9ea-f44bb1c272a7"
+      },
+      error_status: 4
+    }
+    expect(packet.read(new_packet.to_binary_s)).to eq(expected_output)
+  end
+end
+
+

data/spec/lib/ruby_smb/dcerpc/samr/samr_connect_request_spec.rb

@@ -0,0 +1,56 @@
+RSpec.describe RubySMB::Dcerpc::Samr::PsamprServerName do
+  subject(:packet) { described_class.new }
+
+  it 'is a RubySMB::Field::Stringz16' do
+    expect(packet).to be_a(RubySMB::Field::Stringz16)
+  end
+  it 'is a NdrPointer' do
+    expect(described_class).to be_a(RubySMB::Dcerpc::Ndr::PointerClassPlugin)
+    expect(packet).to be_a(RubySMB::Dcerpc::Ndr::PointerPlugin)
+  end
+  it 'is four-bytes aligned' do
+    expect(packet.eval_parameter(:byte_align)).to eq(4)
+  end
+  it 'has a referent which is two-bytes aligned' do
+    expect(packet.eval_parameter(:referent_byte_align)).to eq(2)
+  end
+  it 'reads itself' do
+    expect(packet.read(described_class.new('TestString!!').to_binary_s)).to eq('TestString!!'.encode('utf-16le'))
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Samr::SamrConnectRequest do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :server_name }
+  it { is_expected.to respond_to :desired_access }
+  it { is_expected.to respond_to :opnum }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  it 'is a BinData::Record' do
+    expect(packet).to be_a(BinData::Record)
+  end
+  describe '#server_name' do
+    it 'is a PsamprServerName structure' do
+      expect(packet.server_name).to be_a RubySMB::Dcerpc::Samr::PsamprServerName
+    end
+  end
+  describe '#desired_access' do
+    it 'is a NdrUint32 structure' do
+      expect(packet.desired_access).to be_a RubySMB::Dcerpc::Ndr::NdrUint32
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to SAMR_CONNECT constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CONNECT)
+    end
+  end
+  it 'reads itself' do
+    new_class = described_class.new(server_name: 'TestServer', desired_access: 555)
+    expect(packet.read(new_class.to_binary_s)).to eq(
+      {server_name: 'TestServer'.encode('utf-16le'), desired_access: 555}
+    )
+  end
+end

data/spec/lib/ruby_smb/dcerpc/samr/samr_connect_response_spec.rb

@@ -0,0 +1,47 @@
+RSpec.describe RubySMB::Dcerpc::Samr::SamrConnectResponse do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :server_handle }
+  it { is_expected.to respond_to :error_status }
+  it { is_expected.to respond_to :opnum }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+  it 'is a BinData::Record' do
+    expect(packet).to be_a(BinData::Record)
+  end
+  describe '#server_handle' do
+    it 'is a SamprHandle structure' do
+      expect(packet.server_handle).to be_a RubySMB::Dcerpc::Samr::SamprHandle
+    end
+  end
+  describe '#error_status' do
+    it 'is a NdrUint32 structure' do
+      expect(packet.error_status).to be_a RubySMB::Dcerpc::Ndr::NdrUint32
+    end
+  end
+  describe '#initialize_instance' do
+    it 'sets #opnum to SAMR_CONNECT constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Samr::SAMR_CONNECT)
+    end
+  end
+  it 'reads itself' do
+    new_class = described_class.new(
+      server_handle: {
+        context_handle_attributes: 0,
+        context_handle_uuid: '2ef54a87-e29e-4d24-90e9-9da49b94449e'
+      },
+      error_status: 2
+    )
+    expect(packet.read(new_class.to_binary_s)).to eq(
+      {
+        server_handle: {
+          context_handle_attributes: 0,
+          context_handle_uuid: '2ef54a87-e29e-4d24-90e9-9da49b94449e'
+        },
+        error_status: 2
+      }
+    )
+  end
+end