Class: PacketGen::Plugin::SMB2::Negotiate::Response

Inherits:

Base

• Object
• Header::Base
• Base
• PacketGen::Plugin::SMB2::Negotiate::Response

Defined in:

lib/packetgen/plugin/smb2/negotiate/response.rb

Overview

SMB2 Negotiate response structure

 0                   1                   2                   3
 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        StructureSize          |         SecurityMode          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|       DialectRevision         |        ContextCount           |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          ServerGUID                           |
+                                                               +
|                                                               |
+                                                               +
|                                                               |
+                                                               +
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         Capabilities                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          MaxTranSize                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          MaxReadSize                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         MaxWriteSize                          |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          SystemTime                           |
+                                                               +
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                          StartTime                            |
+                                                               +
|                                                               |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|        BufferOffset           |           BufferLength        |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         ContextOffset                         |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                        Buffer (variable)                      |
+                                                               +
|                              ...                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                         Pad (variable)                        |
+                                                               +
|                              ...                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|                     ContextList (variable)                    |
+                                                               +
|                              ...                              |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

Author:

• Sylvain Daubert

Instance Attribute Summary

• #buffer ⇒ GSSAPI
• #buffer_length ⇒ Integer

  The length of the #buffer field.

• #buffer_offset ⇒ Integer

  The offset, from the beginning of the SMB2 header of the #buffer.

• #cap_dfs ⇒ Boolean

  Indicates if Distributed File system (DFS) is supported.

• #cap_dir_leasing ⇒ Boolean

  Indicates if directory leasing is supported.

• #cap_encryption ⇒ Boolean

  Indicates if encryption is supported.

• #cap_large_mtu ⇒ Boolean

  Indicates if multi credit operations are supported.

• #cap_leasing ⇒ Boolean

  Indicates if leasing is supported.

• #cap_multi_channel ⇒ Boolean

  Indicates if multiple channels are supported for a single session.

• #cap_persistent_handles ⇒ Boolean

  Indicates if persisten handles are supported.

• #capabilities ⇒ Integer

  32-bit capabilities field.

• #context_count ⇒ Integer

  Only for SMB3 dialect.

• #context_list ⇒ ArrayOfContext

  If #dialect has the value 0x0311, then this field must contain an array of Context.

• #context_offset ⇒ Integer

  Only for SMB3 dialect.

• #dialect ⇒ Integer

  16-bit prefered SMB2 protocol dialect number.

• #max_read_size ⇒ Integer

  32-bit value indicating the maximum size of a READ request.

• #max_trans_size ⇒ Integer

  32-bit value indicating the maximum size of the buffer used for QUERY_INFO, QUERY_DIRECTORY, SET_INFO and CHANGE_NOTIFY operations.

• #max_write_size ⇒ Integer

  32-bit value indicating the maximum size of a WRITE request.

• #pad ⇒ Object

  Optional padding between the end of the #buffer field and the first negotiate context in #context_list so that the first negotiate context is 8-byte aligned.

• #security_mode ⇒ Integer

  16-bit security mode field.

• #server_guid ⇒ Object

  [].

• #start_time ⇒ SMB::Filetime

  Start time of the SMB2 server.

• #structure_size ⇒ Integer

  16-bit negotiate request structure size.

• #system_time ⇒ SMB::Filetime

  System time of the SMB2 server.

Class Method Summary

• .protocol_name ⇒ String

  Protocol name.

Instance Method Summary

• #calc_length ⇒ void

  Calculate and set #context_offset, #buffer_offset, #buffer_length and #pad fields.

• #inspect ⇒ String

Methods inherited from Base

define_smb2_pad_field

Instance Attribute Details

#buffer ⇒ GSSAPI

Returns:

• (GSSAPI)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 143

define_attr :buffer, GSSAPI, token: :init, optional: ->(h) { h.buffer_offset.positive? }

#buffer_length ⇒ Integer

The length of the #buffer field.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 136

define_attr :buffer_length, BinStruct::Int16le

#buffer_offset ⇒ Integer

The offset, from the beginning of the SMB2 header of the #buffer.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 132

define_attr :buffer_offset, BinStruct::Int16le

#cap_dfs ⇒ Boolean

Indicates if Distributed File system (DFS) is supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_dir_leasing ⇒ Boolean

