|
@@ -4,10 +4,12 @@ import java.nio.ByteBuffer;
|
|
|
import java.security.SecureRandom;
|
|
|
import java.util.ArrayList;
|
|
|
import java.util.Calendar;
|
|
|
+import java.util.GregorianCalendar;
|
|
|
import java.util.List;
|
|
|
import java.util.TimeZone;
|
|
|
|
|
|
import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
|
|
|
+import de.tudarmstadt.informatik.hostage.commons.ProtocolSettings;
|
|
|
import de.tudarmstadt.informatik.hostage.wrapper.ByteArray;
|
|
|
|
|
|
/**
|
|
@@ -139,7 +141,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Converts the current system time into a byte[] with windows specific time
|
|
|
* @return current system time in windows format as byte[]
|
|
|
*/
|
|
|
- private byte[] getTimeInBytes() {
|
|
|
+ private static byte[] getTimeInBytes() {
|
|
|
long time = System.currentTimeMillis();
|
|
|
Calendar calend = Calendar.getInstance();
|
|
|
calend.setTimeZone(TimeZone.getTimeZone("UTC"));
|
|
@@ -157,12 +159,41 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
return b;
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * Converts the current timezone into a byte[] with windows specific format
|
|
|
+ * @return current timezone in windows format as byte[]
|
|
|
+ */
|
|
|
+ private static byte[] getTimeZoneInBytes() {
|
|
|
+ Integer offset = new GregorianCalendar().getTimeZone().getRawOffset() / 1000 / 60; // get current timezone offset in minutes
|
|
|
+ char[] offsetChars = Integer.toBinaryString(offset).toCharArray();
|
|
|
+ boolean invert = false;
|
|
|
+ for(int i = offsetChars.length-1; i > -1; i--) {
|
|
|
+ if(!invert && offsetChars[i] == '1') {
|
|
|
+ invert = true;
|
|
|
+ } else if(invert) {
|
|
|
+ offsetChars[i] = (offsetChars[i] == '0')? '1' : '0';
|
|
|
+ }
|
|
|
+ }
|
|
|
+ char[] extendedChars = new char[31];
|
|
|
+ for(int i = 0; i < extendedChars.length-offsetChars.length; i++) {
|
|
|
+ extendedChars[i] = '1';
|
|
|
+ }
|
|
|
+ for(int i = 0; i < offsetChars.length; i++) {
|
|
|
+ extendedChars[i+extendedChars.length-offsetChars.length] = offsetChars[i];
|
|
|
+ }
|
|
|
+ int timezone = (int) Integer.parseInt(new String(extendedChars), 2);
|
|
|
+ byte[] timezoneBytes = new byte[2];
|
|
|
+ timezoneBytes[1] = (byte) (timezone >> 8);
|
|
|
+ timezoneBytes[0] = (byte) (timezone);
|
|
|
+ return timezoneBytes;
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* Generates a random byte[] of a specified size
|
|
|
* @param size of the byte[]
|
|
|
* @return random byte[]
|
|
|
*/
|
|
|
- private byte[] randomBytes(int size) {
|
|
|
+ private static byte[] randomBytes(int size) {
|
|
|
byte[] bytes = new byte[size];
|
|
|
SecureRandom rdm = new SecureRandom();
|
|
|
rdm.nextBytes(bytes);
|
|
@@ -172,20 +203,19 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
/**
|
|
|
* Denotes a SMB packet
|
|
|
*/
|
|
|
- private class SMBPacket {
|
|
|
- private SecureRandom rndm = new SecureRandom();
|
|
|
- private String[][] possibleVersions = { {"Windows Server 2008 R2 Enterprise 7600","Windows Server 2008 R2 Enterprise 6.1"},
|
|
|
- {"Windows 7 Professional 7600","Windows 7 Professional 6.1"},
|
|
|
- {"Windows 8 Enterprise 9200", "Windows 8 Enterprise 9200"},
|
|
|
- {"Windows Server 2012 Standard 6.2", "Windows Server 2012 Standard 6.2"},
|
|
|
-// {"Unix", "Samba"}
|
|
|
- //TODO
|
|
|
+ private static class SMBPacket {
