ruby_smb 2.0.2 → 2.0.3

data/spec/lib/ruby_smb/dcerpc/winreg/create_key_request_spec.rb

@@ -0,0 +1,110 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::RpcHkey do
+  subject(:packet) { described_class.new }
+
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Winreg::CreateKeyRequest do
+  subject(:packet) { described_class.new }
+
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+
+  it { is_expected.to respond_to :hkey }
+  it { is_expected.to respond_to :lp_sub_key }
+  it { is_expected.to respond_to :pad1 }
+  it { is_expected.to respond_to :lp_class }
+  it { is_expected.to respond_to :pad2 }
+  it { is_expected.to respond_to :dw_options }
+  it { is_expected.to respond_to :sam_desired }
+  it { is_expected.to respond_to :lp_security_attributes }
+  it { is_expected.to respond_to :pad3 }
+  it { is_expected.to respond_to :lpdw_disposition }
+
+  describe '#hkey' do
+    it 'is a RpcHkey structure' do
+      expect(packet.hkey).to be_a RubySMB::Dcerpc::Winreg::RpcHkey
+    end
+  end
+
+  describe '#lp_sub_key' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_sub_key).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+
+  describe '#pad1' do
+    it 'is a string' do
+      expect(packet.pad1).to be_a BinData::String
+    end
+
+    it 'should keep #lp_class 4-byte aligned' do
+      packet.lp_sub_key = "test"
+      expect(packet.lp_class.abs_offset % 4).to eq 0
+    end
+  end
+
+  describe '#lp_class' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_class).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+
+  describe '#pad2' do
+    it 'is a string' do
+      expect(packet.pad1).to be_a BinData::String
+    end
+
+    it 'should keep #dw_options 4-byte aligned' do
+      packet.lp_class = "test"
+      expect(packet.dw_options.abs_offset % 4).to eq 0
+    end
+  end
+
+  describe '#dw_options' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.dw_options).to be_a BinData::Uint32le
+    end
+  end
+
+  describe '#sam_desired' do
+    it 'is a Regsam structure' do
+      expect(packet.sam_desired).to be_a RubySMB::Dcerpc::Winreg::Regsam
+    end
+  end
+
+  describe '#lp_security_attributes' do
+    it 'is a PrpcSecurityAttributes structure' do
+      expect(packet.lp_security_attributes).to be_a RubySMB::Dcerpc::PrpcSecurityAttributes
+    end
+  end
+
+  describe '#pad3' do
+    it 'is a string' do
+      expect(packet.pad1).to be_a BinData::String
+    end
+
+    it 'should keep #lpdw_disposition 4-byte aligned' do
+      sc = RubySMB::Dcerpc::RpcSecurityDescriptor.new(lp_security_descriptor: [1,2,3,4])
+      packet.lp_security_attributes = RubySMB::Dcerpc::RpcSecurityAttributes.new(rpc_security_descriptor: sc)
+      expect(packet.lpdw_disposition.abs_offset % 4).to eq 0
+    end
+  end
+
+  describe '#lpdw_disposition' do
+    it 'is a NdrLpDword structure' do
+      expect(packet.lpdw_disposition).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
+    end
+  end
+
+  describe '#initialize_instance' do
+   it 'sets #opnum to REG_CREATE_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_CREATE_KEY)
+    end
+  end
+end
+

data/spec/lib/ruby_smb/dcerpc/winreg/create_key_response_spec.rb

@@ -0,0 +1,44 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::PrpcHkey do
+  subject(:packet) { described_class.new }
+
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Winreg::CreateKeyResponse do
+  subject(:packet) { described_class.new }
+
+  it { is_expected.to respond_to :hkey }
+  it { is_expected.to respond_to :lpdw_disposition }
+  it { is_expected.to respond_to :error_status }
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+
+  describe '#hkey' do
+    it 'is a PrpcHkey structure' do
+      expect(packet.hkey).to be_a RubySMB::Dcerpc::Winreg::PrpcHkey
+    end
+  end
+
+  describe '#lpdw_disposition' do
+    it 'is a NdrLpDword structure' do
+      expect(packet.lpdw_disposition).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
+    end
+  end
+
+  describe '#error_status' do
+    it 'is a 32-bit unsigned integer' do
+      expect(packet.error_status).to be_a BinData::Uint32le
+    end
+  end
+
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_CREATE_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_CREATE_KEY)
+    end
+  end
+end
+

data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb

@@ -53,10 +53,6 @@ RSpec.describe RubySMB::Dcerpc::Winreg::EnumKeyRequest do
     it 'is a PrrpUnicodeString structure' do
       expect(packet.lp_class).to be_a RubySMB::Dcerpc::PrrpUnicodeString
     end
-
-    it 'has a initial value of 0' do
-      expect(packet.lp_class).to eq(0)
-    end
   end
 
   describe '#pad2' do

data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb

@@ -57,8 +57,8 @@ RSpec.describe RubySMB::Dcerpc::Winreg::EnumValueRequest do
   end
 
   describe '#lp_data' do
-    it 'is a NdrLpByte structure' do
-      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByte
+    it 'is a NdrLpByteArray structure' do
+      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByteArray
     end
   end
 

