diff options
Diffstat (limited to 'tests')
-rw-r--r-- | tests/python_dependencies/impacket/__init__.py | 25 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/nmb.py | 980 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/nt_errors.py | 3586 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/ntlm.py | 971 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/smb.py | 4099 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/smb3.py | 1629 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/smb3structs.py | 1363 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/smbserver.py | 4416 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/spnego.py | 372 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/structure.py | 743 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/uuid.py | 68 | ||||
-rw-r--r-- | tests/python_dependencies/impacket/version.py | 12 |
12 files changed, 18264 insertions, 0 deletions
diff --git a/tests/python_dependencies/impacket/__init__.py b/tests/python_dependencies/impacket/__init__.py new file mode 100644 index 000000000..92a5d6bb4 --- /dev/null +++ b/tests/python_dependencies/impacket/__init__.py @@ -0,0 +1,25 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (@agsolino) +# + +# Set default logging handler to avoid "No handler found" warnings. +import logging +try: # Python 2.7+ + from logging import NullHandler +except ImportError: + class NullHandler(logging.Handler): + def emit(self, record): + pass + +# All modules inside this library MUST use this logger (impacket) +# It is up to the library consumer to do whatever is wanted +# with the logger output. By default it is forwarded to the +# upstream logger + +LOG = logging.getLogger(__name__) +LOG.addHandler(NullHandler()) diff --git a/tests/python_dependencies/impacket/nmb.py b/tests/python_dependencies/impacket/nmb.py new file mode 100644 index 000000000..dc8777e65 --- /dev/null +++ b/tests/python_dependencies/impacket/nmb.py @@ -0,0 +1,980 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# + + +# -*- mode: python; tab-width: 4 -*- +# +# Copyright (C) 2001 Michael Teo <michaelteo@bigfoot.com> +# nmb.py - NetBIOS library +# +# This software is provided 'as-is', without any express or implied warranty. +# In no event will the author be held liable for any damages arising from the +# use of this software. +# +# Permission is granted to anyone to use this software for any purpose, +# including commercial applications, and to alter it and redistribute it +# freely, subject to the following restrictions: +# +# 1. The origin of this software must not be misrepresented; you must not +# claim that you wrote the original software. If you use this software +# in a product, an acknowledgment in the product documentation would be +# appreciated but is not required. +# +# 2. Altered source versions must be plainly marked as such, and must not be +# misrepresented as being the original software. +# +# 3. This notice cannot be removed or altered from any source distribution. +# +# Altered source done by Alberto Solino (@agsolino) + +import socket +import string +import re +import select +import errno +from random import randint +from struct import pack, unpack +import time + +from structure import Structure + +CVS_REVISION = '$Revision: 526 $' + +# Taken from socket module reference +INADDR_ANY = '0.0.0.0' +BROADCAST_ADDR = '<broadcast>' + +# Default port for NetBIOS name service +NETBIOS_NS_PORT = 137 +# Default port for NetBIOS session service +NETBIOS_SESSION_PORT = 139 + +# Default port for SMB session service +SMB_SESSION_PORT = 445 + +# Owner Node Type Constants +NODE_B = 0x0000 +NODE_P = 0x2000 +NODE_M = 0x4000 +NODE_RESERVED = 0x6000 +NODE_GROUP = 0x8000 +NODE_UNIQUE = 0x0 + +# Name Type Constants +TYPE_UNKNOWN = 0x01 +TYPE_WORKSTATION = 0x00 +TYPE_CLIENT = 0x03 +TYPE_SERVER = 0x20 +TYPE_DOMAIN_MASTER = 0x1B +TYPE_DOMAIN_CONTROLLER = 0x1C +TYPE_MASTER_BROWSER = 0x1D +TYPE_BROWSER = 0x1E +TYPE_NETDDE = 0x1F +TYPE_STATUS = 0x21 + +# Opcodes values +OPCODE_QUERY = 0 +OPCODE_REGISTRATION = 0x5 +OPCODE_RELEASE = 0x6 +OPCODE_WACK = 0x7 +OPCODE_REFRESH = 0x8 +OPCODE_REQUEST = 0 +OPCODE_RESPONSE = 0x10 + +# NM_FLAGS +NM_FLAGS_BROADCAST = 0x1 +NM_FLAGS_UNICAST = 0 +NM_FLAGS_RA = 0x8 +NM_FLAGS_RD = 0x10 +NM_FLAGS_TC = 0x20 +NM_FLAGS_AA = 0x40 + +# QUESTION_TYPE +QUESTION_TYPE_NB = 0x20 # NetBIOS general Name Service Resource Record +QUESTION_TYPE_NBSTAT = 0x21 # NetBIOS NODE STATUS Resource Record +# QUESTION_CLASS +QUESTION_CLASS_IN = 0x1 # Internet class + +# RR_TYPE Resource Record Type code +RR_TYPE_A = 0x1 # IP address Resource Record +RR_TYPE_NS = 0x2 # Name Server Resource Record +RR_TYPE_NULL = 0xA # NULL Resource Record +RR_TYPE_NB = 0x20 # NetBIOS general Name Service Resource Record +RR_TYPE_NBSTAT = 0x21 # NetBIOS NODE STATUS Resource Record + +# Resource Record Class +RR_CLASS_IN = 1 # Internet class + +# RCODE values +RCODE_FMT_ERR = 0x1 # Format Error. Request was invalidly formatted. +RCODE_SRV_ERR = 0x2 # Server failure. Problem with NBNS, cannot process name. +RCODE_IMP_ERR = 0x4 # Unsupported request error. Allowable only for challenging NBNS when gets an Update type + # registration request. +RCODE_RFS_ERR = 0x5 # Refused error. For policy reasons server will not register this name from this host. +RCODE_ACT_ERR = 0x6 # Active error. Name is owned by another node. +RCODE_CFT_ERR = 0x7 # Name in conflict error. A UNIQUE name is owned by more than one node. + +# NAME_FLAGS +NAME_FLAGS_PRM = 0x0200 # Permanent Name Flag. If one (1) then entry is for the permanent node name. Flag is zero + # (0) for all other names. +NAME_FLAGS_ACT = 0x0400 # Active Name Flag. All entries have this flag set to one (1). +NAME_FLAG_CNF = 0x0800 # Conflict Flag. If one (1) then name on this node is in conflict. +NAME_FLAG_DRG = 0x1000 # Deregister Flag. If one (1) then this name is in the process of being deleted. + +NAME_TYPES = { TYPE_UNKNOWN: 'Unknown', TYPE_WORKSTATION: 'Workstation', TYPE_CLIENT: 'Client', + TYPE_SERVER: 'Server', TYPE_MASTER_BROWSER: 'Master Browser', TYPE_BROWSER: 'Browser Server', + TYPE_DOMAIN_MASTER: 'Domain Master' , TYPE_NETDDE: 'NetDDE Server'} +# NetBIOS Session Types +NETBIOS_SESSION_MESSAGE = 0x0 +NETBIOS_SESSION_REQUEST = 0x81 +NETBIOS_SESSION_POSITIVE_RESPONSE = 0x82 +NETBIOS_SESSION_NEGATIVE_RESPONSE = 0x83 +NETBIOS_SESSION_RETARGET_RESPONSE = 0x84 +NETBIOS_SESSION_KEEP_ALIVE = 0x85 + + +def strerror(errclass, errcode): + if errclass == ERRCLASS_OS: + return 'OS Error', str(errcode) + elif errclass == ERRCLASS_QUERY: + return 'Query Error', QUERY_ERRORS.get(errcode, 'Unknown error') + elif errclass == ERRCLASS_SESSION: + return 'Session Error', SESSION_ERRORS.get(errcode, 'Unknown error') + else: + return 'Unknown Error Class', 'Unknown Error' + + + +class NetBIOSError(Exception): pass +class NetBIOSTimeout(Exception): + def __init__(self, message = 'The NETBIOS connection with the remote host timed out.'): + Exception.