def getData(self): # Set the correct flags if self['ObjectType'] != '': self['Flags'] |= self.ACE_OBJECT_TYPE_PRESENT if self['InheritedObjectType'] != '': self['Flags'] |= self.ACE_INHERITED_OBJECT_TYPE_PRESENT return Structure.getData(self)
def getData(self): headerlen = 20 # Reconstruct the security descriptor # flags are currently not set automatically # TODO: do this? datalen = 0 if self['Sacl'] != '': self['OffsetSacl'] = headerlen + datalen datalen += len(self['Sacl'].getData()) else: self['OffsetSacl'] = 0 if self['Dacl'] != '': self['OffsetDacl'] = headerlen + datalen datalen += len(self['Dacl'].getData()) else: self['OffsetDacl'] = 0 if self['OwnerSid'] != '': self['OffsetOwner'] = headerlen + datalen datalen += len(self['OwnerSid'].getData()) else: self['OffsetOwner'] = 0 if self['GroupSid'] != '': self['OffsetGroup'] = headerlen + datalen datalen += len(self['GroupSid'].getData()) else: self['OffsetGroup'] = 0 return Structure.getData(self)
def getData(self): self['domain_offset'] = 64 + self.checkMIC( self["flags"]) + self.checkVersion(self["flags"]) self['user_offset'] = 64 + self.checkMIC( self["flags"]) + self.checkVersion(self["flags"]) + len( self['domain_name']) self['host_offset'] = self['user_offset'] + len(self['user_name']) self['lanman_offset'] = self['host_offset'] + len(self['host_name']) self['ntlm_offset'] = self['lanman_offset'] + len(self['lanman']) self['session_key_offset'] = self['ntlm_offset'] + len(self['ntlm']) return Structure.getData(self)
def getData(self): self['AceCount'] = len(self.aces) # We modify the data field to be able to use the # parent class parsing self['Data'] = ''.join([ace.getData() for ace in self.aces]) self['AclSize'] = len( self['Data']) + 8 # Header size (8 bytes) is included data = Structure.getData(self) # Put the ACEs back in data self['Data'] = self.aces return data
def getData(self): if RECALC_ACE_SIZE or 'AceSize' not in self.fields: self['AceSize'] = len( self['Ace'].getData()) + 4 # Header size (4 bytes) is included if self['AceSize'] % 4 != 0: # Make sure the alignment is correct self['AceSize'] += self['AceSize'] % 4 data = Structure.getData(self) # For some reason ACEs are sometimes longer than they need to be # we fill this space up with null bytes to make sure the object # we create is identical to the original object if len(data) < self['AceSize']: data += '\x00' * (self['AceSize'] - len(data)) return data
def getData(self): if len(self.fields['host_name']) > 0: self['flags'] |= NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED if len(self.fields['domain_name']) > 0: self['flags'] |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED if len(self.fields['os_version']) > 0: self['flags'] |= NTLMSSP_NEGOTIATE_VERSION if (self['flags'] & NTLMSSP_NEGOTIATE_VERSION) == NTLMSSP_NEGOTIATE_VERSION: version_len = 8 else: version_len = 0 if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED ) == NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED: self['host_offset'] = 32 + version_len if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED ) == NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED: self['domain_offset'] = 32 + len(self['host_name']) + version_len return Structure.getData(self)
def getData(self): if self['TargetInfoFields'] is not None and type( self['TargetInfoFields']) is not str: raw_av_fields = self['TargetInfoFields'].getData() self['TargetInfoFields'] = raw_av_fields return Structure.getData(self)
def getData(self): #self['AlignPad'] = '\x00' * ((8 - ((24 + SMB2_PACKET_SIZE) & 7)) & 7) #self['SecurityBufferOffset'] = 24 + SMB2_PACKET_SIZE +len(self['AlignPad']) #self['SecurityBufferLength'] += len(self['AlignPad']) return Structure.getData(self)