public static NTTransactSubcommand GetSubcommandRequest(NTTransactSubcommandName subcommandName, byte[] setup, byte[] parameters, byte[] data, bool isUnicode)
{
return(subcommandName switch
{
NTTransactSubcommandName.NT_TRANSACT_CREATE => new NTTransactCreateRequest(parameters, data, isUnicode),
NTTransactSubcommandName.NT_TRANSACT_IOCTL => new NTTransactIOCTLRequest(setup, data),
NTTransactSubcommandName.NT_TRANSACT_SET_SECURITY_DESC => new NTTransactSetSecurityDescriptorRequest(
parameters, data),
NTTransactSubcommandName.NT_TRANSACT_NOTIFY_CHANGE => new NTTransactNotifyChangeRequest(setup),
NTTransactSubcommandName.NT_TRANSACT_QUERY_SECURITY_DESC =>
new NTTransactQuerySecurityDescriptorRequest(parameters),
_ => throw new InvalidDataException()
});
internal static SMBCommand GetCompleteNTTransactResponse(SMBHeader header, NTTransactSubcommandName subcommandName, byte[] requestSetup, byte[] requestParameters, byte[] requestData, object share, StateObject state, List <SMBCommand> sendQueue)
{
NTTransactSubcommand subcommand = NTTransactSubcommand.GetSubcommandRequest(subcommandName, requestSetup, requestParameters, requestData, header.UnicodeFlag);
NTTransactSubcommand subcommandResponse = null;
if (subcommand is NTTransactCreateRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactIOCTLRequest)
{
subcommandResponse = GetSubcommandResponse(header, (NTTransactIOCTLRequest)subcommand);
}
else if (subcommand is NTTransactSetSecurityDescriptor)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactNotifyChangeRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactQuerySecurityDescriptorRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else
{
header.Status = NTStatus.STATUS_SMB_BAD_COMMAND;
}
if (header.Status != NTStatus.STATUS_SUCCESS)
{
return(new ErrorResponse(CommandName.SMB_COM_NT_TRANSACT));
}
byte[] responseSetup = subcommandResponse.GetSetup();
byte[] responseParameters = subcommandResponse.GetParameters(header.UnicodeFlag);
byte[] responseData = subcommandResponse.GetData();
NTTransactResponse response = new NTTransactResponse();
PrepareResponse(response, responseSetup, responseParameters, responseData, state.MaxBufferSize, sendQueue);
return(response);
}
public static NTTransactSubcommand GetSubcommandRequest(NTTransactSubcommandName subcommandName, byte[] setup, byte[] parameters, byte[] data, bool isUnicode)
{
switch (subcommandName)
{
case NTTransactSubcommandName.NT_TRANSACT_CREATE:
return(new NTTransactCreateRequest(parameters, data, isUnicode));
case NTTransactSubcommandName.NT_TRANSACT_IOCTL:
return(new NTTransactIOCTLRequest(setup, data));
case NTTransactSubcommandName.NT_TRANSACT_SET_SECURITY_DESC:
return(new NTTransactSetSecurityDescriptor(parameters, data));
case NTTransactSubcommandName.NT_TRANSACT_NOTIFY_CHANGE:
return(new NTTransactNotifyChangeRequest(setup));
case NTTransactSubcommandName.NT_TRANSACT_QUERY_SECURITY_DESC:
return(new NTTransactQuerySecurityDescriptorRequest(parameters));
}
throw new InvalidRequestException();
}
public NTTransactRequest(byte[] buffer, int offset) : base(buffer, offset, false)
{
int readOffset = 0;
MaxSetupCount = ByteReader.ReadByte(this.SMBParameters, ref readOffset);
Reserved1 = LittleEndianReader.ReadUInt16(this.SMBParameters, ref readOffset);
TotalParameterCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
TotalDataCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
MaxParameterCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
MaxDataCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
uint parameterCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
uint parameterOffset = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
uint dataCount = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
uint dataOffset = LittleEndianReader.ReadUInt32(this.SMBParameters, ref readOffset);
byte setupCount = ByteReader.ReadByte(this.SMBParameters, ref readOffset);
Function = (NTTransactSubcommandName)LittleEndianReader.ReadUInt16(this.SMBParameters, ref readOffset);
Setup = ByteReader.ReadBytes(this.SMBParameters, ref readOffset, setupCount * 2);
TransParameters = ByteReader.ReadBytes(buffer, (int)parameterOffset, (int)parameterCount);
TransData = ByteReader.ReadBytes(buffer, (int)dataOffset, (int)dataCount);
}
internal static List <SMB1Command> GetCompleteNTTransactResponse(SMB1Header header, uint maxParameterCount, uint maxDataCount, NTTransactSubcommandName subcommandName, byte[] requestSetup, byte[] requestParameters, byte[] requestData, ISMBShare share, SMB1ConnectionState state)
{
NTTransactSubcommand subcommand;
try
{
subcommand = NTTransactSubcommand.GetSubcommandRequest(subcommandName, requestSetup, requestParameters, requestData, header.UnicodeFlag);
}
catch
{
// [MS-CIFS] If the Function code is not defined, the server MUST return STATUS_INVALID_SMB.