__init__(self, message) + +class NBResourceRecord: + def __init__(self, data = 0): + self._data = data + try: + if self._data: + self.rr_name = (re.split('\x00',data))[0] + offset = len(self.rr_name)+1 + self.rr_type = unpack('>H', self._data[offset:offset+2])[0] + self.rr_class = unpack('>H', self._data[offset+2: offset+4])[0] + self.ttl = unpack('>L',self._data[offset+4:offset+8])[0] + self.rdlength = unpack('>H', self._data[offset+8:offset+10])[0] + self.rdata = self._data[offset+10:offset+10+self.rdlength] + offset = self.rdlength - 2 + self.unit_id = data[offset:offset+6] + else: + self.rr_name = '' + self.rr_type = 0 + self.rr_class = 0 + self.ttl = 0 + self.rdlength = 0 + self.rdata = '' + self.unit_id = '' + except Exception: + raise NetBIOSError( 'Wrong packet format ' ) + + def set_rr_name(self, name): + self.rr_name = name + def set_rr_type(self, name): + self.rr_type = name + def set_rr_class(self,cl): + self.rr_class = cl + def set_ttl(self,ttl): + self.ttl = ttl + def set_rdata(self,rdata): + self.rdata = rdata + self.rdlength = len(rdata) + def get_unit_id(self): + return self.unit_id + def get_rr_name(self): + return self.rr_name + def get_rr_class(self): + return self.rr_class + def get_ttl(self): + return self.ttl + def get_rdlength(self): + return self.rdlength + def get_rdata(self): + return self.rdata + def rawData(self): + return self.rr_name + pack('!HHLH',self.rr_type, self.rr_class, self.ttl, self.rdlength) + self.rdata + +class NBNodeStatusResponse(NBResourceRecord): + def __init__(self, data = 0): + NBResourceRecord.__init__(self,data) + self.num_names = 0 + self.node_names = [ ] + self.statstics = '' + self.mac = '00-00-00-00-00-00' + try: + if data: + self._data = self.get_rdata() + self.num_names = unpack('>B',self._data[:1])[0] + offset = 1 + for i in range(0, self.num_names): + name = self._data[offset:offset + 15] + type,flags = unpack('>BH', self._data[offset + 15: offset + 18]) + offset += 18 + self.node_names.append(NBNodeEntry(name, type ,flags)) + self.set_mac_in_hexa(self.get_unit_id()) + except Exception: + raise NetBIOSError( 'Wrong packet format ' ) + + def set_mac_in_hexa(self, data): + data_aux = '' + for d in data: + if data_aux == '': + data_aux = '%02x' % ord(d) + else: + data_aux += '-%02x' % ord(d) + self.mac = string.upper(data_aux) + + def get_num_names(self): + return self.num_names + def get_mac(self): + return self.mac + def set_num_names(self, num): + self.num_names = num + def get_node_names(self): + return self.node_names + def add_node_name(self,node_names): + self.node_names.append(node_names) + self.num_names += 1 + def rawData(self): + res = pack('!B', self.num_names ) + for i in range(0, self.num_names): + res += self.node_names[i].rawData() + +class NBPositiveNameQueryResponse(NBResourceRecord): + def __init__(self, data = 0): + NBResourceRecord.__init__(self, data) + self.addr_entries = [ ] + if data: + self._data = self.get_rdata() + _qn_length, qn_name, qn_scope = decode_name(data) + self._netbios_name = string.rstrip(qn_name[:-1]) + qn_scope + self._name_type = ord(qn_name[-1]) + self._nb_flags = unpack('!H', self._data[:2]) + offset = 2 + while offset<len(self._data): + self.addr_entries.append('%d.%d.%d.%d' % unpack('4B', (self._data[offset:offset+4]))) + offset += 4 + + def get_netbios_name(self): + return self._netbios_name + + def get_name_type(self): + return self._name_type + + def get_addr_entries(self): + return self.addr_entries + +class NetBIOSPacket: + """ This is a packet as defined in RFC 1002 """ + def __init__(self, data = 0): + self.name_trn_id = 0x0 # Transaction ID for Name Service Transaction. + # Requestor places a unique value for each active + # transaction. Responder puts NAME_TRN_ID value + # from request packet in response packet. + self.opcode = 0 # Packet type code + self.nm_flags = 0 # Flags for operation + self.rcode = 0 # Result codes of request. + self.qdcount = 0 # Unsigned 16 bit integer specifying the number of entries in the question section of a Name + self.ancount = 0 # Unsigned 16 bit integer specifying the number of + # resource records in the answer section of a Name + # Service packet. + self.nscount = 0 # Unsigned 16 bit integer specifying the number of + # resource records in the authority section of a + # Name Service packet. + self.arcount = 0 # Unsigned 16 bit integer specifying the number of + # resource records in the additional records + # section of a Name Service packeT. + self.questions = '' + self.answers = '' + if data == 0: + self._data = '' + else: + try: + self._data = data + self.opcode = ord(data[2]) >> 3 + self.nm_flags = ((ord(data[2]) & 0x3) << 4) | ((ord(data[3]) & 0xf0) >> 4) + self.name_trn_id = unpack('>H', self._data[:2])[0] + self.rcode = ord(data[3]) & 0x0f + self.qdcount = unpack('>H', self._data[4:6])[0] + self.ancount = unpack('>H', self._data[6:8])[0] + self.nscount = unpack('>H', self._data[8:10])[0] + self.arcount = unpack('>H', self._data[10:12])[0] + self.answers = self._data[12:] + except Exception: + raise NetBIOSError( 'Wrong packet format ' ) + + def set_opcode(self, opcode): + self.opcode = opcode + def set_trn_id(self, trn): + self.name_trn_id = trn + def set_nm_flags(self, nm_flags): + self.nm_flags = nm_flags + def set_rcode(self, rcode): + self.rcode = rcode + def addQuestion(self, question, qtype, qclass): + self.qdcount += 1 + self.questions += question + pack('!HH',qtype,qclass) + def get_trn_id(self): + return self.name_trn_id + def get_rcode(self): + return self.rcode + def get_nm_flags(self): + return self.nm_flags + def get_opcode(self): + return self.opcode + def get_qdcount(self): + return self.qdcount + def get_ancount(self): + return self.ancount + def get_nscount(self): + return self.nscount + def get_arcount(self): + return self.arcount + def rawData(self): + secondWord = self.opcode << 11 + secondWord |= self.nm_flags << 4 + secondWord |= self.rcode + data = pack('!HHHHHH', self.name_trn_id, secondWord , self.qdcount, self.ancount, self.nscount, self.arcount) + self.questions + self.answers + return data + def get_answers(self): + return self.answers + +class NBHostEntry: + + def __init__(self, nbname, nametype, ip): + self.__nbname = nbname + self.__nametype = nametype + self.__ip = ip + + def get_nbname(self): + return self.__nbname + + def get_nametype(self): + return self.__nametype + + def get_ip(self): + return self.__ip + + def __repr__(self): + return '<NBHostEntry instance: NBname="' + self.__nbname + '", IP="' + self.__ip + '">' + +class NBNodeEntry: + + def __init__(self, nbname, nametype, flags): + self.__nbname = string.ljust(nbname,17) + self.__nametype = nametype + self.__flags = flags + self.__isgroup = flags & 0x8000 + self.__nodetype = flags & 0x6000 + self.__deleting = flags & 0x1000 + self.__isconflict = flags & 0x0800 + self.__isactive = flags & 0x0400 + self.