Coverage for /root/GitHubProjects/impacket/impacket/dcerpc/v5/nrpc.py : 83%

Hot-keys on this page
r m x p toggle line displays
j k next/prev highlighted chunk
0 (zero) top of page
1 (one) first highlighted chunk
1# Impacket - Collection of Python classes for working with network protocols.
2#
3# SECUREAUTH LABS. Copyright (C) 2020 SecureAuth Corporation. All rights reserved.
4#
5# This software is provided under a slightly modified version
6# of the Apache Software License. See the accompanying LICENSE file
7# for more information.
8#
9# Description:
10# [MS-NRPC] Interface implementation
11#
12# Best way to learn how to use these calls is to grab the protocol standard
13# so you understand what the call does, and then read the test case located
14# at https://github.com/SecureAuthCorp/impacket/tree/master/tests/SMB_RPC
15#
16# Some calls have helper functions, which makes it even easier to use.
17# They are located at the end of this file.
18# Helper functions start with "h"<name of the call>.
19# There are test cases for them too.
20#
21# Author:
22# Alberto Solino (@agsolino)
23#
24from struct import pack
25from six import b
26from impacket.dcerpc.v5.ndr import NDRCALL, NDRSTRUCT, NDRENUM, NDRUNION, NDRPOINTER, NDRUniConformantArray, \
27 NDRUniFixedArray, NDRUniConformantVaryingArray
28from impacket.dcerpc.v5.dtypes import WSTR, LPWSTR, DWORD, ULONG, USHORT, PGUID, NTSTATUS, NULL, LONG, UCHAR, PRPC_SID, \
29 GUID, RPC_UNICODE_STRING, SECURITY_INFORMATION, LPULONG
30from impacket import system_errors, nt_errors
31from impacket.uuid import uuidtup_to_bin
32from impacket.dcerpc.v5.enum import Enum
33from impacket.dcerpc.v5.samr import OLD_LARGE_INTEGER
34from impacket.dcerpc.v5.lsad import PLSA_FOREST_TRUST_INFORMATION
35from impacket.dcerpc.v5.rpcrt import DCERPCException
36from impacket.structure import Structure
37from impacket import ntlm, crypto, LOG
38import hmac
39import hashlib
40try:
41 from Cryptodome.Cipher import DES, AES, ARC4
42except ImportError:
43 LOG.critical("Warning: You don't have any crypto installed. You need pycryptodomex")
44 LOG.critical("See https://pypi.org/project/pycryptodomex/")
46MSRPC_UUID_NRPC = uuidtup_to_bin(('12345678-1234-ABCD-EF00-01234567CFFB', '1.0'))
48class DCERPCSessionError(DCERPCException):
49 def __init__(self, error_string=None, error_code=None, packet=None):
50 DCERPCException.__init__(self, error_string, error_code, packet)
52 def __str__( self ):
53 key = self.error_code
54 if key in system_errors.ERROR_MESSAGES:
55 error_msg_short = system_errors.ERROR_MESSAGES[key][0]
56 error_msg_verbose = system_errors.ERROR_MESSAGES[key][1]
57 return 'NRPC SessionError: code: 0x%x - %s - %s' % (self.error_code, error_msg_short, error_msg_verbose)
58 elif key in nt_errors.ERROR_MESSAGES: 58 ↛ 63line 58 didn't jump to line 63, because the condition on line 58 was never false
59 error_msg_short = nt_errors.ERROR_MESSAGES[key][0]
60 error_msg_verbose = nt_errors.ERROR_MESSAGES[key][1]
61 return 'NRPC SessionError: code: 0x%x - %s - %s' % (self.error_code, error_msg_short, error_msg_verbose)
62 else:
63 return 'NRPC SessionError: unknown error code: 0x%x' % (self.error_code)
65################################################################################
66# CONSTANTS
67################################################################################
68# 2.2.1.2.5 NL_DNS_NAME_INFO
69# Type
70NlDnsLdapAtSite = 22
71NlDnsGcAtSite = 25
72NlDnsDsaCname = 28
73NlDnsKdcAtSite = 30
74NlDnsDcAtSite = 32
75NlDnsRfc1510KdcAtSite = 34
76NlDnsGenericGcAtSite = 36
78# DnsDomainInfoType
79NlDnsDomainName = 1
80NlDnsDomainNameAlias = 2
81NlDnsForestName = 3
82NlDnsForestNameAlias = 4
83NlDnsNdncDomainName = 5
84NlDnsRecordName = 6
86# 2.2.1.3.15 NL_OSVERSIONINFO_V1
87# wSuiteMask
88VER_SUITE_BACKOFFICE = 0x00000004
89VER_SUITE_BLADE = 0x00000400
90VER_SUITE_COMPUTE_SERVER = 0x00004000
91VER_SUITE_DATACENTER = 0x00000080
92VER_SUITE_ENTERPRISE = 0x00000002
93VER_SUITE_EMBEDDEDNT = 0x00000040
94VER_SUITE_PERSONAL = 0x00000200
95VER_SUITE_SINGLEUSERTS = 0x00000100
96VER_SUITE_SMALLBUSINESS = 0x00000001
97VER_SUITE_SMALLBUSINESS_RESTRICTED = 0x00000020
98VER_SUITE_STORAGE_SERVER = 0x00002000
99VER_SUITE_TERMINAL = 0x00000010
101# wProductType
102VER_NT_DOMAIN_CONTROLLER = 0x00000002
103VER_NT_SERVER = 0x00000003
104VER_NT_WORKSTATION = 0x00000001
106# 2.2.1.4.18 NETLOGON Specific Access Masks
107NETLOGON_UAS_LOGON_ACCESS = 0x0001
108NETLOGON_UAS_LOGOFF_ACCESS = 0x0002
109NETLOGON_CONTROL_ACCESS = 0x0004
110NETLOGON_QUERY_ACCESS = 0x0008
111NETLOGON_SERVICE_ACCESS = 0x0010
112NETLOGON_FTINFO_ACCESS = 0x0020
113NETLOGON_WKSTA_RPC_ACCESS = 0x0040
115# 3.5.4.9.1 NetrLogonControl2Ex (Opnum 18)
116# FunctionCode
117NETLOGON_CONTROL_QUERY = 0x00000001
118NETLOGON_CONTROL_REPLICATE = 0x00000002
119NETLOGON_CONTROL_SYNCHRONIZE = 0x00000003
120NETLOGON_CONTROL_PDC_REPLICATE = 0x00000004
121NETLOGON_CONTROL_REDISCOVER = 0x00000005
122NETLOGON_CONTROL_TC_QUERY = 0x00000006
123NETLOGON_CONTROL_TRANSPORT_NOTIFY = 0x00000007
124NETLOGON_CONTROL_FIND_USER = 0x00000008
125NETLOGON_CONTROL_CHANGE_PASSWORD = 0x00000009
126NETLOGON_CONTROL_TC_VERIFY = 0x0000000A
127NETLOGON_CONTROL_FORCE_DNS_REG = 0x0000000B
128NETLOGON_CONTROL_QUERY_DNS_REG = 0x0000000C
129NETLOGON_CONTROL_BACKUP_CHANGE_LOG = 0x0000FFFC
130NETLOGON_CONTROL_TRUNCATE_LOG = 0x0000FFFD
131NETLOGON_CONTROL_SET_DBFLAG = 0x0000FFFE
132NETLOGON_CONTROL_BREAKPOINT = 0x0000FFFF
134################################################################################
135# STRUCTURES
136################################################################################
137# 3.5.4.1 RPC Binding Handles for Netlogon Methods
138LOGONSRV_HANDLE = WSTR
139PLOGONSRV_HANDLE = LPWSTR
141# 2.2.1.1.1 CYPHER_BLOCK
142class CYPHER_BLOCK(NDRSTRUCT):
143 structure = (
144 ('Data', '8s=b""'),
145 )
146 def getAlignment(self):
147 return 1
149NET_API_STATUS = DWORD
151# 2.2.1.1.2 STRING
152from impacket.dcerpc.v5.lsad import STRING
154# 2.2.1.1.3 LM_OWF_PASSWORD
155class CYPHER_BLOCK_ARRAY(NDRUniFixedArray):
156 def getDataLen(self, data, offset=0):
157 return len(CYPHER_BLOCK())*2
159class LM_OWF_PASSWORD(NDRSTRUCT):
160 structure = (
161 ('Data', CYPHER_BLOCK_ARRAY),
162 )
164# 2.2.1.1.4 NT_OWF_PASSWORD
165NT_OWF_PASSWORD = LM_OWF_PASSWORD
166ENCRYPTED_NT_OWF_PASSWORD = NT_OWF_PASSWORD
168# 2.2.1.3.4 NETLOGON_CREDENTIAL
169class UCHAR_FIXED_ARRAY(NDRUniFixedArray):
170 align = 1
171 def getDataLen(self, data, offset=0):
172 return len(CYPHER_BLOCK())
174class NETLOGON_CREDENTIAL(NDRSTRUCT):
175 structure = (
176 ('Data',UCHAR_FIXED_ARRAY),
177 )
178 def getAlignment(self):
179 return 1
181# 2.2.1.1.5 NETLOGON_AUTHENTICATOR
182class NETLOGON_AUTHENTICATOR(NDRSTRUCT):
183 structure = (
184 ('Credential', NETLOGON_CREDENTIAL),
185 ('Timestamp', DWORD),
186 )
188class PNETLOGON_AUTHENTICATOR(NDRPOINTER):
189 referent = (
190 ('Data', NETLOGON_AUTHENTICATOR),
191 )
193# 2.2.1.2.1 DOMAIN_CONTROLLER_INFOW
194class DOMAIN_CONTROLLER_INFOW(NDRSTRUCT):
195 structure = (
196 ('DomainControllerName', LPWSTR),
197 ('DomainControllerAddress', LPWSTR),
198 ('DomainControllerAddressType', ULONG),
199 ('DomainGuid', GUID),
200 ('DomainName', LPWSTR),
201 ('DnsForestName', LPWSTR),
202 ('Flags', ULONG),
203 ('DcSiteName', LPWSTR),
204 ('ClientSiteName', LPWSTR),
205 )
207class PDOMAIN_CONTROLLER_INFOW(NDRPOINTER):
208 referent = (
209 ('Data', DOMAIN_CONTROLLER_INFOW),
210 )
212# 2.2.1.2.2 NL_SITE_NAME_ARRAY
213class RPC_UNICODE_STRING_ARRAY(NDRUniConformantArray):
214 item = RPC_UNICODE_STRING
216class PRPC_UNICODE_STRING_ARRAY(NDRPOINTER):
217 referent = (
218 ('Data', RPC_UNICODE_STRING_ARRAY),
219 )
221class NL_SITE_NAME_ARRAY(NDRSTRUCT):
222 structure = (
223 ('EntryCount', ULONG),
224 ('SiteNames', PRPC_UNICODE_STRING_ARRAY),
225 )
227class PNL_SITE_NAME_ARRAY(NDRPOINTER):
228 referent = (
229 ('Data', NL_SITE_NAME_ARRAY),
230 )
232# 2.2.1.2.3 NL_SITE_NAME_EX_ARRAY
233class RPC_UNICODE_STRING_ARRAY(NDRUniConformantArray):
234 item = RPC_UNICODE_STRING
236class NL_SITE_NAME_EX_ARRAY(NDRSTRUCT):
237 structure = (
238 ('EntryCount', ULONG),
239 ('SiteNames', PRPC_UNICODE_STRING_ARRAY),
240 ('SubnetNames', PRPC_UNICODE_STRING_ARRAY),
241 )
243class PNL_SITE_NAME_EX_ARRAY(NDRPOINTER):
244 referent = (
245 ('Data', NL_SITE_NAME_EX_ARRAY),
246 )
248# 2.2.1.2.4 NL_SOCKET_ADDRESS
249# 2.2.1.2.4.1 IPv4 Address Structure
250class IPv4Address(Structure):
251 structure = (
252 ('AddressFamily', '<H=0'),
253 ('Port', '<H=0'),
254 ('Address', '<L=0'),
255 ('Padding', '<L=0'),
256 )
258class UCHAR_ARRAY(NDRUniConformantArray):
259 item = 'c'
261class PUCHAR_ARRAY(NDRPOINTER):
262 referent = (
263 ('Data', UCHAR_ARRAY),
264 )
266class NL_SOCKET_ADDRESS(NDRSTRUCT):
267 structure = (
268 ('lpSockaddr', PUCHAR_ARRAY),
269 ('iSockaddrLength', ULONG),
270 )
272class NL_SOCKET_ADDRESS_ARRAY(NDRUniConformantArray):
273 item = NL_SOCKET_ADDRESS
275# 2.2.1.2.5 NL_DNS_NAME_INFO
276class NL_DNS_NAME_INFO(NDRSTRUCT):
277 structure = (
278 ('Type', ULONG),
279 ('DnsDomainInfoType', WSTR),
280 ('Priority', ULONG),
281 ('Weight', ULONG),
282 ('Port', ULONG),
283 ('Register', UCHAR),
284 ('Status', ULONG),
285 )
287# 2.2.1.2.6 NL_DNS_NAME_INFO_ARRAY
288class NL_DNS_NAME_INFO_ARRAY(NDRUniConformantArray):
289 item = NL_DNS_NAME_INFO
291class PNL_DNS_NAME_INFO_ARRAY(NDRPOINTER):
292 referent = (
293 ('Data', NL_DNS_NAME_INFO_ARRAY),
294 )
296class NL_DNS_NAME_INFO_ARRAY(NDRSTRUCT):
297 structure = (
298 ('EntryCount', ULONG),
299 ('DnsNamesInfo', PNL_DNS_NAME_INFO_ARRAY),
300 )
302# 2.2.1.3 Secure Channel Establishment and Maintenance Structures
303# ToDo
305# 2.2.1.3.5 NETLOGON_LSA_POLICY_INFO
306class NETLOGON_LSA_POLICY_INFO(NDRSTRUCT):
307 structure = (
308 ('LsaPolicySize', ULONG),
309 ('LsaPolicy', PUCHAR_ARRAY),
310 )
312class PNETLOGON_LSA_POLICY_INFO(NDRPOINTER):
313 referent = (
314 ('Data', NETLOGON_LSA_POLICY_INFO),
315 )
317# 2.2.1.3.6 NETLOGON_WORKSTATION_INFO
318class NETLOGON_WORKSTATION_INFO(NDRSTRUCT):
319 structure = (
320 ('LsaPolicy', NETLOGON_LSA_POLICY_INFO),
321 ('DnsHostName', LPWSTR),
322 ('SiteName', LPWSTR),
323 ('Dummy1', LPWSTR),
324 ('Dummy2', LPWSTR),
325 ('Dummy3', LPWSTR),
326 ('Dummy4', LPWSTR),
327 ('OsVersion', RPC_UNICODE_STRING),
328 ('OsName', RPC_UNICODE_STRING),
329 ('DummyString3', RPC_UNICODE_STRING),
330 ('DummyString4', RPC_UNICODE_STRING),
331 ('WorkstationFlags', ULONG),
332 ('KerberosSupportedEncryptionTypes', ULONG),
333 ('DummyLong3', ULONG),
334 ('DummyLong4', ULONG),
335 )
337class PNETLOGON_WORKSTATION_INFO(NDRPOINTER):
338 referent = (
339 ('Data', NETLOGON_WORKSTATION_INFO),
340 )
342# 2.2.1.3.7 NL_TRUST_PASSWORD
343class NL_TRUST_PASSWORD_FIXED_ARRAY(NDRUniFixedArray):
344 def getDataLen(self, data, offset=0):
345 return 512+4
347 def getAlignment(self):
348 return 1
350class WCHAR_ARRAY(NDRUniFixedArray):
351 def getDataLen(self, data, offset=0):
352 return 512
354class NL_TRUST_PASSWORD(NDRSTRUCT):
355 structure = (
356 ('Buffer', WCHAR_ARRAY),
357 ('Length', ULONG),
358 )
360class PNL_TRUST_PASSWORD(NDRPOINTER):
361 referent = (
362 ('Data', NL_TRUST_PASSWORD),
363 )
365# 2.2.1.3.8 NL_PASSWORD_VERSION
366class NL_PASSWORD_VERSION(NDRSTRUCT):
367 structure = (
368 ('ReservedField', ULONG),
369 ('PasswordVersionNumber', ULONG),
370 ('PasswordVersionPresent', ULONG),
371 )
373# 2.2.1.3.9 NETLOGON_WORKSTATION_INFORMATION
374class NETLOGON_WORKSTATION_INFORMATION(NDRUNION):
375 commonHdr = (
