class SAPMSLogon(PacketNoPadded): """SAP Message Server Logon packet. Packet containing logon data. """ name = "SAP Message Server Logon" fields_desc = [ ShortEnumKeysField("type", 0, ms_logon_type_values), ShortField("port", 0), IPField("address", "0.0.0.0"), FieldLenField("logonname_length", None, length_of="logonname", fmt="!H"), # <= 80h bytes StrLenField("logonname", "", length_from=lambda pkt: pkt.logonname_length), FieldLenField("prot_length", None, length_of="prot", fmt="!H"), # <= 80h bytes StrLenField("prot", "", length_from=lambda pkt: pkt.prot_length), FieldLenField("host_length", None, length_of="host", fmt="!H"), # <= 100h bytes StrLenField("host", "", length_from=lambda pkt: pkt.host_length), FieldLenField("misc_length", None, length_of="misc", fmt="!H"), # <= 100h bytes StrLenField("misc", "", length_from=lambda pkt: pkt.misc_length), FieldLenField("address6_length", 16, length_of="address6", fmt="!H"), # == 16 bytes IP6Field("address6", "::"), ]
class SAPSNCFrame(PacketNoPadded): """SAP SNC Frame packet This packet is used to contain and wrap SNC Frames. """ name = "SAP SNC Frame" fields_desc = [ StrFixedLenField("eye_catcher", "SNCFRAME", 8), ByteEnumKeysField("frame_type", 2, snc_frame_type), ByteField("protocol_version", 5), ShortField("header_length", 24), FieldLenField("token_length", 0, length_of="token", fmt="I"), FieldLenField("data_length", 0, length_of="data", fmt="I"), ShortEnumKeysField("mech_id", 3, snc_mech_id_values), ShortField("flags", 0), ConditionalField(IntField("ext_flags", 0), lambda pkt: pkt.header_length > 24), ConditionalField( FieldLenField("ext_field_length", 0, length_of="ext_fields", fmt="!H"), lambda pkt: pkt.header_length > 24), ConditionalField( StrLenField("ext_fields", "", length_from=lambda pkt: pkt.ext_field_length), lambda pkt: pkt.header_length > 24), StrLenField("token", "", length_from=lambda pkt: pkt.token_length), StrLenField("data", "", length_from=lambda pkt: pkt.data_length), ]
class SAPMSProperty(PacketNoPadded): """SAP Message Server Property packet. Packet containing information about properties. """ name = "SAP Message Server Property" fields_desc = [ StrNullFixedLenField("client", None, 39), IntEnumField("id", 0x00, ms_property_id_values), # MS_PROPERTY_VHOST ConditionalField(ShortEnumKeysField("logon", 0, ms_logon_type_values), lambda pkt:pkt.id in [0x02]), # MS_PROPERTY_IPADR ConditionalField(IPField("address", "0.0.0.0"), lambda pkt:pkt.id in [0x03]), ConditionalField(IP6Field("address6", "::"), lambda pkt:pkt.id in [0x03]), # MS_PROPERTY_PARAM ConditionalField(StrNullField("param", ""), lambda pkt:pkt.id in [0x04]), ConditionalField(StrNullField("value", ""), lambda pkt:pkt.id in [0x04]), # MS_PROPERTY_SERVICE ConditionalField(ShortField("service", 0), lambda pkt:pkt.id in [0x05]), # Release Information fields ConditionalField(StrNullFixedLenField("release", "720", length=9), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("patchno", 0), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("supplvl", 0), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("platform", 0), lambda pkt:pkt.id in [0x07]), ]
class SAPDiagUIEventSource(PacketNoPadded): name = "UI Event Source" fields_desc = [ BitField("valid_unused", 0, 4), BitField("valid_functionkey_data", 0, 1), BitField("valid_navigation_data", 0, 1), BitField("valid_control_pos", 0, 1), BitField("valid_menu_pos", 0, 1), ShortEnumKeysField("event_type", 0, diag_ui_event_type_values), ShortEnumKeysField("control_type", 0, diag_ui_event_control_values), ConditionalField(ByteEnumKeysField("navigation_data", 0, diag_ui_event_navigation_data_values), lambda pkt:pkt.valid_navigation_data), ConditionalField(ByteField("event_data", 0), lambda pkt:not pkt.valid_navigation_data), ShortField("control_row", 0), ShortField("control_col", 0), FieldLenField("container_nrs", None, count_of="containers"), FieldListField("containers", None, ByteField("container", 0), count_from=lambda x:x.container_nrs) ]
