Class: Rex::Proto::SMB::Constants

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/proto/smb/constants.rb

Constant Summary collapse

SMB_COM_CREATE_DIRECTORY =

SMB Commands

0x00
SMB_COM_DELETE_DIRECTORY =
0x01
SMB_COM_OPEN =
0x02
SMB_COM_CREATE =
0x03
SMB_COM_CLOSE =
0x04
SMB_COM_FLUSH =
0x05
SMB_COM_DELETE =
0x06
SMB_COM_RENAME =
0x07
SMB_COM_QUERY_INFORMATION =
0x08
SMB_COM_SET_INFORMATION =
0x09
SMB_COM_READ =
0x0a
SMB_COM_WRITE =
0x0b
SMB_COM_LOCK_BYTE_RANGE =
0x0c
SMB_COM_UNLOCK_BYTE_RANGE =
0x0d
SMB_COM_CREATE_TEMPORARY =
0x0e
SMB_COM_CREATE_NEW =
0x0f
SMB_COM_CHECK_DIRECTORY =
0x10
SMB_COM_PROCESS_EXIT =
0x11
SMB_COM_SEEK =
0x12
SMB_COM_LOCK_AND_READ =
0x13
SMB_COM_WRITE_AND_UNLOCK =
0x14
SMB_COM_READ_RAW =
0x1a
SMB_COM_READ_MPX =
0x1b
SMB_COM_READ_MPX_SECONDARY =
0x1c
SMB_COM_WRITE_RAW =
0x1d
SMB_COM_WRITE_MPX =
0x1e
SMB_COM_WRITE_MPX_SECONDARY =
0x1f
SMB_COM_WRITE_COMPLETE =
0x20
SMB_COM_QUERY_SERVER =
0x21
SMB_COM_SET_INFORMATION2 =
0x22
SMB_COM_QUERY_INFORMATION2 =
0x23
SMB_COM_LOCKING_ANDX =
0x24
SMB_COM_TRANSACTION =
0x25
SMB_COM_TRANSACTION_SECONDARY =
0x26
SMB_COM_IOCTL =
0x27
SMB_COM_IOCTL_SECONDARY =
0x28
SMB_COM_COPY =
0x29
SMB_COM_MOVE =
0x2a
SMB_COM_ECHO =
0x2b
SMB_COM_WRITE_AND_CLOSE =
0x2c
SMB_COM_OPEN_ANDX =
0x2d
SMB_COM_READ_ANDX =
0x2e
SMB_COM_WRITE_ANDX =
0x2f
SMB_COM_NEW_FILE_SIZE =
0x30
SMB_COM_CLOSE_AND_TREE_DISC =
0x31
SMB_COM_TRANSACTION2 =
0x32
SMB_COM_TRANSACTION2_SECONDARY =
0x33
SMB_COM_FIND_CLOSE2 =
0x34
SMB_COM_FIND_NOTIFY_CLOSE =
0x35
SMB_COM_TREE_CONNECT =
0x70
SMB_COM_TREE_DISCONNECT =
0x71
SMB_COM_NEGOTIATE =
0x72
SMB_COM_SESSION_SETUP_ANDX =
0x73
SMB_COM_LOGOFF_ANDX =
0x74
SMB_COM_TREE_CONNECT_ANDX =
0x75
SMB_COM_QUERY_INFORMATION_DISK =
0x80
SMB_COM_SEARCH =
0x81
SMB_COM_FIND =
0x82
SMB_COM_FIND_UNIQUE =
0x83
SMB_COM_FIND_CLOSE =
0x84
SMB_COM_NT_TRANSACT =
0xa0
SMB_COM_NT_TRANSACT_SECONDARY =
0xa1
SMB_COM_NT_CREATE_ANDX =
0xa2
SMB_COM_NT_CANCEL =
0xa4
SMB_COM_NT_RENAME =
0xa5
SMB_COM_OPEN_PRINT_FILE =
0xc0
SMB_COM_WRITE_PRINT_FILE =
0xc1
SMB_COM_CLOSE_PRINT_FILE =
0xc2
SMB_COM_GET_PRINT_QUEUE =
0xc3
SMB_COM_READ_BULK =
0xd8
SMB_COM_WRITE_BULK =
0xd9
SMB_COM_NO_ANDX_COMMAND =
0xff
SMB2_OP_NEGPROT =