|
|
|
+ private static SecureRandom rndm = new SecureRandom();
|
|
|
+ private static String[][] possibleVersions = { {"Windows Server 2008 R2 Enterprise 7600","Windows Server 2008 R2 Enterprise 6.1"},
|
|
|
+ {"Windows 7 Professional 7600","Windows 7 Professional 6.1"},
|
|
|
+ {"Windows 8 Enterprise 9200", "Windows 8 Enterprise 9200"},
|
|
|
+ {"Windows Server 2012 Standard 6.2", "Windows Server 2012 Standard 6.2"},
|
|
|
+ {"Unix", "Samba"}
|
|
|
};
|
|
|
- private byte[] serverName = fillWithZero("lalalalalala".getBytes()); //TODO
|
|
|
- private final String[] serverVersion = possibleVersions[rndm.nextInt(possibleVersions.length)];
|
|
|
- private byte[] message = null;
|
|
|
- private final byte[] serverGUID = randomBytes(16);
|
|
|
- private boolean authenticateNext = false;
|
|
|
+ private static byte[] serverName = fillWithZero(HelperUtils.getRandomString(16, true).getBytes());
|
|
|
+ private static String[] serverVersion = possibleVersions[rndm.nextInt(possibleVersions.length)];
|
|
|
+ private byte[] message = null;
|
|
|
+ private static final byte[] serverGUID = randomBytes(16);
|
|
|
+ private boolean authenticateNext = false;
|
|
|
//components of a SMB packet
|
|
|
private byte[] serverComp = new byte[4];
|
|
|
private byte[] smbCommand = new byte[1];
|
|
@@ -201,13 +231,22 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
private byte[] multiplexID = new byte[2];
|
|
|
|
|
|
/** Constructor */
|
|
|
- public SMBPacket() {}
|
|
|
+ private SMBPacket() {
|
|
|
+ String customServerName = ProtocolSettings.getSmbServerName();
|
|
|
+ String[] customServerVersion = ProtocolSettings.getSmbServerVersion();
|
|
|
+ if(customServerName != null) {
|
|
|
+ serverName = fillWithZero(customServerName.getBytes());
|
|
|
+ }
|
|
|
+ if(customServerVersion != null) {
|
|
|
+ serverVersion = customServerVersion;
|
|
|
+ }
|
|
|
+ }
|
|
|
|
|
|
/**
|
|
|
* Breaks a message from the client down into its components
|
|
|
* @param message that is analyzed
|
|
|
*/
|
|
|
- public void newMsg(byte[] message) {
|
|
|
+ private void newMsg(byte[] message) {
|
|
|
this.message = message;
|
|
|
serverComp = new byte[]{message[4], message[5], message[6], message[7]};
|
|
|
smbCommand = new byte[]{message[8]};
|
|
@@ -250,7 +289,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the negotiate packet
|
|
|
* @return negotiate packet
|
|
|
*/
|
|
|
- public byte[] getNego() {
|
|
|
+ private byte[] getNego() {
|
|
|
byte[] wordCount = {0x11};
|
|
|
byte[] dialect = evaluateDialect();
|
|
|
byte[] secMode = {0x03};
|
|
@@ -261,7 +300,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] sessionKey = {0x00, 0x00, 0x00, 0x00};
|
|
|
byte[] capabilities = {(byte) 0xfc, (byte) 0xe3, 0x01, (byte) 0x80};
|
|
|
byte[] sysTime = getTimeInBytes();
|
|
|
- byte[] timeZone = {(byte) 0x88, (byte) 0xff}; //FIXME correct time zone
|
|
|
+ byte[] timeZone = getTimeZoneInBytes();
|
|
|
byte[] keyLength = {0x00};
|
|
|
byte[] byteCount = {0x3a, 0x00};
|
|
|
byte[] guid = serverGUID;
|
|
@@ -304,7 +343,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the session setup packet
|
|
|
* @return session setup packet
|
|
|
*/
|
|
|
- public byte[] getSessSetup() {
|
|
|
+ private byte[] getSessSetup() {
|
|
|
if(authenticateNext) return getSetupAuth();
|
|
|
else {
|
|
|
authenticateNext = true;