__ispermanent = flags & 0x0200 + + def get_nbname(self): + return self.__nbname + + def get_nametype(self): + return self.__nametype + + def is_group(self): + return self.__isgroup + + def get_nodetype(self): + return self.__nodetype + + def is_deleting(self): + return self.__deleting + + def is_conflict(self): + return self.__isconflict + + def is_active(self): + return self.__isactive + + def is_permanent(self): + return self.__ispermanent + + def set_nbname(self, name): + self.__nbname = string.ljust(name,17) + + def set_nametype(self, type): + self.__nametype = type + + def set_flags(self,flags): + self.__flags = flags + + def __repr__(self): + s = '<NBNodeEntry instance: NBname="' + self.__nbname + '" NameType="' + NAME_TYPES[self.__nametype] + '"' + if self.__isactive: + s += ' ACTIVE' + if self.__isgroup: + s += ' GROUP' + if self.__isconflict: + s += ' CONFLICT' + if self.__deleting: + s += ' DELETING' + return s + def rawData(self): + return self.__nbname + pack('!BH',self.__nametype, self.__flags) + + +class NetBIOS: + + # Creates a NetBIOS instance without specifying any default NetBIOS domain nameserver. + # All queries will be sent through the servport. + def __init__(self, servport = NETBIOS_NS_PORT): + self.__servport = NETBIOS_NS_PORT + self.__nameserver = None + self.__broadcastaddr = BROADCAST_ADDR + self.mac = '00-00-00-00-00-00' + + def _setup_connection(self, dstaddr): + port = randint(10000, 60000) + af, socktype, proto, _canonname, _sa = socket.getaddrinfo(dstaddr, port, socket.AF_INET, socket.SOCK_DGRAM)[0] + s = socket.socket(af, socktype, proto) + has_bind = 1 + for _i in range(0, 10): + # We try to bind to a port for 10 tries + try: + s.bind(( INADDR_ANY, randint(10000, 60000) )) + s.setsockopt(socket.SOL_SOCKET, socket.SO_BROADCAST, 1) + has_bind = 1 + except socket.error: + pass + if not has_bind: + raise NetBIOSError, ( 'Cannot bind to a good UDP port', ERRCLASS_OS, errno.EAGAIN ) + self.__sock = s + + # Set the default NetBIOS domain nameserver. + def set_nameserver(self, nameserver): + self.__nameserver = nameserver + + # Return the default NetBIOS domain nameserver, or None if none is specified. + def get_nameserver(self): + return self.__nameserver + + # Set the broadcast address to be used for query. + def set_broadcastaddr(self, broadcastaddr): + self.__broadcastaddr = broadcastaddr + + # Return the broadcast address to be used, or BROADCAST_ADDR if default broadcast address is used. + def get_broadcastaddr(self): + return self.__broadcastaddr + + # Returns a NBPositiveNameQueryResponse instance containing the host information for nbname. + # If a NetBIOS domain nameserver has been specified, it will be used for the query. + # Otherwise, the query is broadcasted on the broadcast address. + def gethostbyname(self, nbname, qtype = TYPE_WORKSTATION, scope = None, timeout = 1): + return self.__queryname(nbname, self.__nameserver, qtype, scope, timeout) + + # Returns a list of NBNodeEntry instances containing node status information for nbname. + # If destaddr contains an IP address, then this will become an unicast query on the destaddr. + # Raises NetBIOSTimeout if timeout (in secs) is reached. + # Raises NetBIOSError for other errors + def getnodestatus(self, nbname, destaddr = None, type = TYPE_WORKSTATION, scope = None, timeout = 1): + if destaddr: + return self.__querynodestatus(nbname, destaddr, type, scope, timeout) + else: + return self.__querynodestatus(nbname, self.__nameserver, type, scope, timeout) + + def getnetbiosname(self, ip): + entries = self.getnodestatus('*',ip) + entries = filter(lambda x:x.get_nametype() == TYPE_SERVER, entries) + return entries[0].get_nbname().strip() + + def getmacaddress(self): + return self.mac + + def __queryname(self, nbname, destaddr, qtype, scope, timeout, retries = 0): + self._setup_connection(destaddr) + trn_id = randint(1, 32000) + p = NetBIOSPacket() + p.set_trn_id(trn_id) + netbios_name = nbname.upper() + qn_label = encode_name(netbios_name, qtype, scope) + p.addQuestion(qn_label, QUESTION_TYPE_NB, QUESTION_CLASS_IN) + p.set_nm_flags(NM_FLAGS_RD) + if not destaddr: + p.set_nm_flags(p.get_nm_flags() | NM_FLAGS_BROADCAST) + destaddr = self.__broadcastaddr + req = p.rawData() + + tries = retries + while 1: + self.__sock.sendto(req, ( destaddr, self.__servport )) + try: + ready, _, _ = select.select([ self.__sock.fileno() ], [ ] , [ ], timeout) + if not ready: + if tries: + # Retry again until tries == 0 + tries -= 1 + else: + raise NetBIOSTimeout + else: + data, _ = self.__sock.recvfrom(65536, 0) + + res = NetBIOSPacket(data) + if res.get_trn_id() == p.get_trn_id(): + if res.get_rcode(): + if res.get_rcode() == 0x03: + return None + else: + raise NetBIOSError, ( 'Negative name query response', ERRCLASS_QUERY, res.get_rcode() ) + + if res.get_ancount() != 1: + raise NetBIOSError( 'Malformed response') + + return NBPositiveNameQueryResponse(res.get_answers()) + except select.error, ex: + if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN: + raise NetBIOSError, ( 'Error occurs while waiting for response', ERRCLASS_OS, ex[0] ) + raise + + + def __querynodestatus(self, nbname, destaddr, type, scope, timeout): + self._setup_connection(destaddr) + trn_id = randint(1, 32000) + p = NetBIOSPacket() + p.set_trn_id(trn_id) + netbios_name = string.upper(nbname) + qn_label = encode_name(netbios_name, type, scope) + p.addQuestion(qn_label, QUESTION_TYPE_NBSTAT, QUESTION_CLASS_IN) + + if not destaddr: + p.set_nm_flags(NM_FLAGS_BROADCAST) + destaddr = self.__broadcastaddr + req = p.rawData() + tries = 3 + while 1: + try: + self.__sock.sendto(req, 0, ( destaddr, self.__servport )) + ready, _, _ = select.select([ self.__sock.fileno() ], [ ] , [ ], timeout) + if not ready: + if tries: + # Retry again until tries == 0 + tries -= 1 + else: + raise NetBIOSTimeout + else: + try: + data, _ = self.__sock.recvfrom(65536, 0) + except Exception, e: + raise NetBIOSError, "recvfrom error: %s" % str(e) + self.