data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb

@@ -38,8 +38,8 @@ RSpec.describe RubySMB::Dcerpc::Winreg::EnumValueResponse do
   end
 
   describe '#lp_data' do
-    it 'is a NdrLpByte structure' do
-      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByte
+    it 'is a NdrLpByteArray structure' do
+      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByteArray
     end
   end
 

data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb

@@ -1,6 +1,6 @@
 RSpec.describe RubySMB::Dcerpc::Winreg::PRegistryServerName do
-  it 'is NdrTopLevelFullPointer subclass' do
-    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrTopLevelFullPointer
+  it 'is NdrPointer subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrPointer
   end
 
   subject(:packet) { described_class.new }
@@ -16,6 +16,11 @@ RSpec.describe RubySMB::Dcerpc::Winreg::PRegistryServerName do
       expect(packet.referent).to be_a RubySMB::Field::String16
     end
 
+    it 'only exists if #referent_id is not 0' do
+      packet.referent_id = 0
+      expect(packet.referent?).to be false
+    end
+
     it 'reads 4-bytes' do
       str = 'spec_test'.encode('utf-16le')
       packet.referent.read(str)
@@ -55,8 +60,8 @@ RSpec.describe RubySMB::Dcerpc::Winreg::OpenRootKeyRequest do
       end
     end
 
-    it 'sets #p_registry_server_name.referent to NULL unicode value' do
-      expect(packet.p_registry_server_name.referent).to eq("\0\0".encode('utf-16le'))
+    it 'sets #p_registry_server_name.referent to :null' do
+      expect(packet.p_registry_server_name).to eq(:null)
     end
 
     context 'when #opnum is not OPEN_HKPD, OPEN_HKPT or OPEN_HKPN' do

data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb

@@ -25,10 +25,6 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryInfoKeyRequest do
     it 'is a RrpUnicodeString structure' do
       expect(packet.lp_class).to be_a RubySMB::Dcerpc::RrpUnicodeString
     end
-
-    it 'has an initial value of 0' do
-      expect(packet.lp_class).to eq(0)
-    end
   end
 
   describe '#initialize_instance' do

data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb

@@ -9,9 +9,10 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueRequest do
 
   it { is_expected.to respond_to :hkey }
   it { is_expected.to respond_to :lp_value_name }
-  it { is_expected.to respond_to :pad }
+  it { is_expected.to respond_to :pad1 }
   it { is_expected.to respond_to :lp_type }
   it { is_expected.to respond_to :lp_data }
+  it { is_expected.to respond_to :pad2 }
   it { is_expected.to respond_to :lpcb_data }
   it { is_expected.to respond_to :lpcb_len }
   it { is_expected.to respond_to :opnum }
@@ -32,9 +33,9 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueRequest do
     end
   end
 
-  describe '#pad' do
+  describe '#pad1' do
     it 'is a string' do
-      expect(packet.pad).to be_a BinData::String
+      expect(packet.pad1).to be_a BinData::String
     end
 
     it 'should keep #lp_type 4-byte aligned' do
@@ -50,8 +51,8 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueRequest do
   end
 
   describe '#lp_data' do
-    it 'is a NdrLpByte structure' do
-      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByte
+    it 'is a NdrLpByteArray structure' do
+      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByteArray
     end
   end
 
@@ -61,6 +62,17 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueRequest do
     end
   end
 
+  describe '#pad2' do
+    it 'is a string' do
+      expect(packet.pad2).to be_a BinData::String
+    end
+
+    it 'should keep #lpcb_data 4-byte aligned' do
+      packet.lp_data = [1, 2]
+      expect(packet.lpcb_data.abs_offset % 4).to eq 0
+    end
+  end
+
   describe '#lpcb_len' do
     it 'is a NdrLpDword structure' do
       expect(packet.lpcb_len).to be_a RubySMB::Dcerpc::Ndr::NdrLpDword
@@ -72,17 +84,5 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueRequest do
       expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_QUERY_VALUE)
     end
   end
-
-  describe '#pad_length' do
-    it 'returns 0 when #lp_type is already 4-byte aligned' do
-      packet.lp_value_name = 'align'
-      expect(packet.pad_length).to eq 0
-    end
-
-    it 'returns 2 when #lp_type is only 2-byte aligned' do
-      packet.lp_value_name = 'align' + 'A'
-      expect(packet.pad_length).to eq 2
-    end
-  end
 end
 

data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb

@@ -20,8 +20,8 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
   end
 
   describe '#lp_data' do
-    it 'is a NdrLpByte structure' do
-      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByte
+    it 'is a NdrLpByteArray structure' do
+      expect(packet.lp_data).to be_a RubySMB::Dcerpc::Ndr::NdrLpByteArray
     end
   end
 
@@ -31,7 +31,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
     end
 
     it 'should keep #lpcb_data 4-byte aligned' do
-      packet.lp_data.bytes = 'spec_test'.bytes
+      packet.lp_data = 'spec_test'.bytes
       expect(packet.lpcb_data.abs_offset % 4).to eq 0
     end
   end
@@ -60,24 +60,12 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
     end
   end
 