|
|
@@ -336,7 +375,10 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] targetNameLength = new byte[]{buffer[3], buffer[2]};
|
|
|
byte[] targetNameMaxLength = new byte[]{buffer[3], buffer[2]};
|
|
|
byte[] targetNameOffset = {0x38, 0x00, 0x00, 0x00};
|
|
|
- byte[] flags = {0x15, (byte) 0x82, (byte) 0x8a, 0x62};
|
|
|
+ byte[] flags = {0x15, (byte) 0x82, (byte) 0x8a, 0x60};
|
|
|
+ if(!serverVersion[0].contains("Unix")) {
|
|
|
+ flags[3] = (byte) (flags[3] | 0x02);
|
|
|
+ }
|
|
|
byte[] challenge = randomBytes(8);
|
|
|
byte[] reserved2 = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
|
|
|
byte[] targetInfoLength = {0x60, 0x00};
|
|
@@ -358,7 +400,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] attributeDNScomputer = {0x03, 0x00, 0x10, 0x00};
|
|
|
// serverName
|
|
|
byte[] attributeTimeStamp = {0x07, 0x00, 0x08, 0x00};
|
|
|
- byte[] timeStamp = getTimeInBytes();;
|
|
|
+ byte[] timeStamp = getTimeInBytes();
|
|
|
byte[] attributeEnd = {0x00, 0x00, 0x00, 0x00};
|
|
|
secBlob = HelperUtils.concat(secBlob, negToken, negResult, negToken2, supportedMech, negToken3,
|
|
|
ntlmsspId, nlmMsgType, targetNameLength, targetNameMaxLength, targetNameOffset,
|
|
@@ -412,7 +454,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the tree connect packet
|
|
|
* @return tree connect packet
|
|
|
*/
|
|
|
- public byte[] getTreeCon() {
|
|
|
+ private byte[] getTreeCon() {
|
|
|
String str = toString();
|
|
|
byte[] wordCount = {0x00};
|
|
|
byte[] andXCommand = {0x00, 0x00};
|
|
@@ -449,7 +491,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the nt create packet
|
|
|
* @return nt create packet
|
|
|
*/
|
|
|
- public byte[] getNTCreate() {
|
|
|
+ private byte[] getNTCreate() {
|
|
|
byte[] wordCount = {0x22};
|
|
|
byte[] andXCommand = {(byte) 0xff};
|
|
|
byte[] reserved = {0x00};
|
|
@@ -479,10 +521,10 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the trans packet
|
|
|
* @return trans packet
|
|
|
*/
|
|
|
- public byte[] getTrans() {
|
|
|
+ private byte[] getTrans() {
|
|
|
byte[] transSub = getTransSub();
|
|
|
byte[] response = null;
|
|
|
- if(transSub[0] == 0x00 && transSub[1] == 0x0b) {
|
|
|
+ if(transSub[0] == 0x00 && transSub[1] == 0x0b) { //bind_ack
|
|
|
byte[] wordCount = {0x0a};
|
|
|
byte[] totalParamCount = {0x00,0x00};
|
|
|
byte[] totalDataCount = {0x44,0x00};
|
|
@@ -498,17 +540,12 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] byteCount = {0x45, 0x00};
|
|
|
byte[] padding = {0x00};
|
|
|
|
|
|
- byte[] dcerpc = {0x05, 0x00,
|
|
|
- 0x0c, 0x03, 0x10, 0x00, 0x00, 0x00, 0x44, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, (byte) 0xb8, 0x10,
|
|
|
- (byte) 0xb8, 0x10, 0x4a, 0x41, 0x00, 0x00, 0x0d, 0x00, 0x5c, 0x50, 0x49, 0x50, 0x45, 0x5c, 0x73, 0x72,
|
|
|
- 0x76, 0x73, 0x76, 0x63, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x04, 0x5d,
|
|
|
- (byte) 0x88, (byte) 0x8a, (byte) 0xeb, 0x1c, (byte) 0xc9, 0x11, (byte) 0x9f, (byte) 0xe8, 0x08, 0x00, 0x2b, 0x10, 0x48, 0x60, 0x02, 0x00,
|
|
|
- 0x00, 0x00};
|
|
|
+ byte[] dcerpc = getDceRpc(transSub);
|
|
|
|
|
|
response = HelperUtils.concat(wordCount, totalParamCount, totalDataCount, reserved, paramCount, paramOffset,
|
|
|
paramDisplace, dataCount, dataOffset, dataDisplace, setupCount, reserved2, byteCount, padding, dcerpc);
|
|
|
|
|
|
- } else if(transSub[0] == 0x00 && transSub[1] == 0x00) {
