def __init__(self, reader): self.UsageCount = ULONG(reader).value reader.align() self.unk0 = LIST_ENTRY(reader) self.unk1 = PVOID(reader).value self.unk1b = ULONG(reader).value reader.align() self.unk2 = FILETIME(reader).value self.unk4 = PVOID(reader).value self.unk5 = PVOID(reader).value self.unk6 = PVOID(reader).value self.LocallyUniqueIdentifier = LUID(reader).value self.unk7 = FILETIME(reader).value self.unk8 = PVOID(reader).value self.unk8b = ULONG(reader).value reader.align() self.unk9 = FILETIME(reader).value self.unk11 = PVOID(reader).value self.unk12 = PVOID(reader).value self.unk13 = PVOID(reader).value self.credentials = KIWI_KERBEROS_10_PRIMARY_CREDENTIAL(reader) self.unk14 = ULONG(reader).value self.unk15 = ULONG(reader).value self.unk16 = ULONG(reader).value self.unk17 = ULONG(reader).value #self.unk18 = PVOID(reader).value self.unk19 = PVOID(reader).value self.unk20 = PVOID(reader).value self.unk21 = PVOID(reader).value self.unk22 = PVOID(reader).value self.unk23 = PVOID(reader).value self.unk24 = PVOID(reader).value self.unk25 = PVOID(reader).value self.pKeyList = PVOID(reader) self.unk26 = PVOID(reader).value self.Tickets_1 = LIST_ENTRY(reader) self.unk27 = FILETIME(reader).value self.Tickets_2 = LIST_ENTRY(reader) self.unk28 = FILETIME(reader).value self.Tickets_3 = LIST_ENTRY(reader) self.unk29 = FILETIME(reader).value self.SmartcardInfos = PVOID(reader).value
def __init__(self, reader): self.Flink = PKIWI_MSV1_0_LIST_52(reader) self.Blink = PKIWI_MSV1_0_LIST_52(reader) self.LocallyUniqueIdentifier = LUID(reader).value self.UserName = LSA_UNICODE_STRING(reader) self.Domaine = LSA_UNICODE_STRING(reader) self.unk0 = PVOID(reader).value self.unk1 = PVOID(reader).value self.pSid = PSID(reader) self.LogonType = ULONG(reader).value self.Session = ULONG(reader).value reader.align(8) self.LogonTime = int.from_bytes(reader.read(8), byteorder = 'little', signed = False) #autoalign x86 self.LogonServer = LSA_UNICODE_STRING(reader) self.Credentials_list_ptr = PKIWI_MSV1_0_CREDENTIAL_LIST(reader) self.unk19 = ULONG(reader).value reader.align() self.unk20 = PVOID(reader).value self.unk21 = PVOID(reader).value self.unk22 = ULONG(reader).value reader.align() self.CredentialManager = PVOID(reader)
def __init__(self, reader): self.UsageCount = ULONG(reader).value reader.align() self.unk0 = LIST_ENTRY(reader) self.unk1 = PVOID(reader).value self.unk2 = ULONG(reader).value # // filetime.1 ? self.unk3 = ULONG(reader).value #// filetime.2 ?(reader).value self.unk4 = PVOID(reader).value self.unk5 = PVOID(reader).value self.unk6 = PVOID(reader).value self.LocallyUniqueIdentifier = LUID(reader).value #self.unkAlign = ULONG(reader).value#ifdef _M_IX86(reader).value reader.align(8) self.unk7 = FILETIME(reader).value self.unk8 = PVOID(reader).value self.unk9 = ULONG(reader).value # // filetime.1 ?(reader).value self.unk10 = ULONG(reader).value # // filetime.2 ?(reader).value self.unk11 = PVOID(reader).value self.unk12 = PVOID(reader).value self.unk13 = PVOID(reader).value self.credentials = KIWI_GENERIC_PRIMARY_CREDENTIAL(reader) self.unk14 = ULONG(reader).value self.unk15 = ULONG(reader).value self.unk16 = ULONG(reader).value self.unk17 = ULONG(reader).value self.unk18 = PVOID(reader).value self.unk19 = PVOID(reader).value self.unk20 = PVOID(reader).value self.unk21 = PVOID(reader).value self.pKeyList = PVOID(reader) self.unk23 = PVOID(reader).value reader.align() self.Tickets_1 = LIST_ENTRY(reader) self.unk24 = FILETIME(reader).value self.Tickets_2 = LIST_ENTRY(reader) self.unk25 = FILETIME(reader).value self.Tickets_3 = LIST_ENTRY(reader) self.unk26 = FILETIME(reader).value self.SmartcardInfos = PVOID(reader)