header.Status = NTStatus.STATUS_INVALID_SMB;
return(new ErrorResponse(CommandName.SMB_COM_NT_TRANSACT));
}
state.LogToServer(Severity.Verbose, "Received complete SMB_COM_NT_TRANSACT subcommand: {0}", subcommand.SubcommandName);
NTTransactSubcommand subcommandResponse = null;
if (subcommand is NTTransactCreateRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactIOCTLRequest)
{
subcommandResponse = GetSubcommandResponse(header, maxDataCount, (NTTransactIOCTLRequest)subcommand, share, state);
}
else if (subcommand is NTTransactSetSecurityDescriptorRequest)
{
subcommandResponse = GetSubcommandResponse(header, (NTTransactSetSecurityDescriptorRequest)subcommand, share, state);
}
else if (subcommand is NTTransactNotifyChangeRequest)
{
NotifyChangeHelper.ProcessNTTransactNotifyChangeRequest(header, maxParameterCount, (NTTransactNotifyChangeRequest)subcommand, share, state);
if (header.Status == NTStatus.STATUS_PENDING)
{
return(new List <SMB1Command>());
}
}
else if (subcommand is NTTransactQuerySecurityDescriptorRequest)
{
subcommandResponse = GetSubcommandResponse(header, maxDataCount, (NTTransactQuerySecurityDescriptorRequest)subcommand, share, state);
}
else
{
// [MS-CIFS] If the Function code is defined but not implemented, the server MUST return STATUS_SMB_BAD_COMMAND.
header.Status = NTStatus.STATUS_SMB_BAD_COMMAND;
}
if (subcommandResponse == null)
{
return(new ErrorResponse(CommandName.SMB_COM_NT_TRANSACT));
}
byte[] responseSetup = subcommandResponse.GetSetup();
byte[] responseParameters = subcommandResponse.GetParameters(header.UnicodeFlag);
byte[] responseData = subcommandResponse.GetData();
return(GetNTTransactResponse(responseSetup, responseParameters, responseData, state.MaxBufferSize));
}
internal static List <SMB1Command> GetCompleteNTTransactResponse(SMB1Header header, NTTransactSubcommandName subcommandName, byte[] requestSetup, byte[] requestParameters, byte[] requestData, ISMBShare share, SMB1ConnectionState state)
{
NTTransactSubcommand subcommand = NTTransactSubcommand.GetSubcommandRequest(subcommandName, requestSetup, requestParameters, requestData, header.UnicodeFlag);
NTTransactSubcommand subcommandResponse = null;
if (subcommand is NTTransactCreateRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactIOCTLRequest)
{
subcommandResponse = GetSubcommandResponse(header, (NTTransactIOCTLRequest)subcommand, share, state);
}
else if (subcommand is NTTransactSetSecurityDescriptor)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactNotifyChangeRequest)
{
// [MS-CIFS] If the server does not support the NT_TRANSACT_NOTIFY_CHANGE subcommand, it can return an
// error response with STATUS_NOT_IMPLEMENTED [..] in response to an NT_TRANSACT_NOTIFY_CHANGE Request.
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else if (subcommand is NTTransactQuerySecurityDescriptorRequest)
{
header.Status = NTStatus.STATUS_NOT_IMPLEMENTED;
}
else
{
header.Status = NTStatus.STATUS_SMB_BAD_COMMAND;
}
if (header.Status != NTStatus.STATUS_SUCCESS)
{
return(new ErrorResponse(CommandName.SMB_COM_NT_TRANSACT));
}
byte[] responseSetup = subcommandResponse.GetSetup();
byte[] responseParameters = subcommandResponse.GetParameters(header.UnicodeFlag);
byte[] responseData = subcommandResponse.GetData();
return(GetNTTransactResponse(responseSetup, responseParameters, responseData, state.MaxBufferSize));
}