|
|
|
+ } else if(transSub[0] == 0x00 && transSub[1] == 0x00) { //netShareEnumAll
|
|
|
byte[] wordCount = {0x0a};
|
|
|
byte[] totalParamCount = {0x00, 0x00};
|
|
|
byte[] totalDataCount = {0x54, 0x01};
|
|
@@ -524,25 +561,28 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] byteCount = {0x55, 0x01};
|
|
|
byte[] padding = {0x00};
|
|
|
|
|
|
- byte[] dcerpc = {0x05, 0x00,
|
|
|
- 0x02, 0x03, 0x10, 0x00, 0x00, 0x00, 0x54, 0x01, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x3c, 0x01,
|
|
|
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
|
|
|
- byte[] serverService = {0x01, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
- 0x02, 0x00, 0x04, 0x00, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00, 0x04, 0x00, 0x00, 0x00, 0x08, 0x00,
|
|
|
- 0x02, 0x00, 0x00, 0x00, 0x00, (byte) 0x80, 0x0c, 0x00, 0x02, 0x00, 0x10, 0x00, 0x02, 0x00, 0x00, 0x00,
|
|
|
- 0x00, (byte) 0x80, 0x14, 0x00, 0x02, 0x00, 0x18, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1c, 0x00,
|
|
|
- 0x02, 0x00, 0x20, 0x00, 0x02, 0x00, 0x03, 0x00, 0x00, (byte) 0x80, 0x24, 0x00, 0x02, 0x00, 0x07, 0x00,
|
|
|
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x41, 0x00, 0x44, 0x00, 0x4d, 0x00,
|
|
|
+ byte[] dcerpc = getDceRpc(transSub);
|
|
|
+
|
|
|
+ byte[] levelPointer = {0x01, 0x00, 0x00, 0x00};
|
|
|
+ //TODO
|
|
|
+ byte[] ctr = {0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x00};
|
|
|
+ byte[] ctr1 = {0x04, 0x00, 0x00, 0x00, 0x04, 0x00, 0x02, 0x00, 0x04, 0x00, 0x00, 0x00};
|
|
|
+ byte[] array1Pointer = {0x08, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, (byte) 0x80, 0x0c, 0x00, 0x02, 0x00};
|
|
|
+ byte[] array2Pointer = {0x10, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, (byte) 0x80, 0x14, 0x00, 0x02, 0x00};
|
|
|
+ byte[] array3Pointer = {0x18, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1c, 0x00, 0x02, 0x00};
|
|
|
+ byte[] array4Pointer = {0x20, 0x00, 0x02, 0x00, 0x03, 0x00, 0x00, (byte) 0x80, 0x24, 0x00, 0x02, 0x00};
|
|
|
+ byte[] array1 = {0x07, 0x00,0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x07, 0x00, 0x00, 0x00, 0x41, 0x00, 0x44, 0x00, 0x4d, 0x00,
|
|
|
0x49, 0x00, 0x4e, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0d, 0x00, 0x00, 0x00, 0x00, 0x00,
|
|
|
0x00, 0x00, 0x0d, 0x00, 0x00, 0x00, 0x52, 0x00, 0x65, 0x00, 0x6d, 0x00, 0x6f, 0x00, 0x74, 0x00,
|
|
|
- 0x65, 0x00, 0x20, 0x00, 0x41, 0x00, 0x64, 0x00, 0x6d, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x00, 0x00,
|
|
|
- 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x43, 0x00,
|
|
|
+ 0x65, 0x00, 0x20, 0x00, 0x41, 0x00, 0x64, 0x00, 0x6d, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x00, 0x00};
|
|
|
+ byte[] array2 = {0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00, 0x43, 0x00,
|
|
|
0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0e, 0x00,
|
|
|
0x00, 0x00, 0x44, 0x00, 0x65, 0x00, 0x66, 0x00, 0x61, 0x00, 0x75, 0x00, 0x6c, 0x00, 0x74, 0x00,
|
|
|
- 0x20, 0x00, 0x73, 0x00, 0x68, 0x00, 0x61, 0x00, 0x72, 0x00, 0x65, 0x00, 0x00, 0x00, 0x05, 0x00,
|
|
|
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x64, 0x00, 0x6f, 0x00, 0x63, 0x00,
|
|
|
+ 0x20, 0x00, 0x73, 0x00, 0x68, 0x00, 0x61, 0x00, 0x72, 0x00, 0x65, 0x00, 0x00, 0x00};
|
|
|
+ byte[] array3 = {0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x64, 0x00, 0x6f, 0x00, 0x63, 0x00,