class SAPMSProperty(Packet): """SAP Message Server Property packet. Packet containing information about properties. """ name = "SAP Message Server Property" fields_desc = [ StrNullFixedLenField("client", None, 40), IntEnumField("id", 0x00, ms_property_id_values), # MS_PROPERTY_VHOST ConditionalField(ShortEnumKeysField("logon", 0, ms_logon_type_values), lambda pkt:pkt.id in [0x02]), ConditionalField(StrFixedLenField("pad", None, 12), lambda pkt:pkt.id in [0x02]), ConditionalField(ShortField("len", 0), lambda pkt:pkt.id in [0x02]), ConditionalField(StrLenField("value", "", length_from=lambda pkt: pkt.len), lambda pkt:pkt.id in [0x02]), ConditionalField(ShortField("pad2", 0xffff), lambda pkt:pkt.id in [0x02]), # MS_PROPERTY_IPADR ConditionalField(IPField("address", "0.0.0.0"), lambda pkt:pkt.id in [0x03]), ConditionalField(IP6Field("address6", "::"), lambda pkt:pkt.id in [0x03]), # MS_PROPERTY_PARAM ConditionalField(FieldLenField("param_len", 0, length_of="param", fmt="I"), lambda pkt:pkt.id in [0x04]), ConditionalField(StrLenField("param", "", length_from=lambda pkt: pkt.param_len), lambda pkt:pkt.id in [0x04]), ConditionalField(StrLenField("param_padding", "", length_from=lambda pkt: 100 - pkt.param_len), lambda pkt:pkt.id in [0x04]), ConditionalField(ShortField("pad3", 0), lambda pkt:pkt.id in [0x04]), ConditionalField(FieldLenField("value_len", 0x0, length_of="value", fmt="H"), lambda pkt:pkt.id in [0x04]), ConditionalField(StrLenField("value", "", length_from=lambda pkt:pkt.value_len), lambda pkt:pkt.id in [0x04]), # MS_PROPERTY_SERVICE ConditionalField(ShortField("service", 0), lambda pkt:pkt.id in [0x05]), ConditionalField(ByteField("value", 0), lambda pkt:pkt.id in [0x05]), # Release Information fields ConditionalField(StrNullFixedLenField("release", "720", length=10), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("patchno", 0), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("supplvl", 0), lambda pkt:pkt.id in [0x07]), ConditionalField(IntField("platform", 0), lambda pkt:pkt.id in [0x07]), ]
class SAPMS(Packet): """SAP Message Server packet This packet is used for the Message Server protocol. """ name = "SAP Message Server" fields_desc = [ StrFixedLenField("eyecatcher", "**MESSAGE**\x00", 12), ByteField("version", 0x04), ByteEnumKeysField("errorno", 0x00, ms_errorno_values), StrFixedLenField("toname", "-" + " " * 39, 40), FlagsField("msgtype", 0, 8, ["DIA", "UPD", "ENQ", "BTC", "SPO", "UP2", "ATP", "ICM"]), ByteField("reserved", 0x00), ByteEnumKeysField("domain", 0x00, ms_domain_values), ByteField("reserved", 0x00), StrFixedLenField("key", "\x00" * 8, 8), ByteEnumKeysField("flag", 0x01, ms_flag_values), ByteEnumKeysField("iflag", 0x01, ms_iflag_values), StrFixedLenField("fromname", "-" + " " * 39, 40), ShortField("padd", 0x0000), # OpCode fields ConditionalField(ByteEnumKeysField("opcode", 0x00, ms_opcode_values), lambda pkt: pkt.iflag in [0x00, 0x01]), ConditionalField( ByteEnumKeysField("opcode_error", 0x00, ms_opcode_error_values), lambda pkt: pkt.iflag in [0x00, 0x01]), ConditionalField(ByteField("opcode_version", 0x01), lambda pkt: pkt.iflag in [0x00, 0x01]), ConditionalField(ByteField("opcode_charset", 0x03), lambda pkt: pkt.iflag in [0x00, 0x01]), ConditionalField( StrField("opcode_value", ""), lambda pkt: pkt.iflag in [0x00, 0x01] and pkt.opcode not in [ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x11, 0x1c, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2f, 0x43, 0x44, 0x45, 0x46, 0x47, 0x4a ]), # Adm OpCode fields ConditionalField( StrFixedLenField("adm_eyecatcher", "AD-EYECATCH\x00", 12), lambda pkt: pkt.iflag == 0x05), ConditionalField(ByteField("adm_version", 0x01), lambda pkt: pkt.iflag == 0x05), ConditionalField( ByteEnumKeysField("adm_type", 0x01, ms_adm_type_values), lambda pkt: pkt.iflag == 0x05), ConditionalField(IntToStrField("adm_recsize", 104, 11), lambda pkt: pkt.iflag == 0x05), ConditionalField(IntToStrField("adm_recno", 1, 11), lambda pkt: pkt.iflag == 0x05), ConditionalField(PacketListField("adm_records", None, SAPMSAdmRecord), lambda pkt: pkt.iflag == 0x05), # Server List fields ConditionalField( PacketListField("clients", None, SAPMSClient1), lambda pkt: pkt. opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x01), ConditionalField( PacketListField("clients", None, SAPMSClient2), lambda pkt: pkt. opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x02), ConditionalField( PacketListField("clients", None, SAPMSClient3), lambda pkt: pkt. opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x03), ConditionalField( PacketListField("clients", None, SAPMSClient4), lambda pkt: pkt. opcode in [0x02, 0x03, 0x04, 0x05] and pkt.opcode_version == 0x04), # Change IP fields ConditionalField(IPField("change_ip_addressv4", "0.0.0.0"), lambda pkt: pkt.opcode == 0x06), ConditionalField( IP6Field("change_ip_addressv6", "::"), lambda pkt: pkt.opcode == 0x06 and pkt.opcode_version == 0x02), # Get/Set Text fields ConditionalField(StrFixedLenField("text_name", "", 40), lambda pkt: pkt.opcode in [0x22, 0x23]), ConditionalField( FieldLenField("text_length", None, length_of="text_value", fmt="!I"), lambda pkt: pkt.opcode in [0x22, 0x23]), ConditionalField( StrFixedLenField("text_value", "", length_from=lambda pkt: pkt.text_length or 80), lambda pkt: pkt.opcode in [0x22, 0x23]), # Counter fields ConditionalField( PacketField("counter", None, SAPMSCounter), lambda pkt: pkt.opcode in [0x24, 0x25, 0x26, 0x27, 0x28, 0x29]), ConditionalField(PacketListField("counters", None, SAPMSCounter), lambda pkt: pkt.opcode in [0x2a]), # Security Key 1 fields ConditionalField(StrFixedLenField("security_name", None, 40), lambda pkt: pkt.opcode in [0x07, 0x08]), ConditionalField(StrFixedLenField("security_key", None, 256), lambda pkt: pkt.opcode in [0x07, 0x08]), # Security Key 2 fields ConditionalField(IPField("security2_addressv4", "0.0.0.0"), lambda pkt: pkt.opcode == 0x09), ConditionalField(ShortField("security2_port", 0), lambda pkt: pkt.opcode == 0x09), ConditionalField(StrFixedLenField("security2_key", None, 256), lambda pkt: pkt.opcode == 0x09), ConditionalField(IP6Field("security2_addressv6", "::"), lambda pkt: pkt.opcode == 0x09), # Hardware ID field ConditionalField(StrNullFixedLenField("hwid", "", length=99), lambda pkt: pkt.opcode == 0x0a), # Statistics ConditionalField(PacketField("stats", None, SAPMSStat3), lambda pkt: pkt.opcode == 0x11 and pkt.flag == 0x03), # Codepage ConditionalField(IntField("codepage", 0), lambda pkt: pkt.opcode == 0x1c and pkt.flag == 0x03), # Dump Info Request fields ConditionalField(ByteField("dump_dest", 0x02), lambda pkt: pkt.opcode == 0x1E and pkt.flag == 0x02), ConditionalField(StrFixedLenField("dump_filler", "\x00\x00\x00", 3), lambda pkt: pkt.opcode == 0x1E and pkt.flag == 0x02), ConditionalField(ShortField("dump_index", 0x00), lambda pkt: pkt.opcode == 0x1E and pkt.flag == 0x02), ConditionalField( ShortEnumKeysField("dump_command", 0x01, ms_dump_command_values), lambda pkt: pkt.opcode == 0x1E and pkt.flag == 0x02), ConditionalField(StrFixedLenField("dump_name", "\x00" * 40, 40), lambda pkt: pkt.opcode == 0x1E and pkt.flag == 0x02), # File Reload fields ConditionalField( ByteEnumKeysField("file_reload", 0, ms_file_reload_values), lambda pkt: pkt.opcode == 0x1f), ConditionalField(StrFixedLenField("file_filler", "\x00\x00\x00", 3), lambda pkt: pkt.opcode == 0x1f), # Get/Set/Del Logon fields ConditionalField(PacketField("logon", None, SAPMSLogon), lambda pkt: pkt.opcode in [0x2b, 0x2c, 0x2d]), # Server Disconnect/Shutdown fields ConditionalField(PacketField("shutdown_client", None, SAPMSClient3), lambda pkt: pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]), ConditionalField( FieldLenField("shutdown_reason_length", None, length_of="shutdown_reason", fmt="!H"), lambda pkt: pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]), ConditionalField( StrLenField("shutdown_reason", "", length_from=lambda pkt: pkt.shutdown_reason_length), lambda pkt: pkt.opcode in [0x2e, 0x2f, 0x30, 0x4a]), # Get/Set Property fields ConditionalField(PacketField("property", None, SAPMSProperty), lambda pkt: pkt.opcode in [0x43, 0x44, 0x45]), # IP/Port to name fields ConditionalField( IPField("ip_to_name_address4", "0.0.0.0"), lambda pkt: pkt.opcode == 0x46 and pkt.opcode_version == 0x01), ConditionalField( IP6Field("ip_to_name_address6", "::"), lambda pkt: pkt.opcode == 0x46 and pkt.opcode_version == 0x02), ConditionalField(ShortField("ip_to_name_port", 0), lambda pkt: pkt.opcode == 0x46), ConditionalField( FieldLenField("ip_to_name_length", None, length_of="ip_to_name", fmt="!I"), lambda pkt: pkt.opcode == 0x46), ConditionalField( StrLenField("ip_to_name", "", length_from=lambda pkt: pkt.logonname_length), lambda pkt: pkt.opcode == 0x46), # Check ACL fields ConditionalField(ShortField("error_code", 0), lambda pkt: pkt.opcode == 0x47), ConditionalField(StrFixedLenField("acl", "", 46), lambda pkt: pkt.opcode == 0x47), ]