Indicates if directory leasing is supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_encryption ⇒ Boolean

Indicates if encryption is supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_large_mtu ⇒ Boolean

Indicates if multi credit operations are supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_leasing ⇒ Boolean

Indicates if leasing is supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_multi_channel ⇒ Boolean

Indicates if multiple channels are supported for a single session

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#cap_persistent_handles ⇒ Boolean

Indicates if persisten handles are supported

Returns:

• (Boolean)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#capabilities ⇒ Integer

32-bit capabilities field.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 104

define_bit_attr :capabilities, endian: :little,
cap_rsv: 25, cap_encryption: 1, cap_dir_leasing: 1,
cap_persistent_handles: 1, cap_multi_channel: 1,
cap_large_mtu: 1, cap_leasing: 1, cap_dfs: 1

#context_count ⇒ Integer

Only for SMB3 dialect.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 76

define_attr :context_count, BinStruct::Int16le

#context_list ⇒ ArrayOfContext

If #dialect has the value 0x0311, then this field must contain an array of Context

Returns:

• (ArrayOfContext)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 154

define_attr :context_list, ArrayOfContext, builder: ->(h, t) { t.new(counter: h[:context_count]) }

#context_offset ⇒ Integer

Only for SMB3 dialect.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 140

define_attr :context_offset, BinStruct::Int32le

#dialect ⇒ Integer

16-bit prefered SMB2 protocol dialect number.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 72

define_attr :dialect, BinStruct::Int16le

#max_read_size ⇒ Integer

32-bit value indicating the maximum size of a READ request

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 116

define_attr :max_read_size, BinStruct::Int32le

#max_trans_size ⇒ Integer

32-bit value indicating the maximum size of the buffer used for QUERY_INFO, QUERY_DIRECTORY, SET_INFO and CHANGE_NOTIFY operations.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 112

define_attr :max_trans_size, BinStruct::Int32le

#max_write_size ⇒ Integer

32-bit value indicating the maximum size of a WRITE request

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 120

define_attr :max_write_size, BinStruct::Int32le

#pad ⇒ Object

Optional padding between the end of the #buffer field and the first negotiate context in #context_list so that the first negotiate context is 8-byte aligned

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 149

define_smb2_pad_field :pad

#security_mode ⇒ Integer

16-bit security mode field.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 68

define_attr :security_mode, BinStruct::Int16leEnum, enum: Negotiate::Request::SECURITY_MODES

#server_guid ⇒ Object

Returns [].

Returns:

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 79

define_attr :server_guid, GUID

#start_time ⇒ SMB::Filetime

Start time of the SMB2 server

Returns:

• (SMB::Filetime)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 128

define_attr :start_time, SMB::Filetime

#structure_size ⇒ Integer

16-bit negotiate request structure size. Should be 65.

Returns:

• (Integer)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 64

define_attr :structure_size, BinStruct::Int16le, default: 65

#system_time ⇒ SMB::Filetime

System time of the SMB2 server

Returns:

• (SMB::Filetime)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 124

define_attr :system_time, SMB::Filetime

Class Method Details

.protocol_name ⇒ String

Protocol name

Returns:

• (String)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 158

def self.protocol_name
  'SMB2::Negotiate::Response'
end

Instance Method Details

#calc_length ⇒ void

This method returns an undefined value.

Calculate and set #context_offset, #buffer_offset, #buffer_length and #pad fields. Also calculate lengths in contexts.

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 181

def calc_length
  self[:pad].read(SMB2::MAX_PADDING)
  calc_buffer_fields
  calc_context_fields
end

#inspect ⇒ String

Returns:

• (String)

# File 'lib/packetgen/plugin/smb2/negotiate/response.rb', line 163

def inspect
  super do |attr|
    next unless attr == :capabilities

    value = bits_on(attr).select { |b| respond_to?("#{b}?") && send("#{b}?") }
                         .map(&:to_s)
                         .join(',')
                         .gsub!('cap_', '')
    value = '%-16s (0x%08x)' % [value, self[attr].to_i]
    str = PacketGen::Inspect.shift_level
    str << (PacketGen::Inspect::FMT_ATTR % [self[attr].class.to_s.sub(/.*::/, ''), attr, value])
  end
end