SMB Version 2 Commands

0x00
SMB2_OP_SESSSETUP =
0x01
SMB2_OP_LOGOFF =
0x02
SMB2_OP_TCON =
0x03
SMB2_OP_TDIS =
0x04
SMB2_OP_CREATE =
0x05
SMB2_OP_CLOSE =
0x06
SMB2_OP_FLUSH =
0x07
SMB2_OP_READ =
0x08
SMB2_OP_WRITE =
0x09
SMB2_OP_LOCK =
0x0a
SMB2_OP_IOCTL =
0x0b
SMB2_OP_CANCEL =
0x0c
SMB2_OP_KEEPALIVE =
0x0d
SMB2_OP_FIND =
0x0e
SMB2_OP_NOTIFY =
0x0f
SMB2_OP_GETINFO =
0x10
SMB2_OP_SETINFO =
0x11
SMB2_OP_BREAK =
0x12
NT_TRANSACT_CREATE =

SMB_COM_NT_TRANSACT Subcommands

1
NT_TRANSACT_IOCTL =
2
NT_TRANSACT_SET_SECURITY_DESC =
3
NT_TRANSACT_NOTIFY_CHANGE =
4
NT_TRANSACT_RENAME =
5
NT_TRANSACT_QUERY_SECURITY_DESC =
6
NT_TRANSACT_GET_USER_QUOTA =
7
NT_TRANSACT_SET_USER_QUOTA =

File open/create Device IOCTL Set security descriptor Start directory watch Reserved (Handle-based) Retrieve security Get quota Set quota

8
OPEN_MODE_CREAT =

Open Modes

0x10
OPEN_MODE_EXCL =
0x00
OPEN_MODE_OPEN =
0x01
OPEN_MODE_TRUNC =

Create the file if file does not exists. Otherwise, operation fails. When used with SMB_O_CREAT, operation fails if file exists. Cannot be used with SMB_O_OPEN. Open the file if the file exists Truncate the file if the file exists

0x02
OPEN_SHARE_COMPAT =

Shared Access

0x00
OPEN_SHARE_DENY_EXCL =
0x10
OPEN_SHARE_DENY_WRITE =
0x20
OPEN_SHARE_DENY_READEXEC =
0x30
OPEN_SHARE_DENY_NONE =
0x40
OPEN_ACCESS_READ =

File Access

0x00
OPEN_ACCESS_WRITE =
0x01
OPEN_ACCESS_READWRITE =
0x02
OPEN_ACCESS_EXEC =
0x03
CREATE_ACCESS_SUPERSEDE =

Create Disposition

0x00
CREATE_ACCESS_EXIST =
0x01
CREATE_ACCESS_CREATE =
0x02
CREATE_ACCESS_OPENCREATE =
0x03
CREATE_ACCESS_OVEREXIST =
0x04
CREATE_ACCESS_OVERCREATE =

Replace any previously existing file Open existing file and fail if it does not exist Create the file, fail if it already exists Open existing file or create it if it does not exist Overwrite existing file and fail if it does not exist Overwrite existing file or create it if it does not exist

0x05
NETBIOS_REDIR =

Wildcard NetBIOS name

'CACACACACACACACACACACACACACACAAA'
TRANS2_OPEN2 =

SMB_COM_TRANSACTION2 Commands

0
TRANS2_FIND_FIRST2 =
1
TRANS2_FIND_NEXT2 =
2
TRANS2_QUERY_FS_INFO =
3
TRANS2_SET_PATH_INFO =
6
TRANS2_CREATE_DIRECTORY =
13
SMB_INFO_ALLOCATION =

SMB_COM_TRANSACTION2 QUERY_FS_INFO information levels

1
SMB_INFO_VOLUME =
2
SMB_QUERY_FS_VOLUME_INFO =
0x102
SMB_QUERY_FS_SIZE_INFO =
0x103
SMB_QUERY_FS_DEVICE_INFO =
0x104
SMB_QUERY_FS_ATTRIBUTE_INFO =
0x105
SMB_INFO_STANDARD =

SMB_COM_TRANSACTION2 QUERY_PATH_INFO information levels

1
SMB_INFO_QUERY_EA_SIZE =
2
SMB_INFO_QUERY_EAS_FROM_LIST =
3
SMB_INFO_QUERY_ALL_EAS =
4
SMB_INFO_IS_NAME_VALID =
6
SMB_QUERY_FILE_BASIC_INFO =
0x101
SMB_QUERY_FILE_STANDARD_INFO =
0x102
SMB_QUERY_FILE_EA_INFO =
0x103
SMB_QUERY_FILE_NAME_INFO =
0x104
SMB_QUERY_FILE_ALL_INFO =
0x107
SMB_QUERY_FILE_ALT_NAME_INFO =
0x108
SMB_QUERY_FILE_STREAM_INFO =
0x109
SMB_QUERY_FILE_COMPRESSION_INFO =
0x10B
SMB_QUERY_FILE_UNIX_BASIC =
0x200
0x201
SMB_INFO_PASSTHROUGH =
0x1000
FILE_DEVICE_BEEP =

