void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
switch (u.ReadInt16())
{
case 1:
AnsiString = u.ReadStruct <EEAString>();
break;
case 2:
UnicodeString = u.ReadStruct <EEUString>();
break;
case 3:
LVal = u.ReadInt32();
break;
case 4:
IVal = u.ReadInt16();
break;
case 5:
PVal = u.ReadInt64();
break;
case 6:
break;
case 7:
Blob = u.ReadStruct <BinaryEEInfo>();
break;
default:
throw new System.ArgumentException("No matching union selector when marshaling Union_2");
}
}
private NdrUnmarshalBuffer SendAndReceiveImmediate(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
{
LRPC_IMMEDIATE_REQUEST_MESSAGE req_msg = new LRPC_IMMEDIATE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
};
if (ObjectUuid != Guid.Empty)
{
req_msg.ObjectUuid = ObjectUuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE> send_msg = new AlpcMessageType <LRPC_IMMEDIATE_REQUEST_MESSAGE>(req_msg, buffer);
AlpcMessageRaw resp_msg = new AlpcMessageRaw(0x1000);
AlpcSendMessageAttributes send_attr = new AlpcSendMessageAttributes();
if (ndr_buffer.Handles.Count > 0)
{
send_attr.AddHandles(ndr_buffer.Handles);
}
using (AlpcReceiveMessageAttributes recv_attr = new AlpcReceiveMessageAttributes())
{
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, resp_msg, recv_attr, NtWaitTimeout.Infinite);
NdrUnmarshalBuffer unmarshal = HandleResponse(resp_msg, recv_attr, req_msg.CallId);
ClearAttributes(resp_msg, recv_attr);
return(unmarshal);
}
}
internal static ExtendedErrorInfo?Decode(byte[] data)
{
NdrPickledType pickled_type = new NdrPickledType(data);
NdrUnmarshalBuffer u = new NdrUnmarshalBuffer(pickled_type);
var res = u.ReadReferentValue(u.ReadStruct <ExtendedErrorInfo>, false);
return(res);
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
Next = u.ReadEmbeddedPointer(u.ReadStruct <ExtendedErrorInfo>, false);
ComputerName = u.ReadStruct <EEComputerName>();
ProcessId = u.ReadInt32();
TimeStamp = u.ReadInt64();
GeneratingComponent = u.ReadInt32();
Status = u.ReadInt32();
DetectionLocation = u.ReadInt16();
Flags = u.ReadInt16();
nLen = u.ReadInt16();
Params = u.ReadConformantStructArray <ExtendedErrorInfoParamInternal>();
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
u.Align(8);
Chain = u.ReadEmbeddedPointer(u.ReadStruct <RpcExtendedErrorInfoInternal>);
ComputerName = u.ReadStruct <ComputerNameUnion>();
ProcessId = u.ReadInt32();
TimeStamp = u.ReadInt64();
GeneratingComponent = u.ReadInt32();
Status = u.ReadInt32();
DetectionLocation = u.ReadInt16();
Flags = u.ReadInt16();
nLen = u.ReadInt16();
Parameters = u.ReadConformantStructArray <ExtendedErrorInfoParamInternal>();
}
internal static RpcExtendedErrorInfoInternal?Decode(byte[] data)
{
NdrUnmarshalBuffer u = new NdrUnmarshalBuffer(data);
RpcExtendedErrorInfoInternal v;
// Read out referent.
