def _get_dialect_name(self, dialect):
dialect_field = EnumField(
enum_type=Dialects,
enum_strict=False,
size=2)
dialect_field.set_value(dialect)
return str(dialect_field)
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=57)),
('reserved', IntField(size=2, default=0)),
('ctl_code', EnumField(
size=4,
enum_type=CtlCode,
)), ('file_id', BytesField(size=16)),
('input_offset',
IntField(size=4, default=lambda s: self._buffer_offset_value(s))),
('input_count',
IntField(
size=4,
default=lambda s: len(s['buffer']),
)), ('max_input_response', IntField(size=4)),
('output_offset',
IntField(size=4, default=lambda s: self._buffer_offset_value(s))),
('output_count', IntField(size=4, default=0)),
('max_output_response', IntField(size=4)),
('flags', EnumField(
size=4,
enum_type=IOCTLFlags,
)), ('reserved2', IntField(size=4, default=0)),
('buffer', BytesField(size=lambda s: s['input_count'].get_value()))
])
super(SMB2IOCTLRequest, self).__init__()
def __init__(self):
create_con_req = smbprotocol.create_contexts.SMB2CreateContextRequest
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=89)),
('oplock_level', EnumField(size=1,
enum_type=RequestedOplockLevel)),
('flag', FlagField(size=1, flag_type=FileFlags)),
('create_action', EnumField(size=4, enum_type=CreateAction)),
('creation_time', DateTimeField(size=8)),
('last_access_time', DateTimeField(size=8)),
('last_write_time', DateTimeField(size=8)),
('change_time', DateTimeField(size=8)),
('allocation_size', IntField(size=8)),
('end_of_file', IntField(size=8)),
('file_attributes', FlagField(size=4, flag_type=FileAttributes)),
('reserved2', IntField(size=4)), ('file_id', BytesField(size=16)),
('create_contexts_offset',
IntField(size=4,
default=lambda s: self._create_contexts_offset(s))),
('create_contexts_length',
IntField(size=4, default=lambda s: len(s['buffer']))),
('buffer',
ListField(
size=lambda s: s['create_contexts_length'].get_value(),
list_type=StructureField(structure_type=create_con_req),
unpack_func=lambda s, d: self._buffer_context_list(s, d)))
])
super(SMB2CreateResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('result', EnumField(size=2, enum_type=ContextResult)),
('reason', EnumField(size=2, enum_type=ResultReason)),
('transfer_syntax',
StructureField(size=20, structure_type=SyntaxIdElement)),
])
super(Result, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('capabilities', FlagField(
size=4,
flag_type=Capabilities,
)), ('guid', UuidField()),
('security_mode',
EnumField(size=2, enum_type=SecurityMode, enum_strict=False)),
('dialect', EnumField(size=2, enum_type=Dialects))
])
super(SMB2ValidateNegotiateInfoResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('integer_character',
EnumField(
size=1,
enum_type=IntegerCharacterRepresentation,
default=IntegerCharacterRepresentation.ASCII_LITTLE_ENDIAN)),
('floating_point',
EnumField(size=1,
enum_type=FloatingPointRepresentation,
default=FloatingPointRepresentation.IEEE)),
('reserved1', IntField(size=1)), ('reserved2', IntField(size=1))
])
super(DataRepresentationFormat, self).__init__()
def __init__(self):
self.fields = OrderedDict([
(
'hash_type',
IntField(
size=4,
default=1 # SRV_HASH_TYPE_PEER_DIST
)),
('hash_version', EnumField(size=4, enum_type=HashVersion)),
('hash_retrieval_type',
EnumField(size=4, enum_type=HashRetrievalType)),
('length', IntField(size=4)),
('offset', IntField(size=8))
])
super(SMB2SrvReadHashRequest, self).__init__()
def __init__(self):
# pep 80 char issues force me to define this here
create_con_req = smbprotocol.create_contexts.SMB2CreateContextRequest
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=57,
)),
('security_flags', IntField(size=1)),
('requested_oplock_level',
EnumField(size=1, enum_type=RequestedOplockLevel)),
('impersonation_level',
EnumField(size=4, enum_type=ImpersonationLevel)),
('smb_create_flags', IntField(size=8)),
('reserved', IntField(size=8)),
('desired_access', IntField(size=4)),
('file_attributes', IntField(size=4)),
('share_access', FlagField(size=4, flag_type=ShareAccess)),
('create_disposition',
