class LLTDAttributeMachineName(LLTDAttribute):
name = "LLTD Attribute - Machine Name"
fields_desc = [
FieldLenField("len", None, length_of="hostname", fmt="B"),
StrLenFieldUtf16("hostname", "", length_from=lambda pkt: pkt.len),
]
def mysummary(self):
return (self.sprintf("Hostname: %r" % self.hostname),
[LLTD, LLTDAttributeHostID])
class AV_PAIR(Packet):
name = "NTLM AV Pair"
fields_desc = [
LEShortEnumField(
'AvId', 0, {
0x0000: "MsvAvEOL",
0x0001: "MsvAvNbComputerName",
0x0002: "MsvAvNbDomainName",
0x0003: "MsvAvDnsComputerName",
0x0004: "MsvAvDnsDomainName",
0x0005: "MsvAvDnsTreeName",
0x0006: "MsvAvFlags",
0x0007: "MsvAvTimestamp",
0x0008: "MsvAvSingleHost",
0x0009: "MsvAvTargetName",
0x000A: "MsvAvChannelBindings",
}),
FieldLenField('AvLen', None, length_of="Value", fmt="<H"),
MultipleTypeField([
(LEIntEnumField(
'Value', 1, {
0x0001: "constrained",
0x0002: "MIC integrity",
0x0004: "SPN from untrusted source"
}), lambda pkt: pkt.AvId == 0x0006),
(UTCTimeField("Value",
None,
epoch=[1601, 1, 1, 0, 0, 0],
custom_scaling=1e7,
fmt="<Q"), lambda pkt: pkt.AvId == 0x0007),
(PacketField('Value', Single_Host_Data(),
Single_Host_Data), lambda pkt: pkt.AvId == 0x0008),
(XStrLenField('Value', b"", length_from=lambda pkt: pkt.AvLen),
lambda pkt: pkt.AvId == 0x000A),
], StrLenFieldUtf16('Value', b"", length_from=lambda pkt: pkt.AvLen))
]
def default_payload_class(self, payload):
return conf.padding_layer