|
|
|
0x73, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
|
|
|
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00,
|
|
|
+ 0x00, 0x00, 0x00, 0x00};
|
|
|
+ byte[] array4 = {0x00, 0x00, 0x05, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x05, 0x00,
|
|
|
0x00, 0x00, 0x49, 0x00, 0x50, 0x00, 0x43, 0x00, 0x24, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00,
|
|
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x0b, 0x00, 0x00, 0x00, 0x52, 0x00, 0x65, 0x00, 0x6d, 0x00,
|
|
|
0x6f, 0x00, 0x74, 0x00, 0x65, 0x00, 0x20, 0x00, 0x49, 0x00, 0x50, 0x00, 0x43, 0x00, 0x00, 0x00};
|
|
@@ -552,8 +592,9 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
byte[] windowsError = {0x00, 0x00, 0x00, 0x00};
|
|
|
|
|
|
response = HelperUtils.concat(wordCount, totalParamCount, totalDataCount, reserved, paramCount, paramOffset,
|
|
|
- paramDisplace, dataCount, dataOffset, dataDisplace, setupCount, reserved2, byteCount, padding, dcerpc,
|
|
|
- serverService, totalEntries, referentID, resumeHandle, windowsError);
|
|
|
+ paramDisplace, dataCount, dataOffset, dataDisplace, setupCount, reserved2, byteCount, padding, dcerpc,
|
|
|
+ levelPointer, ctr, ctr1, array1Pointer, array2Pointer, array3Pointer, array4Pointer,
|
|
|
+ array1, array2, array3, array4, totalEntries, referentID, resumeHandle, windowsError);
|
|
|
|
|
|
|
|
|
}
|
|
@@ -561,11 +602,57 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
return wrapNetbios(wrapHeader(response));
|
|
|
}
|
|
|
|
|
|
+ /**
|
|
|
+ * Builds the DCERPC packet
|
|
|
+ * @return DCERPC packet
|
|
|
+ */
|
|
|
+ private byte[] getDceRpc(byte[] transSub) {
|
|
|
+ byte[] majorVersion = {0x05};
|
|
|
+ byte[] minorVersion = {0x00};
|
|
|
+ byte[] packetType = null;
|
|
|
+ byte[] packetFlags = {0x03};
|
|
|
+ byte[] dataRepres = {0x10, 0x00, 0x00, 0x00};
|
|
|
+ byte[] fragLength = null;
|
|
|
+ byte[] authLength = {0x00, 0x00};
|
|
|
+ byte[] callID = null;
|
|
|
+ byte[] response = null;
|
|
|
+
|
|
|
+ if(transSub[0] == 0x00 && transSub[1] == 0x0b) {
|
|
|
+ packetType = new byte[]{0x0c};
|
|
|
+ fragLength = new byte[]{0x44, 0x00};
|
|
|
+ callID = new byte[]{0x01, 0x00, 0x00, 0x00};
|
|
|
+ byte[] maxXmitFrag = {(byte) 0xb8, 0x10};
|
|
|
+ byte[] maxRecvFrag = {(byte) 0xb8, 0x10};
|
|
|
+ byte[] assocGroup = {0x4a, 0x41, 0x00, 0x00}; //maybe randomize?
|
|
|
+ byte[] scndryAddrLen = {0x0d, 0x00};
|
|
|
+ byte[] scndryAddr = {0x5c, 0x50, 0x49, 0x50, 0x45, 0x5c, 0x73, 0x72,
|
|
|
+ 0x76, 0x73, 0x76, 0x63, 0x00, 0x00};
|
|
|
+ byte[] numResults = {0x01, 0x00, 0x00, 0x00};
|
|
|
+ byte[] ctxItem = {0x00, 0x00, 0x00, 0x00, 0x04, 0x5d, (byte) 0x88, (byte) 0x8a,
|
|
|
+ (byte) 0xeb, 0x1c, (byte) 0xc9, 0x11, (byte) 0x9f, (byte) 0xe8,
|
|
|
+ 0x08, 0x00, 0x2b, 0x10, 0x48, 0x60, 0x02, 0x00, 0x00, 0x00};
|
|
|
+
|
|
|
+ response = HelperUtils.concat(majorVersion, minorVersion, packetType, packetFlags, dataRepres,fragLength,
|
|
|
+ authLength, callID, maxXmitFrag, maxRecvFrag, assocGroup, scndryAddrLen, scndryAddr, numResults, ctxItem);
|
|
|
+ } else if(transSub[0] == 0x00 && transSub[1] == 0x00) {
|
|
|
+ packetType = new byte[]{0x02};
|
|
|
+ fragLength = new byte[]{0x54, 0x01};
|
|
|
+ callID = new byte[]{0x02, 0x00, 0x00, 0x00};
|
|
|
+ byte[] allocHint = {0x3c, 0x01, 0x00, 0x00}; //maybe randomize?
