def getData(self):
# Set the correct flags
if self['ObjectType'] != '':
self['Flags'] |= self.ACE_OBJECT_TYPE_PRESENT
if self['InheritedObjectType'] != '':
self['Flags'] |= self.ACE_INHERITED_OBJECT_TYPE_PRESENT
return Structure.getData(self)
def getData(self):
headerlen = 20
# Reconstruct the security descriptor
# flags are currently not set automatically
# TODO: do this?
datalen = 0
if self['Sacl'] != '':
self['OffsetSacl'] = headerlen + datalen
datalen += len(self['Sacl'].getData())
else:
self['OffsetSacl'] = 0
if self['Dacl'] != '':
self['OffsetDacl'] = headerlen + datalen
datalen += len(self['Dacl'].getData())
else:
self['OffsetDacl'] = 0
if self['OwnerSid'] != '':
self['OffsetOwner'] = headerlen + datalen
datalen += len(self['OwnerSid'].getData())
else:
self['OffsetOwner'] = 0
if self['GroupSid'] != '':
self['OffsetGroup'] = headerlen + datalen
datalen += len(self['GroupSid'].getData())
else:
self['OffsetGroup'] = 0
return Structure.getData(self)
def getData(self):
self['domain_offset'] = 64 + self.checkMIC(
self["flags"]) + self.checkVersion(self["flags"])
self['user_offset'] = 64 + self.checkMIC(
self["flags"]) + self.checkVersion(self["flags"]) + len(
self['domain_name'])
self['host_offset'] = self['user_offset'] + len(self['user_name'])
self['lanman_offset'] = self['host_offset'] + len(self['host_name'])
self['ntlm_offset'] = self['lanman_offset'] + len(self['lanman'])
self['session_key_offset'] = self['ntlm_offset'] + len(self['ntlm'])
return Structure.getData(self)
def getData(self):
self['AceCount'] = len(self.aces)
# We modify the data field to be able to use the
# parent class parsing
self['Data'] = ''.join([ace.getData() for ace in self.aces])
self['AclSize'] = len(
self['Data']) + 8 # Header size (8 bytes) is included
data = Structure.getData(self)
# Put the ACEs back in data
self['Data'] = self.aces
return data
def getData(self):
if RECALC_ACE_SIZE or 'AceSize' not in self.fields:
self['AceSize'] = len(
self['Ace'].getData()) + 4 # Header size (4 bytes) is included
if self['AceSize'] % 4 != 0:
# Make sure the alignment is correct
self['AceSize'] += self['AceSize'] % 4
data = Structure.getData(self)
# For some reason ACEs are sometimes longer than they need to be
# we fill this space up with null bytes to make sure the object
# we create is identical to the original object
if len(data) < self['AceSize']:
data += '\x00' * (self['AceSize'] - len(data))
return data
def getData(self):
if len(self.fields['host_name']) > 0:
self['flags'] |= NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
if len(self.fields['domain_name']) > 0:
self['flags'] |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
if len(self.fields['os_version']) > 0:
self['flags'] |= NTLMSSP_NEGOTIATE_VERSION
if (self['flags']
& NTLMSSP_NEGOTIATE_VERSION) == NTLMSSP_NEGOTIATE_VERSION:
version_len = 8
else:
version_len = 0
if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
) == NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED:
self['host_offset'] = 32 + version_len
if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
) == NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED:
self['domain_offset'] = 32 + len(self['host_name']) + version_len
return Structure.getData(self)
def getData(self):
if self['TargetInfoFields'] is not None and type(
self['TargetInfoFields']) is not str:
raw_av_fields = self['TargetInfoFields'].getData()
self['TargetInfoFields'] = raw_av_fields
return Structure.getData(self)
def getData(self):
#self['AlignPad'] = '\x00' * ((8 - ((24 + SMB2_PACKET_SIZE) & 7)) & 7)
#self['SecurityBufferOffset'] = 24 + SMB2_PACKET_SIZE +len(self['AlignPad'])
#self['SecurityBufferLength'] += len(self['AlignPad'])
return Structure.getData(self)