def __init__(self): self.fields = OrderedDict([ ('next_entry_offset', IntField(size=4)), ('file_index', IntField(size=4)), ('creation_time', DateTimeField(size=8)), ('last_access_time', DateTimeField(size=8)), ('last_write_time', DateTimeField(size=8)), ('change_time', DateTimeField(size=8)), ('end_of_file', IntField(size=8)), ('allocation_size', IntField(size=8)), ('file_attributes', FlagField(size=4, flag_type=FileAttributes)), ('file_name_length', IntField(size=4, default=lambda s: len(s['file_name']))), ('ea_size', IntField(size=4)), ('short_name_length', IntField(size=1, default=lambda s: len(s['short_name']))), ('reserved1', IntField(size=1)), ('short_name', BytesField(size=lambda s: s['short_name_length'].get_value())), ('short_name_padding', BytesField(size=lambda s: 24 - len(s['short_name']), default=lambda s: b"\x00" * (24 - len(s['short_name'])))), ('reserved2', IntField(size=2)), ('file_id', IntField(size=8)), ('file_name', BytesField(size=lambda s: s['file_name_length'].get_value())) ]) super(FileIdBothDirectoryInformation, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField( size=2, default=33 )), ('file_information_class', EnumField( size=1, enum_type=FileInformationClass )), ('flags', FlagField( size=1, flag_type=QueryDirectoryFlags )), ('file_index', IntField(size=4)), ('file_id', BytesField(size=16)), ('file_name_offset', IntField( size=2, default=lambda s: 0 if len(s['buffer']) == 0 else 96 )), ('file_name_length', IntField( size=2, default=lambda s: len(s['buffer']) )), ('output_buffer_length', IntField(size=4)), # UTF-16-LE encoded search pattern ('buffer', BytesField( size=lambda s: s['file_name_length'].get_value() )) ]) super(SMB2QueryDirectoryRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([('disk_file_id', IntField(size=8)), ('volume_id', IntField(size=8)), ('reserved', BytesField(size=16, default=b"\x00" * 16))]) super(SMB2CreateQueryOnDiskIDResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([('structure_size', IntField(size=2, default=24)), ('reserved1', IntField(size=2)), ('reserved2', IntField(size=4)), ('file_id', BytesField(size=16))]) super(SMB2FlushRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField( size=2, default=9, )), ('error_context_count', IntField( size=1, default=lambda s: len(s['error_data'].get_value()), )), ('reserved', IntField(size=1)), ('byte_count', IntField( size=4, default=lambda s: len(s['error_data']), )), ('error_data', ListField( size=lambda s: s['byte_count'].get_value(), list_count=lambda s: s['error_context_count'].get_value(), list_type=StructureField( structure_type=SMB2ErrorContextResponse), unpack_func=lambda s, d: self._error_data_value(s, d))), ]) super(SMB2ErrorResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([('lease_key', BytesField(size=16)), ('lease_state', FlagField(size=4, flag_type=LeaseState)), ('lease_flags', IntField(size=4)), ('lease_duration', IntField(size=8))]) super(SMB2CreateRequestLease, self).__init__()
def __init__(self): self.fields = OrderedDict([ # timeout is in milliseconds ('timeout', IntField(size=4)), ('reserved', IntField(size=4)) ]) super(SMB2SrvNetworkResiliencyRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField(size=2, default=24)), ('flags', FlagField(size=2, flag_type=CloseFlags)), ('reserved', IntField(size=4)), ('file_id', BytesField(size=16)) ]) super(SMB2CloseRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('max_referral_level', IntField(size=2, default=4)), ('request_flags', FlagField(size=2, flag_type=DFSReferralRequestFlags)), ('request_data_length', IntField( size=4, default=lambda s: 4 + s['request_file_name_length'].get_value( ) + s['site_name_length'].get_value(), )), ('request_file_name_length', IntField( size=2, default=lambda s: len(s['request_file_name']), )), ('request_file_name', TextField( null_terminated=True, size=lambda s: s['request_file_name_length'].get_value(), )), ('site_name_length', IntField( size=2, default=lambda s: len(s['site_name']), )), ('site_name', TextField( null_terminated=True, size=lambda s: s['site_name_length'].get_value(), )), ]) super(DFSReferralRequestEx, self).__init__()
