ruby_smb 2.0.9 → 2.0.13
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/.github/workflows/verify.yml +5 -15
- data/examples/auth_capture.rb +71 -0
- data/examples/dump_secrets_from_sid.rb +207 -0
- data/examples/enum_domain_users.rb +75 -0
- data/examples/get_computer_info.rb +42 -0
- data/examples/query_service_status.rb +42 -4
- data/lib/ruby_smb/client/negotiation.rb +1 -1
- data/lib/ruby_smb/client.rb +10 -20
- data/lib/ruby_smb/dcerpc/bind.rb +28 -20
- data/lib/ruby_smb/dcerpc/bind_ack.rb +29 -28
- data/lib/ruby_smb/dcerpc/client.rb +542 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_bind_request.rb +24 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_bind_response.rb +26 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_crack_names_request.rb +57 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_crack_names_response.rb +76 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_domain_controller_info_request.rb +46 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_domain_controller_info_response.rb +168 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_extensions.rb +56 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_get_nc_changes_request.rb +121 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_get_nc_changes_response.rb +118 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_unbind_request.rb +24 -0
- data/lib/ruby_smb/dcerpc/drsr/drs_unbind_response.rb +26 -0
- data/lib/ruby_smb/dcerpc/drsr.rb +909 -0
- data/lib/ruby_smb/dcerpc/epm/epm_ept_map_request.rb +26 -0
- data/lib/ruby_smb/dcerpc/epm/epm_ept_map_response.rb +25 -0
- data/lib/ruby_smb/dcerpc/epm/epm_twrt.rb +211 -0
- data/lib/ruby_smb/dcerpc/epm.rb +75 -0
- data/lib/ruby_smb/dcerpc/error.rb +17 -0
- data/lib/ruby_smb/dcerpc/ndr.rb +1159 -297
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_request.rb +3 -13
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_response.rb +3 -3
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_request.rb +3 -13
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_request.rb +3 -11
- data/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/netlogon.rb +5 -4
- data/lib/ruby_smb/dcerpc/p_syntax_id_t.rb +4 -3
- data/lib/ruby_smb/dcerpc/pdu_header.rb +7 -7
- data/lib/ruby_smb/dcerpc/ptypes.rb +1 -0
- data/lib/ruby_smb/dcerpc/request.rb +79 -32
- data/lib/ruby_smb/dcerpc/response.rb +45 -10
- data/lib/ruby_smb/dcerpc/rpc_auth3.rb +28 -0
- data/lib/ruby_smb/dcerpc/rpc_security_attributes.rb +11 -11
- data/lib/ruby_smb/dcerpc/rrp_rpc_unicode_string.rb +118 -0
- data/lib/ruby_smb/dcerpc/samr/rpc_sid.rb +150 -0
- data/lib/ruby_smb/dcerpc/samr/samr_close_handle_request.rb +23 -0
- data/lib/ruby_smb/dcerpc/samr/samr_close_handle_response.rb +24 -0
- data/lib/ruby_smb/dcerpc/samr/samr_connect_request.rb +32 -0
- data/lib/ruby_smb/dcerpc/samr/samr_connect_response.rb +23 -0
- data/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request.rb +26 -0
- data/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response.rb +55 -0
- data/lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_request.rb +48 -0
- data/lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_response.rb +38 -0
- data/lib/ruby_smb/dcerpc/samr/samr_get_groups_for_user_request.rb +23 -0
- data/lib/ruby_smb/dcerpc/samr/samr_get_groups_for_user_response.rb +48 -0
- data/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request.rb +24 -0
- data/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response.rb +25 -0
- data/lib/ruby_smb/dcerpc/samr/samr_open_domain_request.rb +27 -0
- data/lib/ruby_smb/dcerpc/samr/samr_open_domain_response.rb +24 -0
- data/lib/ruby_smb/dcerpc/samr/samr_open_user_request.rb +26 -0
- data/lib/ruby_smb/dcerpc/samr/samr_open_user_response.rb +24 -0
- data/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request.rb +23 -0
- data/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response.rb +23 -0
- data/lib/ruby_smb/dcerpc/samr.rb +613 -0
- data/lib/ruby_smb/dcerpc/sec_trailer.rb +26 -0
- data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +56 -79
- data/lib/ruby_smb/dcerpc/srvsvc.rb +27 -4
- data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request.rb +13 -25
- data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response.rb +2 -2
- data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/control_service_request.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/control_service_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request.rb +4 -14
- data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/open_service_w_request.rb +3 -11
- data/lib/ruby_smb/dcerpc/svcctl/open_service_w_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response.rb +12 -11
- data/lib/ruby_smb/dcerpc/svcctl/query_service_status_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl/service_status.rb +9 -8
- data/lib/ruby_smb/dcerpc/svcctl/start_service_w_request.rb +3 -3
- data/lib/ruby_smb/dcerpc/svcctl/start_service_w_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/svcctl.rb +1 -3
- data/lib/ruby_smb/dcerpc/uuid.rb +3 -0
- data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +2 -2
- data/lib/ruby_smb/dcerpc/winreg/create_key_request.rb +2 -13
- data/lib/ruby_smb/dcerpc/winreg/create_key_response.rb +3 -3
- data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +3 -20
- data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +3 -20
- data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +5 -14
- data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +5 -14
- data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +1 -9