376 ('tag', DWORD),
377 )
379 union = {
380 1 : ('WorkstationInfo', PNETLOGON_WORKSTATION_INFO),
381 2 : ('LsaPolicyInfo', PNETLOGON_LSA_POLICY_INFO),
382 }
384# 2.2.1.3.10 NETLOGON_ONE_DOMAIN_INFO
385class NETLOGON_ONE_DOMAIN_INFO(NDRSTRUCT):
386 structure = (
387 ('DomainName', RPC_UNICODE_STRING),
388 ('DnsDomainName', RPC_UNICODE_STRING),
389 ('DnsForestName', RPC_UNICODE_STRING),
390 ('DomainGuid', GUID),
391 ('DomainSid', PRPC_SID),
392 ('TrustExtension', RPC_UNICODE_STRING),
393 ('DummyString2', RPC_UNICODE_STRING),
394 ('DummyString3', RPC_UNICODE_STRING),
395 ('DummyString4', RPC_UNICODE_STRING),
396 ('DummyLong1', ULONG),
397 ('DummyLong2', ULONG),
398 ('DummyLong3', ULONG),
399 ('DummyLong4', ULONG),
400 )
402class NETLOGON_ONE_DOMAIN_INFO_ARRAY(NDRUniConformantArray):
403 item = NETLOGON_ONE_DOMAIN_INFO
405class PNETLOGON_ONE_DOMAIN_INFO_ARRAY(NDRPOINTER):
406 referent = (
407 ('Data', NETLOGON_ONE_DOMAIN_INFO_ARRAY),
408 )
410# 2.2.1.3.11 NETLOGON_DOMAIN_INFO
411class NETLOGON_DOMAIN_INFO(NDRSTRUCT):
412 structure = (
413 ('PrimaryDomain', NETLOGON_ONE_DOMAIN_INFO),
414 ('TrustedDomainCount', ULONG),
415 ('TrustedDomains', PNETLOGON_ONE_DOMAIN_INFO_ARRAY),
416 ('LsaPolicy', NETLOGON_LSA_POLICY_INFO),
417 ('DnsHostNameInDs', RPC_UNICODE_STRING),
418 ('DummyString2', RPC_UNICODE_STRING),
419 ('DummyString3', RPC_UNICODE_STRING),
420 ('DummyString4', RPC_UNICODE_STRING),
421 ('WorkstationFlags', ULONG),
422 ('SupportedEncTypes', ULONG),
423 ('DummyLong3', ULONG),
424 ('DummyLong4', ULONG),
425 )
427class PNETLOGON_DOMAIN_INFO(NDRPOINTER):
428 referent = (
429 ('Data', NETLOGON_DOMAIN_INFO),
430 )
432# 2.2.1.3.12 NETLOGON_DOMAIN_INFORMATION
433class NETLOGON_DOMAIN_INFORMATION(NDRUNION):
434 commonHdr = (
435 ('tag', DWORD),
436 )
438 union = {
439 1 : ('DomainInfo', PNETLOGON_DOMAIN_INFO),
440 2 : ('LsaPolicyInfo', PNETLOGON_LSA_POLICY_INFO),
441 }
443# 2.2.1.3.13 NETLOGON_SECURE_CHANNEL_TYPE
444class NETLOGON_SECURE_CHANNEL_TYPE(NDRENUM):
445 class enumItems(Enum):
446 NullSecureChannel = 0
447 MsvApSecureChannel = 1
448 WorkstationSecureChannel = 2
449 TrustedDnsDomainSecureChannel = 3
450 TrustedDomainSecureChannel = 4
451 UasServerSecureChannel = 5
452 ServerSecureChannel = 6
453 CdcServerSecureChannel = 7
455# 2.2.1.3.14 NETLOGON_CAPABILITIES
456class NETLOGON_CAPABILITIES(NDRUNION):
457 commonHdr = (
458 ('tag', DWORD),
459 )
461 union = {
462 1 : ('ServerCapabilities', ULONG),
463 }
465# 2.2.1.3.15 NL_OSVERSIONINFO_V1
466class UCHAR_FIXED_ARRAY(NDRUniFixedArray):
467 def getDataLen(self, data, offset=0):
468 return 128
470class NL_OSVERSIONINFO_V1(NDRSTRUCT):
471 structure = (
472 ('dwOSVersionInfoSize', DWORD),
473 ('dwMajorVersion', DWORD),
474 ('dwMinorVersion', DWORD),
475 ('dwBuildNumber', DWORD),
476 ('dwPlatformId', DWORD),
477 ('szCSDVersion', UCHAR_FIXED_ARRAY),
478 ('wServicePackMajor', USHORT),
479 ('wServicePackMinor', USHORT),
480 ('wSuiteMask', USHORT),
481 ('wProductType', UCHAR),
482 ('wReserved', UCHAR),
483 )
485class PNL_OSVERSIONINFO_V1(NDRPOINTER):
486 referent = (
487 ('Data', NL_OSVERSIONINFO_V1),
488 )
490# 2.2.1.3.16 NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES_V1
491class PLPWSTR(NDRPOINTER):
492 referent = (
493 ('Data', LPWSTR),
494 )
496class NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES_V1(NDRSTRUCT):
497 structure = (
498 ('ClientDnsHostName', PLPWSTR),
499 ('OsVersionInfo', PNL_OSVERSIONINFO_V1),
500 ('OsName', PLPWSTR),
501 )
503# 2.2.1.3.17 NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES
504class NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES(NDRUNION):
505 commonHdr = (
506 ('tag', DWORD),
507 )
509 union = {
510 1 : ('V1', NL_IN_CHAIN_SET_CLIENT_ATTRIBUTES_V1),
511 }
513# 2.2.1.3.18 NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES_V1
514class NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES_V1(NDRSTRUCT):
515 structure = (
516 ('HubName', PLPWSTR),
517 ('OldDnsHostName', PLPWSTR),
518 ('SupportedEncTypes', LPULONG),
519 )
521# 2.2.1.3.19 NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES
522class NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES(NDRUNION):
523 commonHdr = (
524 ('tag', DWORD),
525 )
527 union = {
528 1 : ('V1', NL_OUT_CHAIN_SET_CLIENT_ATTRIBUTES_V1),
529 }
531# 2.2.1.4.1 LM_CHALLENGE
532class CHAR_FIXED_8_ARRAY(NDRUniFixedArray):
533 def getDataLen(self, data, offset=0):
534 return 8
536class LM_CHALLENGE(NDRSTRUCT):
537 structure = (
538 ('Data', CHAR_FIXED_8_ARRAY),
539 )
541# 2.2.1.4.15 NETLOGON_LOGON_IDENTITY_INFO
542class NETLOGON_LOGON_IDENTITY_INFO(NDRSTRUCT):
543 structure = (
544 ('LogonDomainName', RPC_UNICODE_STRING),
545 ('ParameterControl', ULONG),
546 ('Reserved', OLD_LARGE_INTEGER),
547 ('UserName', RPC_UNICODE_STRING),
548 ('Workstation', RPC_UNICODE_STRING),
549 )
551class PNETLOGON_LOGON_IDENTITY_INFO(NDRPOINTER):
552 referent = (
553 ('Data', NETLOGON_LOGON_IDENTITY_INFO),
554 )
556# 2.2.1.4.2 NETLOGON_GENERIC_INFO
557class NETLOGON_GENERIC_INFO(NDRSTRUCT):
558 structure = (
559 ('Identity', NETLOGON_LOGON_IDENTITY_INFO),
560 ('PackageName', RPC_UNICODE_STRING),
561 ('DataLength', ULONG),
562 ('LogonData', PUCHAR_ARRAY),
563 )
565class PNETLOGON_GENERIC_INFO(NDRPOINTER):
566 referent = (
567 ('Data', NETLOGON_GENERIC_INFO),
568 )
570# 2.2.1.4.3 NETLOGON_INTERACTIVE_INFO
571class NETLOGON_INTERACTIVE_INFO(NDRSTRUCT):
572 structure = (
573 ('Identity', NETLOGON_LOGON_IDENTITY_INFO),
574 ('LmOwfPassword', LM_OWF_PASSWORD),
575 ('NtOwfPassword', NT_OWF_PASSWORD),
576 )
578class PNETLOGON_INTERACTIVE_INFO(NDRPOINTER):
579 referent = (
580 ('Data', NETLOGON_INTERACTIVE_INFO),
581 )
583# 2.2.1.4.4 NETLOGON_SERVICE_INFO
584class NETLOGON_SERVICE_INFO(NDRSTRUCT):
585 structure = (
586 ('Identity', NETLOGON_LOGON_IDENTITY_INFO),
587 ('LmOwfPassword', LM_OWF_PASSWORD),
588 ('NtOwfPassword', NT_OWF_PASSWORD),
589 )
591class PNETLOGON_SERVICE_INFO(NDRPOINTER):
592 referent = (
593 ('Data', NETLOGON_SERVICE_INFO),
594 )
596# 2.2.1.4.5 NETLOGON_NETWORK_INFO
597class NETLOGON_NETWORK_INFO(NDRSTRUCT):
598 structure = (
599 ('Identity', NETLOGON_LOGON_IDENTITY_INFO),
600 ('LmChallenge', LM_CHALLENGE),
601 ('NtChallengeResponse', STRING),
602 ('LmChallengeResponse', STRING),
603 )
605class PNETLOGON_NETWORK_INFO(NDRPOINTER):
606 referent = (
607 ('Data', NETLOGON_NETWORK_INFO),
608 )
610# 2.2.1.4.16 NETLOGON_LOGON_INFO_CLASS
611class NETLOGON_LOGON_INFO_CLASS(NDRENUM):
612 class enumItems(Enum):
613 NetlogonInteractiveInformation = 1
614 NetlogonNetworkInformation = 2
615 NetlogonServiceInformation = 3
616 NetlogonGenericInformation = 4
617 NetlogonInteractiveTransitiveInformation = 5
618 NetlogonNetworkTransitiveInformation = 6
619 NetlogonServiceTransitiveInformation = 7
621# 2.2.1.4.6 NETLOGON_LEVEL
622class NETLOGON_LEVEL(NDRUNION):
623 union = {
624 NETLOGON_LOGON_INFO_CLASS.NetlogonInteractiveInformation : ('LogonInteractive', PNETLOGON_INTERACTIVE_INFO),
625 NETLOGON_LOGON_INFO_CLASS.NetlogonInteractiveTransitiveInformation : ('LogonInteractiveTransitive', PNETLOGON_INTERACTIVE_INFO),
626 NETLOGON_LOGON_INFO_CLASS.NetlogonServiceInformation : ('LogonService', PNETLOGON_SERVICE_INFO),
627 NETLOGON_LOGON_INFO_CLASS.NetlogonServiceTransitiveInformation : ('LogonServiceTransitive', PNETLOGON_SERVICE_INFO),
628 NETLOGON_LOGON_INFO_CLASS.NetlogonNetworkInformation : ('LogonNetwork', PNETLOGON_NETWORK_INFO),
629 NETLOGON_LOGON_INFO_CLASS.NetlogonNetworkTransitiveInformation : ('LogonNetworkTransitive', PNETLOGON_NETWORK_INFO),
630 NETLOGON_LOGON_INFO_CLASS.NetlogonGenericInformation : ('LogonGeneric', PNETLOGON_GENERIC_INFO),
631 }
633# 2.2.1.4.7 NETLOGON_SID_AND_ATTRIBUTES
634class NETLOGON_SID_AND_ATTRIBUTES(NDRSTRUCT):
635 structure = (
636 ('Sid', PRPC_SID),
637 ('Attributes', ULONG),
638 )
640# 2.2.1.4.8 NETLOGON_VALIDATION_GENERIC_INFO2
641class NETLOGON_VALIDATION_GENERIC_INFO2(NDRSTRUCT):
642 structure = (
643 ('DataLength', ULONG),
644 ('ValidationData', PUCHAR_ARRAY),
645 )
647class PNETLOGON_VALIDATION_GENERIC_INFO2(NDRPOINTER):
648 referent = (
649 ('Data', NETLOGON_VALIDATION_GENERIC_INFO2),
650 )
652# 2.2.1.4.9 USER_SESSION_KEY
653USER_SESSION_KEY = LM_OWF_PASSWORD
655# 2.2.1.4.10 GROUP_MEMBERSHIP
656class GROUP_MEMBERSHIP(NDRSTRUCT):
657 structure = (
658 ('RelativeId', ULONG),
659 ('Attributes', ULONG),
660 )
662class GROUP_MEMBERSHIP_ARRAY(NDRUniConformantArray):
663 item = GROUP_MEMBERSHIP
665class PGROUP_MEMBERSHIP_ARRAY(NDRPOINTER):
666 referent = (
667 ('Data', GROUP_MEMBERSHIP_ARRAY),
668 )
670# 2.2.1.4.11 NETLOGON_VALIDATION_SAM_INFO
671class LONG_ARRAY(NDRUniFixedArray):
672 def getDataLen(self, data, offset=0):
673 return 4*10
675class NETLOGON_VALIDATION_SAM_INFO(NDRSTRUCT):
676 structure = (
677 ('LogonTime', OLD_LARGE_INTEGER),
678 ('LogoffTime', OLD_LARGE_INTEGER),
679 ('KickOffTime', OLD_LARGE_INTEGER),
680 ('PasswordLastSet', OLD_LARGE_INTEGER),
681 ('PasswordCanChange', OLD_LARGE_INTEGER),
682 ('PasswordMustChange', OLD_LARGE_INTEGER),
683 ('EffectiveName', RPC_UNICODE_STRING),
684 ('FullName', RPC_UNICODE_STRING),
685 ('LogonScript', RPC_UNICODE_STRING),
686 ('ProfilePath', RPC_UNICODE_STRING),
687 ('HomeDirectory', RPC_UNICODE_STRING),
688 ('HomeDirectoryDrive', RPC_UNICODE_STRING),
689 ('LogonCount', USHORT),
690 ('BadPasswordCount', USHORT),
691 ('UserId', ULONG),
692 ('PrimaryGroupId', ULONG),
693 ('GroupCount', ULONG),
694 ('GroupIds', PGROUP_MEMBERSHIP_ARRAY),
695 ('UserFlags', ULONG),
696 ('UserSessionKey', USER_SESSION_KEY),
697 ('LogonServer', RPC_UNICODE_STRING),
698 ('LogonDomainName', RPC_UNICODE_STRING),
699 ('LogonDomainId', PRPC_SID),
700 ('ExpansionRoom', LONG_ARRAY),
701 )
703class PNETLOGON_VALIDATION_SAM_INFO(NDRPOINTER):
704 referent = (
705 ('Data', NETLOGON_VALIDATION_SAM_INFO),
706 )
708# 2.2.1.4.12 NETLOGON_VALIDATION_SAM_INFO2
709class NETLOGON_SID_AND_ATTRIBUTES_ARRAY(NDRUniConformantArray):
710 item = NETLOGON_SID_AND_ATTRIBUTES
712class PNETLOGON_SID_AND_ATTRIBUTES_ARRAY(NDRPOINTER):
713 referent = (
714 ('Data', NETLOGON_SID_AND_ATTRIBUTES_ARRAY),
715 )
717class NETLOGON_VALIDATION_SAM_INFO2(NDRSTRUCT):
718 structure = (
719 ('LogonTime', OLD_LARGE_INTEGER),
720 ('LogoffTime', OLD_LARGE_INTEGER),
721 ('KickOffTime', OLD_LARGE_INTEGER),
722 ('PasswordLastSet', OLD_LARGE_INTEGER),
723 ('PasswordCanChange', OLD_LARGE_INTEGER),
724 ('PasswordMustChange', OLD_LARGE_INTEGER),
725 ('EffectiveName', RPC_UNICODE_STRING),
726 ('FullName', RPC_UNICODE_STRING),
727 ('LogonScript', RPC_UNICODE_STRING),
728 ('ProfilePath', RPC_UNICODE_STRING),
729 ('HomeDirectory', RPC_UNICODE_STRING),
730 ('HomeDirectoryDrive', RPC_UNICODE_STRING),
731 ('LogonCount', USHORT),
732 ('BadPasswordCount', USHORT),
733 ('UserId', ULONG),
734 ('PrimaryGroupId', ULONG),
735 ('GroupCount', ULONG),
736 ('GroupIds', PGROUP_MEMBERSHIP_ARRAY),
737 ('UserFlags', ULONG),
738 ('UserSessionKey', USER_SESSION_KEY),
739 ('LogonServer', RPC_UNICODE_STRING),
740 ('LogonDomainName', RPC_UNICODE_STRING),
741 ('LogonDomainId', PRPC_SID),
742 ('ExpansionRoom', LONG_ARRAY),
743 ('SidCount', ULONG),
744 ('ExtraSids', PNETLOGON_SID_AND_ATTRIBUTES_ARRAY),
745 )
747class PNETLOGON_VALIDATION_SAM_INFO2(NDRPOINTER):
748 referent = (
749 ('Data', NETLOGON_VALIDATION_SAM_INFO2),
750 )
752# 2.2.1.4.13 NETLOGON_VALIDATION_SAM_INFO4
753class NETLOGON_VALIDATION_SAM_INFO4(NDRSTRUCT):
754 structure = (
755 ('LogonTime', OLD_LARGE_INTEGER),
756 ('LogoffTime', OLD_LARGE_INTEGER),