Device Types

0x00000001
FILE_DEVICE_CD_ROM =
0x00000002
FILE_DEVICE_CD_ROM_FILE_SYSTEM =
0x00000003
FILE_DEVICE_CONTROLLER =
0x00000004
0x00000005
FILE_DEVICE_DFS =
0x00000006
FILE_DEVICE_DISK =
0x00000007
FILE_DEVICE_DISK_FILE_SYSTEM =
0x00000008
FILE_DEVICE_FILE_SYSTEM =
0x00000009
FILE_DEVICE_INPORT_PORT =
0x0000000A
FILE_DEVICE_KEYBOARD =
0x0000000B
FILE_DEVICE_MAILSLOT =
0x0000000C
FILE_DEVICE_MIDI_IN =
0x0000000D
FILE_DEVICE_MIDI_OUT =
0x0000000E
FILE_DEVICE_MOUSE =
0x0000000F
FILE_DEVICE_MULTI_UNC_PROVIDER =
0x00000010
FILE_DEVICE_NAMED_PIPE =
0x00000011
FILE_DEVICE_NETWORK =
0x00000012
FILE_DEVICE_NETWORK_BROWSER =
0x00000013
FILE_DEVICE_NETWORK_FILE_SYSTEM =
0x00000014
FILE_DEVICE_NULL =
0x00000015
FILE_DEVICE_PARALLEL_PORT =
0x00000016
FILE_DEVICE_PHYSICAL_NETCARD =
0x00000017
FILE_DEVICE_PRINTER =
0x00000018
FILE_DEVICE_SCANNER =
0x00000019
FILE_DEVICE_SERIAL_MOUSE_PORT =
0x0000001A
FILE_DEVICE_SERIAL_PORT =
0x0000001B
FILE_DEVICE_SCREEN =
0x0000001C
FILE_DEVICE_SOUND =
0x0000001D
FILE_DEVICE_STREAMS =
0x0000001E
FILE_DEVICE_TAPE =
0x0000001F
FILE_DEVICE_TAPE_FILE_SYSTEM =
0x00000020
FILE_DEVICE_TRANSPORT =
0x00000021
FILE_DEVICE_UNKNOWN =
0x00000022
FILE_DEVICE_VIDEO =
0x00000023
FILE_DEVICE_VIRTUAL_DISK =
0x00000024
FILE_DEVICE_WAVE_IN =
0x00000025
FILE_DEVICE_WAVE_OUT =
0x00000026
FILE_DEVICE_8042_PORT =
0x00000027
FILE_DEVICE_NETWORK_REDIRECTOR =
0x00000028
FILE_DEVICE_BATTERY =
0x00000029
FILE_DEVICE_BUS_EXTENDER =
0x0000002A
FILE_DEVICE_MODEM =
0x0000002B
FILE_DEVICE_VDM =
0x0000002C
FILE_REMOVABLE_MEDIA =

File and Device Attributes

0x00000001
FILE_READ_ONLY_DEVICE =
0x00000002
FILE_FLOPPY_DISKETTE =
0x00000004
FILE_WRITE_ONE_MEDIA =
0x00000008
FILE_REMOTE_DEVICE =
0x00000010
FILE_DEVICE_IS_MOUNTED =
0x00000020
FILE_VIRTUAL_VOLUME =
0x00000040
FILE_CASE_SENSITIVE_SEARCH =
0x00000001
FILE_CASE_PRESERVED_NAMES =
0x00000002
FILE_PERSISTENT_ACLS =
0x00000004
FILE_FILE_COMPRESSION =
0x00000008
FILE_VOLUME_QUOTAS =
0x00000010
FILE_VOLUME_IS_COMPRESSED =
0x00008000
SMB_STATUS_SUCCESS =

SMB Error Codes

0x00000000
SMB_ERROR_BUFFER_OVERFLOW =
0x80000005
SMB_STATUS_MORE_PROCESSING_REQUIRED =
0xC0000016
SMB_STATUS_ACCESS_DENIED =
0xC0000022
SMB_STATUS_LOGON_FAILURE =
0xC000006D
DIALECT =

SMB Dialect Compatibility

{}
NBRAW_HDR_PKT =

A raw NetBIOS session template

Rex::Struct2::CStructTemplate.new(
  [ 'string', 'Payload', nil, '']
)
NBRAW_PKT =
self.make_nbs(NBRAW_HDR_PKT)
SMB_HDR =