__sock.close() + res = NetBIOSPacket(data) + if res.get_trn_id() == p.get_trn_id(): + if res.get_rcode(): + if res.get_rcode() == 0x03: + # I'm just guessing here + raise NetBIOSError, "Cannot get data from server" + else: + raise NetBIOSError, ( 'Negative name query response', ERRCLASS_QUERY, res.get_rcode() ) + answ = NBNodeStatusResponse(res.get_answers()) + self.mac = answ.get_mac() + return answ.get_node_names() + except select.error, ex: + if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN: + raise NetBIOSError, ( 'Error occurs while waiting for response', ERRCLASS_OS, ex[0] ) + except socket.error, ex: + raise NetBIOSError, 'Connection error: %s' % str(ex) + +# Perform first and second level encoding of name as specified in RFC 1001 (Section 4) +def encode_name(name, type, scope): + if name == '*': + name += '\0' * 15 + elif len(name) > 15: + name = name[:15] + chr(type) + else: + name = string.ljust(name, 15) + chr(type) + + encoded_name = chr(len(name) * 2) + re.sub('.', _do_first_level_encoding, name) + if scope: + encoded_scope = '' + for s in string.split(scope, '.'): + encoded_scope = encoded_scope + chr(len(s)) + s + return encoded_name + encoded_scope + '\0' + else: + return encoded_name + '\0' + +# Internal method for use in encode_name() +def _do_first_level_encoding(m): + s = ord(m.group(0)) + return string.uppercase[s >> 4] + string.uppercase[s & 0x0f] + +def decode_name(name): + name_length = ord(name[0]) + assert name_length == 32 + + decoded_name = re.sub('..', _do_first_level_decoding, name[1:33]) + if name[33] == '\0': + return 34, decoded_name, '' + else: + decoded_domain = '' + offset = 34 + while 1: + domain_length = ord(name[offset]) + if domain_length == 0: + break + decoded_domain = '.' + name[offset:offset + domain_length] + offset += domain_length + return offset + 1, decoded_name, decoded_domain + +def _do_first_level_decoding(m): + s = m.group(0) + return chr(((ord(s[0]) - ord('A')) << 4) | (ord(s[1]) - ord('A'))) + + + +class NetBIOSSessionPacket: + def __init__(self, data = 0): + self.type = 0x0 + self.flags = 0x0 + self.length = 0x0 + if data == 0: + self._trailer = '' + else: + try: + self.type = ord(data[0]) + if self.type == NETBIOS_SESSION_MESSAGE: + self.length = ord(data[1]) << 16 | (unpack('!H', data[2:4])[0]) + else: + self.flags = ord(data[1]) + self.length = unpack('!H', data[2:4])[0] + + self._trailer = data[4:] + except: + raise NetBIOSError( 'Wrong packet format ' ) + + def set_type(self, type): + self.type = type + def get_type(self): + return self.type + def rawData(self): + if self.type == NETBIOS_SESSION_MESSAGE: + data = pack('!BBH',self.type,self.length >> 16,self.length & 0xFFFF) + self._trailer + else: + data = pack('!BBH',self.type,self.flags,self.length) + self._trailer + return data + def set_trailer(self,data): + self._trailer = data + self.length = len(data) + def get_length(self): + return self.length + def get_trailer(self): + return self._trailer + +class NetBIOSSession: + def __init__(self, myname, remote_name, remote_host, remote_type = TYPE_SERVER, sess_port = NETBIOS_SESSION_PORT, timeout = None, local_type = TYPE_WORKSTATION, sock = None): + if len(myname) > 15: + self.__myname = string.upper(myname[:15]) + else: + self.__myname = string.upper(myname) + self.__local_type = local_type + + assert remote_name + # if destination port SMB_SESSION_PORT and remote name *SMBSERVER, we're changing it to its IP address + # helping solving the client mistake ;) + if remote_name == '*SMBSERVER' and sess_port == SMB_SESSION_PORT: + remote_name = remote_host + # If remote name is *SMBSERVER let's try to query its name.. if can't be guessed, continue and hope for the best + if remote_name == '*SMBSERVER': + nb = NetBIOS() + + try: + res = nb.getnetbiosname(remote_host) + except: + res = None + pass + + if res is not None: + remote_name = res + + if len(remote_name) > 15: + self.__remote_name = string.upper(remote_name[:15]) + else: + self.__remote_name = string.upper(remote_name) + self.__remote_type = remote_type + + self.__remote_host = remote_host + + if sock is not None: + # We are acting as a server + self._sock = sock + else: + self._sock = self._setup_connection((remote_host, sess_port)) + + if sess_port == NETBIOS_SESSION_PORT: + self._request_session(remote_type, local_type, timeout) + + def get_myname(self): + return self.__myname + + def get_mytype(self): + return self.__local_type + + def get_remote_host(self): + return self.__remote_host + + def get_remote_name(self): + return self.__remote_name + + def get_remote_type(self): + return self.__remote_type + + def close(self): + self._sock.close() + + def get_socket(self): + return self._sock + +class NetBIOSUDPSessionPacket(Structure): + TYPE_DIRECT_UNIQUE = 16 + TYPE_DIRECT_GROUP = 17 + + FLAGS_MORE_FRAGMENTS = 1 + FLAGS_FIRST_FRAGMENT = 2 + FLAGS_B_NODE = 0 + + structure = ( + ('Type','B=16'), # Direct Unique Datagram + ('Flags','B=2'), # FLAGS_FIRST_FRAGMENT + ('ID','<H'), + ('_SourceIP','>L'), + ('SourceIP','"'), + ('SourcePort','>H=138'), + ('DataLegth','>H-Data'), + ('Offset','>H=0'), + ('SourceName','z'), + ('DestinationName','z'), + ('Data',':'), + ) + + def getData(self): + addr = self['SourceIP'].split('.') + addr = [int(x) for x in addr] + addr = (((addr[0] << 8) + addr[1] << 8) + addr[2] << 8) + addr[3] + self['_SourceIP'] = addr + return Structure.getData(self) + + def get_trailer(self): + return self['Data'] + +class NetBIOSUDPSession(NetBIOSSession): + def _setup_connection(self, peer): + af, socktype, proto, canonname, sa = socket.getaddrinfo(peer[0], peer[1], 0, socket.SOCK_DGRAM)[0] + sock = socket.socket(af, socktype, proto) + sock.connect(sa) + + sock = socket.socket(af, socktype, proto) + sock.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1) + sock.bind((INADDR_ANY, 138)) + self.peer = peer + return sock + + def _request_session(self, remote_type, local_type, timeout = None): + pass + + def next_id(self): + if hasattr(self, '__dgram_id'): + answer = self.__dgram_id + else: + self.__dgram_id = randint(1,65535) + answer = self.__dgram_id + self.__dgram_id += 1 + return answer + + def send_packet(self, data): + # Yes... I know... + self._sock.connect(self.peer) + + p = NetBIOSUDPSessionPacket() + p['ID'] = self.next_id() + p['SourceIP'] = self._sock.getsockname()[0] + p['SourceName'] = encode_name(self.get_myname(), self.get_mytype(), '')[:-1] + p['DestinationName'] = encode_name(self.get_remote_name(), self.get_remote_type(), '')[:-1] + p['Data'] = data + + self._sock.sendto(str(p), self.peer) + self._sock.close() + + self._sock = self._setup_connection(self.peer) + + def recv_packet(self, timeout = None): + # The next loop is a workaround for a bigger problem: + # When data reaches higher layers, the lower headers are lost, + # and with them, for example, the source IP. Hence, SMB users + # can't know where packets are comming from... we need a better + # solution, right now, we will filter everything except packets + # coming from the remote_host specified in __init__() + + while 1: + data, peer = self._sock.recvfrom(8192) +# print "peer: %r self.peer: %r" % (peer, self.peer) + if peer == self.peer: break + + return NetBIOSUDPSessionPacket(data) + +class NetBIOSTCPSession(NetBIOSSession): + def __init__(self, myname, remote_name, remote_host, remote_type = TYPE_SERVER, sess_port = NETBIOS_SESSION_PORT, timeout = None, local_type = TYPE_WORKSTATION, sock = None, select_poll = False): + self.__select_poll = select_poll + if self.__select_poll: + self.read_function = self.polling_read + else: + self.read_function = self.non_polling_read + NetBIOSSession.