diff options
| author |   imarom <imarom@cisco.com> | 2016-03-21 16:03:47 +0200 |
|---|---|---|
| committer | imarom <imarom@cisco.com> | 2016-03-21 16:03:47 +0200 |
| commit | b89efa188810bf95a9d245e69e2961b5721c3b0f (patch) | |
| tree | 454273ac6c4ae972ebb8a2c86b893296970b4fa9 /scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py | |
| parent | f72c6df9d2e9998ae1f3529d729ab7930b35785a (diff) | |
scapy python 2/3
Diffstat (limited to 'scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py')
| -rw-r--r-- | scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py | 354 |
1 files changed, 0 insertions, 354 deletions
diff --git a/scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py b/scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py deleted file mode 100644 index f8e0da7a..00000000 --- a/scripts/external_libs/scapy-python3-0.18/scapy/layers/smb.py +++ /dev/null @@ -1,354 +0,0 @@ -## This file is part of Scapy -## See http://www.secdev.org/projects/scapy for more informations -## Copyright (C) Philippe Biondi <phil@secdev.org> -## This program is published under a GPLv2 license - -""" -SMB (Server Message Block), also known as CIFS. -""" - -from scapy.packet import * -from scapy.fields import * -from scapy.layers.netbios import NBTSession - - -# SMB NetLogon Response Header -class SMBNetlogon_Protocol_Response_Header(Packet): - name="SMBNetlogon Protocol Response Header" - fields_desc = [StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x25,{0x25:"Trans"}), - ByteField("Error_Class",0x02), - ByteField("Reserved",0), - LEShortField("Error_code",4), - ByteField("Flags",0), - LEShortField("Flags2",0x0000), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",0), - LEShortField("UID",0), - LEShortField("MID",0), - ByteField("WordCount",17), - LEShortField("TotalParamCount",0), - LEShortField("TotalDataCount",112), - LEShortField("MaxParamCount",0), - LEShortField("MaxDataCount",0), - ByteField("MaxSetupCount",0), - ByteField("unused2",0), - LEShortField("Flags3",0), - ByteField("TimeOut1",0xe8), - ByteField("TimeOut2",0x03), - LEShortField("unused3",0), - LEShortField("unused4",0), - LEShortField("ParamCount2",0), - LEShortField("ParamOffset",0), - LEShortField("DataCount",112), - LEShortField("DataOffset",92), - ByteField("SetupCount", 3), - ByteField("unused5", 0)] - -# SMB MailSlot Protocol -class SMBMailSlot(Packet): - name = "SMB Mail Slot Protocol" - fields_desc = [LEShortField("opcode", 1), - LEShortField("priority", 1), - LEShortField("class", 2), - LEShortField("size", 135), - StrNullField("name","\\MAILSLOT\\NET\\GETDC660")] - -# SMB NetLogon Protocol Response Tail SAM -class SMBNetlogon_Protocol_Response_Tail_SAM(Packet): - name = "SMB Netlogon Protocol Response Tail SAM" - fields_desc = [ByteEnumField("Command", 0x17, {0x12:"SAM logon request", 0x17:"SAM Active directory Response"}), - ByteField("unused", 0), - ShortField("Data1", 0), - ShortField("Data2", 0xfd01), - ShortField("Data3", 0), - ShortField("Data4", 0xacde), - ShortField("Data5", 0x0fe5), - ShortField("Data6", 0xd10a), - ShortField("Data7", 0x374c), - ShortField("Data8", 0x83e2), - ShortField("Data9", 0x7dd9), - ShortField("Data10", 0x3a16), - ShortField("Data11", 0x73ff), - ByteField("Data12", 0x04), - StrFixedLenField("Data13", "rmff", 4), - ByteField("Data14", 0x0), - ShortField("Data16", 0xc018), - ByteField("Data18", 0x0a), - StrFixedLenField("Data20", "rmff-win2k", 10), - ByteField("Data21", 0xc0), - ShortField("Data22", 0x18c0), - ShortField("Data23", 0x180a), - StrFixedLenField("Data24", "RMFF-WIN2K", 10), - ShortField("Data25", 0), - ByteField("Data26", 0x17), - StrFixedLenField("Data27", "Default-First-Site-Name", 23), - ShortField("Data28", 0x00c0), - ShortField("Data29", 0x3c10), - ShortField("Data30", 0x00c0), - ShortField("Data31", 0x0200), - ShortField("Data32", 0x0), - ShortField("Data33", 0xac14), - ShortField("Data34", 0x0064), - ShortField("Data35", 0x0), - ShortField("Data36", 0x0), - ShortField("Data37", 0x0), - ShortField("Data38", 0x0), - ShortField("Data39", 0x0d00), - ShortField("Data40", 0x0), - ShortField("Data41", 0xffff)] - -# SMB NetLogon Protocol Response Tail LM2.0 -class SMBNetlogon_Protocol_Response_Tail_LM20(Packet): - name = "SMB Netlogon Protocol Response Tail LM20" - fields_desc = [ByteEnumField("Command",0x06,{0x06:"LM 2.0 Response to logon