- data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +4 -3
- data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +5 -6
- data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +2 -2
- data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +9 -18
- data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +4 -14
- data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +7 -15
- data/lib/ruby_smb/dcerpc/winreg/regsam.rb +3 -1
- data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb +0 -9
- data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb +1 -1
- data/lib/ruby_smb/dcerpc/winreg.rb +10 -14
- data/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_request.rb +26 -0
- data/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_response.rb +88 -0
- data/lib/ruby_smb/dcerpc/wkssvc.rb +65 -0
- data/lib/ruby_smb/dcerpc.rb +41 -11
- data/lib/ruby_smb/dialect.rb +45 -0
- data/lib/ruby_smb/dispatcher/base.rb +1 -1
- data/lib/ruby_smb/field/file_time.rb +1 -1
- data/lib/ruby_smb/field/string16.rb +5 -1
- data/lib/ruby_smb/gss/provider/authenticator.rb +42 -0
- data/lib/ruby_smb/gss/provider/ntlm.rb +303 -0
- data/lib/ruby_smb/gss/provider.rb +35 -0
- data/lib/ruby_smb/gss.rb +56 -63
- data/lib/ruby_smb/ntlm.rb +61 -0
- data/lib/ruby_smb/server/server_client/negotiation.rb +156 -0
- data/lib/ruby_smb/server/server_client/session_setup.rb +82 -0
- data/lib/ruby_smb/server/server_client.rb +162 -0
- data/lib/ruby_smb/server.rb +54 -0
- data/lib/ruby_smb/signing.rb +59 -0
- data/lib/ruby_smb/smb1/packet/negotiate_response.rb +11 -11
- data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +1 -1
- data/lib/ruby_smb/smb1/packet/session_setup_request.rb +1 -1
- data/lib/ruby_smb/smb1/pipe.rb +4 -0
- data/lib/ruby_smb/smb1/tree.rb +1 -1
- data/lib/ruby_smb/smb2/negotiate_context.rb +18 -2
- data/lib/ruby_smb/smb2/packet/negotiate_request.rb +9 -0
- data/lib/ruby_smb/smb2/packet/negotiate_response.rb +0 -1
- data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -2
- data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +1 -1
- data/lib/ruby_smb/smb2/pipe.rb +4 -0
- data/lib/ruby_smb/smb2/tree.rb +1 -1
- data/lib/ruby_smb/smb2.rb +3 -1
- data/lib/ruby_smb/version.rb +1 -1
- data/lib/ruby_smb.rb +2 -1
- data/spec/lib/ruby_smb/client_spec.rb +8 -11
- data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +69 -41
- data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +75 -21
- data/spec/lib/ruby_smb/dcerpc/client_spec.rb +714 -0
- data/spec/lib/ruby_smb/dcerpc/drsr_spec.rb +2169 -0
- data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +3792 -1373
- data/spec/lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_request_spec.rb +4 -4
- data/spec/lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_request_spec.rb +4 -4
- data/spec/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_request_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/p_syntax_id_t_spec.rb +18 -4
- data/spec/lib/ruby_smb/dcerpc/pdu_header_spec.rb +27 -1
- data/spec/lib/ruby_smb/dcerpc/request_spec.rb +76 -11
- data/spec/lib/ruby_smb/dcerpc/response_spec.rb +99 -9
- data/spec/lib/ruby_smb/dcerpc/rpc_auth3_spec.rb +75 -0
- data/spec/lib/ruby_smb/dcerpc/rpc_security_attributes_spec.rb +29 -28
- data/spec/lib/ruby_smb/dcerpc/rrp_rpc_unicode_string_spec.rb +340 -0
- data/spec/lib/ruby_smb/dcerpc/samr/rpc_sid_spec.rb +116 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_request_spec.rb +40 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_response_spec.rb +48 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_connect_request_spec.rb +56 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_connect_response_spec.rb +47 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request_spec.rb +63 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response_spec.rb +265 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request_spec.rb +52 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response_spec.rb +36 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_request_spec.rb +56 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_response_spec.rb +48 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request_spec.rb +48 -0
- data/spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response_spec.rb +42 -0
- data/spec/lib/ruby_smb/dcerpc/samr_spec.rb +420 -0
- data/spec/lib/ruby_smb/dcerpc/sec_trailer_spec.rb +92 -0
- data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +149 -110
- data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +21 -17
- data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request_spec.rb +56 -79
- data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response_spec.rb +4 -4
- data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_request_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request_spec.rb +19 -29
- data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_request_spec.rb +9 -15
- data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response_spec.rb +22 -22
- data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl/service_status_spec.rb +18 -14
- data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_request_spec.rb +5 -4
- data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/svcctl_spec.rb +1 -5
- data/spec/lib/ruby_smb/dcerpc/uuid_spec.rb +15 -23
- data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/winreg/create_key_request_spec.rb +4 -41
- data/spec/lib/ruby_smb/dcerpc/winreg/create_key_response_spec.rb +4 -4
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +4 -52
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +4 -56
