def __init__(self):
self.fields = OrderedDict([
('allocation_size', IntField(
size=8,
unsigned=False,
)),
('end_of_file', IntField(
size=8,
unsigned=False,
)),
('number_of_links', IntField(size=4)),
('delete_pending', BoolField()),
('directory', BoolField()),
('reserved', IntField(size=2)),
])
super(FileStandardInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version', IntField(
size=4,
default=2
)),
('has_initiator_id', BoolField(
size=1,
default=lambda s: len(s['initiator_host_name']) > 0
)),
('reserved', BytesField(
size=3,
default=b"\x00\x00\x00"
)),
('initiator_id', UuidField(size=16)),
('originator_flags', EnumField(
size=4,
enum_type=SVHDXOriginatorFlags
)),
('open_request_id', IntField(size=8)),
('initiator_host_name_length', IntField(
size=2,
default=lambda s: len(s['initiator_host_name'])
)),
# utf-16-le encoded string
('initiator_host_name', BytesField(
size=lambda s: s['initiator_host_name_length'].get_value()
)),
('virtual_disk_properties_initialized', IntField(size=4)),
('server_service_version', IntField(size=4)),
('virtual_sector_size', IntField(size=4)),
('physical_sector_size', IntField(size=4)),
('virtual_size', IntField(size=8))
])
super(SMB2SVHDXOpenDeviceContextV2Request, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('filename_len',
IntField(size=4, default=lambda s: int(len(s['filename']) / 2))),
('filename',
BytesField(size=lambda s: s['filename_len'].get_value() * 2)),
('file_last_write', DateTimeField(size=8)),
('file_version_ls', IntField(size=4)),
('file_version_ms', IntField(size=4)),
('copy_file', BoolField(size=1))
])
super(PAExecFileInfo, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('timeout', IntField(size=8)),
('name_length', IntField(size=4,
default=lambda s: len(s['name']))),
('timeout_specified',
BoolField(size=1,
default=lambda s: s['timeout'].get_value() > 0)),
('padding', IntField(size=1)),
('name', BytesField(size=lambda s: s['name_length'].get_value()))
])
super(FSCTLPipeWait, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('replace_if_exists', BoolField()),
('reserved', BytesField(
size=7,
default=b"\x00" * 7,
)), ('root_directory', IntField(size=8)),
('file_name_length',
IntField(
size=4,
default=lambda s: len(s['file_name']),
)),
('file_name',
TextField(size=lambda s: s['file_name_length'].get_value(), ))
])
super(FileRenameInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('volume_creation_time', DateTimeField()),
('volume_serial_number', IntField(size=4)),
('volume_label_length', IntField(
size=4,
default=lambda s: len(s['volume_label']),
)),
('supports_objects', BoolField(default=False)),
('reserved', IntField(size=1)),
('volume_label', TextField(
size=lambda s: s['volume_label_length'].get_value(),
encoding='utf-16-le',
)),
])
super(FileFsVolumeInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version', IntField(size=4, default=1)),
('num_processors',
IntField(size=4,
default=lambda s: len(s['processors'].get_value()))),
('processors',
ListField(size=lambda s: s['num_processors'].get_value() * 4,
list_count=lambda s: s['num_processors'].get_value(),
list_type=IntField(size=4))),
('copy_files', BoolField(size=1)),
('force_copy', BoolField(size=1)),
('copy_if_newer_or_higher_ver', BoolField(size=1)),
('asynchronous', BoolField(size=1)),
('dont_load_profile', BoolField(size=1)),
('interactive_session', IntField(size=4)),
('interactive', BoolField(size=1)),
('run_elevated', BoolField(size=1)),
('run_limited', BoolField(size=1)),
('password_len',
IntField(size=4, default=lambda s: int(len(s['password']) / 2))),
('password',
BytesField(size=lambda s: s['password_len'].get_value() * 2)),
('username_len',
IntField(size=4, default=lambda s: int(len(s['username']) / 2))),
('username',
BytesField(size=lambda s: s['username_len'].get_value() * 2)),
('use_system_account', BoolField(size=1)),
('working_dir_len',
IntField(size=4,
default=lambda s: int(len(s['working_dir']) / 2))),
('working_dir',
BytesField(size=lambda s: s['working_dir_len'].get_value() * 2)),
('show_ui_on_win_logon', BoolField(size=1)),
('priority',
EnumField(size=4,
default=ProcessPriority.NORMAL_PRIORITY_CLASS,
enum_type=ProcessPriority)),
('executable_len',
IntField(size=4,
default=lambda s: int(len(s['executable']) / 2))),
('executable',
BytesField(size=lambda s: s['executable_len'].get_value() * 2)),
('arguments_len',
IntField(size=4, default=lambda s: int(len(s['arguments']) / 2))),
('arguments',
BytesField(size=lambda s: s['arguments_len'].get_value() * 2)),
('disable_file_redirection', BoolField(size=1)),
('enable_debug', BoolField(size=1)),
('remote_log_path_len',
IntField(size=4,
default=lambda s: int(len(s['remote_log_path']) / 2))),
('remote_log_path',
BytesField(
size=lambda s: s['remote_log_path_len'].get_value() * 2)),
('no_delete', BoolField(size=1)),
('src_dir_len',
IntField(size=4, default=lambda s: int(len(s['src_dir']) / 2))),
('src_dir',
BytesField(size=lambda s: s['src_dir_len'].get_value() * 2)),
('dest_dir_len',
IntField(size=4, default=lambda s: int(len(s['dest_dir']) / 2))),
('dest_dir',
BytesField(size=lambda s: s['dest_dir_len'].get_value() * 2)),
('num_src_files',
IntField(size=4,
default=lambda s: len(s['src_files'].get_value()))),
('src_files',
ListField(list_count=lambda s: s['num_src_files'].get_value(),
list_type=StructureField(structure_type=PAExecFileInfo),
unpack_func=lambda s, d: self._unpack_file_list(
s, d, 'num_src_files'))),
('num_dest_files',
IntField(size=4,
default=lambda s: len(s['dest_files'].get_value()))),
('dest_files',
ListField(list_count=lambda s: s['num_dest_files'].get_value(),
list_type=StructureField(structure_type=PAExecFileInfo),
unpack_func=lambda s, d: self._unpack_file_list(
s, d, 'num_dest_files'))),
('timeout_seconds', IntField(size=4))
])
super(PAExecSettingsBuffer, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('delete_pending', BoolField(size=1)),
])
super(FileDispositionInformation, self).__init__()
def test_invalid_size_bad_int(self):
with pytest.raises(InvalidFieldDefinition) as exc:
BoolField(size=2)
assert str(exc.value) == "BoolField size must have a value of 1, not 2"
def __init__(self):
self.fields = OrderedDict([('field', BoolField(size=1))])
super(TestBoolField.StructureTest, self).__init__()