757 ('KickOffTime', OLD_LARGE_INTEGER),
758 ('PasswordLastSet', OLD_LARGE_INTEGER),
759 ('PasswordCanChange', OLD_LARGE_INTEGER),
760 ('PasswordMustChange', OLD_LARGE_INTEGER),
761 ('EffectiveName', RPC_UNICODE_STRING),
762 ('FullName', RPC_UNICODE_STRING),
763 ('LogonScript', RPC_UNICODE_STRING),
764 ('ProfilePath', RPC_UNICODE_STRING),
765 ('HomeDirectory', RPC_UNICODE_STRING),
766 ('HomeDirectoryDrive', RPC_UNICODE_STRING),
767 ('LogonCount', USHORT),
768 ('BadPasswordCount', USHORT),
769 ('UserId', ULONG),
770 ('PrimaryGroupId', ULONG),
771 ('GroupCount', ULONG),
772 ('GroupIds', PGROUP_MEMBERSHIP_ARRAY),
773 ('UserFlags', ULONG),
774 ('UserSessionKey', USER_SESSION_KEY),
775 ('LogonServer', RPC_UNICODE_STRING),
776 ('LogonDomainName', RPC_UNICODE_STRING),
777 ('LogonDomainId', PRPC_SID),
779 ('LMKey', CHAR_FIXED_8_ARRAY),
780 ('UserAccountControl', ULONG),
781 ('SubAuthStatus', ULONG),
782 ('LastSuccessfulILogon', OLD_LARGE_INTEGER),
783 ('LastFailedILogon', OLD_LARGE_INTEGER),
784 ('FailedILogonCount', ULONG),
785 ('Reserved4', ULONG),
787 ('SidCount', ULONG),
788 ('ExtraSids', PNETLOGON_SID_AND_ATTRIBUTES_ARRAY),
789 ('DnsLogonDomainName', RPC_UNICODE_STRING),
790 ('Upn', RPC_UNICODE_STRING),
791 ('ExpansionString1', RPC_UNICODE_STRING),
792 ('ExpansionString2', RPC_UNICODE_STRING),
793 ('ExpansionString3', RPC_UNICODE_STRING),
794 ('ExpansionString4', RPC_UNICODE_STRING),
795 ('ExpansionString5', RPC_UNICODE_STRING),
796 ('ExpansionString6', RPC_UNICODE_STRING),
797 ('ExpansionString7', RPC_UNICODE_STRING),
798 ('ExpansionString8', RPC_UNICODE_STRING),
799 ('ExpansionString9', RPC_UNICODE_STRING),
800 ('ExpansionString10', RPC_UNICODE_STRING),
801 )
803class PNETLOGON_VALIDATION_SAM_INFO4(NDRPOINTER):
804 referent = (
805 ('Data', NETLOGON_VALIDATION_SAM_INFO4),
806 )
808# 2.2.1.4.17 NETLOGON_VALIDATION_INFO_CLASS
809class NETLOGON_VALIDATION_INFO_CLASS(NDRENUM):
810 class enumItems(Enum):
811 NetlogonValidationUasInfo = 1
812 NetlogonValidationSamInfo = 2
813 NetlogonValidationSamInfo2 = 3
814 NetlogonValidationGenericInfo = 4
815 NetlogonValidationGenericInfo2 = 5
816 NetlogonValidationSamInfo4 = 6
818# 2.2.1.4.14 NETLOGON_VALIDATION
819class NETLOGON_VALIDATION(NDRUNION):
820 union = {
821 NETLOGON_VALIDATION_INFO_CLASS.NetlogonValidationSamInfo : ('ValidationSam', PNETLOGON_VALIDATION_SAM_INFO),
822 NETLOGON_VALIDATION_INFO_CLASS.NetlogonValidationSamInfo2 : ('ValidationSam2', PNETLOGON_VALIDATION_SAM_INFO2),
823 NETLOGON_VALIDATION_INFO_CLASS.NetlogonValidationGenericInfo2: ('ValidationGeneric2', PNETLOGON_VALIDATION_GENERIC_INFO2),
824 NETLOGON_VALIDATION_INFO_CLASS.NetlogonValidationSamInfo4 : ('ValidationSam4', PNETLOGON_VALIDATION_SAM_INFO4),
825 }
827# 2.2.1.5.2 NLPR_QUOTA_LIMITS
828class NLPR_QUOTA_LIMITS(NDRSTRUCT):
829 structure = (
830 ('PagedPoolLimit', ULONG),
831 ('NonPagedPoolLimit', ULONG),
832 ('MinimumWorkingSetSize', ULONG),
833 ('MaximumWorkingSetSize', ULONG),
834 ('PagefileLimit', ULONG),
835 ('Reserved', OLD_LARGE_INTEGER),
836 )
838# 2.2.1.5.3 NETLOGON_DELTA_ACCOUNTS
839class ULONG_ARRAY(NDRUniConformantArray):
840 item = ULONG
842class PULONG_ARRAY(NDRPOINTER):
843 referent = (
844 ('Data', ULONG_ARRAY),
845 )
847class NETLOGON_DELTA_ACCOUNTS(NDRSTRUCT):
848 structure = (
849 ('PrivilegeEntries', ULONG),
850 ('PrivilegeControl', ULONG),
851 ('PrivilegeAttributes', PULONG_ARRAY),
852 ('PrivilegeNames', PRPC_UNICODE_STRING_ARRAY),
853 ('QuotaLimits', NLPR_QUOTA_LIMITS),
854 ('SystemAccessFlags', ULONG),
855 ('SecurityInformation', SECURITY_INFORMATION),
856 ('SecuritySize', ULONG),
857 ('SecurityDescriptor', PUCHAR_ARRAY),
858 ('DummyString1', RPC_UNICODE_STRING),
859 ('DummyString2', RPC_UNICODE_STRING),
860 ('DummyString3', RPC_UNICODE_STRING),
861 ('DummyString4', RPC_UNICODE_STRING),
862 ('DummyLong1', ULONG),
863 ('DummyLong2', ULONG),
864 ('DummyLong3', ULONG),
865 ('DummyLong4', ULONG),
866 )
868class PNETLOGON_DELTA_ACCOUNTS(NDRPOINTER):
869 referent = (
870 ('Data', NETLOGON_DELTA_ACCOUNTS),
871 )
873# 2.2.1.5.5 NLPR_SID_INFORMATION
874class NLPR_SID_INFORMATION(NDRSTRUCT):
875 structure = (
876 ('SidPointer', PRPC_SID),
877 )
879# 2.2.1.5.6 NLPR_SID_ARRAY
880class NLPR_SID_INFORMATION_ARRAY(NDRUniConformantArray):
881 item = NLPR_SID_INFORMATION
883class PNLPR_SID_INFORMATION_ARRAY(NDRPOINTER):
884 referent = (
885 ('Data', NLPR_SID_INFORMATION_ARRAY),
886 )
888class NLPR_SID_ARRAY(NDRSTRUCT):
889 referent = (
890 ('Count', ULONG),
891 ('Sids', PNLPR_SID_INFORMATION_ARRAY),
892 )
894# 2.2.1.5.7 NETLOGON_DELTA_ALIAS_MEMBER
895class NETLOGON_DELTA_ALIAS_MEMBER(NDRSTRUCT):
896 structure = (
897 ('Members', NLPR_SID_ARRAY),
898 ('DummyLong1', ULONG),
899 ('DummyLong2', ULONG),
900 ('DummyLong3', ULONG),
901 ('DummyLong4', ULONG),
902 )
904class PNETLOGON_DELTA_ALIAS_MEMBER(NDRPOINTER):
905 referent = (
906 ('Data', NETLOGON_DELTA_ALIAS_MEMBER),
907 )
909# 2.2.1.5.8 NETLOGON_DELTA_DELETE_GROUP
910class NETLOGON_DELTA_DELETE_GROUP(NDRSTRUCT):
911 structure = (
912 ('AccountName', LPWSTR),
913 ('DummyString1', RPC_UNICODE_STRING),
914 ('DummyString2', RPC_UNICODE_STRING),
915 ('DummyString3', RPC_UNICODE_STRING),
916 ('DummyString4', RPC_UNICODE_STRING),
917 ('DummyLong1', ULONG),
918 ('DummyLong2', ULONG),
919 ('DummyLong3', ULONG),
920 ('DummyLong4', ULONG),
921 )
923class PNETLOGON_DELTA_DELETE_GROUP(NDRPOINTER):
924 referent = (
925 ('Data', NETLOGON_DELTA_DELETE_GROUP),
926 )
928# 2.2.1.5.9 NETLOGON_DELTA_DELETE_USER
929class NETLOGON_DELTA_DELETE_USER(NDRSTRUCT):
930 structure = (
931 ('AccountName', LPWSTR),
932 ('DummyString1', RPC_UNICODE_STRING),
933 ('DummyString2', RPC_UNICODE_STRING),
934 ('DummyString3', RPC_UNICODE_STRING),
935 ('DummyString4', RPC_UNICODE_STRING),
936 ('DummyLong1', ULONG),
937 ('DummyLong2', ULONG),
938 ('DummyLong3', ULONG),
939 ('DummyLong4', ULONG),
940 )
942class PNETLOGON_DELTA_DELETE_USER(NDRPOINTER):
943 referent = (
944 ('Data', NETLOGON_DELTA_DELETE_USER),
945 )
947# 2.2.1.5.10 NETLOGON_DELTA_DOMAIN
948class NETLOGON_DELTA_DOMAIN(NDRSTRUCT):
949 structure = (
950 ('DomainName', RPC_UNICODE_STRING),
951 ('OemInformation', RPC_UNICODE_STRING),
952 ('ForceLogoff', OLD_LARGE_INTEGER),
953 ('MinPasswordLength', USHORT),
954 ('PasswordHistoryLength', USHORT),
955 ('MaxPasswordAge', OLD_LARGE_INTEGER),
956 ('MinPasswordAge', OLD_LARGE_INTEGER),
957 ('DomainModifiedCount', OLD_LARGE_INTEGER),
958 ('DomainCreationTime', OLD_LARGE_INTEGER),
959 ('SecurityInformation', SECURITY_INFORMATION),
960 ('SecuritySize', ULONG),
961 ('SecurityDescriptor', PUCHAR_ARRAY),
962 ('DomainLockoutInformation', RPC_UNICODE_STRING),
963 ('DummyString2', RPC_UNICODE_STRING),
964 ('DummyString3', RPC_UNICODE_STRING),
965 ('DummyString4', RPC_UNICODE_STRING),
966 ('PasswordProperties', ULONG),
967 ('DummyLong2', ULONG),
968 ('DummyLong3', ULONG),
969 ('DummyLong4', ULONG),
970 )
972class PNETLOGON_DELTA_DOMAIN(NDRPOINTER):
973 referent = (
974 ('Data', NETLOGON_DELTA_DOMAIN),
975 )
977# 2.2.1.5.13 NETLOGON_DELTA_GROUP
978class NETLOGON_DELTA_GROUP(NDRSTRUCT):
979 structure = (
980 ('Name', RPC_UNICODE_STRING),
981 ('RelativeId', ULONG),
982 ('Attributes', ULONG),
983 ('AdminComment', RPC_UNICODE_STRING),
984 ('SecurityInformation', USHORT),
985 ('SecuritySize', ULONG),
986 ('SecurityDescriptor', SECURITY_INFORMATION),
987 ('DummyString1', RPC_UNICODE_STRING),
988 ('DummyString2', RPC_UNICODE_STRING),
989 ('DummyString3', RPC_UNICODE_STRING),
990 ('DummyString4', RPC_UNICODE_STRING),
991 ('DummyLong1', ULONG),
992 ('DummyLong2', ULONG),
993 ('DummyLong3', ULONG),
994 ('DummyLong4', ULONG),
995 )
997class PNETLOGON_DELTA_GROUP(NDRPOINTER):
998 referent = (
999 ('Data', NETLOGON_DELTA_GROUP),
1000 )
1002# 2.2.1.5.24 NETLOGON_RENAME_GROUP
1003class NETLOGON_RENAME_GROUP(NDRSTRUCT):
1004 structure = (
1005 ('OldName', RPC_UNICODE_STRING),
1006 ('NewName', RPC_UNICODE_STRING),
1007 ('DummyString1', RPC_UNICODE_STRING),
1008 ('DummyString2', RPC_UNICODE_STRING),
1009 ('DummyString3', RPC_UNICODE_STRING),
1010 ('DummyString4', RPC_UNICODE_STRING),
1011 ('DummyLong1', ULONG),
1012 ('DummyLong2', ULONG),
1013 ('DummyLong3', ULONG),
1014 ('DummyLong4', ULONG),
1015 )
1017class PNETLOGON_DELTA_RENAME_GROUP(NDRPOINTER):
1018 referent = (
1019 ('Data', NETLOGON_RENAME_GROUP),
1020 )
1022# 2.2.1.5.14 NLPR_LOGON_HOURS
1023from impacket.dcerpc.v5.samr import SAMPR_LOGON_HOURS
1024NLPR_LOGON_HOURS = SAMPR_LOGON_HOURS
1026# 2.2.1.5.15 NLPR_USER_PRIVATE_INFO
1027class NLPR_USER_PRIVATE_INFO(NDRSTRUCT):
1028 structure = (
1029 ('SensitiveData', UCHAR),
1030 ('DataLength', ULONG),
1031 ('Data', PUCHAR_ARRAY),
1032 )
1034# 2.2.1.5.16 NETLOGON_DELTA_USER
1035class NETLOGON_DELTA_USER(NDRSTRUCT):
1036 structure = (
1037 ('UserName', RPC_UNICODE_STRING),
1038 ('FullName', RPC_UNICODE_STRING),
1039 ('UserId', ULONG),
1040 ('PrimaryGroupId', ULONG),
1041 ('HomeDirectory', RPC_UNICODE_STRING),
1042 ('HomeDirectoryDrive', RPC_UNICODE_STRING),
1043 ('ScriptPath', RPC_UNICODE_STRING),
1044 ('AdminComment', RPC_UNICODE_STRING),
1045 ('WorkStations', RPC_UNICODE_STRING),
1046 ('LastLogon', OLD_LARGE_INTEGER),
1047 ('LastLogoff', OLD_LARGE_INTEGER),
1048 ('LogonHours', NLPR_LOGON_HOURS),
1049 ('BadPasswordCount', USHORT),
1050 ('LogonCount', USHORT),
1051 ('PasswordLastSet', OLD_LARGE_INTEGER),
1052 ('AccountExpires', OLD_LARGE_INTEGER),
1053 ('UserAccountControl', ULONG),
1054 ('EncryptedNtOwfPassword', PUCHAR_ARRAY),
1055 ('EncryptedLmOwfPassword', PUCHAR_ARRAY),
1056 ('NtPasswordPresent', UCHAR),
1057 ('LmPasswordPresent', UCHAR),
1058 ('PasswordExpired', UCHAR),
1059 ('UserComment', RPC_UNICODE_STRING),
1060 ('Parameters', RPC_UNICODE_STRING),
1061 ('CountryCode', USHORT),
1062 ('CodePage', USHORT),
1063 ('PrivateData', NLPR_USER_PRIVATE_INFO),
1064 ('SecurityInformation', SECURITY_INFORMATION),
1065 ('SecuritySize', ULONG),
1066 ('SecurityDescriptor', PUCHAR_ARRAY),
1067 ('ProfilePath', RPC_UNICODE_STRING),
1068 ('DummyString2', RPC_UNICODE_STRING),
1069 ('DummyString3', RPC_UNICODE_STRING),
1070 ('DummyString4', RPC_UNICODE_STRING),
1071 ('DummyLong1', ULONG),
1072 ('DummyLong2', ULONG),
1073 ('DummyLong3', ULONG),
1074 ('DummyLong4', ULONG),
1075 )
1077class PNETLOGON_DELTA_USER(NDRPOINTER):
1078 referent = (
1079 ('Data', NETLOGON_DELTA_USER),
1080 )
1082# 2.2.1.5.25 NETLOGON_RENAME_USER
1083class NETLOGON_RENAME_USER(NDRSTRUCT):
1084 structure = (
1085 ('OldName', RPC_UNICODE_STRING),
1086 ('NewName', RPC_UNICODE_STRING),
1087 ('DummyString1', RPC_UNICODE_STRING),
1088 ('DummyString2', RPC_UNICODE_STRING),
1089 ('DummyString3', RPC_UNICODE_STRING),
1090 ('DummyString4', RPC_UNICODE_STRING),
1091 ('DummyLong1', ULONG),
1092 ('DummyLong2', ULONG),
1093 ('DummyLong3', ULONG),
1094 ('DummyLong4', ULONG),
1095 )
1097class PNETLOGON_DELTA_RENAME_USER(NDRPOINTER):
1098 referent = (
1099 ('Data', NETLOGON_RENAME_USER),
1100 )
1102# 2.2.1.5.17 NETLOGON_DELTA_GROUP_MEMBER
1103class NETLOGON_DELTA_GROUP_MEMBER(NDRSTRUCT):
1104 structure = (
1105 ('Members', PULONG_ARRAY),
1106 ('Attributes', PULONG_ARRAY),
1107 ('MemberCount', ULONG),
1108 ('DummyLong1', ULONG),
1109 ('DummyLong2', ULONG),
1110 ('DummyLong3', ULONG),
1111 ('DummyLong4', ULONG),
1112 )
1114class PNETLOGON_DELTA_GROUP_MEMBER(NDRPOINTER):
1115 referent = (
1116 ('Data', NETLOGON_DELTA_GROUP_MEMBER),
1117 )
1119# 2.2.1.5.4 NETLOGON_DELTA_ALIAS
1120class NETLOGON_DELTA_ALIAS(NDRSTRUCT):
1121 structure = (
1122 ('Name', RPC_UNICODE_STRING),
1123 ('RelativeId', ULONG),