__init__(self, myname, remote_name, remote_host, remote_type = remote_type, sess_port = sess_port, timeout = timeout, local_type = local_type, sock=sock) + + + def _setup_connection(self, peer): + try: + af, socktype, proto, canonname, sa = socket.getaddrinfo(peer[0], peer[1], 0, socket.SOCK_STREAM)[0] + sock = socket.socket(af, socktype, proto) + sock.connect(sa) + except socket.error, e: + raise socket.error("Connection error (%s:%s)" % (peer[0], peer[1]), e) + return sock + + def send_packet(self, data): + p = NetBIOSSessionPacket() + p.set_type(NETBIOS_SESSION_MESSAGE) + p.set_trailer(data) + self._sock.send(p.rawData()) + + def recv_packet(self, timeout = None): + data = self.__read(timeout) + return NetBIOSSessionPacket(data) + + def _request_session(self, remote_type, local_type, timeout = None): + p = NetBIOSSessionPacket() + remote_name = encode_name(self.get_remote_name(), remote_type, '') + myname = encode_name(self.get_myname(), local_type, '') + p.set_type(NETBIOS_SESSION_REQUEST) + p.set_trailer(remote_name + myname) + + self._sock.send(p.rawData()) + while 1: + p = self.recv_packet(timeout) + if p.get_type() == NETBIOS_SESSION_NEGATIVE_RESPONSE: + raise NetBIOSError, ( 'Cannot request session', ERRCLASS_SESSION, ord(p.get_trailer()[0]) ) + elif p.get_type() == NETBIOS_SESSION_POSITIVE_RESPONSE: + break + else: + # Ignore all other messages, most probably keepalive messages + pass + + def polling_read(self, read_length, timeout): + data = '' + if timeout is None: + timeout = 3600 + + time_left = timeout + CHUNK_TIME = 0.025 + bytes_left = read_length + + while bytes_left > 0: + try: + ready, _, _ = select.select([self._sock.fileno() ], [ ], [ ], 0) + + if not ready: + if time_left <= 0: + raise NetBIOSTimeout + else: + time.sleep(CHUNK_TIME) + time_left -= CHUNK_TIME + continue + + received = self._sock.recv(bytes_left) + if len(received) == 0: + raise NetBIOSError, ( 'Error while reading from remote', ERRCLASS_OS, None) + + data = data + received + bytes_left = read_length - len(data) + except select.error, ex: + if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN: + raise NetBIOSError, ( 'Error occurs while reading from remote', ERRCLASS_OS, ex[0] ) + + return data + + def non_polling_read(self, read_length, timeout): + data = '' + bytes_left = read_length + + while bytes_left > 0: + try: + ready, _, _ = select.select([self._sock.fileno() ], [ ], [ ], timeout) + + if not ready: + raise NetBIOSTimeout + + received = self._sock.recv(bytes_left) + if len(received) == 0: + raise NetBIOSError, ( 'Error while reading from remote', ERRCLASS_OS, None) + + data = data + received + bytes_left = read_length - len(data) + except select.error, ex: + if ex[0] != errno.EINTR and ex[0] != errno.EAGAIN: + raise NetBIOSError, ( 'Error occurs while reading from remote', ERRCLASS_OS, ex[0] ) + + return data + + def __read(self, timeout = None): + data = self.read_function(4, timeout) + type, flags, length = unpack('>ccH', data) + if ord(type) == NETBIOS_SESSION_MESSAGE: + length |= ord(flags) << 16 + else: + if ord(flags) & 0x01: + length |= 0x10000 + data2 = self.read_function(length, timeout) + + return data + data2 + +ERRCLASS_QUERY = 0x00 +ERRCLASS_SESSION = 0xf0 +ERRCLASS_OS = 0xff + +QUERY_ERRORS = { 0x01: 'Request format error. Please file a bug report.', + 0x02: 'Internal server error', + 0x03: 'Name does not exist', + 0x04: 'Unsupported request', + 0x05: 'Request refused' + } + +SESSION_ERRORS = { 0x80: 'Not listening on called name', + 0x81: 'Not listening for calling name', + 0x82: 'Called name not present', + 0x83: 'Sufficient resources', + 0x8f: 'Unspecified error' + } + +def main(): + def get_netbios_host_by_name(name): + n = NetBIOS() + n.set_broadcastaddr('255.255.255.255') # To avoid use "<broadcast>" in socket + for qtype in (TYPE_WORKSTATION, TYPE_CLIENT, TYPE_SERVER, TYPE_DOMAIN_MASTER, TYPE_DOMAIN_CONTROLLER): + try: + addrs = n.gethostbyname(name, qtype = qtype).get_addr_entries() + except NetBIOSTimeout: + continue + else: + return addrs + raise Exception("Host not found") + + + n = get_netbios_host_by_name("some-host") + print n + +if __name__ == '__main__': + main() diff --git a/tests/python_dependencies/impacket/nt_errors.py b/tests/python_dependencies/impacket/nt_errors.py new file mode 100644 index 000000000..cd7ef80ae --- /dev/null +++ b/tests/python_dependencies/impacket/nt_errors.py @@ -0,0 +1,3586 @@ +# Copyright (c) 2003-2016 CORE Security Technologies) +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (@agsolino) +# +# Description: +# NT STATUS Errors from [MS-ERREF]. Ideally all the files +# should grab the error codes from here (big ToDo) +# + +ERROR_MESSAGES = { + 0x00000000: ("STATUS_SUCCESS","The operation completed successfully."), + 0x00000001: ("STATUS_WAIT_1","The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."), + 0x00000002: ("STATUS_WAIT_2","The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."), + 0x00000003: ("STATUS_WAIT_3","The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."), + 0x0000003F: ("STATUS_WAIT_63","The caller specified WaitAny for WaitType and one of the dispatcher objects in the Object array has been set to the signaled state."), + 0x00000080: ("STATUS_ABANDONED","The caller attempted to wait for a mutex that has been abandoned."), + 0x00000080: ("STATUS_ABANDONED_WAIT_0","The caller attempted to wait for a mutex that has been abandoned."), + 0x000000BF: ("STATUS_ABANDONED_WAIT_63","The caller attempted to wait for a mutex that has been abandoned."), + 0x000000C0: ("STATUS_USER_APC","A user-mode APC was delivered before the given Interval expired."), + 0x00000101: ("STATUS_ALERTED","The delay completed because the thread was alerted."), + 0x00000102: ("STATUS_TIMEOUT","The given Timeout interval expired."), + 0x00000103: ("STATUS_PENDING","The operation that was requested is pending completion."), + 0x00000104: ("STATUS_REPARSE","A reparse should be performed by the Object Manager because the name of the file resulted in a symbolic link."), + 0x00000105: ("STATUS_MORE_ENTRIES","Returned by enumeration APIs to indicate more information is available to successive calls."), + 0x00000106: ("STATUS_NOT_ALL_ASSIGNED","Indicates not all privileges or groups that are referenced are assigned to the caller. This allows, for example, all privileges to be disabled without having to know exactly which privileges are assigned."), + 0x00000107: ("STATUS_SOME_NOT_MAPPED","Some of the information to be translated has not been translated."), + 0x00000108: ("STATUS_OPLOCK_BREAK_IN_PROGRESS","An open/create operation completed while an opportunistic lock (oplock) break is underway."), + 0x00000109: ("STATUS_VOLUME_MOUNTED","A new volume has been mounted by a file system."), + 0x0000010A: ("STATUS_RXACT_COMMITTED","This success level status indicates that the transaction state already exists for the registry subtree but that a transaction commit was previously aborted. The commit has now been completed."), + 0x0000010B: ("STATUS_NOTIFY_CLEANUP","Indicates that a notify change request has been completed due to closing the handle that made the notify change request."), + 0x0000010C: ("STATUS_NOTIFY_ENUM_DIR","Indicates that a notify