def __init__(self, reader): self.unk0 = DWORD(reader).value #// dword_1233EC8 dd 4 self.cbItem = DWORD(reader).value #// debug048:01233ECC dd 5(reader).value self.unk1 = PVOID(reader).value self.unk2 = PVOID(reader).value #//KERB_HASHPASSWORD_5 KeysEntries[ANYSIZE_ARRAY] = (reader).value self.KeyEntries_start = reader.tell() self.KeyEntries = []
def __init__(self, reader): #print('KIWI_KERBEROS_KEYS_LIST_6') #print(hexdump(reader.peek(0x100), start = reader.tell())) self.unk0 = DWORD(reader).value # // dword_1233EC8 dd 4(reader).value self.cbItem = DWORD(reader).value # // debug048:01233ECC dd 5(reader).value self.unk1 = PVOID(reader).value self.unk2 = PVOID(reader).value self.unk3 = PVOID(reader).value self.unk4 = PVOID(reader).value self.KeyEntries_start = reader.tell() self.KeyEntries = []
def __init__(self, reader): self.PinCode = LSA_UNICODE_STRING(reader) self.unk0 = PVOID(reader).value self.unk1 = PVOID(reader).value self.CertificateInfos = PVOID(reader).value self.unk2 = PVOID(reader).value self.unkData = PVOID(reader).value #// 0 = CspData(reader).value self.Flags = DWORD(reader).value #// 0 = CspData(reader).value self.unkFlags = DWORD(reader).value #// 0x141 (not 0x61) self.CspDataLength = DWORD(reader).value self.CspData = KERB_SMARTCARD_CSP_INFO(reader).value
def __init__(self, reader): self.dwCspInfoLen = DWORD(reader).value self.ContextInformation = PVOID(reader).value self.nCardNameOffset = ULONG(reader).value self.nReaderNameOffset = ULONG(reader).value self.nContainerNameOffset = ULONG(reader).value self.nCSPNameOffset = ULONG(reader).value self.bBuffer = WCHAR(reader).value
class KIWI_KERBEROS_BUFFER: def __init__(self, reader): self.Length = ULONG(reader).value reader.align() self.Value = PVOID(reader) ##not part of struct self.Data = None def read(self, reader): self.Data = self.Value.read_raw(reader, self.Length) return self.Data
def __init__(self, reader): self.dwCspInfoLen = DWORD(reader).value self.MessageType = DWORD(reader).value self.ContextInformation = PVOID(reader).value #U self.SpaceHolderForWow64 = ULONG64(reader).value #U self.flags = DWORD(reader).value self.KeySpec = DWORD(reader).value self.nCardNameOffset = ULONG(reader).value self.nReaderNameOffset = ULONG(reader).value self.nContainerNameOffset = ULONG(reader).value self.nCSPNameOffset = ULONG(reader).value self.bBuffer[ANYSIZE_ARRAY] = WCHAR(reader).value