The SMB header template

Rex::Struct2::CStructTemplate.new(
  [ 'uint32n', 'Magic',             0xff534d42 ],
  [ 'uint8',   'Command',           0 ],
  [ 'uint32v', 'ErrorClass',        0 ],
  [ 'uint8',   'Flags1',            0 ],
  [ 'uint16v', 'Flags2',            0 ],
  [ 'uint16v', 'ProcessIDHigh',     0 ],
  [ 'uint32v', 'Signature1',        0 ],
  [ 'uint32v', 'Signature2',        0 ],
  [ 'uint16v', 'Reserved1',         0 ],
  [ 'uint16v', 'TreeID',            0 ],
  [ 'uint16v', 'ProcessID',         0 ],
  [ 'uint16v', 'UserID',            0 ],
  [ 'uint16v', 'MultiplexID',       0 ],
  [ 'uint8',   'WordCount',         0 ]
)
SMB2_HDR =

The SMB2 header template

Rex::Struct2::CStructTemplate.new(
  [ 'uint32n', 'Magic',             0xfe534d42 ],
  [ 'uint16v', 'HeaderLen',         64 ],
  [ 'uint16v', 'Reserved0',         0 ],
  [ 'uint32v', 'NTStatus',          0 ],

  [ 'uint16v', 'Opcode',            0 ],
  [ 'uint16v', 'Reserved1',         0 ],

  [ 'uint16v', 'Flags1',            0 ],
  [ 'uint16v', 'Flags2',            0 ],

  [ 'uint32v', 'ChainOffset',       0 ],

  [ 'uint32v', 'SequenceHigh',      0 ],
  [ 'uint32v', 'SequenceLow',       0 ],

  [ 'uint32v', 'ProcessID',         0 ],
  [ 'uint32v', 'TreeID',            0 ],
  [ 'uint32v', 'UserIDHigh',        0 ],
  [ 'uint32v', 'UserIDLow',         0 ],

  [ 'uint32v', 'SignatureA',        0 ],
  [ 'uint32v', 'SignatureB',        0 ],
  [ 'uint32v', 'SignatureC',        0 ],
  [ 'uint32v', 'SignatureD',        0 ],
  [ 'string',  'Payload', nil,      '']
)
SMB_BASE_HDR_PKT =

A basic SMB template to read all responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_BASE_PKT =
self.make_nbs(SMB_BASE_HDR_PKT)
SMB_NEG_HDR_PKT =

A SMB template for SMB Dialect negotiation

Rex::Struct2::CStructTemplate.new(

  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_NEG_PKT =
self.make_nbs(SMB_NEG_HDR_PKT)
SMB_NEG_RES_LM_HDR_PKT =

A SMB template for SMB Dialect negotiation responses (LANMAN)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'Dialect',              0 ],
  [ 'uint16v', 'SecurityMode',         0 ],
  [ 'uint16v', 'MaxBuff',              0 ],
  [ 'uint16v', 'MaxMPX',               0 ],
  [ 'uint16v', 'MaxVCS',               0 ],
  [ 'uint16v', 'RawMode',              0 ],
  [ 'uint32v', 'SessionKey',           0 ],
  [ 'uint16v', 'DosTime',              0 ],
  [ 'uint16v', 'DosDate',              0 ],
  [ 'uint16v', 'Timezone',             0 ],
  [ 'uint16v', 'KeyLength',            0 ],
  [ 'uint16v', 'Reserved1',            0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'EncryptionKey', nil,  '' ]
).create_restraints(
  [ 'EncryptionKey', 'ByteCount',  nil, true ]
)
SMB_NEG_RES_LM_PKT =
self.make_nbs(SMB_NEG_RES_LM_HDR_PKT)
SMB_NEG_RES_NT_HDR_PKT =

A SMB template for SMB Dialect negotiation responses (NTLM)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'Dialect',              0 ],
  [ 'uint8',   'SecurityMode',         0 ],
  [ 'uint16v', 'MaxMPX',               0 ],
  [ 'uint16v', 'MaxVCS',               0 ],
  [ 'uint32v', 'MaxBuff',              0 ],
  [ 'uint32v', 'MaxRaw',               0 ],
  [ 'uint32v', 'SessionKey',           0 ],
  [ 'uint32v', 'Capabilities',         0 ],
  [ 'uint32v', 'SystemTimeLow',        0 ],
  [ 'uint32v', 'SystemTimeHigh',       0 ],
  [ 'uint16v', 'ServerTimeZone',       0 ],
  [ 'uint8',   'KeyLength',            0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_NEG_RES_NT_PKT =
self.make_nbs(SMB_NEG_RES_NT_HDR_PKT)
SMB_NEG_RES_ERR_HDR_PKT =

