def __init__(self):
self.fields = OrderedDict([
('next_entry_offset', IntField(size=4)),
('file_index', IntField(size=4)),
('creation_time', DateTimeField(size=8)),
('last_access_time', DateTimeField(size=8)),
('last_write_time', DateTimeField(size=8)),
('change_time', DateTimeField(size=8)),
('end_of_file', IntField(size=8)),
('allocation_size', IntField(size=8)),
('file_attributes', FlagField(size=4, flag_type=FileAttributes)),
('file_name_length',
IntField(size=4, default=lambda s: len(s['file_name']))),
('ea_size', IntField(size=4)),
('short_name_length',
IntField(size=1, default=lambda s: len(s['short_name']))),
('reserved1', IntField(size=1)),
('short_name',
BytesField(size=lambda s: s['short_name_length'].get_value())),
('short_name_padding',
BytesField(size=lambda s: 24 - len(s['short_name']),
default=lambda s: b"\x00" *
(24 - len(s['short_name'])))),
('reserved2', IntField(size=2)), ('file_id', IntField(size=8)),
('file_name',
BytesField(size=lambda s: s['file_name_length'].get_value()))
])
super(FileIdBothDirectoryInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=33
)),
('file_information_class', EnumField(
size=1,
enum_type=FileInformationClass
)),
('flags', FlagField(
size=1,
flag_type=QueryDirectoryFlags
)),
('file_index', IntField(size=4)),
('file_id', BytesField(size=16)),
('file_name_offset', IntField(
size=2,
default=lambda s: 0 if len(s['buffer']) == 0 else 96
)),
('file_name_length', IntField(
size=2,
default=lambda s: len(s['buffer'])
)),
('output_buffer_length', IntField(size=4)),
# UTF-16-LE encoded search pattern
('buffer', BytesField(
size=lambda s: s['file_name_length'].get_value()
))
])
super(SMB2QueryDirectoryRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([('disk_file_id', IntField(size=8)),
('volume_id', IntField(size=8)),
('reserved',
BytesField(size=16,
default=b"\x00" * 16))])
super(SMB2CreateQueryOnDiskIDResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([('structure_size',
IntField(size=2, default=24)),
('reserved1', IntField(size=2)),
('reserved2', IntField(size=4)),
('file_id', BytesField(size=16))])
super(SMB2FlushRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=9,
)),
('error_context_count',
IntField(
size=1,
default=lambda s: len(s['error_data'].get_value()),
)),
('reserved', IntField(size=1)),
('byte_count',
IntField(
size=4,
default=lambda s: len(s['error_data']),
)),
('error_data',
ListField(
size=lambda s: s['byte_count'].get_value(),
list_count=lambda s: s['error_context_count'].get_value(),
list_type=StructureField(
structure_type=SMB2ErrorContextResponse),
unpack_func=lambda s, d: self._error_data_value(s, d))),
])
super(SMB2ErrorResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([('lease_key', BytesField(size=16)),
('lease_state',
FlagField(size=4, flag_type=LeaseState)),
('lease_flags', IntField(size=4)),
('lease_duration', IntField(size=8))])
super(SMB2CreateRequestLease, self).__init__()
def __init__(self):
self.fields = OrderedDict([
# timeout is in milliseconds
('timeout', IntField(size=4)),
('reserved', IntField(size=4))
])
super(SMB2SrvNetworkResiliencyRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=24)),
('flags', FlagField(size=2, flag_type=CloseFlags)),
('reserved', IntField(size=4)), ('file_id', BytesField(size=16))
])
super(SMB2CloseRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('max_referral_level', IntField(size=2, default=4)),
('request_flags',
FlagField(size=2, flag_type=DFSReferralRequestFlags)),
('request_data_length',
IntField(
size=4,
default=lambda s: 4 + s['request_file_name_length'].get_value(
) + s['site_name_length'].get_value(),
)),
('request_file_name_length',
IntField(
size=2,
default=lambda s: len(s['request_file_name']),
)),
('request_file_name',
TextField(
null_terminated=True,
size=lambda s: s['request_file_name_length'].get_value(),
)),
('site_name_length',
IntField(
size=2,
default=lambda s: len(s['site_name']),
)),
('site_name',
TextField(
null_terminated=True,
size=lambda s: s['site_name_length'].get_value(),
)),
])
super(DFSReferralRequestEx, self).__init__()
def __init__(self):
self.fields = OrderedDict([('structure_size',
IntField(
size=2,
default=4,
)), ('reserved', IntField(size=2))])