|
|
|
+ byte[] contextID = {0x00, 0x00};
|
|
|
+ byte[] cancelCount = {0x00, 0x00};
|
|
|
+
|
|
|
+ response = HelperUtils.concat(majorVersion, minorVersion, packetType, packetFlags, dataRepres,fragLength,
|
|
|
+ authLength, callID, allocHint, contextID, cancelCount);
|
|
|
+ }
|
|
|
+ return response;
|
|
|
+ }
|
|
|
+
|
|
|
/**
|
|
|
* Builds the close packet
|
|
|
* @return close packet
|
|
|
*/
|
|
|
- public byte[] getClose() {
|
|
|
+ private byte[] getClose() {
|
|
|
byte[] wordCount = {0x00};
|
|
|
byte[] byteCount = {0x00, 0x00};
|
|
|
|
|
@@ -580,7 +667,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the tree disconnect packet
|
|
|
* @return tree disconnect packet
|
|
|
*/
|
|
|
- public byte[] getTreeDisc() {
|
|
|
+ private byte[] getTreeDisc() {
|
|
|
byte[] wordCount = {0x00};
|
|
|
byte[] byteCount = {0x00, 0x00};
|
|
|
|
|
@@ -595,7 +682,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the echo packet
|
|
|
* @return echo packet
|
|
|
*/
|
|
|
- public byte[] getEcho() {
|
|
|
+ private byte[] getEcho() {
|
|
|
byte[] wordCount = {0x01};
|
|
|
byte[] echoSeq = {0x01, 0x00};
|
|
|
byte[] byteCount = {0x10, 0x00};
|
|
@@ -610,7 +697,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Builds the trans2 packet
|
|
|
* @return trans2 packet
|
|
|
*/
|
|
|
- public byte[] getTrans2() {
|
|
|
+ private byte[] getTrans2() {
|
|
|
byte[] response = null;
|
|
|
byte[] wordCount = {0x00};
|
|
|
byte[] andXCommand = {0x00, 0x00};
|
|
@@ -639,7 +726,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* Returns the command number from the current message
|
|
|
* @return command number
|
|
|
*/
|
|
|
- public byte getSmbCommand() {
|
|
|
+ private byte getSmbCommand() {
|
|
|
return smbCommand[0];
|
|
|
}
|
|
|
|
|
@@ -648,7 +735,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* @param bytes that need to be filled with 0x00.
|
|
|
* @return filled byte array.
|
|
|
*/
|
|
|
- private byte[] fillWithZeroExtended(byte[] bytes) {
|
|
|
+ private static byte[] fillWithZeroExtended(byte[] bytes) {
|
|
|
byte[] zeroBytes = fillWithZero(bytes);
|
|
|
byte[] newBytes = new byte[zeroBytes.length+2];
|
|
|
newBytes = HelperUtils.concat(zeroBytes, new byte[]{0x00, 0x00});
|
|
@@ -660,7 +747,7 @@ public class SMB implements Protocol<ByteArray> {
|
|
|
* @param bytes that need to be filled with 0x00.
|
|
|
* @return filled byte array.
|
|
|
*/
|
|
|
- private byte[] fillWithZero(byte[] bytes) {
|
|
|
+ private static byte[] fillWithZero(byte[] bytes) {
|
|
|
byte[] newBytes = new byte[(bytes.length * 2)];
|
|
|
for(int i = 0, j = 0; i < bytes.length && j < newBytes.length; i++, j=j+2) {
|
|
|
newBytes[j] = bytes[i];
|