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +10 -34
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +10 -34
- data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +2 -26
- data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +17 -25
- data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +20 -44
- data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +8 -32
- data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +10 -22
- data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +4 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/save_key_request_spec.rb +0 -12
- data/spec/lib/ruby_smb/dcerpc/winreg/save_key_response_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +18 -47
- data/spec/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_request_spec.rb +43 -0
- data/spec/lib/ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_response_spec.rb +410 -0
- data/spec/lib/ruby_smb/dcerpc/wkssvc_spec.rb +70 -0
- data/spec/lib/ruby_smb/field/string16_spec.rb +22 -0
- data/spec/lib/ruby_smb/gss/provider/ntlm/account_spec.rb +32 -0
- data/spec/lib/ruby_smb/gss/provider/ntlm/authenticator_spec.rb +101 -0
- data/spec/lib/ruby_smb/gss/provider/ntlm/os_version_spec.rb +32 -0
- data/spec/lib/ruby_smb/gss/provider/ntlm_spec.rb +113 -0
- data/spec/lib/ruby_smb/server/server_client_spec.rb +156 -0
- data/spec/lib/ruby_smb/server_spec.rb +32 -0
- data/spec/lib/ruby_smb/smb1/pipe_spec.rb +18 -37
- data/spec/lib/ruby_smb/smb1/tree_spec.rb +4 -4
- data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +2 -2
- data/spec/lib/ruby_smb/smb2/pipe_spec.rb +18 -16
- data/spec/lib/ruby_smb/smb2/tree_spec.rb +5 -5
- data/spec/support/bin_helper.rb +9 -0
- data.tar.gz.sig +2 -1
- metadata +119 -6
- metadata.gz.sig +0 -0
- data/lib/ruby_smb/client/signing.rb +0 -64
- data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +0 -38
- data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +0 -135
@@ -12,27 +12,18 @@ module RubySMB
|
|
12
12
|
endian :little
|
13
13
|
|
14
14
|
rpc_hkey :hkey
|
15
|
-
|
15
|
+
ndr_uint32 :dw_index
|
16
16
|
rrp_unicode_string :lp_value_name
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
ndr_lp_dword :lpcb_len
|
17
|
+
ndr_uint32_ptr :lp_type
|
18
|
+
ndr_byte_array_ptr :lp_data
|
19
|
+
ndr_uint32_ptr :lpcb_data
|
20
|
+
ndr_uint32_ptr :lpcb_len
|
22
21
|
|
23
22
|
def initialize_instance
|
24
23
|
super
|
25
24
|
@opnum = REG_ENUM_VALUE
|
26
25
|
end
|
27
|
-
|
28
|
-
# Determines the correct length for the padding in front of
|
29
|
-
# #lp_type. It should always force a 4-byte alignment.
|
30
|
-
def pad_length
|
31
|
-
offset = (lp_value_name.abs_offset + lp_value_name.to_binary_s.length) % 4
|
32
|
-
(4 - offset) % 4
|
33
|
-
end
|
34
26
|
end
|
35
|
-
|
36
27
|
end
|
37
28
|
end
|
38
29
|
end
|
@@ -10,26 +10,17 @@ module RubySMB
|
|
10
10
|
endian :little
|
11
11
|
|
12
12
|
rrp_unicode_string :lp_value_name
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
uint32 :error_status
|
13
|
+
ndr_uint32_ptr :lp_type
|
14
|
+
ndr_byte_array_ptr :lp_data
|
15
|
+
ndr_uint32_ptr :lpcb_data
|
16
|
+
ndr_uint32_ptr :lpcb_len
|
17
|
+
ndr_uint32 :error_status
|
19
18
|
|
20
19
|
def initialize_instance
|
21
20
|
super
|
22
21
|
@opnum = REG_ENUM_VALUE
|
23
22
|
end
|
24
|
-
|
25
|
-
# Determines the correct length for the padding in front of
|
26
|
-
# #lp_type. It should always force a 4-byte alignment.
|
27
|
-
def pad_length
|
28
|
-
offset = (lp_value_name.abs_offset + lp_value_name.to_binary_s.length) % 4
|
29
|
-
(4 - offset) % 4
|
30
|
-
end
|
31
23
|
end
|
32
|
-
|
33
24
|
end
|
34
25
|
end
|
35
26
|
end
|
@@ -13,21 +13,13 @@ module RubySMB
|
|
13
13
|
|
14
14
|
rpc_hkey :hkey
|
15
15
|
rrp_unicode_string :lp_sub_key
|
16
|
-
|
17
|
-
uint32 :dw_options
|
16
|
+
ndr_uint32 :dw_options
|
18
17
|
regsam :sam_desired
|
19
18
|
|
20
19
|
def initialize_instance
|
21
20
|
super
|
22
21
|
@opnum = REG_OPEN_KEY
|
23
22
|
end
|
24
|
-
|
25
|
-
# Determines the correct length for the padding in front of
|
26
|
-
# #dw_options. It should always force a 4-byte alignment.
|
27
|
-
def pad_length
|
28
|
-
offset = (lp_sub_key.abs_offset + lp_sub_key.to_binary_s.length) % 4
|
29
|
-
(4 - offset) % 4
|
30
|
-
end
|
31
23
|
end
|
32
24
|
end
|
33
25
|
end
|
@@ -9,9 +9,10 @@ module RubySMB
|
|
9
9
|
class OpenKeyResponse < BinData::Record
|
10
10
|
attr_reader :opnum
|
11
11
|
|
12
|
-
endian
|
13
|
-
|
14
|
-
|
12
|
+
endian :little
|
13
|
+
|
14
|
+
prpc_hkey :phk_result
|
15
|
+
ndr_uint32 :error_status
|
15
16
|
|
16
17
|
def initialize_instance
|
17
18
|
super
|
@@ -4,10 +4,9 @@ module RubySMB
|
|
4
4
|
|
5
5
|
# This class represents a PREGISTRY_SERVER_NAME structure as defined in
|
6
6
|
# [2.2.2 PREGISTRY_SERVER_NAME](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/8bcd15fd-1aa5-44e2-8662-112ec3e9817b)
|
7
|
-
class PRegistryServerName <
|
8
|
-
|
9
|
-
|
10
|
-
string16 :referent, onlyif: -> { self.referent_id != 0 }, read_length: -> { 4 }
|
7
|
+
class PRegistryServerName < BinData::Array
|
8
|
+
default_parameter type: :ndr_wide_char, referent_byte_align: 2
|
9
|
+
extend Ndr::PointerClassPlugin
|
11
10
|
end
|
12
11
|
|
13
12
|
# This class is a generic class that represents OpenXXX Request packet,
|
@@ -27,13 +26,13 @@ module RubySMB
|
|
27
26
|
attr_reader :opnum
|
28
27
|
|
29
28
|
endian :little
|
30
|
-
p_registry_server_name :
|
29
|
+
p_registry_server_name :server_name
|
31
30
|
regsam :sam_desired
|
32
31
|
|
33
32
|
def initialize_instance
|
34
33
|
super
|
35
34
|
@opnum = get_parameter(:opnum) if has_parameter?(:opnum)
|
36
|
-
self.