1124 ('SecurityInformation', SECURITY_INFORMATION),
1125 ('SecuritySize', ULONG),
1126 ('SecurityDescriptor', PUCHAR_ARRAY),
1127 ('Comment', RPC_UNICODE_STRING),
1128 ('DummyString2', RPC_UNICODE_STRING),
1129 ('DummyString3', RPC_UNICODE_STRING),
1130 ('DummyString4', RPC_UNICODE_STRING),
1131 ('DummyLong1', ULONG),
1132 ('DummyLong2', ULONG),
1133 ('DummyLong3', ULONG),
1134 ('DummyLong4', ULONG),
1135 )
1137class PNETLOGON_DELTA_ALIAS(NDRPOINTER):
1138 referent = (
1139 ('Data', NETLOGON_DELTA_ALIAS),
1140 )
1142# 2.2.1.5.23 NETLOGON_RENAME_ALIAS
1143class NETLOGON_RENAME_ALIAS(NDRSTRUCT):
1144 structure = (
1145 ('OldName', RPC_UNICODE_STRING),
1146 ('NewName', RPC_UNICODE_STRING),
1147 ('DummyString1', RPC_UNICODE_STRING),
1148 ('DummyString2', RPC_UNICODE_STRING),
1149 ('DummyString3', RPC_UNICODE_STRING),
1150 ('DummyString4', RPC_UNICODE_STRING),
1151 ('DummyLong1', ULONG),
1152 ('DummyLong2', ULONG),
1153 ('DummyLong3', ULONG),
1154 ('DummyLong4', ULONG),
1155 )
1157class PNETLOGON_DELTA_RENAME_ALIAS(NDRPOINTER):
1158 referent = (
1159 ('Data', NETLOGON_RENAME_ALIAS),
1160 )
1162# 2.2.1.5.19 NETLOGON_DELTA_POLICY
1163class NETLOGON_DELTA_POLICY(NDRSTRUCT):
1164 structure = (
1165 ('MaximumLogSize', ULONG),
1166 ('AuditRetentionPeriod', OLD_LARGE_INTEGER),
1167 ('AuditingMode', UCHAR),
1168 ('MaximumAuditEventCount', ULONG),
1169 ('EventAuditingOptions', PULONG_ARRAY),
1170 ('PrimaryDomainName', RPC_UNICODE_STRING),
1171 ('PrimaryDomainSid', PRPC_SID),
1172 ('QuotaLimits', NLPR_QUOTA_LIMITS),
1173 ('ModifiedId', OLD_LARGE_INTEGER),
1174 ('DatabaseCreationTime', OLD_LARGE_INTEGER),
1175 ('SecurityInformation', SECURITY_INFORMATION),
1176 ('SecuritySize', ULONG),
1177 ('SecurityDescriptor', PUCHAR_ARRAY),
1178 ('DummyString1', RPC_UNICODE_STRING),
1179 ('DummyString2', RPC_UNICODE_STRING),
1180 ('DummyString3', RPC_UNICODE_STRING),
1181 ('DummyString4', RPC_UNICODE_STRING),
1182 ('DummyLong1', ULONG),
1183 ('DummyLong2', ULONG),
1184 ('DummyLong3', ULONG),
1185 ('DummyLong4', ULONG),
1186 )
1188class PNETLOGON_DELTA_POLICY(NDRPOINTER):
1189 referent = (
1190 ('Data', NETLOGON_DELTA_POLICY),
1191 )
1193# 2.2.1.5.22 NETLOGON_DELTA_TRUSTED_DOMAINS
1194class NETLOGON_DELTA_TRUSTED_DOMAINS(NDRSTRUCT):
1195 structure = (
1196 ('DomainName', RPC_UNICODE_STRING),
1197 ('NumControllerEntries', ULONG),
1198 ('ControllerNames', PRPC_UNICODE_STRING_ARRAY),
1199 ('SecurityInformation', SECURITY_INFORMATION),
1200 ('SecuritySize', ULONG),
1201 ('SecurityDescriptor', PUCHAR_ARRAY),
1202 ('DummyString1', RPC_UNICODE_STRING),
1203 ('DummyString2', RPC_UNICODE_STRING),
1204 ('DummyString3', RPC_UNICODE_STRING),
1205 ('DummyString4', RPC_UNICODE_STRING),
1206 ('DummyLong1', ULONG),
1207 ('DummyLong2', ULONG),
1208 ('DummyLong3', ULONG),
1209 ('DummyLong4', ULONG),
1210 )
1212class PNETLOGON_DELTA_TRUSTED_DOMAINS(NDRPOINTER):
1213 referent = (
1214 ('Data', NETLOGON_DELTA_TRUSTED_DOMAINS),
1215 )
1217# 2.2.1.5.20 NLPR_CR_CIPHER_VALUE
1218class UCHAR_ARRAY2(NDRUniConformantVaryingArray):
1219 item = UCHAR
1221class PUCHAR_ARRAY2(NDRPOINTER):
1222 referent = (
1223 ('Data', UCHAR_ARRAY2),
1224 )
1226class NLPR_CR_CIPHER_VALUE(NDRSTRUCT):
1227 structure = (
1228 ('Length', ULONG),
1229 ('MaximumLength', ULONG),
1230 ('Buffer', PUCHAR_ARRAY2),
1231 )
1233# 2.2.1.5.21 NETLOGON_DELTA_SECRET
1234class NETLOGON_DELTA_SECRET(NDRSTRUCT):
1235 structure = (
1236 ('CurrentValue', NLPR_CR_CIPHER_VALUE),
1237 ('CurrentValueSetTime', OLD_LARGE_INTEGER),
1238 ('OldValue', NLPR_CR_CIPHER_VALUE),
1239 ('OldValueSetTime', OLD_LARGE_INTEGER),
1240 ('SecurityInformation', SECURITY_INFORMATION),
1241 ('SecuritySize', ULONG),
1242 ('SecurityDescriptor', PUCHAR_ARRAY),
1243 ('DummyString1', RPC_UNICODE_STRING),
1244 ('DummyString2', RPC_UNICODE_STRING),
1245 ('DummyString3', RPC_UNICODE_STRING),
1246 ('DummyString4', RPC_UNICODE_STRING),
1247 ('DummyLong1', ULONG),
1248 ('DummyLong2', ULONG),
1249 ('DummyLong3', ULONG),
1250 ('DummyLong4', ULONG),
1251 )
1253class PNETLOGON_DELTA_SECRET(NDRPOINTER):
1254 referent = (
1255 ('Data', NETLOGON_DELTA_SECRET),
1256 )
1258# 2.2.1.5.26 NLPR_MODIFIED_COUNT
1259class NLPR_MODIFIED_COUNT(NDRSTRUCT):
1260 structure = (
1261 ('ModifiedCount', OLD_LARGE_INTEGER),
1262 )
1264class PNLPR_MODIFIED_COUNT(NDRPOINTER):
1265 referent = (
1266 ('Data', NLPR_MODIFIED_COUNT),
1267 )
1269# 2.2.1.5.28 NETLOGON_DELTA_TYPE
1270class NETLOGON_DELTA_TYPE(NDRENUM):
1271 class enumItems(Enum):
1272 AddOrChangeDomain = 1
1273 AddOrChangeGroup = 2
1274 DeleteGroup = 3
1275 RenameGroup = 4
1276 AddOrChangeUser = 5
1277 DeleteUser = 6
1278 RenameUser = 7
1279 ChangeGroupMembership = 8
1280 AddOrChangeAlias = 9
1281 DeleteAlias = 10
1282 RenameAlias = 11
1283 ChangeAliasMembership = 12
1284 AddOrChangeLsaPolicy = 13
1285 AddOrChangeLsaTDomain = 14
1286 DeleteLsaTDomain = 15
1287 AddOrChangeLsaAccount = 16
1288 DeleteLsaAccount = 17
1289 AddOrChangeLsaSecret = 18
1290 DeleteLsaSecret = 19
1291 DeleteGroupByName = 20
1292 DeleteUserByName = 21
1293 SerialNumberSkip = 22
1295# 2.2.1.5.27 NETLOGON_DELTA_UNION
1296class NETLOGON_DELTA_UNION(NDRUNION):
1297 union = {
1298 NETLOGON_DELTA_TYPE.AddOrChangeDomain : ('DeltaDomain', PNETLOGON_DELTA_DOMAIN),
1299 NETLOGON_DELTA_TYPE.AddOrChangeGroup : ('DeltaGroup', PNETLOGON_DELTA_GROUP),
1300 NETLOGON_DELTA_TYPE.RenameGroup : ('DeltaRenameGroup', PNETLOGON_DELTA_RENAME_GROUP),
1301 NETLOGON_DELTA_TYPE.AddOrChangeUser : ('DeltaUser', PNETLOGON_DELTA_USER),
1302 NETLOGON_DELTA_TYPE.RenameUser : ('DeltaRenameUser', PNETLOGON_DELTA_RENAME_USER),
1303 NETLOGON_DELTA_TYPE.ChangeGroupMembership : ('DeltaGroupMember', PNETLOGON_DELTA_GROUP_MEMBER),
1304 NETLOGON_DELTA_TYPE.AddOrChangeAlias : ('DeltaAlias', PNETLOGON_DELTA_ALIAS),
1305 NETLOGON_DELTA_TYPE.RenameAlias : ('DeltaRenameAlias', PNETLOGON_DELTA_RENAME_ALIAS),
1306 NETLOGON_DELTA_TYPE.ChangeAliasMembership : ('DeltaAliasMember', PNETLOGON_DELTA_ALIAS_MEMBER),
1307 NETLOGON_DELTA_TYPE.AddOrChangeLsaPolicy : ('DeltaPolicy', PNETLOGON_DELTA_POLICY),
1308 NETLOGON_DELTA_TYPE.AddOrChangeLsaTDomain : ('DeltaTDomains', PNETLOGON_DELTA_TRUSTED_DOMAINS),
1309 NETLOGON_DELTA_TYPE.AddOrChangeLsaAccount : ('DeltaAccounts', PNETLOGON_DELTA_ACCOUNTS),
1310 NETLOGON_DELTA_TYPE.AddOrChangeLsaSecret : ('DeltaSecret', PNETLOGON_DELTA_SECRET),
1311 NETLOGON_DELTA_TYPE.DeleteGroupByName : ('DeltaDeleteGroup', PNETLOGON_DELTA_DELETE_GROUP),
1312 NETLOGON_DELTA_TYPE.DeleteUserByName : ('DeltaDeleteUser', PNETLOGON_DELTA_DELETE_USER),
1313 NETLOGON_DELTA_TYPE.SerialNumberSkip : ('DeltaSerialNumberSkip', PNLPR_MODIFIED_COUNT),
1314 }
1316# 2.2.1.5.18 NETLOGON_DELTA_ID_UNION
1317class NETLOGON_DELTA_ID_UNION(NDRUNION):
1318 union = {
1319 NETLOGON_DELTA_TYPE.AddOrChangeDomain : ('Rid', ULONG),
1320 NETLOGON_DELTA_TYPE.AddOrChangeGroup : ('Rid', ULONG),
1321 NETLOGON_DELTA_TYPE.DeleteGroup : ('Rid', ULONG),
1322 NETLOGON_DELTA_TYPE.RenameGroup : ('Rid', ULONG),
1323 NETLOGON_DELTA_TYPE.AddOrChangeUser : ('Rid', ULONG),
1324 NETLOGON_DELTA_TYPE.DeleteUser : ('Rid', ULONG),
1325 NETLOGON_DELTA_TYPE.RenameUser : ('Rid', ULONG),
1326 NETLOGON_DELTA_TYPE.ChangeGroupMembership : ('Rid', ULONG),
1327 NETLOGON_DELTA_TYPE.AddOrChangeAlias : ('Rid', ULONG),
1328 NETLOGON_DELTA_TYPE.DeleteAlias : ('Rid', ULONG),
1329 NETLOGON_DELTA_TYPE.RenameAlias : ('Rid', ULONG),
1330 NETLOGON_DELTA_TYPE.ChangeAliasMembership : ('Rid', ULONG),
1331 NETLOGON_DELTA_TYPE.DeleteGroupByName : ('Rid', ULONG),
1332 NETLOGON_DELTA_TYPE.DeleteUserByName : ('Rid', ULONG),
1333 NETLOGON_DELTA_TYPE.AddOrChangeLsaPolicy : ('Sid', PRPC_SID),
1334 NETLOGON_DELTA_TYPE.AddOrChangeLsaTDomain : ('Sid', PRPC_SID),
1335 NETLOGON_DELTA_TYPE.DeleteLsaTDomain : ('Sid', PRPC_SID),
1336 NETLOGON_DELTA_TYPE.AddOrChangeLsaAccount : ('Sid', PRPC_SID),
1337 NETLOGON_DELTA_TYPE.DeleteLsaAccount : ('Sid', PRPC_SID),
1338 NETLOGON_DELTA_TYPE.AddOrChangeLsaSecret : ('Name', LPWSTR),
1339 NETLOGON_DELTA_TYPE.DeleteLsaSecret : ('Name', LPWSTR),
1340 }
1342# 2.2.1.5.11 NETLOGON_DELTA_ENUM
1343class NETLOGON_DELTA_ENUM(NDRSTRUCT):
1344 structure = (
1345 ('DeltaType', NETLOGON_DELTA_TYPE),
1346 ('DeltaID', NETLOGON_DELTA_ID_UNION),
1347 ('DeltaUnion', NETLOGON_DELTA_UNION),
1348 )
1350# 2.2.1.5.12 NETLOGON_DELTA_ENUM_ARRAY
1351class NETLOGON_DELTA_ENUM_ARRAY_ARRAY(NDRUniConformantArray):
1352 item = NETLOGON_DELTA_ENUM
1354class PNETLOGON_DELTA_ENUM_ARRAY_ARRAY(NDRSTRUCT):
1355 referent = (
1356 ('Data', NETLOGON_DELTA_ENUM_ARRAY_ARRAY),
1357 )
1359class PNETLOGON_DELTA_ENUM_ARRAY(NDRPOINTER):
1360 structure = (
1361 ('CountReturned', DWORD),
1362 ('Deltas', PNETLOGON_DELTA_ENUM_ARRAY_ARRAY),
1363 )
1365# 2.2.1.5.29 SYNC_STATE
1366class SYNC_STATE(NDRENUM):
1367 class enumItems(Enum):
1368 NormalState = 0
1369 DomainState = 1
1370 GroupState = 2
1371 UasBuiltInGroupState = 3
1372 UserState = 4
1373 GroupMemberState = 5
1374 AliasState = 6
1375 AliasMemberState = 7
1376 SamDoneState = 8
1378# 2.2.1.6.1 DOMAIN_NAME_BUFFER
1379class DOMAIN_NAME_BUFFER(NDRSTRUCT):
1380 structure = (
1381 ('DomainNameByteCount', ULONG),
1382 ('DomainNames', PUCHAR_ARRAY),
1383 )
1385# 2.2.1.6.2 DS_DOMAIN_TRUSTSW
1386class DS_DOMAIN_TRUSTSW(NDRSTRUCT):
1387 structure = (
1388 ('NetbiosDomainName', LPWSTR),
1389 ('DnsDomainName', LPWSTR),
1390 ('Flags', ULONG),
1391 ('ParentIndex', ULONG),
1392 ('TrustType', ULONG),
1393 ('TrustAttributes', ULONG),
1394 ('DomainSid', PRPC_SID),
1395 ('DomainGuid', GUID),
1396 )
1398# 2.2.1.6.3 NETLOGON_TRUSTED_DOMAIN_ARRAY
1399class DS_DOMAIN_TRUSTSW_ARRAY(NDRUniConformantArray):
1400 item = DS_DOMAIN_TRUSTSW
1402class PDS_DOMAIN_TRUSTSW_ARRAY(NDRPOINTER):
1403 referent = (
1404 ('Data', DS_DOMAIN_TRUSTSW_ARRAY),
1405 )
1407class NETLOGON_TRUSTED_DOMAIN_ARRAY(NDRSTRUCT):
1408 structure = (
1409 ('DomainCount', DWORD),
1410 ('Domains', PDS_DOMAIN_TRUSTSW_ARRAY),
1411 )
1413# 2.2.1.6.4 NL_GENERIC_RPC_DATA
1414class NL_GENERIC_RPC_DATA(NDRSTRUCT):
1415 structure = (
1416 ('UlongEntryCount', ULONG),
1417 ('UlongData', PULONG_ARRAY),
1418 ('UnicodeStringEntryCount', ULONG),
1419 ('UnicodeStringData', PRPC_UNICODE_STRING_ARRAY),
1420 )
1422class PNL_GENERIC_RPC_DATA(NDRPOINTER):
1423 referent = (
1424 ('Data', NL_GENERIC_RPC_DATA),
1425 )
1427# 2.2.1.7.1 NETLOGON_CONTROL_DATA_INFORMATION
1428class NETLOGON_CONTROL_DATA_INFORMATION(NDRUNION):
1429 commonHdr = (
1430 ('tag', DWORD),
1431 )
1433 union = {
1434 5 : ('TrustedDomainName', LPWSTR),
1435 6 : ('TrustedDomainName', LPWSTR),
1436 9 : ('TrustedDomainName', LPWSTR),
1437 10 : ('TrustedDomainName', LPWSTR),
1438 65534 : ('DebugFlag', DWORD),
1439 8: ('UserName', LPWSTR),
1440 }
1442# 2.2.1.7.2 NETLOGON_INFO_1
1443class NETLOGON_INFO_1(NDRSTRUCT):
1444 structure = (
1445 ('netlog1_flags', DWORD),
1446 ('netlog1_pdc_connection_status', NET_API_STATUS),
1447 )
1449class PNETLOGON_INFO_1(NDRPOINTER):
1450 referent = (
1451 ('Data', NETLOGON_INFO_1),
1452 )
1454# 2.2.1.7.3 NETLOGON_INFO_2
1455class NETLOGON_INFO_2(NDRSTRUCT):
1456 structure = (
1457 ('netlog2_flags', DWORD),
1458 ('netlog2_pdc_connection_status', NET_API_STATUS),
1459 ('netlog2_trusted_dc_name', LPWSTR),
1460 ('netlog2_tc_connection_status', NET_API_STATUS),
1461 )
1463class PNETLOGON_INFO_2(NDRPOINTER):
1464 referent = (
1465 ('Data', NETLOGON_INFO_2),
1466 )
1468# 2.2.1.7.4 NETLOGON_INFO_3
1469class NETLOGON_INFO_3(NDRSTRUCT):
1470 structure = (
1471 ('netlog3_flags', DWORD),
1472 ('netlog3_logon_attempts', DWORD),