int referent = u.ReadReferent();
if (referent == 0)
{
return(null);
}
v = u.ReadStruct <RpcExtendedErrorInfoInternal>();
u.PopulateDeferredPointers();
return(v);
}
private Tuple <PDUHeader, byte[]> ReadPDU(int frag_count)
{
byte[] buffer = _pipe.Read(_max_recv_fragment);
RpcUtils.DumpBuffer(true, $"RPC Named Pipe Receive Buffer - Fragment {frag_count}", buffer);
MemoryStream stm = new MemoryStream(buffer);
BinaryReader reader = new BinaryReader(stm);
PDUHeader header = PDUHeader.Read(reader);
NdrUnmarshalBuffer.CheckDataRepresentation(header.DataRep);
if (header.AuthLength != 0)
{
throw new NotSupportedException("Named pipe transport doesn't support authentication data.");
}
return(Tuple.Create(header, reader.ReadAllBytes(header.FragmentLength - PDUHeader.PDU_HEADER_SIZE)));
}
public uint PrivGetPsmToken(int p0, int p1, string p2, string p3, out NtApiDotNet.NtToken p4, out int p5)
{
NdrMarshalBuffer m = new NdrMarshalBuffer();
m.WriteInt32(p0);
m.WriteInt32(p1);
m.WriteTerminatedString(RpcUtils.CheckNull(p2, "p2"));
m.WriteTerminatedString(RpcUtils.CheckNull(p3, "p3"));
var resp = SendReceive(21, m.DataRepresentation, m.ToArray(), m.Handles);
NdrUnmarshalBuffer u = new NdrUnmarshalBuffer(resp.NdrBuffer, resp.Handles, resp.DataRepresentation);
p4 = u.ReadSystemHandle <NtApiDotNet.NtToken>();
p5 = u.ReadInt32();
return(u.ReadUInt32());
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
switch (u.ReadInt16())
{
case 1:
StringData = u.ReadStruct <EEUString>();
break;
case 2:
break;
default:
throw new System.ArgumentException("No matching union selector when marshaling ComputerNameData");
}
}
private NdrUnmarshalBuffer SendAndReceiveLarge(int proc_num, NdrMarshalBuffer ndr_buffer, byte[] buffer)
{
LRPC_LARGE_REQUEST_MESSAGE req_msg = new LRPC_LARGE_REQUEST_MESSAGE()
{
Header = new LRPC_HEADER(LRPC_MESSAGE_TYPE.lmtRequest),
BindingId = 0,
CallId = CallId++,
ProcNum = proc_num,
LargeDataSize = buffer.Length,
Flags = LRPC_REQUEST_MESSAGE_FLAGS.ViewPresent
};
if (ObjectUuid != Guid.Empty)
{
req_msg.ObjectUuid = ObjectUuid;
req_msg.Flags |= LRPC_REQUEST_MESSAGE_FLAGS.ObjectUuid;
}
var send_msg = new AlpcMessageType <LRPC_LARGE_REQUEST_MESSAGE>(req_msg);
var recv_msg = new AlpcMessageRaw(0x1000);
var send_attr = new AlpcSendMessageAttributes();
if (ndr_buffer.Handles.Count > 0)
{
send_attr.AddHandles(ndr_buffer.Handles);
}
using (var port_section = _client.CreatePortSection(AlpcCreatePortSectionFlags.Secure, buffer.Length))
{
using (var data_view = port_section.CreateSectionView(AlpcDataViewAttrFlags.Secure | AlpcDataViewAttrFlags.AutoRelease, buffer.Length))
{
data_view.WriteBytes(buffer);
send_attr.Add(data_view.ToMessageAttribute());
using (var recv_attr = new AlpcReceiveMessageAttributes())
{
_client.SendReceive(AlpcMessageFlags.SyncRequest, send_msg, send_attr, recv_msg, recv_attr, NtWaitTimeout.Infinite);
NdrUnmarshalBuffer unmarshal = HandleResponse(recv_msg, recv_attr, req_msg.CallId);
ClearAttributes(recv_msg, recv_attr);
return(unmarshal);
}
}
}
}
private Tuple <PDUHeader, byte[], AuthData> ReadPDU(int frag_count)
{
byte[] buffer = ReadFragment(_max_recv_fragment);
RpcUtils.DumpBuffer(true, $"{GetType().Name} Receive Buffer - Fragment {frag_count}", buffer);
MemoryStream stm = new MemoryStream(buffer);
BinaryReader reader = new BinaryReader(stm);
PDUHeader header = PDUHeader.Read(reader);
NdrUnmarshalBuffer.CheckDataRepresentation(header.DataRep);
AuthData auth_data = new AuthData();
int auth_trailing_length = header.AuthLength > 0 ? header.AuthLength + AuthData.PDU_AUTH_DATA_HEADER_SIZE : 0;
byte[] data = reader.ReadAllBytes(header.FragmentLength - PDUHeader.PDU_HEADER_SIZE - auth_trailing_length);
if (auth_trailing_length > 0)
{
stm.Seek(header.FragmentLength - auth_trailing_length, SeekOrigin.Begin);
auth_data = AuthData.Read(reader, header.AuthLength);
}
return(Tuple.Create(header, data, auth_data));
}
/// <summary>
/// Send and receive an RPC message.
