📄 smb_cifs.inc
字号:
packet = netbios_packet (header:header, parameters:parameters, data:dat); ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; return 1;}#---------------------------------------------------------## Function : smb_read_and_x ## Description : reads on a remote pipe ##---------------------------------------------------------#function smb_read_and_x (fid, offset, length){ local_var header, parameters, data, packet, ret, pad, code; header = smb_header (Command: SMB_COM_READ_ANDX, Status: nt_status (Status: STATUS_SUCCESS)); pad = raw_byte (b:0); parameters = raw_byte (b:255) + # no further command raw_byte (b:0) + # reserved raw_word (w:0) + # andxoffset raw_word (w:fid) + # fid raw_dword (d:offset) + # offset raw_word (w:length) + # Max count low raw_word (w:length) + # Min count raw_dword (d:0xFFFFFFFF) + # Reserved or max count high ? raw_word (w:length) + # Remaining raw_dword (d:0) ; # high offset parameters = smb_parameters (data:parameters); data = pad + smb_data (data:NULL); packet = netbios_packet (header:header, parameters:parameters, data:data); ret = smb_sendrecv (data:packet); if (!ret) return NULL; header = get_smb_header (smbblob:ret); if (isnull (header)) return NULL; code = get_header_nt_error_code(header:header); if ((code != STATUS_SUCCESS) && (code != STATUS_BUFFER_OVERFLOW)) return NULL; if (strlen(ret) < (SMB_HDR_SIZE+14)) return NULL; offset = get_word (blob:ret, pos:SMB_HDR_SIZE + 13); length = get_word (blob:ret, pos:SMB_HDR_SIZE + 11); if (strlen(ret) < (offset+length)) return NULL; data = substr (ret, offset, offset+length-1); return data;}#---------------------------------------------------------## Function : smb_trans_and_x ## Description : TransAndX Request ##---------------------------------------------------------#function smb_trans_and_x (extra_parameters, transname, param, data, max_pcount, sendonly){ local_var header, parameters, dat, packet, ret, pad, trans, p_offset, d_offset, plen, dlen, elen, pad2, socket; pad = pad2 = NULL; if (session_is_unicode () == 1) pad = raw_byte (b:0); else pad2 = raw_byte (b:0); header = smb_header (Command: SMB_COM_TRANSACTION, Status: nt_status (Status: STATUS_SUCCESS)); trans = cstring (string:transname); p_offset = 66 + strlen(trans) + strlen (extra_parameters); d_offset = p_offset + strlen (param); plen = strlen(param); dlen = strlen(data); elen = strlen(extra_parameters); parameters = raw_word (w:plen) + # total parameter count raw_word (w:dlen) + # total data count raw_word (w:max_pcount) + # Max parameter count raw_word (w:0xFFFF) + # Max data count raw_byte (b:0) + # Max setup count raw_byte (b:0) + # Reserved raw_word (w:0) + # Flags raw_dword (d:0) + # Timeout raw_word (w:0) + # Reserved raw_word (w:plen) + # Parameter count raw_word (w:p_offset) + # Parameter offset raw_word (w:dlen) + # Data count raw_word (w:d_offset) + # Data offset raw_byte (b:elen/2) + # Setup count raw_byte (b:0); # Reserved parameters += extra_parameters; parameters = smb_parameters (data:parameters); dat = pad + trans + pad2 + raw_word (w:0) + param + data; dat = smb_data (data:dat); packet = netbios_packet (header:header, parameters:parameters, data:dat); if (isnull(sendonly)) { ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; dat = get_smb_data (smbblob:ret); if (isnull (dat)) return NULL; dat = substr (dat, 1, strlen(dat)-1); return dat; } else { socket = session_get_socket(); send (socket:socket, data:packet); if (session_get_mackey()) session_increase_sequencenumber(); }}#---------------------------------------------------------## Function : smb_trans2 ## Description : Trans2 Request ##---------------------------------------------------------#function smb_trans2 (param, data, max_pcount, command){ local_var header, parameters, dat, packet, ret, pad, trans, p_offset, d_offset, plen, dlen, elen; header = smb_header (Command: SMB_COM_TRANSACTION2, Status: nt_status (Status: STATUS_SUCCESS)); pad = raw_byte (b:0); p_offset = 66; d_offset = p_offset + strlen (param); plen = strlen(param); dlen = strlen(data); parameters = raw_word (w:plen) + # total parameter count raw_word (w:dlen) + # total data count raw_word (w:max_pcount) + # Max parameter count raw_word (w:1000) + # Max data count raw_byte (b:0) + # Max setup count raw_byte (b:0) + # Reserved raw_word (w:0) + # Flags raw_dword (d:0) + # Timeout raw_word (w:0) + # Reserved raw_word (w:plen) + # Parameter count raw_word (w:p_offset) + # Parameter offset raw_word (w:dlen) + # Data count raw_word (w:d_offset) + # Data offset raw_byte (b:1) + # Setup count raw_byte (b:0) + # Reserved raw_word (w:command); # command parameters = smb_parameters (data:parameters); dat = pad + param + data; dat = smb_data (data:dat); packet = netbios_packet (header:header, parameters:parameters, data:dat); ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; dat = get_smb_data (smbblob:ret); if (isnull (dat)) return NULL; dat = substr (dat, 1, strlen(dat)-1); return dat;}#---------------------------------------------------------## Function : smb_nt_trans ## Description : NT Trans Request ##---------------------------------------------------------#function smb_nt_trans (param, data, command, max_pcount, max_dcount){ local_var header, parameters, dat, packet, ret, pad, trans, p_offset, d_offset, plen, dlen, elen; header = smb_header (Command: SMB_COM_NT_TRANSACT, Status: nt_status (Status: STATUS_SUCCESS)); pad = raw_byte (b:0) + raw_word(w:0); p_offset = 76; d_offset = p_offset + strlen (param); plen = strlen(param); dlen = strlen(data); parameters = raw_byte (b:0) + # Max setup count raw_word (w:0) + # Reserved raw_dword (d:plen) + # total parameter count raw_dword (d:dlen) + # total data count raw_dword (d:max_pcount) + # Max parameter count raw_dword (d:max_dcount) + # Max data count raw_dword (d:plen) + # Parameter count raw_dword (d:p_offset) + # Parameter offset raw_dword (d:dlen) + # Data count raw_dword (d:d_offset) + # Data offset raw_byte (b:0) + # Setup count raw_word (w:command); # command parameters = smb_parameters (data:parameters); dat = pad + param + data; dat = smb_data (data:dat); packet = netbios_packet (header:header, parameters:parameters, data:dat); ret = smb_sendrecv (data:packet); if (!ret) return NULL; dat = get_smb_data (smbblob:ret); if (isnull (dat)) return NULL; dat = substr (dat, 1, strlen(dat)-1); return dat;}#---------------------------------------------------------## Function : smb_trans_pipe ## Description : TransAndX Pipe Request ##---------------------------------------------------------#function smb_trans_pipe (fid, data, sendonly){ local_var parameters, ret; parameters = raw_word (w:TRANS_PIPE) + raw_word (w:fid); return smb_trans_and_x (extra_parameters:parameters, transname:"\PIPE\", param:NULL, data:data, max_pcount:0, sendonly:sendonly);}#---------------------------------------------------------## Function : smb_trans_lanman ## Description : TransAndX LANMAN Request ##---------------------------------------------------------#function smb_trans_lanman (data){ return smb_trans_and_x (extra_parameters:NULL, transname:"\PIPE\LANMAN", param:data, data:NULL, max_pcount:8);}#---------------------------------------------------------## Function : smb_close ## Description : Close a pipe ## Return : 1 on success (else NULL) ##---------------------------------------------------------#function smb_close (fid){ local_var header, parameters, data, packet, ret; header = smb_header (Command: SMB_COM_CLOSE, Status: nt_status (Status: STATUS_SUCCESS)); parameters = raw_word (w:fid) + # FID raw_dword (d:0xFFFFFFFF) ; # Last write (not specified) parameters = smb_parameters (data:parameters); data = smb_data (data:NULL); packet = netbios_packet (header:header, parameters:parameters, data:data); ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; return 1;}#---------------------------------------------------------## Function : smb_logoff_andx ## Description : Close a session ## Return : 1 on success (else NULL) ##---------------------------------------------------------#function smb_logoff_andx (){ local_var header, parameters, data, packet, ret; header = smb_header (Command: SMB_COM_LOGOFF_ANDX, Status: nt_status (Status: STATUS_SUCCESS)); parameters = raw_byte (b:0xFF) + # No further command raw_byte (b:0) + # Reserved raw_word (w:0) ; # AndXOffset parameters = smb_parameters (data:parameters); data = smb_data (data:NULL); packet = netbios_packet (header:header, parameters:parameters, data:data); ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; return 1;}#---------------------------------------------------------## Function : smb_tree_disconnect ## Description : Close a tree ## Return : 1 on success (else NULL) ##---------------------------------------------------------#function smb_tree_disconnect (){ local_var header, parameters, data, packet, ret, tid; tid = session_get_tid (); if (tid == 0) return 1; header = smb_header (Command: SMB_COM_TREE_DISCONNECT, Status: nt_status (Status: STATUS_SUCCESS)); parameters = smb_parameters (data:NULL); data = smb_data (data:NULL); packet = netbios_packet (header:header, parameters:parameters, data:data); ret = smb_sendrecv (data:packet); if (!ret) return NULL; if (smb_check_success (data:ret) == FALSE) return NULL; session_set_tid (tid:0); return 1;}⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -