class OpcDaCl_cancelLE(Packet):
name = "OpcDaCl_cancel"
fields_desc = [
PacketField('authentication', None, AuthentificationProtocol),
LEIntField('version', 0),
LEIntField('cancelId', 0),
]
def extract_padding(self, p):
return b"", p
class OpcDaCancel_ackLE(Packet):
name = "OpcDaCancel_ackLE"
fields_desc = [
LEIntField('version', 0),
LEIntField('cancelId', 0),
ByteField('accepting', 1)
]
def extract_padding(self, p):
return b"", p
class SMBSession_Setup_AndX_Request(Packet):
name = "Session Setup AndX Request"
fields_desc = [
StrFixedLenField("Start", b"\xffSMB", 4),
ByteEnumField("Command", 0x73,
{0x73: "SMB_COM_SESSION_SETUP_ANDX"}), # noqa: E501
ByteField("Error_Class", 0),
ByteField("Reserved", 0),
LEShortField("Error_Code", 0),
ByteField("Flags", 0x18),
LEShortField("Flags2", 0x0001),
LEShortField("PIDHigh", 0x0000),
LELongField("Signature", 0x0),
LEShortField("Unused", 0x0),
LEShortField("TID", 0),
LEShortField("PID", 1),
LEShortField("UID", 0),
LEShortField("MID", 2),
ByteField("WordCount", 13),
ByteEnumField("AndXCommand", 0x75,
{0x75: "SMB_COM_TREE_CONNECT_ANDX"}), # noqa: E501
ByteField("Reserved2", 0),
LEShortField("AndXOffset", 96),
LEShortField("MaxBufferS", 2920),
LEShortField("MaxMPXCount", 50),
LEShortField("VCNumber", 0),
LEIntField("SessionKey", 0),
LEFieldLenField("ANSIPasswordLength", None, "ANSIPassword"),
LEShortField("UnicodePasswordLength", 0),
LEIntField("Reserved3", 0),
LEShortField("ServerCapabilities", 0x05),
BitField("UnixExtensions", 0, 1),
BitField("Reserved4", 0, 7),
BitField("ExtendedSecurity", 0, 1),
BitField("CompBulk", 0, 2),
BitField("Reserved5", 0, 5),
LEShortField("ByteCount", 35),
StrLenField("ANSIPassword",
"Pass",
length_from=lambda x: x.ANSIPasswordLength), # noqa: E501
StrNullField("Account", "GUEST"),
StrNullField("PrimaryDomain", ""),
StrNullField("NativeOS", "Windows 4.0"),
StrNullField("NativeLanManager", "Windows 4.0"),
ByteField("WordCount2", 4),
ByteEnumField("AndXCommand2", 0xFF, {0xFF: "SMB_COM_NONE"}),
ByteField("Reserved6", 0),
LEShortField("AndXOffset2", 0),
LEShortField("Flags3", 0x2),
LEShortField("PasswordLength", 0x1),
LEShortField("ByteCount2", 18),
ByteField("Password", 0),
StrNullField("Path", "\\\\WIN2K\\IPC$"),
StrNullField("Service", "IPC")
]
class PAS5211SetVlanUplinkConfiguration(PAS5211Msg):
opcode = 39
name = "PAS5211SetVlanUplinkConfiguration"
fields_desc = [
LEShortField("port_id", None),
LEIntField("pvid_config_enabled", None),
LEShortField("min_cos", None),
LEShortField("max_cos", None),
LEIntField("de_bit", None),
LEShortField("reserved", None)
]
class PAS5211MsgSetAlarmConfig(PAS5211Msg):
opcode = 48
name = "PAS5211MsgSetAlarmConfig"
fields_desc = [
LEShortField("type", None),
LEShortField("activate", None),
LEIntField("parameter1", None),
LEIntField("parameter2", None),
LEIntField("parameter3", None),
LEIntField("parameter4", None)
]
def __init__(self, name, default, _min, _max, _min2, _max2, _lmb, _lmb2,
fmt, *args, **kargs):
LEIntField.__init__(self, name, default, *args, **kargs)
self.min_i2h = _min
self.max_i2h = _max
self.lambda_i2h = _lmb
self.min_h2i = _min2
self.max_h2i = _max2
self.lambda_h2i = _lmb2
self.rname = self.__class__.__name__
self.ffmt = fmt
def __init__(self, name, default, _min, _max, _min2, _max2, _lmb, _lmb2,
fmt, *args, **kargs):
LEIntField.__init__(self, name, default, *args, **kargs)
self.min_i2h = _min
self.max_i2h = _max
self.lambda_i2h = _lmb
self.min_h2i = _min2
self.max_h2i = _max2
self.lambda_h2i = _lmb2
self.rname = self.__class__.__name__
self.ffmt = fmt
class SkinnyMessageCloseReceiveChannel(Packet):
name = 'close receive channel'
fields_desc = [LEIntField('conference', 0),
LEIntField('passthru', 0),
IPField('remote', '0.0.0.0'),
LEIntField('port', RandShort()),
SkinnyRateField('rate', 20),
LEIntEnumField('codec', 4, _skinny_codecs),
LEIntField('precedence', 200),
LEIntEnumField('silence', 0, _skinny_silence),
LEIntField('callid', 0)]
class PAS5211GetPortIdDownstreamPolicingConfigResponse(PAS5211Msg):
opcode = 82
name = "PAS5211GetPortIdDownstreamPolicingConfigResponse"
fields_desc = [
LEIntField("committed_bandwidth", None),
LEIntField("excessive_bandwidth", None),
LEShortField("committed_burst_limit", None),
LEShortField("excessive_burst_limit", None),
LEShortField("ds_policing_config_id", None),
LEShortField("reserved", None)
]
class PAS5211MsgSetPortIdConfig(PAS5211Msg):
opcode = 18
name = "PAS5211MsgSetPortIdConfig"
fields_desc = [
LEShortField("port_id", None),
LEShortField("activate", PON_ENABLE),
LEShortField("alloc_id", None),
LEIntField("type", None),
LEIntField("destination", None), # Is this the CNI port
# if yes then values are 0-11 (for ruby)
LEShortField("reserved", None)
]
class PAS5211MsgGetLogicalObjectStatusResponse(PAS5211Msg):
opcode = 10463
name = "PAS5211MsgGetLogicalObjectStatusResponse"
fields_desc = [
LEIntField("type", None),
LEIntField("value", None),
FieldLenField("return_length",
None,
fmt="<H",
length_of="return_value"),
LEIntField("return_value", "")
]
class NTLMv2_CLIENT_CHALLENGE(Packet):
fields_desc = [
ByteField("RespType", 0),
ByteField("HiRespType", 0),
LEShortField("Reserved1", 0),
LEIntField("Reserved2", 0),
UTCTimeField("TimeStamp", None, fmt="<Q", epoch=[
1601, 1, 1, 0, 0, 0], custom_scaling=1e7),
StrFixedLenField("ChallengeFromClient", b"", length=8),
LEIntField("Reserved3", 0),
PacketListField("AvPairs", [AV_PAIR()], AV_PAIR)
]
class Skinny(Packet):
name = "Skinny"
fields_desc = [LEIntField("len", None),
LEIntField("res", 0),
LEIntEnumField("msg", 0, skinny_messages_cls)]
def post_build(self, pkt, p):
if self.len is None:
# on compte pas les headers len et reserved
tmp_len = len(p) + len(pkt) - 8
pkt = struct.pack('@I', tmp_len) + pkt[4:]
return pkt + p
class SkinnyMessageOpenReceiveChannel(Packet):
name = 'open receive channel'
fields_desc = [LEIntField('conference', 0),
LEIntField('passthru', 0),
SkinnyRateField('rate', 20),
LEIntEnumField('codec', 4, _skinny_codecs),
LEIntEnumField('echo', 0, _skinny_echo),
LEIntField('unknown1', 0),
LEIntField('callid', 0)]
def guess_payload_class(self, p):
return conf.padding_layer
class NEFICSMSG(Packet):
name = 'NEFICS simulation message'
fields_desc = [
LEIntField('SenderID', 0),
LEIntField('ReceiverID', 0),
LEIntEnumField('MessageID', 0xFFFFFFFF, MESSAGE_ID_MAP),
LEIntField('IntegerArg0', 0),
LEIntField('IntegerArg1', 0),
LEFloatField('FloatArg0', 0.0),
LEFloatField('FloatArg1', 0.0)
]
class RequestSubDataLE(Packet):
name = 'RequestSubData'
fields_desc = [
LEShortField('versionMajor', 0),
LEShortField('versionMinor', 0),
LEIntField('flags', 0),
LEIntField('reserved', 0),
UUIDField('subUuid', str('0001' * 8), uuid_fmt=UUIDField.FORMAT_LE),
StrField('subdata', ''),
]
def extract_padding(self, p):
return b"", p
class OpcDaAlter_Context_RespLE(Packet):
name = "OpcDaAlter_Context_RespLE"
fields_desc = [
LEShortField('maxXmitFrag', 5840),
LEShortField('maxRecvtFrag', 5840),
LEIntField('assocGroupId', 0),
PacketField('portSpec', '\x00\x00\x00\x00', LenStringPacketLE),
LEIntField('numResult', 0),
# PacketField('authentication', None, AuthentificationProtocol),
] # To complete
def extract_padding(self, p):
return b"", p
class OpcDaBind_ackLE(Packet):
name = "OpcDaBind_ackLE"
fields_desc = [
LEShortField('maxXmitFrag', 5840),
LEShortField('maxRecvtFrag', 5840),
LEIntField('assocGroupId', 0),
PacketField('portSpec', None, LenStringPacketLE),
LEIntField('pda2', 0),
PacketField('resultList', None, ResultListLE),
PacketField('authentication', None, AuthentificationProtocol),
]
def extract_padding(self, p):
return b"", p
class SMB2_Negotiate_Protocol_Response(Packet):
name = "SMB2 Negotiate Protocol Response"
fields_desc = [
XLEShortField("StructureSize", 0),
FlagsField("SecurityMode", 0, -16, {
0x1: "Signing Required",
0x2: "Signing Enabled",
}),
LEShortEnumField("DialectRevision", 0x0, SMB_DIALECTS),
FieldLenField("NegotiateCount",
None,
fmt="<H",
count_of="NegotiateContexts"),
UUIDField("ServerGUID", 0x0, uuid_fmt=UUIDField.FORMAT_LE),
# Capabilities
FlagsField("Capabilities", 0, -32, SMB2_CAPABILITIES),
LEIntField("MaxTransactionSize", 0),
LEIntField("MaxReadSize", 0),
LEIntField("MaxWriteSize", 0),
UTCTimeField("SystemTime",
None,
fmt="<Q",
epoch=[1601, 1, 1, 0, 0, 0],
custom_scaling=1e7),
UTCTimeField("ServerStartTime",
None,
fmt="<Q",
epoch=[1601, 1, 1, 0, 0, 0],
custom_scaling=1e7),
XLEShortField("SecurityBlobOffset", 0),
FieldLenField("SecurityBlobLength",
None,
fmt="<H",
length_of="SecurityBlob"),
XLEIntField("NegotiateContextOffset", 0),
PacketLenField("SecurityBlob",
None,
GSSAPI_BLOB,
length_from=lambda x: x.SecurityBlobLength),
# Field only exists if Dialect is 0x0311
# Each negotiate context must be 8-byte aligned
ConditionalField(
FieldListField("NegotiateContexts", [],
ReversePadField(
PacketField("Context", None,
SMB2_Negotiate_Context), 8),
count_from=lambda pkt: pkt.NegotiateCount),
lambda x: x.DialectRevision == 0x0311),
]
class PAS5211EventOnuActivation(PAS5211Event):
name = "PAS5211EventOnuActivation"
event_type = 1
fields_desc = [
StrFixedLenField("serial_number", None, length=8),
LEIntField("equalization_period", None)
]
class SkinnyMessageSetLamp(Packet):
name = 'Lamp message (light of the phone)'
fields_desc = [
LEIntEnumField("stimulus", 0x5, skinny_stimulus),
LEIntField("instance", 1),
LEIntEnumField("mode", 2, skinny_lamp_mode)
]
class OpcDaHeaderNLE(OpcDaHeaderN):
name = "OpcDaHeaderNextLE"
fields_desc = [
LEShortField('fragLenght', 0),
LEShortEnumField('authLenght', 0, _authentification_protocol),
LEIntField('callID', 0)
]
class BaseSendPacket(Packet):
""" Abstract Class"""
fields_desc = [
LEIntField("interfaceHandle", 0),
LEShortField("timeout", 0),
PacketField("encapsulatedPacket", None, EncapsulatedPacket),
]
class PAS5211SetUpstreamPolicingConfig(PAS5211Msg):
opcode = 77
name = "PAS5211SetUpstreamPolicingConfig"
fields_desc = [
LEIntField("bandwidth", None),
LEShortField("burst_limit", None),
LEShortField("reserved", None)
]
class ENIPListIdentityReplyItems(Packet):
"""List Identity Items Field"""
name = "ENIPListIdentityReplyItems"
fields_desc = [
LEIntField("itemTypeCode", 0),
FieldLenField("itemLength", 0, length_of="itemData"),
StrLenField("itemData", "", length_from=lambda pkt: pkt.item_length),
]
class SAPCARCompressedBlobFormat(PacketNoPadded):
"""SAP CAR compressed blob
This is used for decompressing blobs inside the compressed block.