A SMB template for SMB Dialect negotiation responses (ERROR)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'Dialect',              0 ],
  [ 'uint16v', 'ByteCount',            0 ]
)
SMB_NEG_RES_ERR_PKT =
self.make_nbs(SMB_NEG_RES_ERR_HDR_PKT)
SMB_SETUP_RES_HDR_PKT =

A SMB template for SMB Session Setup responses (LANMAN/NTLMV1)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'Action',               0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_SETUP_RES_PKT =
self.make_nbs(SMB_SETUP_RES_HDR_PKT)
SMB_SETUP_LANMAN_HDR_PKT =

A SMB template for SMB Session Setup requests (LANMAN)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'MaxBuff',              0 ],
  [ 'uint16v', 'MaxMPX',               0 ],
  [ 'uint16v', 'VCNum',                0 ],
  [ 'uint32v', 'SessionKey',           0 ],
  [ 'uint16v', 'PasswordLen',          0 ],
  [ 'uint32v', 'Reserved2',            0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_SETUP_LANMAN_PKT =
self.make_nbs(SMB_SETUP_LANMAN_HDR_PKT)
SMB_SETUP_NTLMV1_HDR_PKT =

A SMB template for SMB Session Setup requests (NTLMV1)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'MaxBuff',              0 ],
  [ 'uint16v', 'MaxMPX',               0 ],
  [ 'uint16v', 'VCNum',                0 ],
  [ 'uint32v', 'SessionKey',           0 ],
  [ 'uint16v', 'PasswordLenLM',        0 ],
  [ 'uint16v', 'PasswordLenNT',        0 ],
  [ 'uint32v', 'Reserved2',            0 ],
  [ 'uint32v', 'Capabilities',         0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_SETUP_NTLMV1_PKT =
self.make_nbs(SMB_SETUP_NTLMV1_HDR_PKT)
SMB_SETUP_NTLMV2_HDR_PKT =

A SMB template for SMB Session Setup requests (When extended security is being used)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'MaxBuff',              0 ],
  [ 'uint16v', 'MaxMPX',               0 ],
  [ 'uint16v', 'VCNum',                0 ],
  [ 'uint32v', 'SessionKey',           0 ],
  [ 'uint16v', 'SecurityBlobLen',      0 ],
  [ 'uint32v', 'Reserved2',            0 ],
  [ 'uint32v', 'Capabilities',         0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_SETUP_NTLMV2_PKT =
self.make_nbs(SMB_SETUP_NTLMV2_HDR_PKT)
SMB_SETUP_NTLMV2_RES_HDR_PKT =

A SMB template for SMB Session Setup responses (When extended security is being used)

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'Action',               0 ],
  [ 'uint16v', 'SecurityBlobLen',      0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_SETUP_NTLMV2_RES_PKT =
self.make_nbs(SMB_SETUP_NTLMV2_RES_HDR_PKT)
SMB_TREE_CONN_HDR_PKT =

A SMB template for SMB Tree Connect requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'Flags',                0 ],
  [ 'uint16v', 'PasswordLen',          0 ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_TREE_CONN_PKT =
self.make_nbs(SMB_TREE_CONN_HDR_PKT)
SMB_TREE_CONN_RES_HDR_PKT =

A SMB template for SMB Tree Connect requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',   'AndX',                 0 ],
  [ 'uint8',   'Reserved1',            0 ],
  [ 'uint16v', 'AndXOffset',           0 ],
  [ 'uint16v', 'OptionalSupport',      0 ],
  [ 'string',  'SupportWords', nil,   '' ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_TREE_CONN_RES_PKT =
self.make_nbs(SMB_TREE_CONN_RES_HDR_PKT)
SMB_TREE_DISCONN_HDR_PKT =

A SMB template for SMB Tree Disconnect requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_TREE_DISCONN_PKT =
self.make_nbs(SMB_TREE_DISCONN_HDR_PKT)
SMB_TREE_DISCONN_RES_HDR_PKT =

A SMB template for SMB Tree Disconnect requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v', 'ByteCount',            0 ],
  [ 'string',  'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_TREE_DISCONN_RES_PKT =
self.make_nbs(SMB_TREE_DISCONN_RES_HDR_PKT)
SMB_TRANS_HDR_PKT =

