SMB2.py 2.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445
  1. import scapy.packet as packet
  2. import scapy.fields as field
  3. import scapy.layers.netbios as netbios
  4. # TODO: FILL ME
  5. class SMB2_SYNC_Header(packet.Packet):
  6. namez = "SMB2Negociate Protocol Response Header"
  7. fields_desc = [field.StrFixedLenField("Start", "\xfeSMB", 4),
  8. field.LEShortField("StructureSize", 64),
  9. field.LEShortField("CreditCharge", 0),
  10. field.LEIntField("Status", 0),
  11. field.LEShortField("Command", 0),
  12. field.LEShortField("CreditResponse", 0),
  13. field.LEIntField("Flags", 0),
  14. field.LEIntField("NextCommand", 0),
  15. field.LELongField("MessageID", 0),
  16. field.LEIntField("Reserved", 0),
  17. field.LEIntField("TreeID", 0x0),
  18. field.LELongField("SessionID", 0),
  19. field.LELongField("Signature1", 0),
  20. field.LELongField("Signature2", 0)]
  21. # TODO: FILL ME Description was not correct anymore
  22. class SMB2_Negotiate_Protocol_Response(packet.Packet):
  23. namez = "SMB2Negociate Protocol Response"
  24. fields_desc = [field.LEShortField("StructureSize", 65),
  25. field.LEShortField("SecurityMode", 0),
  26. field.LEShortField("DialectRevision", 0x0),
  27. field.LEShortField("NegotiateContentCount/Reserved", 0),
  28. field.StrFixedLenField("ServerGuid", "", 16),
  29. field.LEIntField("Capabilities", 0),
  30. field.LEIntField("MaxTransactSize", 0),
  31. field.LEIntField("MaxReadSize", 0),
  32. field.LEIntField("MaxWriteSize", 0),
  33. field.LELongField("SystemTime", 0),
  34. field.LELongField("ServerStartTime", 0),
  35. field.LEShortField("SecurityBufferOffset", 0),
  36. field.LEShortField("SecurityBufferLength", 0),
  37. field.StrLenField("SecurityBlob", "", length_from=lambda x: x.ByteCount + 16),
  38. field.LEIntField("NegotiateContextOffset/Reserved2", 0)]
  39. packet.bind_layers(netbios.NBTSession, SMB2_SYNC_Header, )
  40. packet.bind_layers(SMB2_SYNC_Header, SMB2_Negotiate_Protocol_Response, )