def generate_tree_connect_andx_response(disassembled_netbios_part, disassembled_smb_header): tree_con_andxsponse_smb_header = toolkit_smb_header(disassembled_smb_header, "\x75") tree_con_andxsponse_nsponse = toolkit_tree_connect_andx_response() # cmd=negotiate; flags; tree_id=65535; process_id=65270; user_id=0x0000; multiplex_id=0x0000 # user_id = not mistake; multiplex_id = multiplex_id last packet, this is just a guess tree_con_andxsponse_netbios = netbios.toolkit(tree_con_andxsponse_smb_header+tree_con_andxsponse_nsponse) tree_con_andxsponse = tree_con_andxsponse_netbios+tree_con_andxsponse_smb_header+tree_con_andxsponse_nsponse return tree_con_andxsponse
def generate_MS10_020(disassembled_netbios_part, disassembled_smb_header):
MS10_020_smb_header = toolkit_smb_header(disassembled_smb_header, "\x32")
MS10_020_inner = MS10_020()
MS10_020_netbios = netbios.toolkit(MS10_020_smb_header+MS10_020_inner)
return MS10_020_netbios+MS10_020_smb_header+MS10_020_inner
def generate_nt_create_andx_response(disassembled_netbios_part, disassembled_smb_header, disassembled_tree_connect_andx_request):
nt_create_andx_smb_header = toolkit_smb_header(disassembled_smb_header, "\xa2")
nt_create_andx_response = toolkit_nt_create_andx_response(disassembled_tree_connect_andx_request)
nt_create_andx_netbios = netbios.toolkit(nt_create_andx_smb_header+nt_create_andx_response)
return nt_create_andx_netbios+nt_create_andx_smb_header+nt_create_andx_response
def generate_logoff_andx_response(disassembled_netbios_part, disassembled_smb_header): logoff_andx_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x74") logoff_andx_response = toolkit_logoff_andx_response() logoff_andx_response_netbios = netbios.toolkit(logoff_andx_response_smb_header+logoff_andx_response)
def generate_tree_disconnect_response(disassembled_netbios_part, disassembled_smb_header): tree_disconnect_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x71") tree_disconnect_response = toolkit_tree_disconnect_response() tree_con_andxsponse_netbios = netbios.toolkit(tree_disconnect_response_smb_header+tree_disconnect_response) return tree_con_andxsponse_netbios+tree_disconnect_response_smb_header+tree_disconnect_response
def generate_session_setup_andx_response(disassembled_netbios_part, disassembled_smb_header): session_setup_andx_response_smb_header = toolkit_smb_header(disassembled_smb_header, "\x73") session_setup_andx_response = toolkit_session_setup_andx_response() session_setup_andx_response_netbios = netbios.toolkit(session_setup_andx_response_smb_header+session_setup_andx_response) return session_setup_andx_response_netbios+session_setup_andx_response_smb_header+session_setup_andx_response
def generate_nego_proto_resp(disassembled_netbios_part, disassembled_smb_header): nsponse_smb_header = toolkit_smb_header(disassembled_smb_header, "\x72") nsponse_nsponse = toolkit_negotiate_response() nsponse_netbios = netbios.toolkit(nsponse_smb_header+nsponse_nsponse) negoResponse = nsponse_netbios+nsponse_smb_header+nsponse_nsponse return negoResponse
def generate_trans2_response(disassembled_netbios_part, disassembled_smb_header):
trans2_smb_header = toolkit_smb_header(disassembled_smb_header, "\x32")
trans2_inner = toolkit_trans2_response()
trans2_netbios = netbios.toolkit(trans2_smb_header+trans2_inner)
trans2Response = trans2_netbios+trans2_smb_header+trans2_inner
return trans2Response
def close_response(disassembled_netbios_part, disassembled_smb_header):
close_smb_header = toolkit_smb_header(disassembled_smb_header, "\x04")
close_inner = "\x00\x00\x00"
close_netbios = netbios.toolkit(close_smb_header+close_inner)
close_response = close_netbios+close_smb_header+close_inner
return close_response
