def generate_tree_connect_andx_response(disassembled_netbios_part, disassembled_smb_header): tree_con_andxsponse_smb_header = toolkit_smb_header(disassembled_smb_header, "\x75") tree_con_andxsponse_nsponse = toolkit_tree_connect_andx_response() # cmd=negotiate; flags; tree_id=65535; process_id=65270; user_id=0x0000; multiplex_id=0x0000 # user_id = not mistake; multiplex_id = multiplex_id last packet, this is just a guess tree_con_andxsponse_netbios = netbios.toolkit(tree_con_andxsponse_smb_header+tree_con_andxsponse_nsponse) tree_con_andxsponse = tree_con_andxsponse_netbios+tree_con_andxsponse_smb_header+tree_con_andxsponse_nsponse return tree_con_andxsponse
def generate_MS10_020(disassembled_netbios_part, disassembled_smb_header): MS10_020_smb_header = toolkit_smb_header(disassembled_smb_header, "\x32") MS10_020_inner = MS10_020() MS10_020_netbios = netbios.toolkit(MS10_020_smb_header+MS10_020_inner) return MS10_020_netbios+MS10_020_smb_header+MS10_020_inner
def generate_nt_create_andx_response(disassembled_netbios_part, disassembled_smb_header, disassembled_tree_connect_andx_request): nt_create_andx_smb_header = toolkit_smb_header(disassembled_smb_header, "\xa2") nt_create_andx_response = toolkit_nt_create_andx_response(disassembled_tree_connect_andx_request) nt_create_andx_netbios = netbios.toolkit(nt_create_andx_smb_header+nt_create_andx_response) return nt_create_andx_netbios+nt_create_andx_smb_header+nt_create_andx_response
def generate_logoff_andx_response(disassembled_netbios_part, disassembled_smb_header): logoff_andx_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x74") logoff_andx_response = toolkit_logoff_andx_response() logoff_andx_response_netbios = netbios.toolkit(logoff_andx_response_smb_header+logoff_andx_response)
def generate_tree_disconnect_response(disassembled_netbios_part, disassembled_smb_header): tree_disconnect_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x71") tree_disconnect_response = toolkit_tree_disconnect_response() tree_con_andxsponse_netbios = netbios.toolkit(tree_disconnect_response_smb_header+tree_disconnect_response) return tree_con_andxsponse_netbios+tree_disconnect_response_smb_header+tree_disconnect_response
def generate_session_setup_andx_response(disassembled_netbios_part, disassembled_smb_header): session_setup_andx_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x73") session_setup_andx_response = toolkit_session_setup_andx_response() session_setup_andx_response_netbios = netbios.toolkit(session_setup_andx_response_smb_header+session_setup_andx_response) return session_setup_andx_response_netbios+session_setup_andx_response_smb_header+session_setup_andx_response
def generate_nego_proto_resp(disassembled_netbios_part, disassembled_smb_header): nsponse_smb_header = toolkit_smb_header(disassembled_smb_header, "\x72") nsponse_nsponse = toolkit_negotiate_response() nsponse_netbios = netbios.toolkit(nsponse_smb_header+nsponse_nsponse) negoResponse = nsponse_netbios+nsponse_smb_header+nsponse_nsponse return negoResponse
def generate_trans2_response(disassembled_netbios_part, disassembled_smb_header): trans2_smb_header = toolkit_smb_header(disassembled_smb_header, "\x32") trans2_inner = toolkit_trans2_response() trans2_netbios = netbios.toolkit(trans2_smb_header+trans2_inner) trans2Response = trans2_netbios+trans2_smb_header+trans2_inner return trans2Response
def close_response(disassembled_netbios_part, disassembled_smb_header): close_smb_header = toolkit_smb_header(disassembled_smb_header, "\x04") close_inner = "\x00\x00\x00" close_netbios = netbios.toolkit(close_smb_header+close_inner) close_response = close_netbios+close_smb_header+close_inner return close_response