|
35
|
+
self.server_name = :null
|
37
36
|
self.sam_desired.maximum = 1 unless [OPEN_HKPD, OPEN_HKPT, OPEN_HKPN].include?(@opnum)
|
38
37
|
end
|
39
38
|
end
|
@@ -9,30 +9,21 @@ module RubySMB
|
|
9
9
|
endian :little
|
10
10
|
|
11
11
|
rrp_unicode_string :lp_class, initial_value: 0
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
|
21
|
-
uint32 :error_status
|
12
|
+
ndr_uint32 :lpc_sub_keys
|
13
|
+
ndr_uint32 :lpc_max_sub_key_len
|
14
|
+
ndr_uint32 :lpc_max_class_len
|
15
|
+
ndr_uint32 :lpc_values
|
16
|
+
ndr_uint32 :lpcb_max_value_name_len
|
17
|
+
ndr_uint32 :lpcb_max_value_len
|
18
|
+
ndr_uint32 :lpcb_security_descriptor
|
19
|
+
ndr_file_time :lpft_last_write_time
|
20
|
+
ndr_uint32 :error_status
|
22
21
|
|
23
22
|
def initialize_instance
|
24
23
|
super
|
25
24
|
@opnum = REG_QUERY_INFO_KEY
|
26
25
|
end
|
27
|
-
|
28
|
-
# Determines the correct length for the padding in front of
|
29
|
-
# #lpc_sub_keys. It should always force a 4-byte alignment.
|
30
|
-
def pad_length
|
31
|
-
offset = (lp_class.abs_offset + lp_class.to_binary_s.length) % 4
|
32
|
-
(4 - offset) % 4
|
33
|
-
end
|
34
26
|
end
|
35
|
-
|
36
27
|
end
|
37
28
|
end
|
38
29
|
end
|
@@ -13,26 +13,16 @@ module RubySMB
|
|
13
13
|
|
14
14
|
rpc_hkey :hkey
|
15
15
|
rrp_unicode_string :lp_value_name
|
16
|
-
|
17
|
-
|
18
|
-
|
19
|
-
|
20
|
-
ndr_lp_dword :lpcb_data
|
21
|
-
ndr_lp_dword :lpcb_len
|
16
|
+
ndr_uint32_ptr :lp_type
|
17
|
+
ndr_byte_array_ptr :lp_data
|
18
|
+
ndr_uint32_ptr :lpcb_data
|
19
|
+
ndr_uint32_ptr :lpcb_len
|
22
20
|
|
23
21
|
def initialize_instance
|
24
22
|
super
|
25
23
|
@opnum = REG_QUERY_VALUE
|
26
24
|
end
|
27
|
-
|
28
|
-
# Determines the correct length for the padding, so that the next
|
29
|
-
# field is 4-byte aligned.
|
30
|
-
def pad_length(prev_element)
|
31
|
-
offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
|
32
|
-
(4 - offset) % 4
|
33
|
-
end
|
34
25
|
end
|
35
|
-
|
36
26
|
end
|
37
27
|
end
|
38
28
|
end
|
@@ -9,29 +9,21 @@ module RubySMB
|
|
9
9
|
|
10
10
|
endian :little
|
11
11
|
|
12
|
-
|
13
|
-
|
14
|
-
|
15
|
-
|
16
|
-
|
17
|
-
uint32 :error_status
|
12
|
+
ndr_uint32_ptr :lp_type
|
13
|
+
ndr_byte_array_ptr :lp_data
|
14
|
+
ndr_uint32_ptr :lpcb_data
|
15
|
+
ndr_uint32_ptr :lpcb_len
|
16
|
+
ndr_uint32 :error_status
|
18
17
|
|
19
18
|
def initialize_instance
|
20
19
|
super
|
21
20
|
@opnum = REG_QUERY_VALUE
|
22
21
|
end
|
23
22
|
|
24
|
-
# Determines the correct length for the padding, so that the next
|
25
|
-
# field is 4-byte aligned.
|
26
|
-
def pad_length(prev_element)
|
27
|
-
offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
|
28
|
-
(4 - offset) % 4
|
29
|
-
end
|
30
|
-
|
31
23
|
# Returns the data portion of the registry value formatted according to its type:
|
32
24
|
# [3.1.1.5 Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/3d64dbea-f016-4373-8cac-e43bf343837d)
|
33
25
|
def data
|
34
|
-
bytes = lp_data.