request"}), - ByteField("unused", 0), - StrFixedLenField("DblSlash", "\\\\", 2), - StrNullField("ServerName","WIN"), - LEShortField("LM20Token", 0xffff)] - -# SMBNegociate Protocol Request Header -class SMBNegociate_Protocol_Request_Header(Packet): - name="SMBNegociate Protocol Request Header" - fields_desc = [StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x72,{0x72:"SMB_COM_NEGOTIATE"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_code",0), - ByteField("Flags",0x18), - LEShortField("Flags2",0x0000), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",0), - LEShortField("ByteCount",12)] - -# SMB Negociate Protocol Request Tail -class SMBNegociate_Protocol_Request_Tail(Packet): - name="SMB Negociate Protocol Request Tail" - fields_desc=[ByteField("BufferFormat",0x02), - StrNullField("BufferData","NT LM 0.12")] - -# SMBNegociate Protocol Response Advanced Security -class SMBNegociate_Protocol_Response_Advanced_Security(Packet): - name="SMBNegociate Protocol Response Advanced Security" - fields_desc = [StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x72,{0x72:"SMB_COM_NEGOTIATE"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_Code",0), - ByteField("Flags",0x98), - LEShortField("Flags2",0x0000), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",17), - LEShortField("DialectIndex",7), - ByteField("SecurityMode",0x03), - LEShortField("MaxMpxCount",50), - LEShortField("MaxNumberVC",1), - LEIntField("MaxBufferSize",16144), - LEIntField("MaxRawSize",65536), - LEIntField("SessionKey",0x0000), - LEShortField("ServerCapabilities",0xf3f9), - BitField("UnixExtensions",0,1), - BitField("Reserved2",0,7), - BitField("ExtendedSecurity",1,1), - BitField("CompBulk",0,2), - BitField("Reserved3",0,5), -# There have been 127490112000000000 tenths of micro-seconds between 1st january 1601 and 1st january 2005. 127490112000000000=0x1C4EF94D6228000, so ServerTimeHigh=0xD6228000 and ServerTimeLow=0x1C4EF94. - LEIntField("ServerTimeHigh",0xD6228000), - LEIntField("ServerTimeLow",0x1C4EF94), - LEShortField("ServerTimeZone",0x3c), - ByteField("EncryptionKeyLength",0), - LEFieldLenField("ByteCount", None, "SecurityBlob", adjust=lambda pkt,x:x-16), - BitField("GUID",0,128), - StrLenField("SecurityBlob", "", length_from=lambda x:x.ByteCount+16)] - -# SMBNegociate Protocol Response No Security -# When using no security, with EncryptionKeyLength=8, you must have an EncryptionKey before the DomainName -class SMBNegociate_Protocol_Response_No_Security(Packet): - name="SMBNegociate Protocol Response No Security" - fields_desc = [StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x72,{0x72:"SMB_COM_NEGOTIATE"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_Code",0), - ByteField("Flags",0x98), - LEShortField("Flags2",0x0000), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",17), - LEShortField("DialectIndex",7), - ByteField("SecurityMode",0x03), - LEShortField("MaxMpxCount",50), - LEShortField("MaxNumberVC",1), - LEIntField("MaxBufferSize",16144), - LEIntField("MaxRawSize",65536), - LEIntField("SessionKey",0x0000), - LEShortField("ServerCapabilities",0xf3f9), - BitField("UnixExtensions",0,1), - BitField("Reserved2",0,7), - BitField("ExtendedSecurity",0,1), - FlagsField("CompBulk",0,2,"CB"), - BitField("Reserved3",0,5), - # There have been 127490112000000000 tenths of micro-seconds between 1st january 1601 and 1st january 2005. 127490112000000000=0x1C4EF94D6228000, so ServerTimeHigh=0xD6228000 and ServerTimeLow=0x1C4EF94. - LEIntField("ServerTimeHigh",0xD6228000), - LEIntField("ServerTimeLow",0x1C4EF94), - LEShortField("ServerTimeZone",0x3c), - ByteField("EncryptionKeyLength",8), - LEShortField("ByteCount",24), - BitField("EncryptionKey",0,64), - StrNullField("DomainName","WORKGROUP"), - StrNullField("ServerName","RMFF1")] - -# SMBNegociate Protocol Response No Security No Key -class SMBNegociate_Protocol_Response_No_Security_No_Key(Packet): - namez="SMBNegociate Protocol Response No Security No Key" - fields_desc = [StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x72,{0x72:"SMB_COM_NEGOTIATE"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_Code",0), - ByteField("Flags",0x98), - LEShortField("Flags2",0x0000), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",17), - LEShortField("DialectIndex",7), - ByteField("SecurityMode",0x03), - LEShortField("MaxMpxCount",50), - LEShortField("MaxNumberVC",1), - LEIntField("MaxBufferSize",16144), - LEIntField("MaxRawSize",65536), - LEIntField("SessionKey",0x0000), - LEShortField("ServerCapabilities",0xf3f9), - BitField("UnixExtensions",0,1), - BitField("Reserved2",0,7), - BitField("ExtendedSecurity",0,1), - FlagsField("CompBulk",0,2,"CB"), - BitField("Reserved3",0,5), - # There have been 127490112000000000 tenths of micro-seconds between 1st january 1601 and 1st january 2005. 