super(SMB2TreeDisconnect, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version', IntField(
size=4,
default=1
)),
('has_initiator_id', BoolField(
size=1,
default=lambda s: len(s['initiator_host_name']) > 0
)),
('reserved', BytesField(
size=3,
default=b"\x00\x00\x00"
)),
('initiator_id', UuidField(size=16)),
('flags', IntField(size=4)),
('originator_flags', EnumField(
size=4,
enum_type=SVHDXOriginatorFlags
)),
('open_request_id', IntField(size=8)),
('initiator_host_name_length', IntField(
size=2,
default=lambda s: len(s['initiator_host_name'])
)),
# utf-16-le encoded string
('initiator_host_name', BytesField(
size=lambda s: s['initiator_host_name_length'].get_value()
))
])
super(SMB2SVHDXOpenDeviceContextResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('protocol_id', BytesField(
size=4,
default=b"\xfeSMB",
)),
('structure_size', IntField(
size=2,
default=64,
)),
('credit_charge', IntField(size=2)),
('channel_sequence', IntField(size=2)),
('reserved', IntField(size=2)),
('command', EnumField(
size=2,
enum_type=Commands
)),
('credit_request', IntField(size=2)),
('flags', FlagField(
size=4,
flag_type=Smb2Flags,
)),
('next_command', IntField(size=4)),
('message_id', IntField(size=8)),
('process_id', IntField(size=4)),
('tree_id', IntField(size=4)),
('session_id', IntField(size=8)),
('signature', BytesField(
size=16,
default=b"\x00" * 16,
)),
('data', BytesField())
])
super(SMB2HeaderRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=9,
)),
('session_flags', FlagField(
size=2,
flag_type=SessionFlags,
)),
(
'security_buffer_offset',
IntField(
size=2,
default=72, # (header size 64) + (response size 8)
)),
('security_buffer_length',
IntField(
size=2,
default=lambda s: len(s['buffer']),
)),
('buffer',
BytesField(
size=lambda s: s['security_buffer_length'].get_value(), ))
])
super(SMB2SessionSetupResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
# 0 if no more entries, otherwise offset after ea_value
('next_entry_offset', IntField(size=4)),
('flags', FlagField(
size=1,
flag_type=EAFlags
)),
('ea_name_length', IntField(
size=1,
default=lambda s: len(s['ea_name']) - 1 # minus \x00
)),
('ea_value_length', IntField(
size=2,
default=lambda s: len(s['ea_value'])
)),
# ea_name is ASCII byte encoded and needs a null terminator '\x00'
('ea_name', BytesField(
size=lambda s: s['ea_name_length'].get_value() + 1
)),
('ea_value', BytesField(
size=lambda s: s['ea_value_length'].get_value()
)),
# not actually a field but each list entry must start at the 4 byte
# alignment
('padding', BytesField(
size=lambda s: self._padding_size(s),
default=lambda s: b"\x00" * self._padding_size(s)
))
])
super(SMB2CreateEABuffer, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('int_field', IntField(size=4)),
('bytes_field', BytesField(size=2)),
('var_field',
BytesField(size=lambda s: s['int_field'].get_value(), )),
('default_field', IntField(
size=2,
default=b"\x01a",
)),
('list_field',
ListField(
list_count=lambda s: s['int_field'].get_value(),
list_type=BytesField(size=8),
size=lambda s: s['int_field'].get_value() * 8,
)),
('structure_length',
IntField(
size=2,
little_endian=False,
default=lambda s: len(s['structure_field']),
)),
('structure_field',
StructureField(
size=lambda s: s['structure_length'].get_value(),
structure_type=Structure2,
)),
])
super(Structure1, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=24)),
('reserved', IntField(size=2)), ('padding', IntField(size=4)),
('app_instance_version_high', IntField(size=8)),
('app_instance_version_low', IntField(size=8))
])
super(SMB2CreateAppInstanceVersion, self).__init__()
def __init__(self):
# TODO: validate this further when working with actual snapshots
self.fields = OrderedDict([('number_of_snapshots', IntField(size=4)),
('number_of_snapshots_returned',
IntField(size=4)),
('snapshot_array_size', IntField(size=4)),
('snapshots', BytesField())])
super(SMB2SrvSnapshotArray, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('process_id', IntField(size=4)),
('comp_name_length',
IntField(size=4, default=lambda s: int(len(s['comp_name']) / 2))),
('comp_name',
BytesField(size=lambda s: s['comp_name_length'].get_value() * 2))
])