|
26
|
+
bytes = lp_data.to_a.pack('C*')
|
35
27
|
case lp_type
|
36
28
|
when 1,2
|
37
29
|
bytes.force_encoding('utf-16le').strip
|
@@ -47,7 +39,7 @@ module RubySMB
|
|
47
39
|
when 11
|
48
40
|
bytes.unpack('Q<').first
|
49
41
|
else
|
50
|
-
|
42
|
+
''
|
51
43
|
end
|
52
44
|
end
|
53
45
|
|
@@ -5,8 +5,10 @@ module RubySMB
|
|
5
5
|
# This class represents a REGSAM structure as defined in
|
6
6
|
# [2.2.3 REGSAM](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/fefbc801-b141-4bb1-9dcb-bf366da3ae7e)
|
7
7
|
# [2.4.3 ACCESS_MASK](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/7a53f60e-e730-4dfe-bbe9-b21b62eb790b)
|
8
|
-
class Regsam <
|
8
|
+
class Regsam < Ndr::NdrStruct
|
9
|
+
default_parameter byte_align: 4
|
9
10
|
endian :little
|
11
|
+
|
10
12
|
bit2 :reserved, label: 'Reserved Space'
|
11
13
|
bit1 :key_create_link, label: 'Key Create Link'
|
12
14
|
bit1 :key_notify, label: 'Key Notify'
|
@@ -13,22 +13,13 @@ module RubySMB
|
|
13
13
|
|
14
14
|
rpc_hkey :hkey
|
15
15
|
rrp_unicode_string :lp_file
|
16
|
-
string :pad, length: -> { pad_length(self.lp_file) }
|
17
16
|
prpc_security_attributes :lp_security_attributes
|
18
17
|
|
19
18
|
def initialize_instance
|
20
19
|
super
|
21
20
|
@opnum = REG_SAVE_KEY
|
22
21
|
end
|
23
|
-
|
24
|
-
# Determines the correct length for the padding, so that the next
|
25
|
-
# field is 4-byte aligned.
|
26
|
-
def pad_length(prev_element)
|
27
|
-
offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
|
28
|
-
(4 - offset) % 4
|
29
|
-
end
|
30
22
|
end
|
31
|
-
|
32
23
|
end
|
33
24
|
end
|
34
25
|
end
|
@@ -63,6 +63,8 @@ module RubySMB
|
|
63
63
|
"HKPN" => OPEN_HKPN
|
64
64
|
}
|
65
65
|
|
66
|
+
BUFFER_SIZE = 1024
|
67
|
+
|
66
68
|
# Open the registry root key and return a handle for it. The key can be
|
67
69
|
# either a long format (e.g. HKEY_LOCAL_MACHINE) or a short format
|
68
70
|
# (e.g. HKLM)
|
@@ -147,7 +149,7 @@ module RubySMB
|
|
147
149
|
|
148
150
|
query_value_request_packet.lpcb_data = query_value_response.lpcb_data
|
149
151
|
query_value_request_packet.lp_data = []
|
150
|
-
query_value_request_packet.lp_data.
|
152
|
+
query_value_request_packet.lp_data.max_count = query_value_response.lpcb_data.to_i
|
151
153
|
response = dcerpc_request(query_value_request_packet)
|
152
154
|
begin
|
153
155
|
query_value_response = RubySMB::Dcerpc::Winreg::QueryValueResponse.read(response)
|
@@ -193,10 +195,7 @@ module RubySMB
|
|
193
195
|
# @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
|
194
196
|
def query_info_key(handle)
|
195
197
|
query_info_key_request_packet = RubySMB::Dcerpc::Winreg::QueryInfoKeyRequest.new(hkey: handle)
|
196
|
-
query_info_key_request_packet.lp_class
|
197
|
-
query_info_key_request_packet.lp_class.referent.actual_count = 0
|
198
|
-
query_info_key_request_packet.lp_class.maximum_length = 1024
|
199
|
-
query_info_key_request_packet.lp_class.buffer.referent.max_count = 1024 / 2
|
198
|
+
query_info_key_request_packet.lp_class.set_max_buffer_size(BUFFER_SIZE)
|
200
199
|
response = dcerpc_request(query_info_key_request_packet)
|
201
200
|
begin
|
202
201
|
query_info_key_response = RubySMB::Dcerpc::Winreg::QueryInfoKeyResponse.read(response)
|
@@ -220,11 +219,9 @@ module RubySMB
|
|
220
219
|
# @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
|
221
220
|
def enum_key(handle, index)
|
222
221
|
enum_key_request_packet = RubySMB::Dcerpc::Winreg::EnumKeyRequest.new(hkey: handle, dw_index: index)
|
223
|
-
|
224
|
-
enum_key_request_packet.lp_class
|
225
|
-
enum_key_request_packet.
|
226
|
-
enum_key_request_packet.lp_name.buffer = ''
|
227
|
-
enum_key_request_packet.lp_name.buffer.referent.max_count = 256
|
222
|
+
# `lp_class` cannot be null, even if it contains no value
|
223
|
+
enum_key_request_packet.lp_class.instantiate_referent
|
224
|
+
enum_key_request_packet.lp_name.set_max_buffer_size(BUFFER_SIZE)
|
228
225
|
response = dcerpc_request(enum_key_request_packet)
|
229
226
|
begin
|
230
227
|
enum_key_response = RubySMB::Dcerpc::Winreg::EnumKeyResponse.read(response)
|
@@ -236,7 +233,7 @@ module RubySMB
|
|
236
233
|
"#{WindowsError::Win32.find_by_retval(enum_key_response.error_status.value).join(',')}"
|
237
234
|
end
|
238
235
|
|
239
|
-
enum_key_response.lp_name
|
236
|
+
enum_key_response.lp_name[:buffer]
|
240
237
|
end
|
241
238
|
|
242
239
|
# Enumerate the value at the specified index for the specified registry key.
|
@@ -248,8 +245,7 @@ module RubySMB
|
|
248
245
|
# @raise [RubySMB::Dcerpc::Error::WinregError] if the response error status is not ERROR_SUCCESS
|
249
246
|
def enum_value(handle, index)
|
250
247
|
enum_value_request_packet = RubySMB::Dcerpc::Winreg::EnumValueRequest.new(hkey: handle, dw_index: index)
|
251
|
-
enum_value_request_packet.lp_value_name.