1473 ('netlog3_reserved1', DWORD),
1474 ('netlog3_reserved2', DWORD),
1475 ('netlog3_reserved3', DWORD),
1476 ('netlog3_reserved4', DWORD),
1477 ('netlog3_reserved5', DWORD),
1478 )
1480class PNETLOGON_INFO_3(NDRPOINTER):
1481 referent = (
1482 ('Data', NETLOGON_INFO_3),
1483 )
1485# 2.2.1.7.5 NETLOGON_INFO_4
1486class NETLOGON_INFO_4(NDRSTRUCT):
1487 structure = (
1488 ('netlog4_trusted_dc_name', LPWSTR),
1489 ('netlog4_trusted_domain_name', LPWSTR),
1490 )
1492class PNETLOGON_INFO_4(NDRPOINTER):
1493 referent = (
1494 ('Data', NETLOGON_INFO_4),
1495 )
1497# 2.2.1.7.6 NETLOGON_CONTROL_QUERY_INFORMATION
1498class NETLOGON_CONTROL_QUERY_INFORMATION(NDRUNION):
1499 commonHdr = (
1500 ('tag', DWORD),
1501 )
1503 union = {
1504 1 : ('NetlogonInfo1', PNETLOGON_INFO_1),
1505 2 : ('NetlogonInfo2', PNETLOGON_INFO_2),
1506 3 : ('NetlogonInfo3', PNETLOGON_INFO_3),
1507 4 : ('NetlogonInfo4', PNETLOGON_INFO_4),
1508 }
1510# 2.2.1.8.1 NETLOGON_VALIDATION_UAS_INFO
1511class NETLOGON_VALIDATION_UAS_INFO(NDRSTRUCT):
1512 structure = (
1513 ('usrlog1_eff_name', DWORD),
1514 ('usrlog1_priv', DWORD),
1515 ('usrlog1_auth_flags', DWORD),
1516 ('usrlog1_num_logons', DWORD),
1517 ('usrlog1_bad_pw_count', DWORD),
1518 ('usrlog1_last_logon', DWORD),
1519 ('usrlog1_last_logoff', DWORD),
1520 ('usrlog1_logoff_time', DWORD),
1521 ('usrlog1_kickoff_time', DWORD),
1522 ('usrlog1_password_age', DWORD),
1523 ('usrlog1_pw_can_change', DWORD),
1524 ('usrlog1_pw_must_change', DWORD),
1525 ('usrlog1_computer', LPWSTR),
1526 ('usrlog1_domain', LPWSTR),
1527 ('usrlog1_script_path', LPWSTR),
1528 ('usrlog1_reserved1', DWORD),
1529 )
1531class PNETLOGON_VALIDATION_UAS_INFO(NDRPOINTER):
1532 referent = (
1533 ('Data', NETLOGON_VALIDATION_UAS_INFO),
1534 )
1536# 2.2.1.8.2 NETLOGON_LOGOFF_UAS_INFO
1537class NETLOGON_LOGOFF_UAS_INFO(NDRSTRUCT):
1538 structure = (
1539 ('Duration', DWORD),
1540 ('LogonCount', USHORT),
1541 )
1543# 2.2.1.8.3 UAS_INFO_0
1544class UAS_INFO_0(NDRSTRUCT):
1545 structure = (
1546 ('ComputerName', '16s=""'),
1547 ('TimeCreated', ULONG),
1548 ('SerialNumber', ULONG),
1549 )
1550 def getAlignment(self):
1551 return 4
1553# 2.2.1.8.4 NETLOGON_DUMMY1
1554class NETLOGON_DUMMY1(NDRUNION):
1555 commonHdr = (
1556 ('tag', DWORD),
1557 )
1559 union = {
1560 1 : ('Dummy', ULONG),
1561 }
1563# 3.5.4.8.2 NetrLogonComputeServerDigest (Opnum 24)
1564class CHAR_FIXED_16_ARRAY(NDRUniFixedArray):
1565 def getDataLen(self, data, offset=0):
1566 return 16
1569################################################################################
1570# SSPI
1571################################################################################
1572# Constants
1573NL_AUTH_MESSAGE_NETBIOS_DOMAIN = 0x1
1574NL_AUTH_MESSAGE_NETBIOS_HOST = 0x2
1575NL_AUTH_MESSAGE_DNS_DOMAIN = 0x4
1576NL_AUTH_MESSAGE_DNS_HOST = 0x8
1577NL_AUTH_MESSAGE_NETBIOS_HOST_UTF8 = 0x10
1579NL_AUTH_MESSAGE_REQUEST = 0x0
1580NL_AUTH_MESSAGE_RESPONSE = 0x1
1582NL_SIGNATURE_HMAC_MD5 = 0x77
1583NL_SIGNATURE_HMAC_SHA256 = 0x13
1584NL_SEAL_NOT_ENCRYPTED = 0xffff
1585NL_SEAL_RC4 = 0x7A
1586NL_SEAL_AES128 = 0x1A
1588# Structures
1589class NL_AUTH_MESSAGE(Structure):
1590 structure = (
1591 ('MessageType','<L=0'),
1592 ('Flags','<L=0'),
1593 ('Buffer',':'),
1594 )
1595 def __init__(self, data = None, alignment = 0):
1596 Structure.__init__(self, data, alignment)
1597 if data is None:
1598 self['Buffer'] = b'\x00'*4
1600class NL_AUTH_SIGNATURE(Structure):
1601 structure = (
1602 ('SignatureAlgorithm','<H=0'),
1603 ('SealAlgorithm','<H=0'),
1604 ('Pad','<H=0xffff'),
1605 ('Flags','<H=0'),
1606 ('SequenceNumber','8s=""'),
1607 ('Checksum','8s=""'),
1608 ('_Confounder','_-Confounder','8'),
1609 ('Confounder',':'),
1610 )
1611 def __init__(self, data = None, alignment = 0):
1612 Structure.__init__(self, data, alignment)
1613 if data is None:
1614 self['Confounder'] = ''
1616class NL_AUTH_SHA2_SIGNATURE(Structure):
1617 structure = (
1618 ('SignatureAlgorithm','<H=0'),
1619 ('SealAlgorithm','<H=0'),
1620 ('Pad','<H=0xffff'),
1621 ('Flags','<H=0'),
1622 ('SequenceNumber','8s=""'),
1623 ('Checksum','32s=""'),
1624 ('_Confounder','_-Confounder','8'),
1625 ('Confounder',':'),
1626 )
1627 def __init__(self, data = None, alignment = 0):
1628 Structure.__init__(self, data, alignment)
1629 if data is None:
1630 self['Confounder'] = ''
1632# Section 3.1.4.4.2
1633def ComputeNetlogonCredential(inputData, Sk):
1634 k1 = Sk[:7]
1635 k3 = crypto.transformKey(k1)
1636 k2 = Sk[7:14]
1637 k4 = crypto.transformKey(k2)
1638 Crypt1 = DES.new(k3, DES.MODE_ECB)
1639 Crypt2 = DES.new(k4, DES.MODE_ECB)
1640 cipherText = Crypt1.encrypt(inputData)
1641 return Crypt2.encrypt(cipherText)
1643# Section 3.1.4.4.1
1644def ComputeNetlogonCredentialAES(inputData, Sk):
1645 IV=b'\x00'*16
1646 Crypt1 = AES.new(Sk, AES.MODE_CFB, IV)
1647 return Crypt1.encrypt(inputData)
1649# Section 3.1.4.3.1
1650def ComputeSessionKeyAES(sharedSecret, clientChallenge, serverChallenge, sharedSecretHash = None):
1651 # added the ability to receive hashes already
1652 if sharedSecretHash is None:
1653 M4SS = ntlm.NTOWFv1(sharedSecret)
1654 else:
1655 M4SS = sharedSecretHash
1657 hm = hmac.new(key=M4SS, digestmod=hashlib.sha256)
1658 hm.update(clientChallenge)
1659 hm.update(serverChallenge)
1660 sessionKey = hm.digest()
1662 return sessionKey[:16]
1664# 3.1.4.3.2 Strong-key Session-Key
1665def ComputeSessionKeyStrongKey(sharedSecret, clientChallenge, serverChallenge, sharedSecretHash = None):
1666 # added the ability to receive hashes already
1668 if sharedSecretHash is None: 1668 ↛ 1669line 1668 didn't jump to line 1669, because the condition on line 1668 was never true
1669 M4SS = ntlm.NTOWFv1(sharedSecret)
1670 else:
1671 M4SS = sharedSecretHash
1673 md5 = hashlib.new('md5')
1674 md5.update(b'\x00'*4)
1675 md5.update(clientChallenge)
1676 md5.update(serverChallenge)
1677 finalMD5 = md5.digest()
1678 hm = hmac.new(M4SS, digestmod=hashlib.md5)
1679 hm.update(finalMD5)
1680 return hm.digest()
1682def deriveSequenceNumber(sequenceNum):
1683 sequenceLow = sequenceNum & 0xffffffff
1684 sequenceHigh = (sequenceNum >> 32) & 0xffffffff
1685 sequenceHigh |= 0x80000000
1687 res = pack('>L', sequenceLow)
1688 res += pack('>L', sequenceHigh)
1689 return res
1691def ComputeNetlogonSignatureAES(authSignature, message, confounder, sessionKey):
1692 # [MS-NRPC] Section 3.3.4.2.1, point 7
1693 hm = hmac.new(key=sessionKey, digestmod=hashlib.sha256)
1694 hm.update(authSignature.getData()[:8])
1695 # If no confidentiality requested, it should be ''
1696 hm.update(confounder)
1697 hm.update(bytes(message))
1698 return hm.digest()[:8]+'\x00'*24
1700def ComputeNetlogonSignatureMD5(authSignature, message, confounder, sessionKey):
1701 # [MS-NRPC] Section 3.3.4.2.1, point 7
1702 md5 = hashlib.new('md5')
1703 md5.update(b'\x00'*4)
1704 md5.update(authSignature.getData()[:8])
1705 # If no confidentiality requested, it should be ''
1706 md5.update(confounder)
1707 md5.update(bytes(message))
1708 finalMD5 = md5.digest()
1709 hm = hmac.new(sessionKey, digestmod=hashlib.md5)
1710 hm.update(finalMD5)
1711 return hm.digest()[:8]
1713def encryptSequenceNumberRC4(sequenceNum, checkSum, sessionKey):
1714 # [MS-NRPC] Section 3.3.4.2.1, point 9
1716 hm = hmac.new(sessionKey, digestmod=hashlib.md5)
1717 hm.update(b'\x00'*4)
1718 hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
1719 hm2.update(checkSum)
1720 encryptionKey = hm2.digest()
1722 cipher = ARC4.new(encryptionKey)
1723 return cipher.encrypt(sequenceNum)
1725def decryptSequenceNumberRC4(sequenceNum, checkSum, sessionKey):
1726 # [MS-NRPC] Section 3.3.4.2.2, point 5
1728 return encryptSequenceNumberRC4(sequenceNum, checkSum, sessionKey)
1730def encryptSequenceNumberAES(sequenceNum, checkSum, sessionKey):
1731 # [MS-NRPC] Section 3.3.4.2.1, point 9
1732 IV = checkSum[:8] + checkSum[:8]
1733 Cipher = AES.new(sessionKey, AES.MODE_CFB, IV)
1734 return Cipher.encrypt(sequenceNum)
1736def decryptSequenceNumberAES(sequenceNum, checkSum, sessionKey):
1737 # [MS-NRPC] Section 3.3.4.2.1, point 9
1738 IV = checkSum[:8] + checkSum[:8]
1739 Cipher = AES.new(sessionKey, AES.MODE_CFB, IV)
1740 return Cipher.decrypt(sequenceNum)
1742def SIGN(data, confounder, sequenceNum, key, aes = False):
1743 if aes is False:
1744 signature = NL_AUTH_SIGNATURE()
1745 signature['SignatureAlgorithm'] = NL_SIGNATURE_HMAC_MD5
1746 if confounder == '':
1747 signature['SealAlgorithm'] = NL_SEAL_NOT_ENCRYPTED
1748 else:
1749 signature['SealAlgorithm'] = NL_SEAL_RC4
1750 signature['Checksum'] = ComputeNetlogonSignatureMD5(signature, data, confounder, key)
1751 signature['SequenceNumber'] = encryptSequenceNumberRC4(deriveSequenceNumber(sequenceNum), signature['Checksum'], key)
1752 return signature
1753 else:
1754 signature = NL_AUTH_SIGNATURE()
1755 signature['SignatureAlgorithm'] = NL_SIGNATURE_HMAC_SHA256
1756 if confounder == '':
1757 signature['SealAlgorithm'] = NL_SEAL_NOT_ENCRYPTED
1758 else:
1759 signature['SealAlgorithm'] = NL_SEAL_AES128
1760 signature['Checksum'] = ComputeNetlogonSignatureAES(signature, data, confounder, key)
1761 signature['SequenceNumber'] = encryptSequenceNumberAES(deriveSequenceNumber(sequenceNum), signature['Checksum'], key)
1762 return signature
1764def SEAL(data, confounder, sequenceNum, key, aes = False):
1765 signature = SIGN(data, confounder, sequenceNum, key, aes)
1766 sequenceNum = deriveSequenceNumber(sequenceNum)
1768 XorKey = bytearray(key)
1769 for i in range(len(XorKey)):
1770 XorKey[i] = XorKey[i] ^ 0xf0
1772 XorKey = bytes(XorKey)
1774 if aes is False:
1775 hm = hmac.new(XorKey, digestmod=hashlib.md5)
1776 hm.update(b'\x00'*4)
1777 hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
1778 hm2.update(sequenceNum)
1779 encryptionKey = hm2.digest()
1781 cipher = ARC4.new(encryptionKey)
1782 cfounder = cipher.encrypt(confounder)
1783 cipher = ARC4.new(encryptionKey)
1784 encrypted = cipher.encrypt(data)
1786 signature['Confounder'] = cfounder
1788 return encrypted, signature
1789 else:
1790 IV = sequenceNum + sequenceNum
1791 cipher = AES.new(XorKey, AES.MODE_CFB, IV)
1792 cfounder = cipher.encrypt(confounder)
1793 encrypted = cipher.encrypt(data)
1795 signature['Confounder'] = cfounder
1797 return encrypted, signature
1799def UNSEAL(data, auth_data, key, aes = False):
1800 auth_data = NL_AUTH_SIGNATURE(auth_data)
1801 XorKey = bytearray(key)
1802 for i in range(len(XorKey)):
1803 XorKey[i] = XorKey[i] ^ 0xf0
1805 XorKey = bytes(XorKey)
1807 if aes is False:
1808 sequenceNum = decryptSequenceNumberRC4(auth_data['SequenceNumber'], auth_data['Checksum'], key)
1809 hm = hmac.new(XorKey, digestmod=hashlib.md5)
1810 hm.update(b'\x00'*4)
1811 hm2 = hmac.new(hm.digest(), digestmod=hashlib.md5)
1812 hm2.update(sequenceNum)
1813 encryptionKey = hm2.digest()
1815 cipher = ARC4.new(encryptionKey)
1816 cfounder = cipher.encrypt(auth_data['Confounder'])
1817 cipher = ARC4.new(encryptionKey)
1818 plain = cipher.encrypt(data)
1820 return plain, cfounder
1821 else:
1822 sequenceNum = decryptSequenceNumberAES(auth_data['SequenceNumber'], auth_data['Checksum'], key)
1823 IV = sequenceNum + sequenceNum
1824 cipher = AES.new(XorKey, AES.MODE_CFB, IV)
1825 cfounder = cipher.decrypt(auth_data['Confounder'])
1826 plain = cipher.decrypt(data)
1827 return plain, cfounder
1830def getSSPType1(workstation='', domain='', signingRequired=False):
1831 auth = NL_AUTH_MESSAGE()
1832 auth['Flags'] = 0
1833 auth['Buffer'] = b''
1834 auth['Flags'] |= NL_AUTH_MESSAGE_NETBIOS_DOMAIN
