Class: TurboRex::MSRPC::MIDL::OifProcFormatString

Inherits:
ProcFormatString show all
Defined in:
lib/turborex/msrpc/midl.rb

Constant Summary

Constants included from NDRType

NDRType::DECODE_IS_USED, NDRType::ENCODE_IS_USED, NDRType::FC_ADD_1, NDRType::FC_ALIGNM2, NDRType::FC_ALIGNM4, NDRType::FC_ALIGNM8, NDRType::FC_AUTO_HANDLE, NDRType::FC_BIND_CONTEXT, NDRType::FC_BIND_GENERIC, NDRType::FC_BIND_PRIMITIVE, NDRType::FC_BLKHOLE, NDRType::FC_BOGUS_ARRAY, NDRType::FC_BOGUS_STRUCT, NDRType::FC_BSTRING, NDRType::FC_BYTE, NDRType::FC_BYTE_COUNT_POINTER, NDRType::FC_CALLBACK, NDRType::FC_CALLBACK_HANDLE, NDRType::FC_CARRAY, NDRType::FC_CHAR, NDRType::FC_CONSTANT_IID, NDRType::FC_CPSTRUCT, NDRType::FC_CSTRING, NDRType::FC_CSTRUCT, NDRType::FC_CVARRAY, NDRType::FC_CVSTRUCT, NDRType::FC_C_BSTRING, NDRType::FC_C_CSTRING, NDRType::FC_C_SSTRING, NDRType::FC_C_WSTRING, NDRType::FC_DEREFERENCE, NDRType::FC_DIV_2, NDRType::FC_DOUBLE, NDRType::FC_EMBEDDED_COMPLEX, NDRType::FC_ENCAPSULATED_UNION, NDRType::FC_END, NDRType::FC_END_OF_UNIVERSE, NDRType::FC_ENUM16, NDRType::FC_ENUM32, NDRType::FC_ERROR_STATUS_T, NDRType::FC_EXPLICIT_HANDLE, NDRType::FC_EXPR, NDRType::FC_FIXED_OFFSET, NDRType::FC_FIXED_REPEAT, NDRType::FC_FLOAT, NDRType::FC_FP, NDRType::FC_HARD_STRUCT, NDRType::FC_HYPER, NDRType::FC_IGNORE, NDRType::FC_INT3264, NDRType::FC_IN_OUT_PARAM, NDRType::FC_IN_PARAM, NDRType::FC_IN_PARAM_BASETYPE, NDRType::FC_IN_PARAM_NO_FREE_INST, NDRType::FC_IP, NDRType::FC_LGFARRAY, NDRType::FC_LGVARRAY, NDRType::FC_LONG, NDRType::FC_MULT_2, NDRType::FC_NON_ENCAPSULATED_UNION, NDRType::FC_NO_REPEAT, NDRType::FC_OP, NDRType::FC_OUT_PARAM, NDRType::FC_PAD, NDRType::FC_PIPE, NDRType::FC_POINTER, NDRType::FC_PP, NDRType::FC_PSTRUCT, NDRType::FC_RANGE, NDRType::FC_REPRESENT_AS, NDRType::FC_REPRESENT_AS_PTR, NDRType::FC_RETURN_PARAM, NDRType::FC_RETURN_PARAM_BASETYPE, NDRType::FC_RP, NDRType::FC_SHORT, NDRType::FC_SMALL, NDRType::FC_SMFARRAY, NDRType::FC_SMVARRAY, NDRType::FC_SPLIT_ADD_1, NDRType::FC_SPLIT_CALLBACK, NDRType::FC_SPLIT_DEREFERENCE, NDRType::FC_SPLIT_DIV_2, NDRType::FC_SPLIT_MULT_2, NDRType::FC_SPLIT_SUB_1, NDRType::FC_SSTRING, NDRType::FC_STRING_SIZED, NDRType::FC_STRUCT, NDRType::FC_STRUCTPAD1, NDRType::FC_STRUCTPAD2, NDRType::FC_STRUCTPAD3, NDRType::FC_STRUCTPAD4, NDRType::FC_STRUCTPAD5, NDRType::FC_STRUCTPAD6, NDRType::FC_STRUCTPAD7, NDRType::FC_SUB_1, NDRType::FC_TRANSMIT_AS, NDRType::FC_TRANSMIT_AS_PTR, NDRType::FC_UINT3264, NDRType::FC_ULONG, NDRType::FC_UNUSED1, NDRType::FC_UNUSED2, NDRType::FC_UNUSED3, NDRType::FC_UNUSED4, NDRType::FC_UNUSED5, NDRType::FC_UP, NDRType::FC_USER_MARSHAL, NDRType::FC_USHORT, NDRType::FC_USMALL, NDRType::FC_VARIABLE_OFFSET, NDRType::FC_VARIABLE_REPEAT, NDRType::FC_WCHAR, NDRType::FC_WSTRING, NDRType::FC_ZERO, NDRType::Oi_FULL_PTR_USED, NDRType::Oi_HAS_COMM_OR_FAULT, NDRType::Oi_HAS_RPCFLAGS, NDRType::Oi_IGNORE_OBJECT_EXCEPTION_HANDLING, NDRType::Oi_OBJECT_PROC, NDRType::Oi_OBJ_USE_V2_INTERPRETER, NDRType::Oi_RPCSS_ALLOC_USED, NDRType::Oi_USE_NEW_INIT_ROUTINES, NDRType::Oi_Unused, NDRType::Oi_overloaded1, NDRType::Oi_overloaded2, NDRType::WIN2K_EXT64_SIZE, NDRType::WIN2K_EXT_SIZE