127490112000000000=0x1C4EF94D6228000, so ServerTimeHigh=0xD6228000 and ServerTimeLow=0x1C4EF94. - LEIntField("ServerTimeHigh",0xD6228000), - LEIntField("ServerTimeLow",0x1C4EF94), - LEShortField("ServerTimeZone",0x3c), - ByteField("EncryptionKeyLength",0), - LEShortField("ByteCount",16), - StrNullField("DomainName","WORKGROUP"), - StrNullField("ServerName","RMFF1")] - -# Session Setup AndX Request -class SMBSession_Setup_AndX_Request(Packet): - name="Session Setup AndX Request" - fields_desc=[StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x73,{0x73:"SMB_COM_SESSION_SETUP_ANDX"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_Code",0), - ByteField("Flags",0x18), - LEShortField("Flags2",0x0001), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",13), - ByteEnumField("AndXCommand",0x75,{0x75:"SMB_COM_TREE_CONNECT_ANDX"}), - ByteField("Reserved2",0), - LEShortField("AndXOffset",96), - LEShortField("MaxBufferS",2920), - LEShortField("MaxMPXCount",50), - LEShortField("VCNumber",0), - LEIntField("SessionKey",0), - LEFieldLenField("ANSIPasswordLength",None,"ANSIPassword"), - LEShortField("UnicodePasswordLength",0), - LEIntField("Reserved3",0), - LEShortField("ServerCapabilities",0x05), - BitField("UnixExtensions",0,1), - BitField("Reserved4",0,7), - BitField("ExtendedSecurity",0,1), - BitField("CompBulk",0,2), - BitField("Reserved5",0,5), - LEShortField("ByteCount",35), - StrLenField("ANSIPassword", "Pass",length_from=lambda x:x.ANSIPasswordLength), - StrNullField("Account","GUEST"), - StrNullField("PrimaryDomain", ""), - StrNullField("NativeOS","Windows 4.0"), - StrNullField("NativeLanManager","Windows 4.0"), - ByteField("WordCount2",4), - ByteEnumField("AndXCommand2",0xFF,{0xFF:"SMB_COM_NONE"}), - ByteField("Reserved6",0), - LEShortField("AndXOffset2",0), - LEShortField("Flags3",0x2), - LEShortField("PasswordLength",0x1), - LEShortField("ByteCount2",18), - ByteField("Password",0), - StrNullField("Path","\\\\WIN2K\\IPC$"), - StrNullField("Service","IPC")] - -# Session Setup AndX Response -class SMBSession_Setup_AndX_Response(Packet): - name="Session Setup AndX Response" - fields_desc=[StrFixedLenField("Start","\xffSMB",4), - ByteEnumField("Command",0x73,{0x73:"SMB_COM_SESSION_SETUP_ANDX"}), - ByteField("Error_Class",0), - ByteField("Reserved",0), - LEShortField("Error_Code",0), - ByteField("Flags",0x90), - LEShortField("Flags2",0x1001), - LEShortField("PIDHigh",0x0000), - LELongField("Signature",0x0), - LEShortField("Unused",0x0), - LEShortField("TID",0), - LEShortField("PID",1), - LEShortField("UID",0), - LEShortField("MID",2), - ByteField("WordCount",3), - ByteEnumField("AndXCommand",0x75,{0x75:"SMB_COM_TREE_CONNECT_ANDX"}), - ByteField("Reserved2",0), - LEShortField("AndXOffset",66), - LEShortField("Action",0), - LEShortField("ByteCount",25), - StrNullField("NativeOS","Windows 4.0"), - StrNullField("NativeLanManager","Windows 4.0"), - StrNullField("PrimaryDomain",""), - ByteField("WordCount2",3), - ByteEnumField("AndXCommand2",0xFF,{0xFF:"SMB_COM_NONE"}), - ByteField("Reserved3",0), - LEShortField("AndXOffset2",80), - LEShortField("OptionalSupport",0x01), - LEShortField("ByteCount2",5), - StrNullField("Service","IPC"), - StrNullField("NativeFileSystem","")] - -bind_layers( NBTSession, SMBNegociate_Protocol_Request_Header, ) -bind_layers( NBTSession, SMBNegociate_Protocol_Response_Advanced_Security, ExtendedSecurity=1) -bind_layers( NBTSession, SMBNegociate_Protocol_Response_No_Security, ExtendedSecurity=0, EncryptionKeyLength=8) -bind_layers( NBTSession, SMBNegociate_Protocol_Response_No_Security_No_Key, ExtendedSecurity=0, EncryptionKeyLength=0) -bind_layers( NBTSession, SMBSession_Setup_AndX_Request, ) -bind_layers( NBTSession, SMBSession_Setup_AndX_Response, ) -bind_layers( SMBNegociate_Protocol_Request_Header, SMBNegociate_Protocol_Request_Tail, ) -bind_layers( SMBNegociate_Protocol_Request_Tail, SMBNegociate_Protocol_Request_Tail, ) |