1835 if domain != '':
1836 auth['Buffer'] = auth['Buffer'] + b(domain) + b'\x00'
1837 else:
1838 auth['Buffer'] += b'WORKGROUP\x00'
1840 auth['Flags'] |= NL_AUTH_MESSAGE_NETBIOS_HOST
1842 if workstation != '':
1843 auth['Buffer'] = auth['Buffer'] + b(workstation) + b'\x00'
1844 else:
1845 auth['Buffer'] += b'MYHOST\x00'
1847 auth['Flags'] |= NL_AUTH_MESSAGE_NETBIOS_HOST_UTF8
1849 if workstation != '':
1850 auth['Buffer'] += pack('<B',len(workstation)) + b(workstation) + b'\x00'
1851 else:
1852 auth['Buffer'] += b'\x06MYHOST\x00'
1854 return auth
1856################################################################################
1857# RPC CALLS
1858################################################################################
1859# 3.5.4.3.1 DsrGetDcNameEx2 (Opnum 34)
1860class DsrGetDcNameEx2(NDRCALL):
1861 opnum = 34
1862 structure = (
1863 ('ComputerName',PLOGONSRV_HANDLE),
1864 ('AccountName', LPWSTR),
1865 ('AllowableAccountControlBits', ULONG),
1866 ('DomainName',LPWSTR),
1867 ('DomainGuid',PGUID),
1868 ('SiteName',LPWSTR),
1869 ('Flags',ULONG),
1870 )
1872class DsrGetDcNameEx2Response(NDRCALL):
1873 structure = (
1874 ('DomainControllerInfo',PDOMAIN_CONTROLLER_INFOW),
1875 ('ErrorCode',NET_API_STATUS),
1876 )
1878# 3.5.4.3.2 DsrGetDcNameEx (Opnum 27)
1879class DsrGetDcNameEx(NDRCALL):
1880 opnum = 27
1881 structure = (
1882 ('ComputerName',PLOGONSRV_HANDLE),
1883 ('DomainName',LPWSTR),
1884 ('DomainGuid',PGUID),
1885 ('SiteName',LPWSTR),
1886 ('Flags',ULONG),
1887 )
1889class DsrGetDcNameExResponse(NDRCALL):
1890 structure = (
1891 ('DomainControllerInfo',PDOMAIN_CONTROLLER_INFOW),
1892 ('ErrorCode',NET_API_STATUS),
1893 )
1895# 3.5.4.3.3 DsrGetDcName (Opnum 20)
1896class DsrGetDcName(NDRCALL):
1897 opnum = 20
1898 structure = (
1899 ('ComputerName',PLOGONSRV_HANDLE),
1900 ('DomainName',LPWSTR),
1901 ('DomainGuid',PGUID),
1902 ('SiteGuid',PGUID),
1903 ('Flags',ULONG),
1904 )
1906class DsrGetDcNameResponse(NDRCALL):
1907 structure = (
1908 ('DomainControllerInfo',PDOMAIN_CONTROLLER_INFOW),
1909 ('ErrorCode',NET_API_STATUS),
1910 )
1912# 3.5.4.3.4 NetrGetDCName (Opnum 11)
1913class NetrGetDCName(NDRCALL):
1914 opnum = 11
1915 structure = (
1916 ('ServerName',LOGONSRV_HANDLE),
1917 ('DomainName',LPWSTR),
1918 )
1920class NetrGetDCNameResponse(NDRCALL):
1921 structure = (
1922 ('Buffer',LPWSTR),
1923 ('ErrorCode',NET_API_STATUS),
1924 )
1926# 3.5.4.3.5 NetrGetAnyDCName (Opnum 13)
1927class NetrGetAnyDCName(NDRCALL):
1928 opnum = 13
1929 structure = (
1930 ('ServerName',PLOGONSRV_HANDLE),
1931 ('DomainName',LPWSTR),
1932 )
1934class NetrGetAnyDCNameResponse(NDRCALL):
1935 structure = (
1936 ('Buffer',LPWSTR),
1937 ('ErrorCode',NET_API_STATUS),
1938 )
1940# 3.5.4.3.6 DsrGetSiteName (Opnum 28)
1941class DsrGetSiteName(NDRCALL):
1942 opnum = 28
1943 structure = (
1944 ('ComputerName',PLOGONSRV_HANDLE),
1945 )
1947class DsrGetSiteNameResponse(NDRCALL):
1948 structure = (
1949 ('SiteName',LPWSTR),
1950 ('ErrorCode',NET_API_STATUS),
1951 )
1953# 3.5.4.3.7 DsrGetDcSiteCoverageW (Opnum 38)
1954class DsrGetDcSiteCoverageW(NDRCALL):
1955 opnum = 38
1956 structure = (
1957 ('ServerName',PLOGONSRV_HANDLE),
1958 )
1960class DsrGetDcSiteCoverageWResponse(NDRCALL):
1961 structure = (
1962 ('SiteNames',PNL_SITE_NAME_ARRAY),
1963 ('ErrorCode',NET_API_STATUS),
1964 )
1966# 3.5.4.3.8 DsrAddressToSiteNamesW (Opnum 33)
1967class DsrAddressToSiteNamesW(NDRCALL):
1968 opnum = 33
1969 structure = (
1970 ('ComputerName',PLOGONSRV_HANDLE),
1971 ('EntryCount',ULONG),
1972 ('SocketAddresses',NL_SOCKET_ADDRESS_ARRAY),
1973 )
1975class DsrAddressToSiteNamesWResponse(NDRCALL):
1976 structure = (
1977 ('SiteNames',PNL_SITE_NAME_ARRAY),
1978 ('ErrorCode',NET_API_STATUS),
1979 )
1981# 3.5.4.3.9 DsrAddressToSiteNamesExW (Opnum 37)
1982class DsrAddressToSiteNamesExW(NDRCALL):
1983 opnum = 37
1984 structure = (
1985 ('ComputerName',PLOGONSRV_HANDLE),
1986 ('EntryCount',ULONG),
1987 ('SocketAddresses',NL_SOCKET_ADDRESS_ARRAY),
1988 )
1990class DsrAddressToSiteNamesExWResponse(NDRCALL):
1991 structure = (
1992 ('SiteNames',PNL_SITE_NAME_EX_ARRAY),
1993 ('ErrorCode',NET_API_STATUS),
1994 )
1996# 3.5.4.3.10 DsrDeregisterDnsHostRecords (Opnum 41)
1997class DsrDeregisterDnsHostRecords(NDRCALL):
1998 opnum = 41
1999 structure = (
2000 ('ServerName',PLOGONSRV_HANDLE),
2001 ('DnsDomainName',LPWSTR),
2002 ('DomainGuid',PGUID),
2003 ('DsaGuid',PGUID),
2004 ('DnsHostName',WSTR),
2005 )
2007class DsrDeregisterDnsHostRecordsResponse(NDRCALL):
2008 structure = (
2009 ('ErrorCode',NET_API_STATUS),
2010 )
2012# 3.5.4.3.11 DSRUpdateReadOnlyServerDnsRecords (Opnum 48)
2013class DSRUpdateReadOnlyServerDnsRecords(NDRCALL):
2014 opnum = 48
2015 structure = (
2016 ('ServerName',PLOGONSRV_HANDLE),
2017 ('ComputerName',WSTR),
2018 ('Authenticator',NETLOGON_AUTHENTICATOR),
2019 ('SiteName',LPWSTR),
2020 ('DnsTtl',ULONG),
2021 ('DnsNames',NL_DNS_NAME_INFO_ARRAY),
2022 )
2024class DSRUpdateReadOnlyServerDnsRecordsResponse(NDRCALL):
2025 structure = (
2026 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2027 ('DnsNames',NL_DNS_NAME_INFO_ARRAY),
2028 ('ErrorCode',NTSTATUS),
2029 )
2031# 3.5.4.4.1 NetrServerReqChallenge (Opnum 4)
2032class NetrServerReqChallenge(NDRCALL):
2033 opnum = 4
2034 structure = (
2035 ('PrimaryName',PLOGONSRV_HANDLE),
2036 ('ComputerName',WSTR),
2037 ('ClientChallenge',NETLOGON_CREDENTIAL),
2038 )
2040class NetrServerReqChallengeResponse(NDRCALL):
2041 structure = (
2042 ('ServerChallenge',NETLOGON_CREDENTIAL),
2043 ('ErrorCode',NTSTATUS),
2044 )
2046# 3.5.4.4.2 NetrServerAuthenticate3 (Opnum 26)
2047class NetrServerAuthenticate3(NDRCALL):
2048 opnum = 26
2049 structure = (
2050 ('PrimaryName',PLOGONSRV_HANDLE),
2051 ('AccountName',WSTR),
2052 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2053 ('ComputerName',WSTR),
2054 ('ClientCredential',NETLOGON_CREDENTIAL),
2055 ('NegotiateFlags',ULONG),
2056 )
2058class NetrServerAuthenticate3Response(NDRCALL):
2059 structure = (
2060 ('ServerCredential',NETLOGON_CREDENTIAL),
2061 ('NegotiateFlags',ULONG),
2062 ('AccountRid',ULONG),
2063 ('ErrorCode',NTSTATUS),
2064 )
2066# 3.5.4.4.3 NetrServerAuthenticate2 (Opnum 15)
2067class NetrServerAuthenticate2(NDRCALL):
2068 opnum = 15
2069 structure = (
2070 ('PrimaryName',PLOGONSRV_HANDLE),
2071 ('AccountName',WSTR),
2072 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2073 ('ComputerName',WSTR),
2074 ('ClientCredential',NETLOGON_CREDENTIAL),
2075 ('NegotiateFlags',ULONG),
2076 )
2078class NetrServerAuthenticate2Response(NDRCALL):
2079 structure = (
2080 ('ServerCredential',NETLOGON_CREDENTIAL),
2081 ('NegotiateFlags',ULONG),
2082 ('ErrorCode',NTSTATUS),
2083 )
2085# 3.5.4.4.4 NetrServerAuthenticate (Opnum 5)
2086class NetrServerAuthenticate(NDRCALL):
2087 opnum = 5
2088 structure = (
2089 ('PrimaryName',PLOGONSRV_HANDLE),
2090 ('AccountName',WSTR),
2091 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2092 ('ComputerName',WSTR),
2093 ('ClientCredential',NETLOGON_CREDENTIAL),
2094 )
2096class NetrServerAuthenticateResponse(NDRCALL):
2097 structure = (
2098 ('ServerCredential',NETLOGON_CREDENTIAL),
2099 ('ErrorCode',NTSTATUS),
2100 )
2102# 3.5.4.4.5 NetrServerPasswordSet2 (Opnum 30)
2103class NetrServerPasswordSet2(NDRCALL):
2104 opnum = 30
2105 structure = (
2106 ('PrimaryName',PLOGONSRV_HANDLE),
2107 ('AccountName',WSTR),
2108 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2109 ('ComputerName',WSTR),
2110 ('Authenticator',NETLOGON_AUTHENTICATOR),
2111 #('ClearNewPassword',NL_TRUST_PASSWORD),
2112 ('ClearNewPassword',NL_TRUST_PASSWORD_FIXED_ARRAY),
2113 )
2115class NetrServerPasswordSet2Response(NDRCALL):
2116 structure = (
2117 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2118 ('ErrorCode',NTSTATUS),
2119 )
2121# 3.5.4.4.6 NetrServerPasswordSet (Opnum 6)
2123# 3.5.4.4.7 NetrServerPasswordGet (Opnum 31)
2124class NetrServerPasswordGet(NDRCALL):
2125 opnum = 31
2126 structure = (
2127 ('PrimaryName',PLOGONSRV_HANDLE),
2128 ('AccountName',WSTR),
2129 ('AccountType',NETLOGON_SECURE_CHANNEL_TYPE),
2130 ('ComputerName',WSTR),
2131 ('Authenticator',NETLOGON_AUTHENTICATOR),
2132 )
2134class NetrServerPasswordGetResponse(NDRCALL):
2135 structure = (
2136 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2137 ('EncryptedNtOwfPassword',ENCRYPTED_NT_OWF_PASSWORD),
2138 ('ErrorCode',NTSTATUS),
2139 )
2141# 3.5.4.4.8 NetrServerTrustPasswordsGet (Opnum 42)
2142class NetrServerTrustPasswordsGet(NDRCALL):
2143 opnum = 42
2144 structure = (
2145 ('TrustedDcName',PLOGONSRV_HANDLE),
2146 ('AccountName',WSTR),
2147 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2148 ('ComputerName',WSTR),
2149 ('Authenticator',NETLOGON_AUTHENTICATOR),
2150 )
2152class NetrServerTrustPasswordsGetResponse(NDRCALL):
2153 structure = (
2154 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2155 ('EncryptedNewOwfPassword',ENCRYPTED_NT_OWF_PASSWORD),
2156 ('EncryptedOldOwfPassword',ENCRYPTED_NT_OWF_PASSWORD),
2157 ('ErrorCode',NTSTATUS),
2158 )
2160# 3.5.4.4.9 NetrLogonGetDomainInfo (Opnum 29)
2161class NetrLogonGetDomainInfo(NDRCALL):
2162 opnum = 29
2163 structure = (
2164 ('ServerName',LOGONSRV_HANDLE),
2165 ('ComputerName',LPWSTR),
2166 ('Authenticator',NETLOGON_AUTHENTICATOR),
2167 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2168 ('Level',DWORD),
2169 ('WkstaBuffer',NETLOGON_WORKSTATION_INFORMATION),
2170 )
2172class NetrLogonGetDomainInfoResponse(NDRCALL):
2173 structure = (
2174 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2175 ('DomBuffer',NETLOGON_DOMAIN_INFORMATION),
2176 ('ErrorCode',NTSTATUS),
2177 )
2179# 3.5.4.4.10 NetrLogonGetCapabilities (Opnum 21)
2180class NetrLogonGetCapabilities(NDRCALL):
2181 opnum = 21
2182 structure = (
2183 ('ServerName',LOGONSRV_HANDLE),
2184 ('ComputerName',LPWSTR),
2185 ('Authenticator',NETLOGON_AUTHENTICATOR),
2186 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2187 ('QueryLevel',DWORD),
2188 )
2190class NetrLogonGetCapabilitiesResponse(NDRCALL):
2191 structure = (
2192 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2193 ('ServerCapabilities',NETLOGON_CAPABILITIES),
2194 ('ErrorCode',NTSTATUS),
2195 )
2197# 3.5.4.4.11 NetrChainSetClientAttributes (Opnum 49)
2199# 3.5.4.5.1 NetrLogonSamLogonEx (Opnum 39)
2200class NetrLogonSamLogonEx(NDRCALL):
2201 opnum = 39
2202 structure = (
2203 ('LogonServer',LPWSTR),
2204 ('ComputerName',LPWSTR),
2205 ('LogonLevel',NETLOGON_LOGON_INFO_CLASS),
2206 ('LogonInformation',NETLOGON_LEVEL),
2207 ('ValidationLevel',NETLOGON_VALIDATION_INFO_CLASS),
2208 ('ExtraFlags',ULONG),
2209 )
2211class NetrLogonSamLogonExResponse(NDRCALL):
2212 structure = (
2213 ('ValidationInformation',NETLOGON_VALIDATION),
2214 ('Authoritative',UCHAR),
2215 ('ExtraFlags',ULONG),
2216 ('ErrorCode',NTSTATUS),
2217 )
2219# 3.5.4.5.2 NetrLogonSamLogonWithFlags (Opnum 45)
2220class NetrLogonSamLogonWithFlags(NDRCALL):
2221 opnum = 45
2222 structure = (
2223 ('LogonServer',LPWSTR),
2224 ('ComputerName',LPWSTR),
2225 ('Authenticator',PNETLOGON_AUTHENTICATOR),
2226 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2227 ('LogonLevel',NETLOGON_LOGON_INFO_CLASS),
2228 ('LogonInformation',NETLOGON_LEVEL),
2229 ('ValidationLevel',NETLOGON_VALIDATION_INFO_CLASS),
2230 ('ExtraFlags',ULONG),
2231 )
2233class NetrLogonSamLogonWithFlagsResponse(NDRCALL):
2234 structure = (
2235 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2236 ('ValidationInformation',NETLOGON_VALIDATION),
2237 ('Authoritative',UCHAR),