def __init__(self): self.fields = OrderedDict([('structure_size', IntField( size=2, default=4, )), ('reserved', IntField(size=2))]) super(SMB2TreeDisconnect, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('version', IntField( size=4, default=1 )), ('has_initiator_id', BoolField( size=1, default=lambda s: len(s['initiator_host_name']) > 0 )), ('reserved', BytesField( size=3, default=b"\x00\x00\x00" )), ('initiator_id', UuidField(size=16)), ('flags', IntField(size=4)), ('originator_flags', EnumField( size=4, enum_type=SVHDXOriginatorFlags )), ('open_request_id', IntField(size=8)), ('initiator_host_name_length', IntField( size=2, default=lambda s: len(s['initiator_host_name']) )), # utf-16-le encoded string ('initiator_host_name', BytesField( size=lambda s: s['initiator_host_name_length'].get_value() )) ]) super(SMB2SVHDXOpenDeviceContextResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('protocol_id', BytesField( size=4, default=b"\xfeSMB", )), ('structure_size', IntField( size=2, default=64, )), ('credit_charge', IntField(size=2)), ('channel_sequence', IntField(size=2)), ('reserved', IntField(size=2)), ('command', EnumField( size=2, enum_type=Commands )), ('credit_request', IntField(size=2)), ('flags', FlagField( size=4, flag_type=Smb2Flags, )), ('next_command', IntField(size=4)), ('message_id', IntField(size=8)), ('process_id', IntField(size=4)), ('tree_id', IntField(size=4)), ('session_id', IntField(size=8)), ('signature', BytesField( size=16, default=b"\x00" * 16, )), ('data', BytesField()) ]) super(SMB2HeaderRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField( size=2, default=9, )), ('session_flags', FlagField( size=2, flag_type=SessionFlags, )), ( 'security_buffer_offset', IntField( size=2, default=72, # (header size 64) + (response size 8) )), ('security_buffer_length', IntField( size=2, default=lambda s: len(s['buffer']), )), ('buffer', BytesField( size=lambda s: s['security_buffer_length'].get_value(), )) ]) super(SMB2SessionSetupResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([ # 0 if no more entries, otherwise offset after ea_value ('next_entry_offset', IntField(size=4)), ('flags', FlagField( size=1, flag_type=EAFlags )), ('ea_name_length', IntField( size=1, default=lambda s: len(s['ea_name']) - 1 # minus \x00 )), ('ea_value_length', IntField( size=2, default=lambda s: len(s['ea_value']) )), # ea_name is ASCII byte encoded and needs a null terminator '\x00' ('ea_name', BytesField( size=lambda s: s['ea_name_length'].get_value() + 1 )), ('ea_value', BytesField( size=lambda s: s['ea_value_length'].get_value() )), # not actually a field but each list entry must start at the 4 byte # alignment ('padding', BytesField( size=lambda s: self._padding_size(s), default=lambda s: b"\x00" * self._padding_size(s) )) ]) super(SMB2CreateEABuffer, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('int_field', IntField(size=4)), ('bytes_field', BytesField(size=2)), ('var_field', BytesField(size=lambda s: s['int_field'].get_value(), )), ('default_field', IntField( size=2, default=b"\x01a", )), ('list_field', ListField( list_count=lambda s: s['int_field'].get_value(), list_type=BytesField(size=8), size=lambda s: s['int_field'].get_value() * 8, )), ('structure_length', IntField( size=2, little_endian=False, default=lambda s: len(s['structure_field']), )), ('structure_field', StructureField( size=lambda s: s['structure_length'].get_value(), structure_type=Structure2, )), ]) super(Structure1, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField(size=2, default=24)), ('reserved', IntField(size=2)), ('padding', IntField(size=4)), ('app_instance_version_high', IntField(size=8)), ('app_instance_version_low', IntField(size=8)) ]) super(SMB2CreateAppInstanceVersion, self).__init__()
def __init__(self): # TODO: validate this further when working with actual snapshots self.fields = OrderedDict([('number_of_snapshots', IntField(size=4)), ('number_of_snapshots_returned', IntField(size=4)), ('snapshot_array_size', IntField(size=4)), ('snapshots', BytesField())]) super(SMB2SrvSnapshotArray, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('process_id', IntField(size=4)), ('comp_name_length', IntField(size=4, default=lambda s: int(len(s['comp_name']) / 2))), ('comp_name', BytesField(size=lambda s: s['comp_name_length'].get_value() * 2)) ]) super(PAExecStartBuffer, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('total_allocation_units', IntField(size=8, unsigned=False)), ('caller_available_units', IntField(size=8, unsigned=False)), ('actual_available_units', IntField(size=8, unsigned=False)), ('sectors_per_unit', IntField(size=4)), ('bytes_per_sector', IntField(size=4)), ]) super(FileFsFullSizeInformation, self).__init__()
