123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103 |
- package de.tudarmstadt.informatik.hostage.protocol.smbutils;
- import java.nio.ByteBuffer;
- import de.tudarmstadt.informatik.hostage.commons.HelperUtils;
- public class NBDS {
-
- private byte[] type;
- private byte[] flags;
- private byte[] id;
- private byte[] srcIP;
- private byte[] srcPort;
- private byte[] length;
- private byte[] offset;
- private byte[] srcName;
- private byte[] dstName;
- private SMBPacket smb;
- private SMBMailSlot smbMailSlot;
- private MicrosoftWindowsBrowser microsoftWindowsBrowser;
-
- public NBDS(byte[] transactID, byte[] ip, byte[] addr, String src, String dst) {
- type = new byte[]{0x11};
- flags = new byte[]{0x0a};
- id = transactID;
- srcIP = addr;
- srcPort = new byte[]{0x00, (byte) 0x8a};
- offset = new byte[]{0x00, 0x00};
- length = new byte[2];
- srcName = NMBStringCoder.wrapNBNSName(NMBStringCoder.encodeNBNSName(src.getBytes()), Service.WORKSTATION);
- dstName = NMBStringCoder.wrapNBNSName(NMBStringCoder.encodeNBNSName(dst.getBytes()), Service.LOCAL_MASTER_BROWSER);
- smb = new SMBPacket(null);
- smb.prepareNextResponse();
- smbMailSlot = new SMBMailSlot();
- microsoftWindowsBrowser = new MicrosoftWindowsBrowser(src);
- byte[] buffer = HelperUtils.concat(srcName, dstName, smb.getTrans(), smbMailSlot.getBytes(), microsoftWindowsBrowser.getBytes());
- byte[] lengthBuffer = ByteBuffer.allocate(4).putInt(buffer.length).array();
- length[0] = lengthBuffer[2];
- length[1] = lengthBuffer[3];
- }
-
- public byte[] getBytes() {
- return HelperUtils.concat(type, flags, id, srcIP, srcPort, length,
- offset, srcName, dstName, smb.getTrans(), smbMailSlot.getBytes(), microsoftWindowsBrowser.getBytes());
- }
- private class SMBMailSlot {
- private byte[] opcode;
- private byte[] priority;
- private byte[] smbclass;
- private byte[] size;
- private byte[] name;
-
- public SMBMailSlot() {
- opcode = new byte[]{0x01, 0x00};
- priority = new byte[]{0x01, 0x00};
- smbclass = new byte[]{0x02, 0x00};
- size = new byte[]{0x3e, 0x00};
- name = HelperUtils.concat("\\MAILSLOT\\BROWSE".getBytes(), new byte[]{0x00});
- }
-
- public byte[] getBytes() {
- return HelperUtils.concat(opcode, priority, smbclass, size, name);
- }
- }
-
- private class MicrosoftWindowsBrowser {
- private byte[] command;
- private byte[] updateCount;
- private byte[] updatePeriodicity;
- private byte[] hostName;
- private byte[] osMajorVersion;
- private byte[] osMinorVersion;
- private byte[] serverType;
- private byte[] browserProtocolMajorVer;
- private byte[] browserProtocolMinorVer;
- private byte[] signature;
- private byte[] hostComment;
-
- public MicrosoftWindowsBrowser(String name) {
- command = new byte[]{0x01};
- updateCount = new byte[]{0x00};
- updatePeriodicity = new byte[]{0x60, (byte) 0xea, 0x00, 0x00};
- hostName = HelperUtils.concat(name.getBytes(),
- new byte[]{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00});
- osMajorVersion = new byte[]{0x04};
- osMinorVersion = new byte[]{0x09};
- serverType = new byte[]{0x03, (byte) 0x9a, (byte) 0x81, 0x00};
- browserProtocolMajorVer = new byte[]{0x0f};
- browserProtocolMinorVer = new byte[]{0x01};
- signature = new byte[]{0x55, (byte) 0xaa};
- hostComment = HelperUtils.concat("Samba Server".getBytes(), new byte[]{0x00});
- }
-
- public byte[] getBytes() {
- return HelperUtils.concat(command, updateCount, updatePeriodicity,
- hostName, osMajorVersion, osMinorVersion, serverType,
- browserProtocolMajorVer, browserProtocolMinorVer,
- signature, hostComment);
- }
- }
- }
|