change request is being completed and that the information is not being returned in the caller's buffer. The caller now needs to enumerate the files to find the changes."), + 0x0000010D: ("STATUS_NO_QUOTAS_FOR_ACCOUNT","{No Quotas} No system quota limits are specifically set for this account."), + 0x0000010E: ("STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED","{Connect Failure on Primary Transport} An attempt was made to connect to the remote server %hs on the primary transport, but the connection failed. The computer WAS able to connect on a secondary transport."), + 0x00000110: ("STATUS_PAGE_FAULT_TRANSITION","The page fault was a transition fault."), + 0x00000111: ("STATUS_PAGE_FAULT_DEMAND_ZERO","The page fault was a demand zero fault."), + 0x00000112: ("STATUS_PAGE_FAULT_COPY_ON_WRITE","The page fault was a demand zero fault."), + 0x00000113: ("STATUS_PAGE_FAULT_GUARD_PAGE","The page fault was a demand zero fault."), + 0x00000114: ("STATUS_PAGE_FAULT_PAGING_FILE","The page fault was satisfied by reading from a secondary storage device."), + 0x00000115: ("STATUS_CACHE_PAGE_LOCKED","The cached page was locked during operation."), + 0x00000116: ("STATUS_CRASH_DUMP","The crash dump exists in a paging file."), + 0x00000117: ("STATUS_BUFFER_ALL_ZEROS","The specified buffer contains all zeros."), + 0x00000118: ("STATUS_REPARSE_OBJECT","A reparse should be performed by the Object Manager because the name of the file resulted in a symbolic link."), + 0x00000119: ("STATUS_RESOURCE_REQUIREMENTS_CHANGED","The device has succeeded a query-stop and its resource requirements have changed."), + 0x00000120: ("STATUS_TRANSLATION_COMPLETE","The translator has translated these resources into the global space and no additional translations should be performed."), + 0x00000121: ("STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY","The directory service evaluated group memberships locally, because it was unable to contact a global catalog server."), + 0x00000122: ("STATUS_NOTHING_TO_TERMINATE","A process being terminated has no threads to terminate."), + 0x00000123: ("STATUS_PROCESS_NOT_IN_JOB","The specified process is not part of a job."), + 0x00000124: ("STATUS_PROCESS_IN_JOB","The specified process is part of a job."), + 0x00000125: ("STATUS_VOLSNAP_HIBERNATE_READY","{Volume Shadow Copy Service} The system is now ready for hibernation."), + 0x00000126: ("STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY","A file system or file system filter driver has successfully completed an FsFilter operation."), + 0x00000127: ("STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED","The specified interrupt vector was already connected."), + 0x00000128: ("STATUS_INTERRUPT_STILL_CONNECTED","The specified interrupt vector is still connected."), + 0x00000129: ("STATUS_PROCESS_CLONED","The current process is a cloned process."), + 0x0000012A: ("STATUS_FILE_LOCKED_WITH_ONLY_READERS","The file was locked and all users of the file can only read."), + 0x0000012B: ("STATUS_FILE_LOCKED_WITH_WRITERS","The file was locked and at least one user of the file can write."), + 0x00000202: ("STATUS_RESOURCEMANAGER_READ_ONLY","The specified ResourceManager made no changes or updates to the resource under this transaction."), + 0x00000367: ("STATUS_WAIT_FOR_OPLOCK","An operation is blocked and waiting for an oplock."), + 0x00010001: ("DBG_EXCEPTION_HANDLED","Debugger handled the exception."), + 0x00010002: ("DBG_CONTINUE","The debugger continued."), + 0x001C0001: ("STATUS_FLT_IO_COMPLETE","The IO was completed by a filter."), + 0xC0000467: ("STATUS_FILE_NOT_AVAILABLE","The file is temporarily unavailable."), + 0xC0000721: ("STATUS_CALLBACK_RETURNED_THREAD_AFFINITY","A threadpool worker thread entered a callback at thread affinity %p and exited at affinity %p. This is unexpected, indicating that the callback missed restoring the priority."), + 0x40000000: ("STATUS_OBJECT_NAME_EXISTS","{Object Exists} An attempt was made to create an object but the object name already exists."), + 0x40000001: ("STATUS_THREAD_WAS_SUSPENDED","{Thread Suspended} A thread termination occurred while the thread was suspended. The thread resumed, and termination proceeded."), + 0x40000002: ("STATUS_WORKING_SET_LIMIT_RANGE","{Working Set Range Error} An attempt was made to set the working set minimum or maximum to values that are outside the allowable range."), + 0x40000003: ("STATUS_IMAGE_NOT_AT_BASE","{Image Relocated} An image file could not be mapped at the address that is specified in the image file. Local fixes must be performed on this image."), + 0x40000004: ("STATUS_RXACT_STATE_CREATED","This informational level status indicates that a specified registry subtree transaction state did not yet exist and had to be created."), + 0x40000005: ("STATUS_SEGMENT_NOTIFICATION","{Segment Load} A virtual DOS machine (VDM) is loading, unloading, or moving an MS-DOS or Win16 program segment image. An exception is raised so that a debugger can load, unload, or track symbols and breakpoints within these 16-bit segments."), + 0x40000006: ("STATUS_LOCAL_USER_SESSION_KEY","{Local Session Key} A user session key was requested for a local remote procedure call (RPC) connection. The session key that is returned is a constant value and not unique to this connection."), + 0x40000007: ("STATUS_BAD_CURRENT_DIRECTORY","{Invalid Current Directory} The process cannot switch to the startup current directory %hs. Select OK to set the current directory to %hs, or select CANCEL to exit."), + 0x40000008: ("STATUS_SERIAL_MORE_WRITES","{Serial IOCTL Complete} A serial I/O operation was completed by another write to a serial port. (The IOCTL_SERIAL_XOFF_COUNTER reached zero.)"), + 0x40000009: ("STATUS_REGISTRY_RECOVERED","{Registry Recovery} One of the files that contains the system registry data had to be recovered by using a log or alternate copy. The recovery was successful."), + 0x4000000A: ("STATUS_FT_READ_RECOVERY_FROM_BACKUP","{Redundant Read} To satisfy a read request, the Windows NT fault-tolerant file system successfully read the requested data from a redundant copy. This was done because the file system encountered a failure on a member of the fault-tolerant volume but was unable to reassign the failing area of the device."), + 0x4000000B: ("STATUS_FT_WRITE_RECOVERY","{Redundant Write} To satisfy a write request, the Windows NT fault-tolerant file system successfully wrote a redundant copy of the information. This was done because the file system encountered a failure on a member of the fault-tolerant volume but was unable to reassign the failing area of the device."), + 0x4000000C: ("STATUS_SERIAL_COUNTER_TIMEOUT","{Serial IOCTL Timeout} A serial I/O operation completed because the time-out period expired. (The IOCTL_SERIAL_XOFF_COUNTER had not reached zero.)"), + 0x4000000D: ("STATUS_NULL_LM_PASSWORD","{Password Too Complex} The Windows password is too complex to be