super(PAExecStartBuffer, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('total_allocation_units', IntField(size=8, unsigned=False)),
('caller_available_units', IntField(size=8, unsigned=False)),
('actual_available_units', IntField(size=8, unsigned=False)),
('sectors_per_unit', IntField(size=4)),
('bytes_per_sector', IntField(size=4)),
])
super(FileFsFullSizeInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
# timeout in milliseconds
('timeout', IntField(size=4)),
('flags', FlagField(size=4, flag_type=DurableHandleFlags)),
('reserved', IntField(size=8)),
('create_guid', UuidField(size=16))
])
super(SMB2CreateDurableHandleRequestV2, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=4
)),
('reserved', IntField(size=2))
])
super(SMB2FlushResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(
size=2,
default=20
)),
('reserved', IntField(size=2)),
('app_instance_id', BytesField(size=16))
])
super(SMB2CreateAppInstanceId, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('lease_key', BytesField(size=16)),
('lease_state', FlagField(size=4, flag_type=LeaseState)),
('flags', FlagField(size=4, flag_type=LeaseResponseFlags)),
('lease_duration', IntField(size=8)),
('parent_lease_key', BytesField(size=16)),
('epoch', IntField(size=2)), ('reserved', IntField(size=2))
])
super(SMB2CreateResponseLeaseV2, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('msg_id', EnumField(size=2, enum_type=PAExecMsgId)),
('unique_id', IntField(size=4)),
('buffer_length',
IntField(size=4, default=lambda s: len(s['buffer']))),
('buffer',
BytesField(size=lambda s: s['buffer_length'].get_value()))
])
super(PAExecMsg, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('next_entry_offset', IntField(size=4)),
('file_index', IntField(size=4)),
('file_name_length',
IntField(size=4, default=lambda s: len(s['file_name']))),
('file_name',
BytesField(size=lambda s: s['file_name_length'].get_value()))
])
super(FileNamesInformation, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('version_number', IntField(size=2, default=1)),
('size', IntField(size=2)),
('server_type', EnumField(size=2, enum_type=DFSServerTypes)),
('referral_entry_flags',
FlagField(size=2, flag_type=DFSReferralEntryFlags)),
('share_name', TextField(null_terminated=True)),
])
super(DFSReferralEntryV1, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=57)),
('reserved', IntField(size=2, default=0)),
('ctl_code', EnumField(
size=4,
enum_type=CtlCode,
)), ('file_id', BytesField(size=16)),
('input_offset',
IntField(size=4, default=lambda s: self._buffer_offset_value(s))),
('input_count',
IntField(
size=4,
default=lambda s: len(s['buffer']),
)), ('max_input_response', IntField(size=4)),
('output_offset',
IntField(size=4, default=lambda s: self._buffer_offset_value(s))),
('output_count', IntField(size=4, default=0)),
('max_output_response', IntField(size=4)),
('flags', EnumField(
size=4,
enum_type=IOCTLFlags,
)), ('reserved2', IntField(size=4, default=0)),
('buffer', BytesField(size=lambda s: s['input_count'].get_value()))
])
super(SMB2IOCTLRequest, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('structure_size', IntField(size=2, default=9)),
('output_buffer_offset', IntField(size=2, default=72)),
('output_buffer_length',
IntField(size=4, default=lambda s: len(s['buffer']))),
# this structure varies based on the requested information class
('buffer',
BytesField(size=lambda s: s['output_buffer_length'].get_value()))
])
super(SMB2QueryDirectoryResponse, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('msg_id',
EnumField(size=2,
default=PAExecMsgId.MSGID_SETTINGS,
enum_type=PAExecMsgId)),
('xor_val', IntField(size=4, default=os.urandom(4))),
('unique_id', IntField(size=4)), ('buffer_len', IntField(size=4)),
('buffer', StructureField(structure_type=PAExecSettingsBuffer))
])
super(PAExecSettingsMsg, self).__init__()
def __init__(self):
self.fields = OrderedDict([
('filename_len',
IntField(size=4, default=lambda s: int(len(s['filename']) / 2))),
('filename',
BytesField(size=lambda s: s['filename_len'].get_value() * 2)),
('file_last_write', DateTimeField(size=8)),
('file_version_ls', IntField(size=4)),
('file_version_ms', IntField(size=4)),
('copy_file', BoolField(size=1))
])
super(PAExecFileInfo, self).__init__()