EnumField(size=4, enum_type=CreateDisposition)),
('create_options', FlagField(size=4, flag_type=CreateOptions)),
(
'name_offset',
IntField(
size=2,
default=120 # (header size 64) + (structure size 56)
)),
('name_length',
IntField(size=2, default=lambda s: self._name_length(s))),
('create_contexts_offset',
IntField(size=4,
default=lambda s: self._create_contexts_offset(s))),
('create_contexts_length',
IntField(size=4, default=lambda s: len(s['buffer_contexts']))),
# Technically these are all under buffer but we split it to make
# things easier
('buffer_path',
BytesField(size=lambda s: self._buffer_path_size(s), )),
('padding',
BytesField(size=lambda s: self._padding_size(s),
default=lambda s: b"\x00" * self._padding_size(s))),
('buffer_contexts',
ListField(
size=lambda s: s['create_contexts_length'].get_value(),
list_type=StructureField(structure_type=create_con_req),
unpack_func=lambda s, d: self._buffer_context_list(s, d)))
])
super(SMB2CreateRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('protocol_id', BytesField(
size=4,
default=b"\xfeSMB",
)),
('structure_size', IntField(
size=2,
default=64,
)),
('credit_charge', IntField(size=2)),
('channel_sequence', IntField(size=2)),
('reserved', IntField(size=2)),
('command', EnumField(
size=2,
enum_type=Commands
)),
('credit_request', IntField(size=2)),
('flags', FlagField(
size=4,
flag_type=Smb2Flags,
)),
('next_command', IntField(size=4)),
('message_id', IntField(size=8)),
('process_id', IntField(size=4)),
('tree_id', IntField(size=4)),
('session_id', IntField(size=8)),
('signature', BytesField(
size=16,
default=b"\x00" * 16,
)),
('data', BytesField())
])
super(SMB2HeaderRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version', IntField(
size=4,
default=2
)),
('has_initiator_id', BoolField(
size=1,
default=lambda s: len(s['initiator_host_name']) > 0
)),
('reserved', BytesField(
size=3,
default=b"\x00\x00\x00"
)),
('initiator_id', UuidField(size=16)),
('originator_flags', EnumField(
size=4,
enum_type=SVHDXOriginatorFlags
)),
('open_request_id', IntField(size=8)),
('initiator_host_name_length', IntField(
size=2,
default=lambda s: len(s['initiator_host_name'])
)),
# utf-16-le encoded string
('initiator_host_name', BytesField(
size=lambda s: s['initiator_host_name_length'].get_value()
)),
('virtual_disk_properties_initialized', IntField(size=4)),
('server_service_version', IntField(size=4)),
('virtual_sector_size', IntField(size=4)),
('physical_sector_size', IntField(size=4)),
('virtual_size', IntField(size=8))
])
super(SMB2SVHDXOpenDeviceContextV2Request, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('rpc_vers', IntField(size=1, default=5)),
('rpc_vers_minor', IntField(size=1)),
('ptype', EnumField(size=1, enum_type=PType, default=PType.FAULT)),
('pfx_flags', FlagField(size=1, flag_type=PFlags)),
('packed_drep',
StructureField(size=4, structure_type=DataRepresentationFormat)),
('frag_length', IntField(size=2, default=lambda s: len(s))),
('auth_length', IntField(size=2)), ('call_id', IntField(size=4)),
('alloc_hint', IntField(size=4)), ('p_cont_id', IntField(size=2)),
('cancel_count', IntField(size=1)), ('reserved', IntField(size=1)),
('status',
EnumField(size=4, enum_type=FaultStatus, enum_strict=False))
])
super(FaultPDU, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('rpc_vers', IntField(size=1, default=5)),
('rpc_vers_minor', IntField(size=1, default=0)),
('ptype', EnumField(size=1, enum_type=PType, default=PType.BIND)),
('pfx_flags', FlagField(size=1, flag_type=PFlags)),
('packed_drep',
StructureField(size=4, structure_type=DataRepresentationFormat)),
('frag_length', IntField(size=2, default=lambda s: len(s))),
('auth_length',
IntField(size=2, default=lambda s: len(s['auth_verifier']))),
('call_id', IntField(size=4)),
('max_xmit_frag', IntField(size=2, default=4280)),
('max_recv_frag', IntField(size=2, default=4280)),
('assoc_group_id', IntField(size=4)),
# p_context_list_t
('n_context_elem',
IntField(size=1,
default=lambda s: len(s['context_elems'].get_value()))),
('reserved', IntField(size=1)),
('reserved2', IntField(size=2)),
