Python EndiannessField Exemples, scapy.contrib.dce_rpc.EndiannessField Python Exemples

Exemple #1

0

Afficher le fichier

class NDRData(Packet):
    """Base NDRData to centralize some fields. It can't be instantiated"""
    fields_desc = [
        EndiannessField(FieldLenField("args_length",
                                      None,
                                      fmt="I",
                                      length_of="blocks"),
                        endianess_from=dce_rpc_endianess),
        EndiannessField(FieldLenField("max_count",
                                      None,
                                      fmt="I",
                                      length_of="blocks"),
                        endianess_from=dce_rpc_endianess),
        EndiannessField(IntField("offset", 0),
                        endianess_from=dce_rpc_endianess),
        EndiannessField(FieldLenField("actual_count",
                                      None,
                                      fmt="I",
                                      length_of="blocks"),
                        endianess_from=dce_rpc_endianess),
        PacketListField("blocks", [],
                        _guess_block_class,
                        length_from=lambda p: p.args_length)
    ]

    def __new__(cls, name, bases, dct):
        raise NotImplementedError()

Exemple #2

0

Afficher le fichier

Fichier : pnio_rpc.py Projet : william-stearns/scapy

class PNIOServiceResPDU(Packet):
    """PNIO PDU for RPC Response"""
    fields_desc = [
        EndiannessField(IntEnumField("status", 0, ["OK"]),
                        endianess_from=dce_rpc_endianess),
        NDRData,
    ]
    overload_fields = {
        DceRpc: {
            # random object_uuid in the appropriate range
            "object_uuid": RandUUID("dea00000-6c97-11d1-8271-******"),
            # interface uuid to send to a host
            "interface_uuid": RPC_INTERFACE_UUID[
                "UUID_IO_ControllerInterface"],
            # Request DCE/RPC type
            "type": 2,
        },
    }

    @classmethod
    def can_handle(cls, pkt, rpc):
        """heuristic guess_payload_class"""
        # type = 2 => response
        if rpc.getfieldval("type") == 2 and \
                str(rpc.object_uuid).startswith("dea00000-6c97-11d1-8271-"):
            return True
        return False

Exemple #3

0

Afficher le fichier

Fichier : pnio_rpc.py Projet : william-stearns/scapy

class PNIOServiceReqPDU(Packet):
    """PNIO PDU for RPC Request"""
    fields_desc = [
        EndiannessField(
            FieldLenField("args_max", None, fmt="I", length_of="blocks"),
            endianess_from=dce_rpc_endianess),
        NDRData,
    ]
    overload_fields = {
        DceRpc: {
            # random object_uuid in the appropriate range
            "object_uuid": RandUUID("dea00000-6c97-11d1-8271-******"),
            # interface uuid to send to a device
            "interface_uuid": RPC_INTERFACE_UUID["UUID_IO_DeviceInterface"],
            # Request DCE/RPC type
            "type": 0,
        },
    }

    @classmethod
    def can_handle(cls, pkt, rpc):
        """heuristic guess_payload_class"""
        # type = 0 => request
        if rpc.getfieldval("type") == 0 and \
                str(rpc.object_uuid).startswith("dea00000-6c97-11d1-8271-"):
            return True
        return False