2238 ('ExtraFlags',ULONG),
2239 ('ErrorCode',NTSTATUS),
2240 )
2242# 3.5.4.5.3 NetrLogonSamLogon (Opnum 2)
2243class NetrLogonSamLogon(NDRCALL):
2244 opnum = 2
2245 structure = (
2246 ('LogonServer',LPWSTR),
2247 ('ComputerName',LPWSTR),
2248 ('Authenticator',PNETLOGON_AUTHENTICATOR),
2249 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2250 ('LogonLevel',NETLOGON_LOGON_INFO_CLASS),
2251 ('LogonInformation',NETLOGON_LEVEL),
2252 ('ValidationLevel',NETLOGON_VALIDATION_INFO_CLASS),
2253 )
2255class NetrLogonSamLogonResponse(NDRCALL):
2256 structure = (
2257 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2258 ('ValidationInformation',NETLOGON_VALIDATION),
2259 ('Authoritative',UCHAR),
2260 ('ErrorCode',NTSTATUS),
2261 )
2263# 3.5.4.5.4 NetrLogonSamLogoff (Opnum 3)
2264class NetrLogonSamLogoff(NDRCALL):
2265 opnum = 3
2266 structure = (
2267 ('LogonServer',LPWSTR),
2268 ('ComputerName',LPWSTR),
2269 ('Authenticator',PNETLOGON_AUTHENTICATOR),
2270 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2271 ('LogonLevel',NETLOGON_LOGON_INFO_CLASS),
2272 ('LogonInformation',NETLOGON_LEVEL),
2273 )
2275class NetrLogonSamLogoffResponse(NDRCALL):
2276 structure = (
2277 ('ReturnAuthenticator',PNETLOGON_AUTHENTICATOR),
2278 ('ErrorCode',NTSTATUS),
2279 )
2281# 3.5.4.6.1 NetrDatabaseDeltas (Opnum 7)
2282class NetrDatabaseDeltas(NDRCALL):
2283 opnum = 7
2284 structure = (
2285 ('PrimaryName',LOGONSRV_HANDLE),
2286 ('ComputerName',WSTR),
2287 ('Authenticator',NETLOGON_AUTHENTICATOR),
2288 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2289 ('DatabaseID',DWORD),
2290 ('DomainModifiedCount',NLPR_MODIFIED_COUNT),
2291 ('PreferredMaximumLength',DWORD),
2292 )
2294class NetrDatabaseDeltasResponse(NDRCALL):
2295 structure = (
2296 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2297 ('DomainModifiedCount',NLPR_MODIFIED_COUNT),
2298 ('DeltaArray',PNETLOGON_DELTA_ENUM_ARRAY),
2299 ('ErrorCode',NTSTATUS),
2300 )
2302# 3.5.4.6.2 NetrDatabaseSync2 (Opnum 16)
2303class NetrDatabaseSync2(NDRCALL):
2304 opnum = 16
2305 structure = (
2306 ('PrimaryName',LOGONSRV_HANDLE),
2307 ('ComputerName',WSTR),
2308 ('Authenticator',NETLOGON_AUTHENTICATOR),
2309 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2310 ('DatabaseID',DWORD),
2311 ('RestartState',SYNC_STATE),
2312 ('SyncContext',ULONG),
2313 ('PreferredMaximumLength',DWORD),
2314 )
2316class NetrDatabaseSync2Response(NDRCALL):
2317 structure = (
2318 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2319 ('SyncContext',ULONG),
2320 ('DeltaArray',PNETLOGON_DELTA_ENUM_ARRAY),
2321 ('ErrorCode',NTSTATUS),
2322 )
2324# 3.5.4.6.3 NetrDatabaseSync (Opnum 8)
2325class NetrDatabaseSync(NDRCALL):
2326 opnum = 8
2327 structure = (
2328 ('PrimaryName',LOGONSRV_HANDLE),
2329 ('ComputerName',WSTR),
2330 ('Authenticator',NETLOGON_AUTHENTICATOR),
2331 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2332 ('DatabaseID',DWORD),
2333 ('SyncContext',ULONG),
2334 ('PreferredMaximumLength',DWORD),
2335 )
2337class NetrDatabaseSyncResponse(NDRCALL):
2338 structure = (
2339 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2340 ('SyncContext',ULONG),
2341 ('DeltaArray',PNETLOGON_DELTA_ENUM_ARRAY),
2342 ('ErrorCode',NTSTATUS),
2343 )
2345# 3.5.4.6.4 NetrDatabaseRedo (Opnum 17)
2346class NetrDatabaseRedo(NDRCALL):
2347 opnum = 17
2348 structure = (
2349 ('PrimaryName',LOGONSRV_HANDLE),
2350 ('ComputerName',WSTR),
2351 ('Authenticator',NETLOGON_AUTHENTICATOR),
2352 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2353 ('ChangeLogEntry',PUCHAR_ARRAY),
2354 ('ChangeLogEntrySize',DWORD),
2355 )
2357class NetrDatabaseRedoResponse(NDRCALL):
2358 structure = (
2359 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2360 ('DeltaArray',PNETLOGON_DELTA_ENUM_ARRAY),
2361 ('ErrorCode',NTSTATUS),
2362 )
2364# 3.5.4.7.1 DsrEnumerateDomainTrusts (Opnum 40)
2365class DsrEnumerateDomainTrusts(NDRCALL):
2366 opnum = 40
2367 structure = (
2368 ('ServerName',PLOGONSRV_HANDLE),
2369 ('Flags',ULONG),
2370 )
2372class DsrEnumerateDomainTrustsResponse(NDRCALL):
2373 structure = (
2374 ('Domains',NETLOGON_TRUSTED_DOMAIN_ARRAY),
2375 ('ErrorCode',NTSTATUS),
2376 )
2378# 3.5.4.7.2 NetrEnumerateTrustedDomainsEx (Opnum 36)
2379class NetrEnumerateTrustedDomainsEx(NDRCALL):
2380 opnum = 36
2381 structure = (
2382 ('ServerName',PLOGONSRV_HANDLE),
2383 )
2385class NetrEnumerateTrustedDomainsExResponse(NDRCALL):
2386 structure = (
2387 ('Domains',NETLOGON_TRUSTED_DOMAIN_ARRAY),
2388 ('ErrorCode',NTSTATUS),
2389 )
2391# 3.5.4.7.3 NetrEnumerateTrustedDomains (Opnum 19)
2392class NetrEnumerateTrustedDomains(NDRCALL):
2393 opnum = 19
2394 structure = (
2395 ('ServerName',PLOGONSRV_HANDLE),
2396 )
2398class NetrEnumerateTrustedDomainsResponse(NDRCALL):
2399 structure = (
2400 ('DomainNameBuffer',DOMAIN_NAME_BUFFER),
2401 ('ErrorCode',NTSTATUS),
2402 )
2404# 3.5.4.7.4 NetrGetForestTrustInformation (Opnum 44)
2405class NetrGetForestTrustInformation(NDRCALL):
2406 opnum = 44
2407 structure = (
2408 ('ServerName',PLOGONSRV_HANDLE),
2409 ('ComputerName',WSTR),
2410 ('Authenticator',NETLOGON_AUTHENTICATOR),
2411 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2412 ('Flags',DWORD),
2413 )
2415class NetrGetForestTrustInformationResponse(NDRCALL):
2416 structure = (
2417 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2418 ('ForestTrustInfo',PLSA_FOREST_TRUST_INFORMATION),
2419 ('ErrorCode',NTSTATUS),
2420 )
2422# 3.5.4.7.5 DsrGetForestTrustInformation (Opnum 43)
2423class DsrGetForestTrustInformation(NDRCALL):
2424 opnum = 43
2425 structure = (
2426 ('ServerName',PLOGONSRV_HANDLE),
2427 ('TrustedDomainName',LPWSTR),
2428 ('Flags',DWORD),
2429 )
2431class DsrGetForestTrustInformationResponse(NDRCALL):
2432 structure = (
2433 ('ForestTrustInfo',PLSA_FOREST_TRUST_INFORMATION),
2434 ('ErrorCode',NTSTATUS),
2435 )
2437# 3.5.4.7.6 NetrServerGetTrustInfo (Opnum 46)
2438class NetrServerGetTrustInfo(NDRCALL):
2439 opnum = 46
2440 structure = (
2441 ('TrustedDcName',PLOGONSRV_HANDLE),
2442 ('AccountName',WSTR),
2443 ('SecureChannelType',NETLOGON_SECURE_CHANNEL_TYPE),
2444 ('ComputerName',WSTR),
2445 ('Authenticator',NETLOGON_AUTHENTICATOR),
2446 )
2448class NetrServerGetTrustInfoResponse(NDRCALL):
2449 structure = (
2450 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2451 ('EncryptedNewOwfPassword',ENCRYPTED_NT_OWF_PASSWORD),
2452 ('EncryptedOldOwfPassword',ENCRYPTED_NT_OWF_PASSWORD),
2453 ('TrustInfo',PNL_GENERIC_RPC_DATA),
2454 ('ErrorCode',NTSTATUS),
2455 )
2457# 3.5.4.8.1 NetrLogonGetTrustRid (Opnum 23)
2458class NetrLogonGetTrustRid(NDRCALL):
2459 opnum = 23
2460 structure = (
2461 ('ServerName',PLOGONSRV_HANDLE),
2462 ('DomainName',LPWSTR),
2463 )
2465class NetrLogonGetTrustRidResponse(NDRCALL):
2466 structure = (
2467 ('Rid',ULONG),
2468 ('ErrorCode',NTSTATUS),
2469 )
2471# 3.5.4.8.2 NetrLogonComputeServerDigest (Opnum 24)
2472class NetrLogonComputeServerDigest(NDRCALL):
2473 opnum = 24
2474 structure = (
2475 ('ServerName',PLOGONSRV_HANDLE),
2476 ('Rid',ULONG),
2477 ('Message',UCHAR_ARRAY),
2478 ('MessageSize',ULONG),
2479 )
2481class NetrLogonComputeServerDigestResponse(NDRCALL):
2482 structure = (
2483 ('NewMessageDigest',CHAR_FIXED_16_ARRAY),
2484 ('OldMessageDigest',CHAR_FIXED_16_ARRAY),
2485 ('ErrorCode',NTSTATUS),
2486 )
2488# 3.5.4.8.3 NetrLogonComputeClientDigest (Opnum 25)
2489class NetrLogonComputeClientDigest(NDRCALL):
2490 opnum = 25
2491 structure = (
2492 ('ServerName',PLOGONSRV_HANDLE),
2493 ('DomainName',LPWSTR),
2494 ('Message',UCHAR_ARRAY),
2495 ('MessageSize',ULONG),
2496 )
2498class NetrLogonComputeClientDigestResponse(NDRCALL):
2499 structure = (
2500 ('NewMessageDigest',CHAR_FIXED_16_ARRAY),
2501 ('OldMessageDigest',CHAR_FIXED_16_ARRAY),
2502 ('ErrorCode',NTSTATUS),
2503 )
2505# 3.5.4.8.4 NetrLogonSendToSam (Opnum 32)
2506class NetrLogonSendToSam(NDRCALL):
2507 opnum = 32
2508 structure = (
2509 ('PrimaryName',PLOGONSRV_HANDLE),
2510 ('ComputerName',WSTR),
2511 ('Authenticator',NETLOGON_AUTHENTICATOR),
2512 ('OpaqueBuffer',UCHAR_ARRAY),
2513 ('OpaqueBufferSize',ULONG),
2514 )
2516class NetrLogonSendToSamResponse(NDRCALL):
2517 structure = (
2518 ('ReturnAuthenticator',NETLOGON_AUTHENTICATOR),
2519 ('ErrorCode',NTSTATUS),
2520 )
2522# 3.5.4.8.5 NetrLogonSetServiceBits (Opnum 22)
2523class NetrLogonSetServiceBits(NDRCALL):
2524 opnum = 22
2525 structure = (
2526 ('ServerName',PLOGONSRV_HANDLE),
2527 ('ServiceBitsOfInterest',DWORD),
2528 ('ServiceBits',DWORD),
2529 )
2531class NetrLogonSetServiceBitsResponse(NDRCALL):
2532 structure = (
2533 ('ErrorCode',NTSTATUS),
2534 )
2536# 3.5.4.8.6 NetrLogonGetTimeServiceParentDomain (Opnum 35)
2537class NetrLogonGetTimeServiceParentDomain(NDRCALL):
2538 opnum = 35
2539 structure = (
2540 ('ServerName',PLOGONSRV_HANDLE),
2541 )
2543class NetrLogonGetTimeServiceParentDomainResponse(NDRCALL):
2544 structure = (
2545 ('DomainName',LPWSTR),
2546 ('PdcSameSite',LONG),
2547 ('ErrorCode',NET_API_STATUS),
2548 )
2550# 3.5.4.9.1 NetrLogonControl2Ex (Opnum 18)
2551class NetrLogonControl2Ex(NDRCALL):
2552 opnum = 18
2553 structure = (
2554 ('ServerName',PLOGONSRV_HANDLE),
2555 ('FunctionCode',DWORD),
2556 ('QueryLevel',DWORD),
2557 ('Data',NETLOGON_CONTROL_DATA_INFORMATION),
2558 )
2560class NetrLogonControl2ExResponse(NDRCALL):
2561 structure = (
2562 ('Buffer',NETLOGON_CONTROL_DATA_INFORMATION),
2563 ('ErrorCode',NET_API_STATUS),
2564 )
2566# 3.5.4.9.2 NetrLogonControl2 (Opnum 14)
2567class NetrLogonControl2(NDRCALL):
2568 opnum = 14
2569 structure = (
2570 ('ServerName',PLOGONSRV_HANDLE),
2571 ('FunctionCode',DWORD),
2572 ('QueryLevel',DWORD),
2573 ('Data',NETLOGON_CONTROL_DATA_INFORMATION),
2574 )
2576class NetrLogonControl2Response(NDRCALL):
2577 structure = (
2578 ('Buffer',NETLOGON_CONTROL_DATA_INFORMATION),
2579 ('ErrorCode',NET_API_STATUS),
2580 )
2582# 3.5.4.9.3 NetrLogonControl (Opnum 12)
2583class NetrLogonControl(NDRCALL):
2584 opnum = 12
2585 structure = (
2586 ('ServerName',PLOGONSRV_HANDLE),
2587 ('FunctionCode',DWORD),
2588 ('QueryLevel',DWORD),
2589 ('Data',NETLOGON_CONTROL_DATA_INFORMATION),
2590 )
2592class NetrLogonControlResponse(NDRCALL):
2593 structure = (
2594 ('Buffer',NETLOGON_CONTROL_DATA_INFORMATION),
2595 ('ErrorCode',NET_API_STATUS),
2596 )
2598# 3.5.4.10.1 NetrLogonUasLogon (Opnum 0)
2599class NetrLogonUasLogon(NDRCALL):
2600 opnum = 0
2601 structure = (
2602 ('ServerName',PLOGONSRV_HANDLE),
2603 ('UserName',WSTR),
2604 ('Workstation',WSTR),
2605 )
2607class NetrLogonUasLogonResponse(NDRCALL):
2608 structure = (
2609 ('ValidationInformation',PNETLOGON_VALIDATION_UAS_INFO),
2610 ('ErrorCode',NET_API_STATUS),
2611 )
2613# 3.5.4.10.2 NetrLogonUasLogoff (Opnum 1)
2614class NetrLogonUasLogoff(NDRCALL):
2615 opnum = 1
2616 structure = (
2617 ('ServerName',PLOGONSRV_HANDLE),
2618 ('UserName',WSTR),
2619 ('Workstation',WSTR),
2620 )
2622class NetrLogonUasLogoffResponse(NDRCALL):
2623 structure = (
2624 ('LogoffInformation',NETLOGON_LOGOFF_UAS_INFO),
2625 ('ErrorCode',NET_API_STATUS),
2626 )
2628################################################################################
2629# OPNUMs and their corresponding structures
2630################################################################################
2631OPNUMS = {
2632 0 : (NetrLogonUasLogon, NetrLogonUasLogonResponse),
2633 1 : (NetrLogonUasLogoff, NetrLogonUasLogoffResponse),
2634 2 : (NetrLogonSamLogon, NetrLogonSamLogonResponse),
2635 3 : (NetrLogonSamLogoff, NetrLogonSamLogoffResponse),