|
252
|
-
enum_value_request_packet.lp_value_name.buffer.referent.max_count = 256
|
248
|
+
enum_value_request_packet.lp_value_name.set_max_buffer_size(BUFFER_SIZE)
|
253
249
|
response = dcerpc_request(enum_value_request_packet)
|
254
250
|
begin
|
255
251
|
enum_value_response = RubySMB::Dcerpc::Winreg::EnumValueResponse.read(response)
|
@@ -261,7 +257,7 @@ module RubySMB
|
|
261
257
|
"#{WindowsError::Win32.find_by_retval(enum_value_response.error_status.value).join(',')}"
|
262
258
|
end
|
263
259
|
|
264
|
-
enum_value_response.lp_value_name
|
260
|
+
enum_value_response.lp_value_name[:buffer]
|
265
261
|
end
|
266
262
|
|
267
263
|
# Creates the specified registry key and returns a handle to the newly created key
|
@@ -0,0 +1,26 @@
|
|
1
|
+
module RubySMB
|
2
|
+
module Dcerpc
|
3
|
+
module Wkssvc
|
4
|
+
|
5
|
+
# [2.2.2.1 WKSSVC_IDENTIFY_HANDLE](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/9ef94a11-0e5c-49d7-9ac7-68d6f03565de)
|
6
|
+
class WkssvcIdentifyHandle < Ndr::NdrWideStringPtr; end
|
7
|
+
|
8
|
+
# [3.2.4.1 NetrWkstaGetInfo (Opnum 0)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/4af41d6f-b800-4de1-af5b-0b15a85f8e04)
|
9
|
+
class NetrWkstaGetInfoRequest < BinData::Record
|
10
|
+
attr_reader :opnum
|
11
|
+
|
12
|
+
endian :little
|
13
|
+
|
14
|
+
wkssvc_identify_handle :server_name
|
15
|
+
ndr_uint32 :level
|
16
|
+
|
17
|
+
def initialize_instance
|
18
|
+
super
|
19
|
+
@opnum = NETR_WKSTA_GET_INFO
|
20
|
+
end
|
21
|
+
end
|
22
|
+
|
23
|
+
end
|
24
|
+
end
|
25
|
+
end
|
26
|
+
|
@@ -0,0 +1,88 @@
|
|
1
|
+
module RubySMB
|
2
|
+
module Dcerpc
|
3
|
+
module Wkssvc
|
4
|
+
|
5
|
+
|
6
|
+
# [2.2.5.3 WKSTA_INFO_102](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/49c75566-2d4f-481a-bf32-7eb5627cb4ea)
|
7
|
+
class WkstaInfo102 < Ndr::NdrStruct
|
8
|
+
default_parameter byte_align: 4
|
9
|
+
endian :little
|
10
|
+
|
11
|
+
ndr_uint32 :wki102_platform_id
|
12
|
+
ndr_wide_stringz_ptr :wki102_computername
|
13
|
+
ndr_wide_stringz_ptr :wki102_langroup
|
14
|
+
ndr_uint32 :wki102_ver_major
|
15
|
+
ndr_uint32 :wki102_ver_minor
|
16
|
+
ndr_wide_stringz_ptr :wki102_lanroot
|
17
|
+
ndr_uint32 :wki102_logged_on_users
|
18
|
+
end
|
19
|
+
|
20
|
+
class PwkstaInfo102 < WkstaInfo102
|
21
|
+
extend Ndr::PointerClassPlugin
|
22
|
+
end
|
23
|
+
|
24
|
+
# [2.2.5.2 WKSTA_INFO_101](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/98876691-3684-4b0c-bb43-3a8ac4705149)
|
25
|
+
class WkstaInfo101 < Ndr::NdrStruct
|
26
|
+
default_parameter byte_align: 4
|
27
|
+
endian :little
|
28
|
+
|
29
|
+
ndr_uint32 :wki101_platform_id
|
30
|
+
ndr_wide_stringz_ptr :wki101_computername
|
31
|
+
ndr_wide_stringz_ptr :wki101_langroup
|
32
|
+
ndr_uint32 :wki101_ver_major
|
33
|
+
ndr_uint32 :wki101_ver_minor
|
34
|
+
ndr_wide_stringz_ptr :wki101_lanroot
|
35
|
+
end
|
36
|
+
|
37
|
+
class PwkstaInfo101 < WkstaInfo101
|
38
|
+
extend Ndr::PointerClassPlugin
|
39
|
+
end
|
40
|
+
|
41
|
+
# [2.2.5.1 WKSTA_INFO_100](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/23275f4a-4e51-49d6-bdb5-f58519a3ea8a)
|
42
|
+
class WkstaInfo100 < Ndr::NdrStruct
|
43
|
+
default_parameter byte_align: 4
|
44
|
+
endian :little
|
45
|
+
|
46
|
+
ndr_uint32 :wki100_platform_id
|
47
|
+
ndr_wide_stringz_ptr :wki100_computername
|
48
|
+
ndr_wide_stringz_ptr :wki100_langroup
|
49
|
+
ndr_uint32 :wki100_ver_major
|
50
|
+
ndr_uint32 :wki100_ver_minor
|
51
|
+
end
|
52
|
+
|
53
|
+
class PwkstaInfo100 < WkstaInfo100
|
54
|
+
extend Ndr::PointerClassPlugin
|
55
|
+
end
|
56
|
+
|
57
|
+
class LpwkstaInfo < Ndr::NdrStruct
|
58
|
+
default_parameter byte_align: 4
|
59
|
+
endian :little
|
60
|
+
|
61
|
+