converted to a LAN Manager password. The LAN Manager password that returned is a NULL string."), + 0x4000000E: ("STATUS_IMAGE_MACHINE_TYPE_MISMATCH","{Machine Type Mismatch} The image file %hs is valid but is for a machine type other than the current machine. Select OK to continue, or CANCEL to fail the DLL load."), + 0x4000000F: ("STATUS_RECEIVE_PARTIAL","{Partial Data Received} The network transport returned partial data to its client. The remaining data will be sent later."), + 0x40000010: ("STATUS_RECEIVE_EXPEDITED","{Expedited Data Received} The network transport returned data to its client that was marked as expedited by the remote system."), + 0x40000011: ("STATUS_RECEIVE_PARTIAL_EXPEDITED","{Partial Expedited Data Received} The network transport returned partial data to its client and this data was marked as expedited by the remote system. The remaining data will be sent later."), + 0x40000012: ("STATUS_EVENT_DONE","{TDI Event Done} The TDI indication has completed successfully."), + 0x40000013: ("STATUS_EVENT_PENDING","{TDI Event Pending} The TDI indication has entered the pending state."), + 0x40000014: ("STATUS_CHECKING_FILE_SYSTEM","Checking file system on %wZ."), + 0x40000015: ("STATUS_FATAL_APP_EXIT","{Fatal Application Exit} %hs"), + 0x40000016: ("STATUS_PREDEFINED_HANDLE","The specified registry key is referenced by a predefined handle."), + 0x40000017: ("STATUS_WAS_UNLOCKED","{Page Unlocked} The page protection of a locked page was changed to 'No Access' and the page was unlocked from memory and from the process."), + 0x40000018: ("STATUS_SERVICE_NOTIFICATION","%hs"), + 0x40000019: ("STATUS_WAS_LOCKED","{Page Locked} One of the pages to lock was already locked."), + 0x4000001A: ("STATUS_LOG_HARD_ERROR","Application popup: %1 : %2"), + 0x4000001B: ("STATUS_ALREADY_WIN32","A Win32 process already exists."), + 0x4000001C: ("STATUS_WX86_UNSIMULATE","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x4000001D: ("STATUS_WX86_CONTINUE","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x4000001E: ("STATUS_WX86_SINGLE_STEP","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x4000001F: ("STATUS_WX86_BREAKPOINT","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x40000020: ("STATUS_WX86_EXCEPTION_CONTINUE","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x40000021: ("STATUS_WX86_EXCEPTION_LASTCHANCE","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x40000022: ("STATUS_WX86_EXCEPTION_CHAIN","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x40000023: ("STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE","{Machine Type Mismatch} The image file %hs is valid but is for a machine type other than the current machine."), + 0x40000024: ("STATUS_NO_YIELD_PERFORMED","A yield execution was performed and no thread was available to run."), + 0x40000025: ("STATUS_TIMER_RESUME_IGNORED","The resume flag to a timer API was ignored."), + 0x40000026: ("STATUS_ARBITRATION_UNHANDLED","The arbiter has deferred arbitration of these resources to its parent."), + 0x40000027: ("STATUS_CARDBUS_NOT_SUPPORTED","The device has detected a CardBus card in its slot."), + 0x40000028: ("STATUS_WX86_CREATEWX86TIB","An exception status code that is used by the Win32 x86 emulation subsystem."), + 0x40000029: ("STATUS_MP_PROCESSOR_MISMATCH","The CPUs in this multiprocessor system are not all the same revision level. To use all processors, the operating system restricts itself to the features of the least capable processor in the system. If problems occur with this system, contact the CPU manufacturer to see if this mix of processors is supported."), + 0x4000002A: ("STATUS_HIBERNATED","The system was put into hibernation."), + 0x4000002B: ("STATUS_RESUME_HIBERNATION","The system was resumed from hibernation."), + 0x4000002C: ("STATUS_FIRMWARE_UPDATED","Windows has detected that the system firmware (BIOS) was updated [previous firmware date = %2, current firmware date %3]."), + 0x4000002D: ("STATUS_DRIVERS_LEAKING_LOCKED_PAGES","A device driver is leaking locked I/O pages and is causing system degradation. The system has automatically enabled the tracking code to try and catch the culprit."), + 0x4000002E: ("STATUS_MESSAGE_RETRIEVED","The ALPC message being canceled has already been retrieved from the queue on the other side."), + 0x4000002F: ("STATUS_SYSTEM_POWERSTATE_TRANSITION","The system power state is transitioning from %2 to %3."), + 0x40000030: ("STATUS_ALPC_CHECK_COMPLETION_LIST","The receive operation was successful. Check the ALPC completion list for the received message."), + 0x40000031: ("STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION","The system power state is transitioning from %2 to %3 but could enter %4."), + 0x40000032: ("STATUS_ACCESS_AUDIT_BY_POLICY","Access to %1 is monitored by policy rule %2."), + 0x40000033: ("STATUS_ABANDON_HIBERFILE","A valid hibernation file has been invalidated and should be abandoned."), + 0x40000034: ("STATUS_BIZRULES_NOT_ENABLED","Business rule scripts are disabled for the calling application."), + 0x40000294: ("STATUS_WAKE_SYSTEM","The system has awoken."), + 0x40000370: ("STATUS_DS_SHUTTING_DOWN","The directory service is shutting down."), + 0x40010001: ("DBG_REPLY_LATER","Debugger will reply later."), + 0x40010002: ("DBG_UNABLE_TO_PROVIDE_HANDLE","Debugger cannot provide a handle."), + 0x40010003: ("DBG_TERMINATE_THREAD","Debugger terminated the thread."), + 0x40010004: ("DBG_TERMINATE_PROCESS","Debugger terminated the process."), + 0x40010005: ("DBG_CONTROL_C","Debugger obtained control of C."), + 0x40010006: ("DBG_PRINTEXCEPTION_C","Debugger printed an exception on control C."), + 0x40010007: ("DBG_RIPEXCEPTION","Debugger received a RIP exception."), + 0x40010008: ("DBG_CONTROL_BREAK","Debugger received a control break."), + 0x40010009: ("DBG_COMMAND_EXCEPTION","Debugger command communication exception."), + 0x40020056: ("RPC_NT_UUID_LOCAL_ONLY","A UUID that is valid only on this computer has been allocated."), + 0x400200AF: ("RPC_NT_SEND_INCOMPLETE","Some data remains to be sent in the request buffer."), + 0x400A0004: ("STATUS_CTX_CDM_CONNECT","The Client Drive Mapping Service has connected on Terminal Connection."), + 0x400A0005: ("STATUS_CTX_CDM_DISCONNECT","The Client Drive Mapping Service has disconnected on Terminal Connection."), + 0x4015000D: ("STATUS_SXS_RELEASE_ACTIVATION_CONTEXT","A kernel mode component is releasing a reference on an activation context."), + 0x40190034: ("STATUS_RECOVERY_NOT_NEEDED","The transactional resource manager is already consistent. Recovery is not needed."), + 0x40190035: ("STATUS_RM_ALREADY_STARTED","The transactional resource manager has already been started."), + 0x401A000C: ("STATUS_LOG_NO_RESTART","The log service encountered a log stream with no restart area."), + 0x401B00EC: ("STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST","{Display Driver Recovered From Failure} The %hs display driver has