Instance Attribute Summary

Attributes inherited from ProcFormatString

#cparser, #header, #param_desc

Instance Method Summary collapse

Methods inherited from ProcFormatString

#fs_length, #initialize

Constructor Details

This class inherits a constructor from TurboRex::MSRPC::MIDL::ProcFormatString

Instance Method Details

#decompileObject

return Procedure object



368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
 
# File 'lib/turborex/msrpc/midl.rb', line 368

def decompile 
  header, hlength = parse_proc_fs_header_stream(@procfs_stream)
  @header = header
  @param_desc = []
  procedure = Procedure.new(header.oi_header.common.ProcNum)

  offset = hlength
  loop do |i|
    stream = @procfs_stream.dup
    stream.base_drift(offset)

    param_desc = OifParamDesc.new(stream, @typefs_stream, @cparser)

    begin
      param = param_desc.decompile # return Parameter object
    rescue TurboRex::Exception::MSRPC::InvalidParamDescriptor
      break
    end

    @param_desc << param_desc

    if param.is_return_type?
      procedure.set_return_type(param)
    else
      procedure.push_param(param)
    end

    offset += param_desc.fs_length
  end

  procedure
end

#parse_proc_fs_header_stream(stream) ⇒ Object 



401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
 
# File 'lib/turborex/msrpc/midl.rb', line 401

def parse_proc_fs_header_stream(stream)
  raw_header = stream.read(28)
  offset = 0
  header_s = Struct.new(:oi_header, :oif_header, :win2k_ext).new
  oi_header_s = Struct.new(:common, :explicit_handle_desc).new
  
  oi_header_p1 = @cparser.decode_c_struct('Oi_Header_HType_Flags_t', raw_header)
  oi_header = if (oi_header_p1.OiFlags & Oi_HAS_RPCFLAGS) == Oi_HAS_RPCFLAGS
                @cparser.decode_c_struct('Oi_Header_t', raw_header)
              else
                @cparser.decode_c_struct('Oi_Header_Without_RPCFlags_t', raw_header)
              end
  
  oi_header_s.common = oi_header
  offset += oi_header.sizeof
  if oi_header_p1.HandleType == FC_EXPLICIT_HANDLE
    explicit_hdesc = @cparser.decode_c_struct('Handle_Desc_Common_t', raw_header, offset)
    case explicit_hdesc.HandleType
    when FC_BIND_PRIMITIVE
      explicit_handle_desc = @cparser.decode_c_struct('ExplicitHandlePrimitive_t', raw_header, offset)
    when FC_BIND_GENERIC
      explicit_handle_desc = @cparser.decode_c_struct('ExplicitHandleGeneric_t', raw_header, offset)
    when FC_BIND_CONTEXT
      explicit_handle_desc = @cparser.decode_c_struct('ExplicitHandleContext_t', raw_header, offset)
    end
  
    offset += explicit_handle_desc.sizeof
    oi_header_s.explicit_handle_desc = explicit_handle_desc
  end
  
  header_s.oi_header = oi_header_s
  oif_header = @cparser.decode_c_struct('Oif_Header_t', raw_header, offset)
  offset += oif_header.sizeof
  header_s.oif_header = oif_header

  if (oif_header.InterpreterOptFlags.HasExtensions) == 1 
    size = @cparser.decode_c_struct('WIN2K_EXT', raw_header, offset).ExtensionVersion
    case size
    when WIN2K_EXT_SIZE
      win2k_ext = @cparser.decode_c_struct('WIN2K_EXT', raw_header, offset)
    when WIN2K_EXT64_SIZE
      win2k_ext = @cparser.decode_c_struct('WIN2K_EXT64', raw_header, offset)
    end
    offset += win2k_ext.sizeof
    header_s.win2k_ext = win2k_ext
  end


  [header_s, offset]
end