-  describe '#pad_length' do
-    it 'returns 0 when #lpcb_data is already 4-byte aligned' do
-      packet.lp_data.bytes = 'aligned.'.bytes
-      expect(packet.pad_length).to eq 0
-    end
-
-    it 'returns 2 when #lpcb_data is only 2-byte aligned' do
-      packet.lp_data.bytes = 'not aligned'.bytes
-      expect(packet.pad_length).to eq 1
-    end
-  end
-
   describe '#data' do
     context 'when #lp_type is 1 (unicode null-terminated string)' do
       it 'returns the expected value' do
         str = 'spec test string'.encode('utf-16le')
         packet.lp_type = 1
-        packet.lp_data.bytes = str.bytes
+        packet.lp_data = str.bytes
         expect(packet.data).to eq(str)
       end
     end
@@ -86,7 +74,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns the expected value' do
         str = '/%PATH%/foo'.encode('utf-16le')
         packet.lp_type = 2
-        packet.lp_data.bytes = str.bytes
+        packet.lp_data = str.bytes
         expect(packet.data).to eq(str)
       end
     end
@@ -95,7 +83,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns the expected value' do
         bytes = [0xFF, 0xEE, 0xDD, 0xCC].pack('C*')
         packet.lp_type = 3
-        packet.lp_data.bytes = bytes.bytes
+        packet.lp_data = bytes.bytes
         expect(packet.data).to eq(bytes)
       end
     end
@@ -104,7 +92,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns the expected value' do
         number = 12345
         packet.lp_type = 4
-        packet.lp_data.bytes = [number].pack('V').bytes
+        packet.lp_data = [number].pack('V').bytes
         expect(packet.data).to eq(number)
       end
     end
@@ -113,7 +101,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns the expected value' do
         number = 12345
         packet.lp_type = 5
-        packet.lp_data.bytes = [number].pack('N').bytes
+        packet.lp_data = [number].pack('N').bytes
         expect(packet.data).to eq(number)
       end
     end
@@ -124,7 +112,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
         null_byte = "\0".encode('utf-16le')
         str = (str_array + [null_byte]).join(null_byte)
         packet.lp_type = 7
-        packet.lp_data.bytes = str.bytes
+        packet.lp_data = str.bytes
         expect(packet.data).to eq(str_array)
       end
     end
@@ -133,7 +121,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns the expected value' do
         number = 0x1234567812345678
         packet.lp_type = 11
-        packet.lp_data.bytes = [number].pack('Q<').bytes
+        packet.lp_data = [number].pack('Q<').bytes
         expect(packet.data).to eq(number)
       end
     end
@@ -142,7 +130,7 @@ RSpec.describe RubySMB::Dcerpc::Winreg::QueryValueResponse do
       it 'returns an empty string' do
         str = 'test'
         packet.lp_type = 6
-        packet.lp_data.bytes = str.bytes
+        packet.lp_data = str.bytes
         expect(packet.data).to eq('')
       end
     end

data/spec/lib/ruby_smb/dcerpc/winreg/save_key_request_spec.rb

@@ -0,0 +1,57 @@
+RSpec.describe RubySMB::Dcerpc::Winreg::RpcHkey do
+  subject(:packet) { described_class.new }
+
+  it 'is NdrContextHandle subclass' do
+    expect(described_class).to be < RubySMB::Dcerpc::Ndr::NdrContextHandle
+  end
+end
+
+RSpec.describe RubySMB::Dcerpc::Winreg::SaveKeyRequest do
+  subject(:packet) { described_class.new }
+
+
+  it 'is little endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
+  end
+
+  it { is_expected.to respond_to :hkey }
+  it { is_expected.to respond_to :lp_file }
+  it { is_expected.to respond_to :pad }
+  it { is_expected.to respond_to :lp_security_attributes }
+
+  describe '#hkey' do
+    it 'is a RpcHkey structure' do
+      expect(packet.hkey).to be_a RubySMB::Dcerpc::Winreg::RpcHkey
+    end
+  end
+
+  describe '#lp_file' do
+    it 'is a RrpUnicodeString structure' do
+      expect(packet.lp_file).to be_a RubySMB::Dcerpc::RrpUnicodeString
+    end
+  end
+
+  describe '#pad' do
+    it 'is a string' do
+      expect(packet.pad).to be_a BinData::String
+    end
+
+    it 'should keep #lp_security_attributes 4-byte aligned' do
+      packet.lp_file = "test"
+      expect(packet.lp_security_attributes.abs_offset % 4).to eq 0
+    end
+  end
+
+  describe '#lp_security_attributes' do
+    it 'is a PrpcSecurityAttributes structure' do
+      expect(packet.lp_security_attributes).to be_a RubySMB::Dcerpc::PrpcSecurityAttributes
+    end
+  end
+
+  describe '#initialize_instance' do
+    it 'sets #opnum to REG_SAVE_KEY constant' do
+      expect(packet.opnum).to eq(RubySMB::Dcerpc::Winreg::REG_SAVE_KEY)
+    end
+  end
+end
+