From 94f55a12fd2ee01bfb09dbac00c044eb33e85ff0 Mon Sep 17 00:00:00 2001 From: Shutdown <40902872+ShutdownRepo@users.noreply.github.com> Date: Tue, 13 Feb 2024 16:27:33 +0100 Subject: [PATCH] starting to fix drsbind answer --- impacket/dcerpc/v5/drsuapi.py | 47 +++++++++++++++++++++++++++++++++-- impacket/dcerpc/v5/rpcrt.py | 10 ++++++++ 2 files changed, 55 insertions(+), 2 deletions(-) diff --git a/impacket/dcerpc/v5/drsuapi.py b/impacket/dcerpc/v5/drsuapi.py index ecb6500bc4..b6eb72cdc8 100644 --- a/impacket/dcerpc/v5/drsuapi.py +++ b/impacket/dcerpc/v5/drsuapi.py @@ -234,6 +234,43 @@ def dump(self, msg=None, indent=0): DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART2 = 0x40000000 DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART3 = 0x80000000 + +class DRS_EXTENSIONS_INT_FLAGS(Enum): + DRS_EXT_BASE = 0x00000001 + DRS_EXT_ASYNCREPL = 0x00000002 + DRS_EXT_REMOVEAPI = 0x00000004 + DRS_EXT_MOVEREQ_V2 = 0x00000008 + DRS_EXT_GETCHG_DEFLATE = 0x00000010 + DRS_EXT_DCINFO_V1 = 0x00000020 + DRS_EXT_RESTORE_USN_OPTIMIZATION = 0x00000040 + DRS_EXT_ADDENTRY = 0x00000080 + DRS_EXT_KCC_EXECUTE = 0x00000100 + DRS_EXT_ADDENTRY_V2 = 0x00000200 + DRS_EXT_LINKED_VALUE_REPLICATION = 0x00000400 + DRS_EXT_DCINFO_V2 = 0x00000800 + DRS_EXT_INSTANCE_TYPE_NOT_REQ_ON_MOD = 0x00001000 + DRS_EXT_CRYPTO_BIND = 0x00002000 + DRS_EXT_GET_REPL_INFO = 0x00004000 + DRS_EXT_STRONG_ENCRYPTION = 0x00008000 + DRS_EXT_DCINFO_VFFFFFFFF = 0x00010000 + DRS_EXT_TRANSITIVE_MEMBERSHIP = 0x00020000 + DRS_EXT_ADD_SID_HISTORY = 0x00040000 + DRS_EXT_POST_BETA3 = 0x00080000 + DRS_EXT_GETCHGREQ_V5 = 0x00100000 + DRS_EXT_GETMEMBERSHIPS2 = 0x00200000 + DRS_EXT_GETCHGREQ_V6 = 0x00400000 + DRS_EXT_NONDOMAIN_NCS = 0x00800000 + DRS_EXT_GETCHGREQ_V8 = 0x01000000 + DRS_EXT_GETCHGREPLY_V5 = 0x02000000 + DRS_EXT_GETCHGREPLY_V6 = 0x04000000 + DRS_EXT_GETCHGREPLY_V9 = 0x00000100 + DRS_EXT_WHISTLER_BETA3 = 0x08000000 + DRS_EXT_W2K3_DEFLATE = 0x10000000 + DRS_EXT_GETCHGREQ_V10 = 0x20000000 + DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART2 = 0x40000000 + DRS_EXT_RESERVED_FOR_WIN2K_OR_DOTNET_PART3 = 0x80000000 + + # dwFlagsExt DRS_EXT_ADAM = 0x00000001 DRS_EXT_LH_BETA2 = 0x00000002 @@ -406,6 +443,12 @@ class PDRS_EXTENSIONS(NDRPOINTER): ) +class PPDRS_EXTENSIONS(NDRPOINTER): + referent = ( + ('Data', PDRS_EXTENSIONS), + ) + + # 5.39 DRS_EXTENSIONS_INT class DRS_EXTENSIONS_INT(Structure): structure = ( @@ -1927,8 +1970,8 @@ class DRSBind(NDRCALL): class DRSBindResponse(NDRCALL): structure = ( - ('ppextServer', PDRS_EXTENSIONS), - ('phDrs', DRS_HANDLE), + ('ppextServer', PPDRS_EXTENSIONS), + ('phDrs', PDRS_HANDLE), ('ErrorCode', DWORD), ) diff --git a/impacket/dcerpc/v5/rpcrt.py b/impacket/dcerpc/v5/rpcrt.py index a56bc1b030..f98953dc2c 100644 --- a/impacket/dcerpc/v5/rpcrt.py +++ b/impacket/dcerpc/v5/rpcrt.py @@ -26,6 +26,7 @@ from Cryptodome.Cipher import ARC4 from impacket import ntlm, LOG +from impacket.dcerpc.v5.enum import Enum from impacket.structure import Structure,pack,unpack from impacket.krb5 import kerberosv5, gssapi from impacket.uuid import uuidtup_to_bin, generate, stringver_to_bin, bin_to_uuidtup @@ -109,6 +110,15 @@ RPC_C_AUTHN_NETLOGON = 0x44 RPC_C_AUTHN_DEFAULT = 0xFF +class AUTH_TYPES(Enum): + RPC_C_AUTHN_NONE = 0x00 + RPC_C_AUTHN_GSS_NEGOTIATE = 0x09 + RPC_C_AUTHN_WINNT = 0x0A + RPC_C_AUTHN_GSS_SCHANNEL = 0x0E + RPC_C_AUTHN_GSS_KERBEROS = 0x10 + RPC_C_AUTHN_NETLOGON = 0x44 + RPC_C_AUTHN_DEFAULT = 0xFF + # Auth Levels RPC_C_AUTHN_LEVEL_NONE = 1 RPC_C_AUTHN_LEVEL_CONNECT = 2