/// </summary>
/// <param name="proc_num">The procedure number.</param>
/// <param name="objuuid">The object UUID for the call.</param>
/// <param name="data_representation">NDR data representation.</param>
/// <param name="ndr_buffer">Marshal NDR buffer for the call.</param>
/// <param name="handles">List of handles marshaled into the buffer.</param>
/// <returns>Client response from the send.</returns>
public RpcClientResponse SendReceive(int proc_num, Guid objuuid, NdrDataRepresentation data_representation,
byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
{
NdrUnmarshalBuffer.CheckDataRepresentation(data_representation);
PDURequest request = new PDURequest
{
OpNum = (short)proc_num,
ObjectUUID = objuuid,
StubData = ndr_buffer
};
var recv_pdu = SendReceivePDU(request);
if (recv_pdu is PDUResponse pdu_respose)
{
return(new RpcClientResponse(pdu_respose.StubData, new NtObject[0]));
}
else
{
throw new RpcTransportException("Unexpected PDU from server.");
}
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
u.Align(1);
switch (u.ReadInt16())
{
case 1:
AnsiString = u.ReadStruct <AnsiStringData>();
break;
case 2:
UnicodeString = u.ReadStruct <UnicodeStringData>();
break;
case 3:
LongVal = u.ReadInt32();
break;
case 4:
ShortVal = u.ReadInt16();
break;
case 5:
PointerVal = u.ReadInt64();
break;
case 6:
break;
case 7:
BinaryVal = u.ReadStruct <BinaryData>();
break;
default:
throw new System.ArgumentException("No matching union selector when marshaling Union_2");
}
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
Unmarshal((_Unmarshal_Helper)u);
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
ParameterType = u.ReadEnum16();
ParameterData = u.ReadStruct <ParameterValueUnion>();
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
Selector = u.ReadEnum16();
Name = u.ReadStruct <EEComputerNameData>();
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
nSize = u.ReadInt16();
pBlob = u.ReadEmbeddedPointer(u.ReadConformantArray <sbyte>, false);
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
nLength = u.ReadInt16();
pString = u.ReadEmbeddedPointer(u.ReadConformantArray <short>, false);
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
Unmarshal(((_Unmarshal_HelperClaimSet)(u)));
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
Unmarshal((_Unmarshal_HelperClaimSetMetadata)u);
}
/// <summary>
/// Send and receive an RPC message.
/// </summary>
/// <param name="proc_num">The procedure number.</param>
/// <param name="objuuid">The object UUID for the call.</param>
/// <param name="data_representation">NDR data representation.</param>
/// <param name="ndr_buffer">Marshal NDR buffer for the call.</param>
/// <param name="handles">List of handles marshaled into the buffer.</param>
/// <returns>Client response from the send.</returns>
public RpcClientResponse SendReceive(int proc_num, Guid objuuid, NdrDataRepresentation data_representation, byte[] ndr_buffer, IReadOnlyCollection <NtObject> handles)
{
NdrUnmarshalBuffer.CheckDataRepresentation(data_representation);
return(new RpcClientResponse(SendReceiveRequestPDU(proc_num, objuuid, ndr_buffer), new NtObject[0]));
}
void INdrStructure.Unmarshal(NdrUnmarshalBuffer u)
{
u.Align(4);
Length = u.ReadInt16();
Data = u.ReadEmbeddedPointer(u.ReadConformantArray <sbyte>);
}