A SMB template for SMB Transaction requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'ParamCountTotal',     0 ],
  [ 'uint16v',  'DataCountTotal',      0 ],
  [ 'uint16v',  'ParamCountMax',       0 ],
  [ 'uint16v',  'DataCountMax',        0 ],
  [ 'uint8',    'SetupCountMax',       0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'Flags',               0 ],
  [ 'uint32v',  'Timeout',             0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint16v',  'ParamCount',          0 ],
  [ 'uint16v',  'ParamOffset',         0 ],
  [ 'uint16v',  'DataCount',           0 ],
  [ 'uint16v',  'DataOffset',          0 ],
  [ 'uint8',    'SetupCount',          0 ],
  [ 'uint8',    'Reserved3',           0 ],
  [ 'string',   'SetupData', nil,     '' ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_TRANS_PKT =
self.make_nbs(SMB_TRANS_HDR_PKT)
SMB_TRANS_RES_HDR_PKT =

A SMB template for SMB Transaction responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'ParamCountTotal',     0 ],
  [ 'uint16v',  'DataCountTotal',      0 ],
  [ 'uint16v',  'Reserved1',           0 ],
  [ 'uint16v',  'ParamCount',          0 ],
  [ 'uint16v',  'ParamOffset',         0 ],
  [ 'uint16v',  'ParamDisplace',       0 ],
  [ 'uint16v',  'DataCount',           0 ],
  [ 'uint16v',  'DataOffset',          0 ],
  [ 'uint16v',  'DataDisplace',        0 ],
  [ 'uint8',    'SetupCount',          0 ],
  [ 'uint8',    'Reserved2',           0 ],
  [ 'string',   'SetupData', nil,     '' ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_TRANS_RES_PKT =
self.make_nbs(SMB_TRANS_RES_HDR_PKT)
SMB_TRANS2_HDR_PKT =

A SMB template for SMB Transaction2 requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'ParamCountTotal',     0 ],
  [ 'uint16v',  'DataCountTotal',      0 ],
  [ 'uint16v',  'ParamCountMax',       0 ],
  [ 'uint16v',  'DataCountMax',        0 ],
  [ 'uint8',    'SetupCountMax',       0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'Flags',               0 ],
  [ 'uint32v',  'Timeout',             0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint16v',  'ParamCount',          0 ],
  [ 'uint16v',  'ParamOffset',         0 ],
  [ 'uint16v',  'DataCount',           0 ],
  [ 'uint16v',  'DataOffset',          0 ],
  [ 'uint8',    'SetupCount',          0 ],
  [ 'uint8',    'Reserved3',           0 ],
  [ 'string',   'SetupData', nil,     '' ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_TRANS2_PKT =
self.make_nbs(SMB_TRANS2_HDR_PKT)
SMB_NTTRANS_HDR_PKT =

A SMB template for SMB NTTransaction requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'SetupCountMax',       0 ],
  [ 'uint16v',  'Reserved1',           0 ],
  [ 'uint32v',  'ParamCountTotal',     0 ],
  [ 'uint32v',  'DataCountTotal',      0 ],
  [ 'uint32v',  'ParamCountMax',       0 ],
  [ 'uint32v',  'DataCountMax',        0 ],
  [ 'uint32v',  'ParamCount',          0 ],
  [ 'uint32v',  'ParamOffset',         0 ],
  [ 'uint32v',  'DataCount',           0 ],
  [ 'uint32v',  'DataOffset',          0 ],
  [ 'uint8',    'SetupCount',          0 ],
  [ 'uint16v',  'Subcommand',          0 ],
  [ 'string',   'SetupData', nil,     '' ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_NTTRANS_PKT =
self.make_nbs(SMB_NTTRANS_HDR_PKT)
SMB_NTTRANS_RES_HDR_PKT =

A SMB template for SMB NTTransaction responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint32v',  'ParamCountTotal',     0 ],
  [ 'uint32v',  'DataCountTotal',      0 ],
  [ 'uint32v',  'ParamCount',          0 ],
  [ 'uint32v',  'ParamOffset',         0 ],
  [ 'uint32v',  'ParamDisplace',       0 ],
  [ 'uint32v',  'DataCount',           0 ],
  [ 'uint32v',  'DataOffset',          0 ],
  [ 'uint32v',  'DataDisplace',        0 ],
  [ 'uint8',    'Reserved3',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_NTTRANS_RES_PKT =
self.make_nbs(SMB_NTTRANS_RES_HDR_PKT)
SMB_NTTRANS_SECONDARY_HDR_PKT =