('context_elems',
ListField(
list_count=lambda s: s['n_context_elem'].get_value(),
list_type=StructureField(structure_type=ContextElement),
unpack_func=lambda s, d: self._unpack_context_elems(s, d))),
('auth_verifier',
BytesField(size=lambda s: s['auth_length'].get_value()))
])
super(BindPDU, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('ace_type', EnumField(
size=1,
default=AceType.SYSTEM_AUDIT_ACE_TYPE,
enum_type=AceType
)),
('ace_flags', FlagField(
size=1,
flag_type=AceFlags
)),
('ace_size', IntField(
size=2,
default=lambda s: 8 + len(s['sid'])
)),
('mask', FlagField(
size=4,
flag_type=AccessMask,
flag_strict=False
)),
('sid', StructureField(
structure_type=SIDPacket
))
])
super(SystemAuditAce, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=33
)),
('file_information_class', EnumField(
size=1,
enum_type=FileInformationClass
)),
('flags', FlagField(
size=1,
flag_type=QueryDirectoryFlags
)),
('file_index', IntField(size=4)),
('file_id', BytesField(size=16)),
('file_name_offset', IntField(
size=2,
default=lambda s: 0 if len(s['buffer']) == 0 else 96
)),
('file_name_length', IntField(
size=2,
default=lambda s: len(s['buffer'])
)),
('output_buffer_length', IntField(size=4)),
# UTF-16-LE encoded search pattern
('buffer', BytesField(
size=lambda s: s['file_name_length'].get_value()
))
])
super(SMB2QueryDirectoryRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('symlink_length', IntField(size=4, default=lambda s: len(s) - 4)),
('symlink_error_tag',
BytesField(size=4, default=b"\x53\x59\x4d\x4c")),
('reparse_tag', BytesField(size=4, default=b"\x0c\x00\x00\xa0")),
('reparse_data_length',
IntField(size=2, default=lambda s: len(s['path_buffer']) + 12)),
# the len in utf-16-le bytes of the path beyond the substitute name
# of the original target, e.g. \\server\share\symlink\file.txt
# would be length of \file.txt in utf-16-le form, this is used by
# the client to find out what part of the original path to append
# to the substitute name returned by the server.
('unparsed_path_length', IntField(size=2)),
('substitute_name_offset', IntField(size=2)),
('substitute_name_length', IntField(size=2)),
('print_name_offset', IntField(size=2)),
('print_name_length', IntField(size=2)),
('flags', EnumField(
size=2,
enum_type=SymbolicLinkErrorFlags,
)),
# Not in the spec but Windows seems to add \x00\x80 to the end of flags which breaks our parsing. Cannot
# seem to figure out why but this just ignored that field.
('reserved', IntField(size=2)),
# use the get/set_name functions to get/set these values as they
# also (d)encode the text and set the length and offset accordingly
('path_buffer',
BytesField(size=lambda s: self._get_name_length(s, True)))
])
super(SMB2SymbolicLinkErrorResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=25,
)),
('flags', IntField(size=1)),
('security_mode', EnumField(
size=1,
enum_type=SecurityMode,
)),
('capabilities', FlagField(
size=4,
flag_type=Capabilities,
)),
('channel', IntField(size=4)),
(
'security_buffer_offset',
IntField(
size=2,
default=88, # (header size 64) + (response size 24)
)),
('security_buffer_length',
IntField(
size=2,
default=lambda s: len(s['buffer']),
)),
('previous_session_id', IntField(size=8)),
('buffer',
BytesField(
size=lambda s: s['security_buffer_length'].get_value(), )),
])
super(SMB2SessionSetupRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([('field',
EnumField(
size=2,
enum_type=Dialects,
))])
super(StructureTestDefaultZero, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('query_status',
EnumField(size=4, enum_type=NtStatus, enum_strict=False)),
# either FilePipePrinterAccessMask or DirectoryAccessMask
('maximal_access', IntField(size=4))
])
super(SMB2CreateQueryMaximalAccessResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('alignment_requirement', EnumField(
size=4,
enum_type=AlignmentRequirement,
)),
])
super(FileAlignmentInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('field',
EnumField(
size=1,
enum_type=Commands,
default=Commands.SMB2_IOCTL,
)),
])
