Use the new NDR types in RubySMB v3.2.4
This commit is contained in:
parent
56728fc7c2
commit
0d9a282237
|
@ -431,7 +431,7 @@ GEM
|
|||
ruby-progressbar (1.11.0)
|
||||
ruby-rc4 (0.1.5)
|
||||
ruby2_keywords (0.0.5)
|
||||
ruby_smb (3.2.3)
|
||||
ruby_smb (3.2.4)
|
||||
bindata
|
||||
openssl-ccm
|
||||
openssl-cmac
|
||||
|
|
|
@ -156,7 +156,7 @@ ruby-prof, 1.4.2, "Simplified BSD"
|
|||
ruby-progressbar, 1.11.0, MIT
|
||||
ruby-rc4, 0.1.5, MIT
|
||||
ruby2_keywords, 0.0.5, "ruby, Simplified BSD"
|
||||
ruby_smb, 3.2.3, "New BSD"
|
||||
ruby_smb, 3.2.4, "New BSD"
|
||||
rubyntlm, 0.6.3, MIT
|
||||
rubyzip, 2.3.2, "Simplified BSD"
|
||||
sawyer, 0.9.2, MIT
|
||||
|
|
|
@ -1,75 +0,0 @@
|
|||
# frozen_string_literal: true
|
||||
|
||||
require 'bindata'
|
||||
require 'ruby_smb/dcerpc'
|
||||
|
||||
# Temporarily adding this to framework instead of RubySMB
|
||||
# Should be updated and moved there when implementing diamond tickets
|
||||
# The problem with adding it to RubySMB now is if we update RubySMB structures afterwards,
|
||||
# these changes will be backward non-compatible and this will require a major version bump
|
||||
# (IDL/NDR) Pickles as defined in
|
||||
# [(IDL/NDR) # Pickles](https://pubs.opengroup.org/onlinepubs/9668899/chap2.htm#tagcjh_05_01_07)
|
||||
# and
|
||||
# [2.2.6 Type Serialization Version # 1](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/9a1d0f97-eac0-49ab-a197-f1a581c2d6a0)
|
||||
module Rex::Proto::Kerberos::NDR
|
||||
# [2.2.6.1 Common Type Header for the Serialization Stream](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/6d75d40e-e2d2-4420-b9e9-8508a726a9ae)
|
||||
class TypeSerialization1CommonTypeHeader < BinData::Record
|
||||
default_parameter byte_align: 8
|
||||
endian :little
|
||||
|
||||
uint8 :version, initial_value: 1
|
||||
uint8 :endianness, initial_value: 0x10
|
||||
uint16 :common_header_length, initial_value: 8
|
||||
uint32 :filler, initial_value: 0xCCCCCCCC
|
||||
end
|
||||
|
||||
# [2.2.6.2 Private Header for Constructed Type](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/63949ba8-bc88-4c0c-9377-23f14b197827)
|
||||
class TypeSerialization1PrivateHeader < BinData::Record
|
||||
default_parameter byte_align: 8
|
||||
endian :little
|
||||
|
||||
uint32 :object_buffer_length, initial_value: -> { parent.field_length(@obj.parent) }
|
||||
uint32 :filler, initial_value: 0x00000000
|
||||
end
|
||||
|
||||
# [2.2.6 Type Serialization Version 1](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-rpce/9a1d0f97-eac0-49ab-a197-f1a581c2d6a0)
|
||||
class TypeSerialization1 < BinData::Record
|
||||
PRIVATE_HEADER_BASE_NAME = 'private_header'
|
||||
|
||||
default_parameter byte_align: 8
|
||||
endian :little
|
||||
search_prefix :type_serialization1
|
||||
|
||||
common_type_header :common_header
|
||||
|
||||
def field_length(obj)
|
||||
length = 0
|
||||
index = find_index_of(obj)
|
||||
if index
|
||||
each_pair { |n, o| length = o.num_bytes if n == field_names[index + 1] }
|
||||
end
|
||||
length
|
||||
end
|
||||
|
||||
def self.method_missing(symbol, *args, &block)
|
||||
return super if dsl_parser.respond_to?(symbol)
|
||||
|
||||
klass = BinData::RegisteredClasses.lookup(symbol, { endian: dsl_parser.endian, search_prefix: dsl_parser.search_prefix })
|
||||
if klass.new.is_a?(RubySMB::Dcerpc::Ndr::ConstructedTypePlugin)
|
||||
names = dsl_parser.fields.find_all do |field|
|
||||
field.prototype.instance_variable_get(:@obj_class) == TypeSerialization1PrivateHeader
|
||||
end.map(&:name).sort
|
||||
if names.empty?
|
||||
new_name = "#{PRIVATE_HEADER_BASE_NAME}1"
|
||||
else
|
||||
num = names.last.match(/#{PRIVATE_HEADER_BASE_NAME}(\d)$/)[1].to_i
|
||||
new_name = "#{PRIVATE_HEADER_BASE_NAME}#{num + 1}"
|
||||
end
|
||||
|
||||
super(:private_header, new_name.to_sym)
|
||||
end
|
||||
|
||||
super
|
||||
end
|
||||
end
|
||||
end
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
require 'bindata'
|
||||
require 'ruby_smb/dcerpc'
|
||||
require 'rex/proto/kerberos/ndr/type_serialization1'
|
||||
|
||||
# full MIDL spec for PAC
|
||||
# https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-pac/1d4912dd-5115-4124-94b6-fa414add575f
|
||||
module Rex::Proto::Kerberos::Pac
|
||||
|
@ -264,7 +264,7 @@ module Rex::Proto::Kerberos::Pac
|
|||
extend RubySMB::Dcerpc::Ndr::PointerClassPlugin
|
||||
end
|
||||
|
||||
class Krb5LogonInformation < Rex::Proto::Kerberos::NDR::TypeSerialization1
|
||||
class Krb5LogonInformation < RubySMB::Dcerpc::Ndr::TypeSerialization1
|
||||
endian :little
|
||||
# @!attribute [r] ul_type
|
||||
# @return [Integer] Describes the type of data present
|
||||
|
@ -352,7 +352,7 @@ module Rex::Proto::Kerberos::Pac
|
|||
extend RubySMB::Dcerpc::Ndr::PointerClassPlugin
|
||||
end
|
||||
|
||||
class Krb5SerializedPacCredentialData < Rex::Proto::Kerberos::NDR::TypeSerialization1
|
||||
class Krb5SerializedPacCredentialData < RubySMB::Dcerpc::Ndr::TypeSerialization1
|
||||
endian :little
|
||||
|
||||
krb5_pac_credential_data_ptr :data
|
||||
|
|
Loading…
Reference in New Issue