ndr_uint32 :level
|
62
|
+
choice :info, selection: :level, byte_align: 4 do
|
63
|
+
pwksta_info100 WKSTA_INFO_100
|
64
|
+
pwksta_info101 WKSTA_INFO_101
|
65
|
+
pwksta_info102 WKSTA_INFO_102
|
66
|
+
#TODO: pwksta_info_502 0x000001F6
|
67
|
+
end
|
68
|
+
end
|
69
|
+
|
70
|
+
# [3.2.4.1 NetrWkstaGetInfo (Opnum 0)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-wkst/4af41d6f-b800-4de1-af5b-0b15a85f8e04)
|
71
|
+
class NetrWkstaGetInfoResponse < BinData::Record
|
72
|
+
attr_reader :opnum
|
73
|
+
|
74
|
+
endian :little
|
75
|
+
|
76
|
+
lpwksta_info :wksta_info
|
77
|
+
ndr_uint32 :error_status
|
78
|
+
|
79
|
+
def initialize_instance
|
80
|
+
super
|
81
|
+
@opnum = NETR_WKSTA_GET_INFO
|
82
|
+
end
|
83
|
+
end
|
84
|
+
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
@@ -0,0 +1,65 @@
|
|
1
|
+
module RubySMB
|
2
|
+
module Dcerpc
|
3
|
+
module Wkssvc
|
4
|
+
|
5
|
+
UUID = '6BFFD098-A112-3610-9833-46C3F87E345A'
|
6
|
+
VER_MAJOR = 1
|
7
|
+
VER_MINOR = 0
|
8
|
+
|
9
|
+
# Operation numbers
|
10
|
+
NETR_WKSTA_GET_INFO = 0x0000
|
11
|
+
|
12
|
+
PLATFORM_ID = {
|
13
|
+
0x0000012C => "DOS",
|
14
|
+
0x00000190 => "OS2",
|
15
|
+
0x000001F4 => "Win",
|
16
|
+
0x00000258 => "OSF",
|
17
|
+
0x000002BC => "VMS"
|
18
|
+
}
|
19
|
+
|
20
|
+
# Information Level
|
21
|
+
WKSTA_INFO_100 = 0x00000064
|
22
|
+
WKSTA_INFO_101 = 0x00000065
|
23
|
+
WKSTA_INFO_102 = 0x00000066
|
24
|
+
#TODO: WKSTA_INFO_502 = 0x000001F6
|
25
|
+
|
26
|
+
|
27
|
+
require 'ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_request'
|
28
|
+
require 'ruby_smb/dcerpc/wkssvc/netr_wksta_get_info_response'
|
29
|
+
|
30
|
+
# Returns details about a computer environment, including
|
31
|
+
# platform-specific information, the names of the domain and local
|
32
|
+
# computer, and the operating system version.
|
33
|
+
#
|
34
|
+
# @param server_name [optional, String] String that identifies the server (optional
|
35
|
+
# since it is ignored by the server)
|
36
|
+
# @param server_name [optional, Integer] The information level of the data (default: WKSTA_INFO_100)
|
37
|
+
# @return [RubySMB::Dcerpc::Wkssvc::WkstaInfo100, RubySMB::Dcerpc::Wkssvc::WkstaInfo101,
|
38
|
+
# RubySMB::Dcerpc::Wkssvc::WkstaInfo102] The structure containing the requested information
|
39
|
+
# @raise [RubySMB::Dcerpc::Error::InvalidPacket] if the response is not a
|
40
|
+
# NetrWkstaGetInfoResponse packet
|
41
|
+
# @raise [RubySMB::Dcerpc::Error::WkssvcError] if the response error status
|
42
|
+
# is not STATUS_SUCCESS
|
43
|
+
def netr_wksta_get_info(server_name: "\x00", level: WKSTA_INFO_100)
|
44
|
+
wkst_netr_wksta_get_info_request = NetrWkstaGetInfoRequest.new(
|
45
|
+
server_name: server_name,
|
46
|
+
level: level
|
47
|
+
)
|
48
|
+
response = dcerpc_request(wkst_netr_wksta_get_info_request)
|
49
|
+
begin
|
50
|
+
wkst_netr_wksta_get_info_response = NetrWkstaGetInfoResponse.read(response)
|
51
|
+
rescue IOError
|
52
|
+
raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading WkstNetrWkstaGetInfoResponse'
|
53
|
+
end
|
54
|
+
unless wkst_netr_wksta_get_info_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS
|
55
|
+
raise RubySMB::Dcerpc::Error::WkssvcError,
|
56
|
+
"Error returned with netr_wksta_get_info: "\
|
57
|
+
"#{WindowsError::NTStatus.find_by_retval(wkst_netr_wksta_get_info_response.error_status.value).join(',')}"
|
58
|
+
end
|
59
|
+
wkst_netr_wksta_get_info_response.wksta_info.info
|
60
|
+
end
|
61
|
+
|
62
|
+
end
|
63
|
+
end
|
64
|
+
end
|
65
|
+
|
data/lib/ruby_smb/dcerpc.rb
CHANGED
@@ -3,21 +3,51 @@ module RubySMB
|
|
3
3
|
MAX_XMIT_FRAG = 4280
|
4
4
|
MAX_RECV_FRAG = 4280
|
5
5
|
|
6
|
+
# Auth Levels
|
7
|
+