super(TestEnumField.StructureTest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('msg_id', EnumField(size=2, enum_type=PAExecMsgId)),
('unique_id', IntField(size=4)),
('buffer_length',
IntField(size=4, default=lambda s: len(s['buffer']))),
('buffer',
BytesField(size=lambda s: s['buffer_length'].get_value()))
])
super(PAExecMsg, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version_number', IntField(size=2, default=1)),
('size', IntField(size=2)),
('server_type', EnumField(size=2, enum_type=DFSServerTypes)),
('referral_entry_flags',
FlagField(size=2, flag_type=DFSReferralEntryFlags)),
('share_name', TextField(null_terminated=True)),
])
super(DFSReferralEntryV1, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('msg_id',
EnumField(size=2,
default=PAExecMsgId.MSGID_SETTINGS,
enum_type=PAExecMsgId)),
('xor_val', IntField(size=4, default=os.urandom(4))),
('unique_id', IntField(size=4)), ('buffer_len', IntField(size=4)),
('buffer', StructureField(structure_type=PAExecSettingsBuffer))
])
super(PAExecSettingsMsg, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('type', EnumField(size=4, enum_type=IpAddrType)),
('reserved', IntField(size=4)),
('ip_address',
BytesField(size=lambda s: self._ip_address_size(s))),
('reserved2',
BytesField(size=lambda s: self._reserved2_size(s),
default=lambda s: b"\x00" * self._reserved2_size(s)))
])
super(SMB2MoveDstIpAddrStructure, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('service_type',
FlagField(size=4, flag_type=ServiceType, flag_strict=False)),
('current_state', EnumField(size=4, enum_type=CurrentState)),
('controls_accepted',
FlagField(size=4, flag_type=ControlsAccepted, flag_strict=False)),
('win32_exit_code', IntField(size=4)),
('service_specified_exit_code', IntField(size=4)),
('check_point', IntField(size=4)), ('wait_hint', IntField(size=4))
])
super(ServiceStatus, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('capabilities', FlagField(
size=4,
flag_type=Capabilities,
)), ('guid', UuidField()),
('security_mode', EnumField(
size=2,
enum_type=SecurityMode,
)),
('dialect_count',
IntField(size=2,
default=lambda s: len(s['dialects'].get_value()))),
('dialects',
ListField(
size=lambda s: s['dialect_count'].get_value() * 2,
list_count=lambda s: s['dialect_count'].get_value(),
list_type=EnumField(size=2, enum_type=Dialects),
))
])
super(SMB2ValidateNegotiateInfoRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('family', EnumField(size=2, enum_type=SockAddrFamily)),
('buffer',
StructureField(
size=lambda s: self._get_buffer_size(s),
structure_type=lambda s: self._get_buffer_structure_type(s))),
('reserved',
BytesField(
size=lambda s: self._get_reserved_size(s),
default=lambda s: b"\x00" * self._get_reserved_size(s)))
])
super(SockAddrStorage, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('file_attributes', FlagField(
size=4,
flag_type=FileAttributes,
)),
('reparse_tag', EnumField(
size=4,
enum_type=ReparseTags,
enum_strict=False,
)),
])
super(FileAttributeTagInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('protocol_id', BytesField(
size=4,
default=b'\xfeSMB',
)),
('structure_size', IntField(
size=2,
default=64,
)),
('credit_charge', IntField(size=2)),
('status', EnumField(
size=4,
enum_type=NtStatus,
enum_strict=False
)),
('command', EnumField(
size=2,
enum_type=Commands,
enum_strict=False,
)),
('credit_response', IntField(size=2)),
('flags', FlagField(
size=4,
flag_type=Smb2Flags,
)),
('next_command', IntField(size=4)),
('message_id', IntField(size=8)),
('reserved', IntField(size=4)),
('tree_id', IntField(size=4)),
('session_id', IntField(size=8)),
('signature', BytesField(
size=16,
default=b"\x00" * 16,
)),
('data', BytesField()),
])
super(SMB2HeaderResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('error_data_length',
IntField(
size=4,
default=lambda s: len(s['error_context_data']),
)),
('error_id',
EnumField(size=4,
default=ErrorContextId.SMB2_ERROR_ID_DEFAULT,
enum_type=ErrorContextId)),
('error_context_data',
BytesField(size=lambda s: s['error_data_length'].get_value(), )),
])
super(SMB2ErrorContextResponse, self).__init__()