def __init__(self): self.fields = OrderedDict([ # timeout in milliseconds ('timeout', IntField(size=4)), ('flags', FlagField(size=4, flag_type=DurableHandleFlags)), ('reserved', IntField(size=8)), ('create_guid', UuidField(size=16)) ]) super(SMB2CreateDurableHandleRequestV2, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField( size=2, default=4 )), ('reserved', IntField(size=2)) ]) super(SMB2FlushResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField( size=2, default=20 )), ('reserved', IntField(size=2)), ('app_instance_id', BytesField(size=16)) ]) super(SMB2CreateAppInstanceId, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('lease_key', BytesField(size=16)), ('lease_state', FlagField(size=4, flag_type=LeaseState)), ('flags', FlagField(size=4, flag_type=LeaseResponseFlags)), ('lease_duration', IntField(size=8)), ('parent_lease_key', BytesField(size=16)), ('epoch', IntField(size=2)), ('reserved', IntField(size=2)) ]) super(SMB2CreateResponseLeaseV2, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('msg_id', EnumField(size=2, enum_type=PAExecMsgId)), ('unique_id', IntField(size=4)), ('buffer_length', IntField(size=4, default=lambda s: len(s['buffer']))), ('buffer', BytesField(size=lambda s: s['buffer_length'].get_value())) ]) super(PAExecMsg, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('next_entry_offset', IntField(size=4)), ('file_index', IntField(size=4)), ('file_name_length', IntField(size=4, default=lambda s: len(s['file_name']))), ('file_name', BytesField(size=lambda s: s['file_name_length'].get_value())) ]) super(FileNamesInformation, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('version_number', IntField(size=2, default=1)), ('size', IntField(size=2)), ('server_type', EnumField(size=2, enum_type=DFSServerTypes)), ('referral_entry_flags', FlagField(size=2, flag_type=DFSReferralEntryFlags)), ('share_name', TextField(null_terminated=True)), ]) super(DFSReferralEntryV1, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField(size=2, default=57)), ('reserved', IntField(size=2, default=0)), ('ctl_code', EnumField( size=4, enum_type=CtlCode, )), ('file_id', BytesField(size=16)), ('input_offset', IntField(size=4, default=lambda s: self._buffer_offset_value(s))), ('input_count', IntField( size=4, default=lambda s: len(s['buffer']), )), ('max_input_response', IntField(size=4)), ('output_offset', IntField(size=4, default=lambda s: self._buffer_offset_value(s))), ('output_count', IntField(size=4, default=0)), ('max_output_response', IntField(size=4)), ('flags', EnumField( size=4, enum_type=IOCTLFlags, )), ('reserved2', IntField(size=4, default=0)), ('buffer', BytesField(size=lambda s: s['input_count'].get_value())) ]) super(SMB2IOCTLRequest, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('structure_size', IntField(size=2, default=9)), ('output_buffer_offset', IntField(size=2, default=72)), ('output_buffer_length', IntField(size=4, default=lambda s: len(s['buffer']))), # this structure varies based on the requested information class ('buffer', BytesField(size=lambda s: s['output_buffer_length'].get_value())) ]) super(SMB2QueryDirectoryResponse, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('msg_id', EnumField(size=2, default=PAExecMsgId.MSGID_SETTINGS, enum_type=PAExecMsgId)), ('xor_val', IntField(size=4, default=os.urandom(4))), ('unique_id', IntField(size=4)), ('buffer_len', IntField(size=4)), ('buffer', StructureField(structure_type=PAExecSettingsBuffer)) ]) super(PAExecSettingsMsg, self).__init__()
def __init__(self): self.fields = OrderedDict([ ('filename_len', IntField(size=4, default=lambda s: int(len(s['filename']) / 2))), ('filename', BytesField(size=lambda s: s['filename_len'].get_value() * 2)), ('file_last_write', DateTimeField(size=8)), ('file_version_ls', IntField(size=4)), ('file_version_ms', IntField(size=4)), ('copy_file', BoolField(size=1)) ]) super(PAExecFileInfo, self).__init__()