"""
name = "SAP CAR Archive Compressed blob"
fields_desc = [
LEIntField("compressed_length", None),
LEIntField("uncompress_length", None),
ByteEnumField("algorithm", 0x12, {0x12: "LZH", 0x10: "LZC"}),
StrFixedLenField("magic_bytes", "\x1f\x9d", 2),
ByteField("special", 2),
ConditionalField(StrField("blob", None, remain=4), lambda x: x.compressed_length <= 8),
ConditionalField(StrFixedLenField("blob", None, length_from=lambda x: x.compressed_length - 8),
lambda x: x.compressed_length > 8),
]
class OpcDaFaultLE(Packet):
name = "OpcDaFault"
fields_desc = [
LEIntField('allocHint', 0),
LEShortField('contextId', 0),
ByteField('cancelCount', 0),
ByteField('reserved', 0),
LEIntEnumField('Group', 0, _faultStatus),
LEIntField('reserved2', 0),
StrLenField('subData',
None,
length_from=lambda pkt: pkt.allocHint - 32),
PacketField('authentication', None, AuthentificationProtocol),
]
def extract_padding(self, p):
return b"", p
class OpcDaFackLE(Packet):
name = "OpcDaFackLE"
fields_desc = [
LEShortField('version', 0),
ByteField('pad', 0),
LEShortField('windowSize', 0),
LEIntField('maxTsdu', 0),
LEIntField('maxFragSize', 0),
LEShortField('serialNum', 0),
LEFieldLenField('selackLen', 0, count_of='selack', fmt="<H"),
PacketListField('selack',
None,
LEIntField,
count_from=lambda pkt: pkt.selackLen),
]
def extract_padding(self, p):
return b"", p
class STDOBJREF(Packet):
name = 'stdObjRef'
fields_desc = [
LEIntEnumField('flags', 1, {0: 'PINGING', 8: 'SORF_NOPING'}),
LEIntField('cPublicRefs', 0),
LELongField('OXID', 0),
LELongField('OID', 0),
PacketField('IPID', None, UUIDField),
]
class PPI(Packet):
name = "Per-Packet Information header (PPI)"
fields_desc = [ByteField('version', 0),
ByteField('flags', 0),
FieldLenField('len', None, length_of="PPIFieldHeaders", fmt="<H", adjust=lambda p, x: x + 8), # noqa: E501
LEIntField('dlt', 1),
PacketListField("PPIFieldHeaders", [], _PPIGuessPayloadClass, length_from=lambda p: p.len - 8,)] # noqa: E501
def guess_payload_class(self, payload):
return conf.l2types.get(self.dlt, Packet.guess_payload_class(self, payload)) # noqa: E501
class SMBNegociate_Protocol_Response_Advanced_Security(Packet):
name = "SMBNegociate Protocol Response Advanced Security"
fields_desc = [
StrFixedLenField("Start", b"\xffSMB", 4),
ByteEnumField("Command", 0x72, {0x72: "SMB_COM_NEGOTIATE"}),
ByteField("Error_Class", 0),
ByteField("Reserved", 0),
LEShortField("Error_Code", 0),
ByteField("Flags", 0x98),
LEShortField("Flags2", 0x0000),
LEShortField("PIDHigh", 0x0000),
LELongField("Signature", 0x0),
LEShortField("Unused", 0x0),
LEShortField("TID", 0),
LEShortField("PID", 1),
LEShortField("UID", 0),
LEShortField("MID", 2),
ByteField("WordCount", 17),
LEShortField("DialectIndex", 7),
ByteField("SecurityMode", 0x03),
LEShortField("MaxMpxCount", 50),
LEShortField("MaxNumberVC", 1),
LEIntField("MaxBufferSize", 16144),
LEIntField("MaxRawSize", 65536),
LEIntField("SessionKey", 0x0000),
LEShortField("ServerCapabilities", 0xf3f9),
BitField("UnixExtensions", 0, 1),
BitField("Reserved2", 0, 7),
BitField("ExtendedSecurity", 1, 1),
BitField("CompBulk", 0, 2),
BitField("Reserved3", 0, 5),
# There have been 127490112000000000 tenths of micro-seconds between 1st january 1601 and 1st january 2005. 127490112000000000=0x1C4EF94D6228000, so ServerTimeHigh=0xD6228000 and ServerTimeLow=0x1C4EF94. # noqa: E501
LEIntField("ServerTimeHigh", 0xD6228000),
LEIntField("ServerTimeLow", 0x1C4EF94),
LEShortField("ServerTimeZone", 0x3c),
ByteField("EncryptionKeyLength", 0),
LEFieldLenField("ByteCount",
None,
"SecurityBlob",
adjust=lambda pkt, x: x - 16), # noqa: E501
BitField("GUID", 0, 128),
StrLenField("SecurityBlob", "", length_from=lambda x: x.ByteCount + 16)
] # noqa: E501
def __init__(self, name, default, epoch=None, strf="%a, %d %b %Y %H:%M:%S +0000"): # noqa: E501
LEIntField.__init__(self, name, default)
UTCTimeField.__init__(self, name, default, epoch=epoch, strf=strf)