A SMB template for SMB NTTransaction_Secondary requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint32v',  'ParamCountTotal',     0 ],
  [ 'uint32v',  'DataCountTotal',      0 ],
  [ 'uint32v',  'ParamCount',          0 ],
  [ 'uint32v',  'ParamOffset',         0 ],
  [ 'uint32v',  'ParamDisplace',       0 ],
  [ 'uint32v',  'DataCount',           0 ],
  [ 'uint32v',  'DataOffset',          0 ],
  [ 'uint32v',  'DataDisplace',        0 ],
  [ 'uint8',    'SetupCount',          0 ],
  [ 'string',   'SetupData', nil,     '' ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_NTTRANS_SECONDARY_PKT =
self.make_nbs(SMB_NTTRANS_SECONDARY_HDR_PKT)
SMB_CREATE_HDR_PKT =

A SMB template for SMB Create requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint8',    'Reserved2',           0 ],
  [ 'uint16v',  'FileNameLen',         0 ],
  [ 'uint32v',  'CreateFlags',         0 ],
  [ 'uint32v',  'RootFileID',          0 ],
  [ 'uint32v',  'AccessMask',          0 ],
  [ 'uint32v',  'AllocLow',            0 ],
  [ 'uint32v',  'AllocHigh',           0 ],
  [ 'uint32v',  'Attributes',          0 ],
  [ 'uint32v',  'ShareAccess',         0 ],
  [ 'uint32v',  'Disposition',         0 ],
  [ 'uint32v',  'CreateOptions',       0 ],
  [ 'uint32v',  'Impersonation',       0 ],
  [ 'uint8',    'SecurityFlags',       0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,        '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_CREATE_PKT =
self.make_nbs(SMB_CREATE_HDR_PKT)
SMB_CREATE_RES_HDR_PKT =

A SMB template for SMB Create responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint8',    'OpLock',              0 ],
  [ 'uint16v',  'FileID',              0 ],
  [ 'uint32v',  'Action',              0 ],
  [ 'uint32v',  'CreateTimeLow',       0 ],
  [ 'uint32v',  'CreateTimeHigh',      0 ],
  [ 'uint32v',  'AccessTimeLow',       0 ],
  [ 'uint32v',  'AccessTimeHigh',      0 ],
  [ 'uint32v',  'WriteTimeLow',        0 ],
  [ 'uint32v',  'WriteTimeHigh',       0 ],
  [ 'uint32v',  'ChangeTimeLow',       0 ],
  [ 'uint32v',  'ChangeTimeHigh',      0 ],
  [ 'uint32v',  'Attributes',          0 ],
  [ 'uint32v',  'AllocLow',            0 ],
  [ 'uint32v',  'AllocHigh',           0 ],
  [ 'uint32v',  'EOFLow',              0 ],
  [ 'uint32v',  'EOFHigh',             0 ],
  [ 'uint16v',  'FileType',            0 ],
  [ 'uint16v',  'IPCState',            0 ],
  [ 'uint8',    'IsDirectory',         0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload', 'ByteCount',  nil, true ]
)
SMB_CREATE_RES_PKT =
self.make_nbs(SMB_CREATE_RES_HDR_PKT)
SMB_WRITE_HDR_PKT =

A SMB template for SMB Write requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'FileID',              0 ],
  [ 'uint32v',  'Offset',              0 ],
  [ 'uint32v',  'Reserved2',           0 ],
  [ 'uint16v',  'WriteMode',           0 ],
  [ 'uint16v',  'Remaining',           0 ],
  [ 'uint16v',  'DataLenHigh',         0 ],
  [ 'uint16v',  'DataLenLow',          0 ],
  [ 'uint16v',  'DataOffset',          0 ],
  [ 'uint32v',  'DataOffsetHigh',      0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_WRITE_PKT =
self.make_nbs(SMB_WRITE_HDR_PKT)
SMB_WRITE_RES_HDR_PKT =

A SMB template for SMB Write responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'CountLow',            0 ],
  [ 'uint16v',  'Remaining',           0 ],
  [ 'uint16v',  'CountHigh',           0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_WRITE_RES_PKT =
self.make_nbs(SMB_WRITE_RES_HDR_PKT)
SMB_OPEN_HDR_PKT =