#[2.2.1.1.8 Authentication Levels](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/425a7c53-c33a-4868-8e5b-2a850d40dc73)
|
8
|
+
RPC_C_AUTHN_LEVEL_DEFAULT = 0
|
9
|
+
RPC_C_AUTHN_LEVEL_NONE = 1
|
10
|
+
RPC_C_AUTHN_LEVEL_CONNECT = 2
|
11
|
+
RPC_C_AUTHN_LEVEL_CALL = 3
|
12
|
+
RPC_C_AUTHN_LEVEL_PKT = 4
|
13
|
+
RPC_C_AUTHN_LEVEL_PKT_INTEGRITY = 5
|
14
|
+
RPC_C_AUTHN_LEVEL_PKT_PRIVACY = 6
|
15
|
+
|
16
|
+
## Auth Types
|
17
|
+
# [2.2.1.1.7 Security Providers](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/d4097450-c62f-484b-872f-ddf59a7a0d36)
|
18
|
+
RPC_C_AUTHN_NONE = 0x00
|
19
|
+
RPC_C_AUTHN_GSS_NEGOTIATE = 0x09
|
20
|
+
RPC_C_AUTHN_WINNT = 0x0A
|
21
|
+
RPC_C_AUTHN_GSS_SCHANNEL = 0x0E
|
22
|
+
RPC_C_AUTHN_GSS_KERBEROS = 0x10
|
23
|
+
RPC_C_AUTHN_NETLOGON = 0x44
|
24
|
+
RPC_C_AUTHN_DEFAULT = 0xFF
|
25
|
+
|
26
|
+
#[Authorisation Services](https://pubs.opengroup.org/onlinepubs/9629399/chap13.htm#tagcjh_18_01_02_03)
|
27
|
+
DCE_C_AUTHZ_NAME = 1
|
28
|
+
DCE_C_AUTHZ_DCE = 2
|
29
|
+
|
6
30
|
require 'windows_error/win32'
|
7
31
|
require 'ruby_smb/dcerpc/error'
|
8
32
|
require 'ruby_smb/dcerpc/uuid'
|
9
33
|
require 'ruby_smb/dcerpc/ndr'
|
10
34
|
require 'ruby_smb/dcerpc/ptypes'
|
11
35
|
require 'ruby_smb/dcerpc/p_syntax_id_t'
|
12
|
-
require 'ruby_smb/dcerpc/
|
36
|
+
require 'ruby_smb/dcerpc/rrp_rpc_unicode_string'
|
13
37
|
require 'ruby_smb/dcerpc/rpc_security_attributes'
|
14
38
|
require 'ruby_smb/dcerpc/pdu_header'
|
15
39
|
require 'ruby_smb/dcerpc/srvsvc'
|
16
40
|
require 'ruby_smb/dcerpc/svcctl'
|
17
41
|
require 'ruby_smb/dcerpc/winreg'
|
18
42
|
require 'ruby_smb/dcerpc/netlogon'
|
43
|
+
require 'ruby_smb/dcerpc/samr'
|
44
|
+
require 'ruby_smb/dcerpc/wkssvc'
|
45
|
+
require 'ruby_smb/dcerpc/epm'
|
46
|
+
require 'ruby_smb/dcerpc/drsr'
|
47
|
+
require 'ruby_smb/dcerpc/sec_trailer'
|
19
48
|
require 'ruby_smb/dcerpc/request'
|
20
49
|
require 'ruby_smb/dcerpc/response'
|
50
|
+
require 'ruby_smb/dcerpc/rpc_auth3'
|
21
51
|
require 'ruby_smb/dcerpc/bind'
|
22
52
|
require 'ruby_smb/dcerpc/bind_ack'
|
23
53
|
|
@@ -26,27 +56,27 @@ module RubySMB
|
|
26
56
|
# Bind to the remote server interface endpoint.
|
27
57
|
#
|
28
58
|
# @param options [Hash] the options to pass to the Bind request packet. At least, :endpoint must but provided with an existing Dcerpc class
|
29
|
-
# @return [
|
30
|
-
# @raise [
|
31
|
-
# @raise [
|
59
|
+
# @return [BindAck] the BindAck response packet
|
60
|
+
# @raise [Error::InvalidPacket] if an invalid packet is received
|
61
|
+
# @raise [Error::BindError] if the response is not a BindAck packet or if the Bind result code is not ACCEPTANCE
|
32
62
|
def bind(options={})
|
33
|
-
bind_req =
|
63
|
+
bind_req = Bind.new(options)
|
34
64
|
write(data: bind_req.to_binary_s)
|
35
65
|
@size = 1024
|
36
66
|
dcerpc_raw_response = read()
|
37
67
|
begin
|
38
|
-
dcerpc_response =
|
68
|
+
dcerpc_response = BindAck.read(dcerpc_raw_response)
|
39
69
|
rescue IOError
|
40
|
-
raise
|
70
|
+
raise Error::InvalidPacket, "Error reading the DCERPC response"
|
41
71
|
end
|
42
|
-
unless dcerpc_response.pdu_header.ptype ==
|
43
|
-
raise
|
72
|
+
unless dcerpc_response.pdu_header.ptype == PTypes::BIND_ACK
|
73
|
+
raise Error::BindError, "Not a BindAck packet"
|
44
74
|
end
|
45
75
|
|
46
76
|
res_list = dcerpc_response.p_result_list
|
47
77
|
if res_list.n_results == 0 ||
|
48
|
-
res_list.p_results[0].result !=
|
49
|
-
raise
|
78
|
+
res_list.p_results[0].result != BindAck::ACCEPTANCE
|
79
|
+
raise Error::BindError,
|
50
80
|
"Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
|
51
81
|
end
|
52
82
|
@tree.client.max_buffer_size = dcerpc_response.max_xmit_frag
|