2636 4 : (NetrServerReqChallenge, NetrServerReqChallengeResponse),
2637 5 : (NetrServerAuthenticate, NetrServerAuthenticateResponse),
2638# 6 : (NetrServerPasswordSet, NetrServerPasswordSetResponse),
2639 7 : (NetrDatabaseDeltas, NetrDatabaseDeltasResponse),
2640 8 : (NetrDatabaseSync, NetrDatabaseSyncResponse),
2641# 9 : (NetrAccountDeltas, NetrAccountDeltasResponse),
2642# 10 : (NetrAccountSync, NetrAccountSyncResponse),
2643 11 : (NetrGetDCName, NetrGetDCNameResponse),
2644 12 : (NetrLogonControl, NetrLogonControlResponse),
2645 13 : (NetrGetAnyDCName, NetrGetAnyDCNameResponse),
2646 14 : (NetrLogonControl2, NetrLogonControl2Response),
2647 15 : (NetrServerAuthenticate2, NetrServerAuthenticate2Response),
2648 16 : (NetrDatabaseSync2, NetrDatabaseSync2Response),
2649 17 : (NetrDatabaseRedo, NetrDatabaseRedoResponse),
2650 18 : (NetrLogonControl2Ex, NetrLogonControl2ExResponse),
2651 19 : (NetrEnumerateTrustedDomains, NetrEnumerateTrustedDomainsResponse),
2652 20 : (DsrGetDcName, DsrGetDcNameResponse),
2653 21 : (NetrLogonGetCapabilities, NetrLogonGetCapabilitiesResponse),
2654 22 : (NetrLogonSetServiceBits, NetrLogonSetServiceBitsResponse),
2655 23 : (NetrLogonGetTrustRid, NetrLogonGetTrustRidResponse),
2656 24 : (NetrLogonComputeServerDigest, NetrLogonComputeServerDigestResponse),
2657 25 : (NetrLogonComputeClientDigest, NetrLogonComputeClientDigestResponse),
2658 26 : (NetrServerAuthenticate3, NetrServerAuthenticate3Response),
2659 27 : (DsrGetDcNameEx, DsrGetDcNameExResponse),
2660 28 : (DsrGetSiteName, DsrGetSiteNameResponse),
2661 29 : (NetrLogonGetDomainInfo, NetrLogonGetDomainInfoResponse),
2662 30 : (NetrServerPasswordSet2, NetrServerPasswordSet2Response),
2663 31 : (NetrServerPasswordGet, NetrServerPasswordGetResponse),
2664 32 : (NetrLogonSendToSam, NetrLogonSendToSamResponse),
2665 33 : (DsrAddressToSiteNamesW, DsrAddressToSiteNamesWResponse),
2666 34 : (DsrGetDcNameEx2, DsrGetDcNameEx2Response),
2667 35 : (NetrLogonGetTimeServiceParentDomain, NetrLogonGetTimeServiceParentDomainResponse),
2668 36 : (NetrEnumerateTrustedDomainsEx, NetrEnumerateTrustedDomainsExResponse),
2669 37 : (DsrAddressToSiteNamesExW, DsrAddressToSiteNamesExWResponse),
2670 38 : (DsrGetDcSiteCoverageW, DsrGetDcSiteCoverageWResponse),
2671 39 : (NetrLogonSamLogonEx, NetrLogonSamLogonExResponse),
2672 40 : (DsrEnumerateDomainTrusts, DsrEnumerateDomainTrustsResponse),
2673 41 : (DsrDeregisterDnsHostRecords, DsrDeregisterDnsHostRecordsResponse),
2674 42 : (NetrServerTrustPasswordsGet, NetrServerTrustPasswordsGetResponse),
2675 43 : (DsrGetForestTrustInformation, DsrGetForestTrustInformationResponse),
2676 44 : (NetrGetForestTrustInformation, NetrGetForestTrustInformationResponse),
2677 45 : (NetrLogonSamLogonWithFlags, NetrLogonSamLogonWithFlagsResponse),
2678 46 : (NetrServerGetTrustInfo, NetrServerGetTrustInfoResponse),
2679# 48 : (DsrUpdateReadOnlyServerDnsRecords, DsrUpdateReadOnlyServerDnsRecordsResponse),
2680# 49 : (NetrChainSetClientAttributes, NetrChainSetClientAttributesResponse),
2681}
2683################################################################################
2684# HELPER FUNCTIONS
2685################################################################################
2686def checkNullString(string):
2687 if string == NULL:
2688 return string
2690 if string[-1:] != '\x00':
2691 return string + '\x00'
2692 else:
2693 return string
2695def hNetrServerReqChallenge(dce, primaryName, computerName, clientChallenge):
2696 request = NetrServerReqChallenge()
2697 request['PrimaryName'] = checkNullString(primaryName)
2698 request['ComputerName'] = checkNullString(computerName)
2699 request['ClientChallenge'] = clientChallenge
2700 return dce.request(request)
2702def hNetrServerAuthenticate3(dce, primaryName, accountName, secureChannelType, computerName, clientCredential, negotiateFlags):
2703 request = NetrServerAuthenticate3()
2704 request['PrimaryName'] = checkNullString(primaryName)
2705 request['AccountName'] = checkNullString(accountName)
2706 request['SecureChannelType'] = secureChannelType
2707 request['ClientCredential'] = clientCredential
2708 request['ComputerName'] = checkNullString(computerName)
2709 request['NegotiateFlags'] = negotiateFlags
2710 return dce.request(request)
2712def hDsrGetDcNameEx2(dce, computerName, accountName, allowableAccountControlBits, domainName, domainGuid, siteName, flags):
2713 request = DsrGetDcNameEx2()
2714 request['ComputerName'] = checkNullString(computerName)
2715 request['AccountName'] = checkNullString(accountName)
2716 request['AllowableAccountControlBits'] = allowableAccountControlBits
2717 request['DomainName'] = checkNullString(domainName)
2718 request['DomainGuid'] = domainGuid
2719 request['SiteName'] = checkNullString(siteName)
2720 request['Flags'] = flags
2721 return dce.request(request)
2723def hDsrGetDcNameEx(dce, computerName, domainName, domainGuid, siteName, flags):
2724 request = DsrGetDcNameEx()
2725 request['ComputerName'] = checkNullString(computerName)
2726 request['DomainName'] = checkNullString(domainName)
2727 request['DomainGuid'] = domainGuid
2728 request['SiteName'] = siteName
2729 request['Flags'] = flags
2730 return dce.request(request)
2732def hDsrGetDcName(dce, computerName, domainName, domainGuid, siteGuid, flags):
2733 request = DsrGetDcName()
2734 request['ComputerName'] = checkNullString(computerName)
2735 request['DomainName'] = checkNullString(domainName)
2736 request['DomainGuid'] = domainGuid
2737 request['SiteGuid'] = siteGuid
2738 request['Flags'] = flags
2739 return dce.request(request)
2741def hNetrGetAnyDCName(dce, serverName, domainName):
2742 request = NetrGetAnyDCName()
2743 request['ServerName'] = checkNullString(serverName)
2744 request['DomainName'] = checkNullString(domainName)
2745 return dce.request(request)
2747def hNetrGetDCName(dce, serverName, domainName):
2748 request = NetrGetDCName()
2749 request['ServerName'] = checkNullString(serverName)
2750 request['DomainName'] = checkNullString(domainName)
2751 return dce.request(request)
2753def hDsrGetSiteName(dce, computerName):
2754 request = DsrGetSiteName()
2755 request['ComputerName'] = checkNullString(computerName)
2756 return dce.request(request)
2758def hDsrGetDcSiteCoverageW(dce, serverName):
2759 request = DsrGetDcSiteCoverageW()
2760 request['ServerName'] = checkNullString(serverName)
2761 return dce.request(request)
2763def hNetrServerAuthenticate2(dce, primaryName, accountName, secureChannelType, computerName, clientCredential, negotiateFlags):
2764 request = NetrServerAuthenticate2()
2765 request['PrimaryName'] = checkNullString(primaryName)
2766 request['AccountName'] = checkNullString(accountName)
2767 request['SecureChannelType'] = secureChannelType
2768 request['ClientCredential'] = clientCredential
2769 request['ComputerName'] = checkNullString(computerName)
2770 request['NegotiateFlags'] = negotiateFlags
2771 return dce.request(request)
2773def hNetrServerAuthenticate(dce, primaryName, accountName, secureChannelType, computerName, clientCredential):
2774 request = NetrServerAuthenticate()
2775 request['PrimaryName'] = checkNullString(primaryName)
2776 request['AccountName'] = checkNullString(accountName)
2777 request['SecureChannelType'] = secureChannelType
2778 request['ClientCredential'] = clientCredential
2779 request['ComputerName'] = checkNullString(computerName)
2780 return dce.request(request)
2782def hNetrServerPasswordGet(dce, primaryName, accountName, accountType, computerName, authenticator):
2783 request = NetrServerPasswordGet()
2784 request['PrimaryName'] = checkNullString(primaryName)
2785 request['AccountName'] = checkNullString(accountName)
2786 request['AccountType'] = accountType
2787 request['ComputerName'] = checkNullString(computerName)
2788 request['Authenticator'] = authenticator
2789 return dce.request(request)
2791def hNetrServerTrustPasswordsGet(dce, trustedDcName, accountName, secureChannelType, computerName, authenticator):
2792 request = NetrServerTrustPasswordsGet()
2793 request['TrustedDcName'] = checkNullString(trustedDcName)
2794 request['AccountName'] = checkNullString(accountName)
2795 request['SecureChannelType'] = secureChannelType
2796 request['ComputerName'] = checkNullString(computerName)
2797 request['Authenticator'] = authenticator
2798 return dce.request(request)
2800def hNetrServerPasswordSet2(dce, primaryName, accountName, secureChannelType, computerName, authenticator, clearNewPasswordBlob):
2801 request = NetrServerPasswordSet2()
2802 request['PrimaryName'] = checkNullString(primaryName)
2803 request['AccountName'] = checkNullString(accountName)
2804 request['SecureChannelType'] = secureChannelType
2805 request['ComputerName'] = checkNullString(computerName)
2806 request['Authenticator'] = authenticator
2807 request['ClearNewPassword'] = clearNewPasswordBlob
2808 return dce.request(request)
2810def hNetrLogonGetDomainInfo(dce, serverName, computerName, authenticator, returnAuthenticator=0, level=1):
2811 request = NetrLogonGetDomainInfo()
2812 request['ServerName'] = checkNullString(serverName)
2813 request['ComputerName'] = checkNullString(computerName)
2814 request['Authenticator'] = authenticator
2815 if returnAuthenticator == 0: 2815 ↛ 2819line 2815 didn't jump to line 2819, because the condition on line 2815 was never false
2816 request['ReturnAuthenticator']['Credential'] = b'\x00'*8
2817 request['ReturnAuthenticator']['Timestamp'] = 0
2818 else:
2819 request['ReturnAuthenticator'] = returnAuthenticator
2821 request['Level'] = 1
2822 if level == 1: 2822 ↛ 2832line 2822 didn't jump to line 2832, because the condition on line 2822 was never false
2823 request['WkstaBuffer']['tag'] = 1
2824 request['WkstaBuffer']['WorkstationInfo']['DnsHostName'] = NULL
2825 request['WkstaBuffer']['WorkstationInfo']['SiteName'] = NULL
2826 request['WkstaBuffer']['WorkstationInfo']['OsName'] = ''
2827 request['WkstaBuffer']['WorkstationInfo']['Dummy1'] = NULL
2828 request['WkstaBuffer']['WorkstationInfo']['Dummy2'] = NULL
2829 request['WkstaBuffer']['WorkstationInfo']['Dummy3'] = NULL
2830 request['WkstaBuffer']['WorkstationInfo']['Dummy4'] = NULL
2831 else:
2832 request['WkstaBuffer']['tag'] = 2
2833 request['WkstaBuffer']['LsaPolicyInfo']['LsaPolicy'] = NULL
2834 return dce.request(request)
2836def hNetrLogonGetCapabilities(dce, serverName, computerName, authenticator, returnAuthenticator=0, queryLevel=1):
2837 request = NetrLogonGetCapabilities()
2838 request['ServerName'] = checkNullString(serverName)
2839 request['ComputerName'] = checkNullString(computerName)
2840 request['Authenticator'] = authenticator
2841 if returnAuthenticator == 0: 2841 ↛ 2845line 2841 didn't jump to line 2845, because the condition on line 2841 was never false
2842 request['ReturnAuthenticator']['Credential'] = b'\x00'*8
2843 request['ReturnAuthenticator']['Timestamp'] = 0
2844 else:
2845 request['ReturnAuthenticator'] = returnAuthenticator
2846 request['QueryLevel'] = queryLevel
2847 return dce.request(request)
2849def hNetrServerGetTrustInfo(dce, trustedDcName, accountName, secureChannelType, computerName, authenticator):
2850 request = NetrServerGetTrustInfo()
2851 request['TrustedDcName'] = checkNullString(trustedDcName)
2852 request['AccountName'] = checkNullString(accountName)
2853 request['SecureChannelType'] = secureChannelType
2854 request['ComputerName'] = checkNullString(computerName)
2855 request['Authenticator'] = authenticator
2856 return dce.request(request)