A SMB template for SMB OPEN requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'Flags',               0 ],
  [ 'uint16v',  'Access',              0 ],
  [ 'uint16v',  'SearchAttributes',    0 ],
  [ 'uint16v',  'FileAttributes',      0 ],
  [ 'uint32v',  'CreateTime',          0 ],
  [ 'uint16v',  'OpenFunction',        0 ],
  [ 'uint32v',  'AllocSize',           0 ],
  [ 'uint32v',  'Reserved2',           0 ],
  [ 'uint32v',  'Reserved3',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_OPEN_PKT =
self.make_nbs(SMB_OPEN_HDR_PKT)
SMB_OPEN_RES_HDR_PKT =

A SMB template for SMB OPEN responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'FileID',              0 ],
  [ 'uint16v',  'FileAttributes',      0 ],
  [ 'uint32v',  'WriteTime',           0 ],
  [ 'uint32v',  'FileSize',            0 ],
  [ 'uint16v',  'FileAccess',          0 ],
  [ 'uint16v',  'FileType',            0 ],
  [ 'uint16v',  'IPCState',            0 ],
  [ 'uint16v',  'Action',              0 ],
  [ 'uint32v',  'ServerFileID',        0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_OPEN_RES_PKT =
self.make_nbs(SMB_OPEN_RES_HDR_PKT)
SMB_CLOSE_HDR_PKT =

A SMB template for SMB Close requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'FileID',              0 ],
  [ 'uint32v',  'LastWrite',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_CLOSE_PKT =
self.make_nbs(SMB_CLOSE_HDR_PKT)
SMB_CLOSE_RES_HDR_PKT =

A SMB template for SMB Close responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_CLOSE_RES_PKT =
self.make_nbs(SMB_CLOSE_RES_HDR_PKT)
SMB_DELETE_HDR_PKT =

A SMB template for SMB Delete requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'SearchAttribute',     0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'uint8',    'BufferFormat',        0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_DELETE_PKT =
self.make_nbs(SMB_DELETE_HDR_PKT)
SMB_DELETE_RES_HDR_PKT =

A SMB template for SMB Delete responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_DELETE_RES_PKT =
self.make_nbs(SMB_DELETE_RES_HDR_PKT)
SMB_READ_HDR_PKT =

A SMB template for SMB Read requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'FileID',              0 ],
  [ 'uint32v',  'Offset',              0 ],
  [ 'uint16v',  'MaxCountLow',         0 ],
  [ 'uint16v',  'MinCount',            0 ],
  [ 'uint32v',  'Reserved2',           0 ],
  [ 'uint16v',  'Remaining',           0 ],
  [ 'uint32v',  'MaxCountHigh',        0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_READ_PKT =
self.make_nbs(SMB_READ_HDR_PKT)
SMB_READ_RES_HDR_PKT =

A SMB template for SMB Read responses

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint8',    'AndX',                0 ],
  [ 'uint8',    'Reserved1',           0 ],
  [ 'uint16v',  'AndXOffset',          0 ],
  [ 'uint16v',  'Remaining',           0 ],
  [ 'uint16v',  'DataCompaction',      0 ],
  [ 'uint16v',  'Reserved2',           0 ],
  [ 'uint16v',  'DataLenLow',          0 ],
  [ 'uint16v',  'DataOffset',          0 ],
  [ 'uint32v',  'DataLenHigh',         0 ],
  [ 'uint32v',  'Reserved3',           0 ],
  [ 'uint16v',  'Reserved4',           0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_READ_RES_PKT =
self.make_nbs(SMB_READ_RES_HDR_PKT)
SMB_SEARCH_HDR_PKT =

A SMB template for SMB Search requests

Rex::Struct2::CStructTemplate.new(
  [ 'template', 'SMB',                 SMB_HDR ],
  [ 'uint16v',  'MaxCount',            0 ],
  [ 'uint16v',  'Attributes',          0 ],
  [ 'uint16v',  'ByteCount',           0 ],
  [ 'string',   'Payload', nil,       '' ]
).create_restraints(
  [ 'Payload',   'ByteCount',  nil, true ]
)
SMB_SEARCH_PKT =
self.make_nbs(SMB_SEARCH_HDR_PKT)

Class Method Summary collapse

Class Method Details

.make_nbs(template) ⇒ Object

Create a NetBIOS session packet template


352
353
354
355
356
357
358
359
360
361
# File 'lib/rex/proto/smb/constants.rb', line 352

def self.make_nbs (template)
  Rex::Struct2::CStructTemplate.new(
    [ 'uint8',    'Type',             0 ],
    [ 'uint8',    'Flags',            0 ],
    [ 'uint16n',  'PayloadLen',       0 ],
    [ 'template', 'Payload',          template ]
  ).create_restraints(
    [ 'Payload', 'PayloadLen',  nil, true ]
  )
end