detected a failure and recovered from it. Some graphical operations may have failed. The next time you restart the machine, a dialog box appears, giving you an opportunity to upload data about this failure to Microsoft."), + 0x401E000A: ("STATUS_GRAPHICS_PARTIAL_DATA_POPULATED","The specified buffer is not big enough to contain the entire requested dataset. Partial data is populated up to the size of the buffer. The caller needs to provide a buffer of the size as specified in the partially populated buffer's content (interface specific)."), + 0x401E0117: ("STATUS_GRAPHICS_DRIVER_MISMATCH","The kernel driver detected a version mismatch between it and the user mode driver."), + 0x401E0307: ("STATUS_GRAPHICS_MODE_NOT_PINNED","No mode is pinned on the specified VidPN source/target."), + 0x401E031E: ("STATUS_GRAPHICS_NO_PREFERRED_MODE","The specified mode set does not specify a preference for one of its modes."), + 0x401E034B: ("STATUS_GRAPHICS_DATASET_IS_EMPTY","The specified dataset (for example, mode set, frequency range set, descriptor set, or topology) is empty."), + 0x401E034C: ("STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET","The specified dataset (for example, mode set, frequency range set, descriptor set, or topology) does not contain any more elements."), + 0x401E0351: ("STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED","The specified content transformation is not pinned on the specified VidPN present path."), + 0x401E042F: ("STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS","The child device presence was not reliably detected."), + 0x401E0437: ("STATUS_GRAPHICS_LEADLINK_START_DEFERRED","Starting the lead adapter in a linked configuration has been temporarily deferred."), + 0x401E0439: ("STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY","The display adapter is being polled for children too frequently at the same polling level."), + 0x401E043A: ("STATUS_GRAPHICS_START_DEFERRED","Starting the adapter has been temporarily deferred."), + 0x40230001: ("STATUS_NDIS_INDICATION_REQUIRED","The request will be completed later by an NDIS status indication."), + 0x80000001: ("STATUS_GUARD_PAGE_VIOLATION","{EXCEPTION} Guard Page Exception A page of memory that marks the end of a data structure, such as a stack or an array, has been accessed."), + 0x80000002: ("STATUS_DATATYPE_MISALIGNMENT","{EXCEPTION} Alignment Fault A data type misalignment was detected in a load or store instruction."), + 0x80000003: ("STATUS_BREAKPOINT","{EXCEPTION} Breakpoint A breakpoint has been reached."), + 0x80000004: ("STATUS_SINGLE_STEP","{EXCEPTION} Single Step A single step or trace operation has just been completed."), + 0x80000005: ("STATUS_BUFFER_OVERFLOW","{Buffer Overflow} The data was too large to fit into the specified buffer."), + 0x80000006: ("STATUS_NO_MORE_FILES","{No More Files} No more files were found which match the file specification."), + 0x80000007: ("STATUS_WAKE_SYSTEM_DEBUGGER","{Kernel Debugger Awakened} The system debugger was awakened by an interrupt."), + 0x8000000A: ("STATUS_HANDLES_CLOSED","{Handles Closed} Handles to objects have been automatically closed because of the requested operation."), + 0x8000000B: ("STATUS_NO_INHERITANCE","{Non-Inheritable ACL} An access control list (ACL) contains no components that can be inherited."), + 0x8000000C: ("STATUS_GUID_SUBSTITUTION_MADE","{GUID Substitution} During the translation of a globally unique identifier (GUID) to a Windows security ID (SID), no administratively defined GUID prefix was found. A substitute prefix was used, which will not compromise system security. However, this may provide a more restrictive access than intended."), + 0x8000000D: ("STATUS_PARTIAL_COPY","Because of protection conflicts, not all the requested bytes could be copied."), + 0x8000000E: ("STATUS_DEVICE_PAPER_EMPTY","{Out of Paper} The printer is out of paper."), + 0x8000000F: ("STATUS_DEVICE_POWERED_OFF","{Device Power Is Off} The printer power has been turned off."), + 0x80000010: ("STATUS_DEVICE_OFF_LINE","{Device Offline} The printer has been taken offline."), + 0x80000011: ("STATUS_DEVICE_BUSY","{Device Busy} The device is currently busy."), + 0x80000012: ("STATUS_NO_MORE_EAS","{No More EAs} No more extended attributes (EAs) were found for the file."), + 0x80000013: ("STATUS_INVALID_EA_NAME","{Illegal EA} The specified extended attribute (EA) name contains at least one illegal character."), + 0x80000014: ("STATUS_EA_LIST_INCONSISTENT","{Inconsistent EA List} The extended attribute (EA) list is inconsistent."), + 0x80000015: ("STATUS_INVALID_EA_FLAG","{Invalid EA Flag} An invalid extended attribute (EA) flag was set."), + 0x80000016: ("STATUS_VERIFY_REQUIRED","{Verifying Disk} The media has changed and a verify operation is in progress; therefore, no reads or writes may be performed to the device, except those that are used in the verify operation."), + 0x80000017: ("STATUS_EXTRANEOUS_INFORMATION","{Too Much Information} The specified access control list (ACL) contained more information than was expected."), + 0x80000018: ("STATUS_RXACT_COMMIT_NECESSARY","This warning level status indicates that the transaction state already exists for the registry subtree, but that a transaction commit was previously aborted. The commit has NOT been completed but has not been rolled back either; therefore, it may still be committed, if needed."), + 0x8000001A: ("STATUS_NO_MORE_ENTRIES","{No More Entries} No more entries are available from an enumeration operation."), + 0x8000001B: ("STATUS_FILEMARK_DETECTED","{Filemark Found} A filemark was detected."), + 0x8000001C: ("STATUS_MEDIA_CHANGED","{Media Changed} The media may have changed."), + 0x8000001D: ("STATUS_BUS_RESET","{I/O Bus Reset} An I/O bus reset was detected."), + 0x8000001E: ("STATUS_END_OF_MEDIA","{End of Media} The end of the media was encountered."), + 0x8000001F: ("STATUS_BEGINNING_OF_MEDIA","The beginning of a tape or partition has been detected."), + 0x80000020: ("STATUS_MEDIA_CHECK","{Media Changed} The media may have changed."), + 0x80000021: ("STATUS_SETMARK_DETECTED","A tape access reached a set mark."), + 0x80000022: ("STATUS_NO_DATA_DETECTED","During a tape access, the end of the data written is reached."), + 0x80000023: ("STATUS_REDIRECTOR_HAS_OPEN_HANDLES","The redirector is in use and cannot be unloaded."), + 0x80000024: ("STATUS_SERVER_HAS_OPEN_HANDLES","The server is in use and cannot be unloaded."), + 0x80000025: ("STATUS_ALREADY_DISCONNECTED","The specified connection has already been disconnected."), + 0x80000026: ("STATUS_LONGJUMP","A long jump has been executed."), + 0x80000027: ("STATUS_CLEANER_CARTRIDGE_INSTALLED","A cleaner cartridge is present in the tape library."), + 0x80000028: ("STATUS_PLUGPLAY_QUERY_VETOED","The Plug and Play query operation was not successful."), + 0x80000029: ("STATUS_UNWIND_CONSOLIDATE","A frame consolidation has been executed."), + 0x8000002A: ("STATUS_REGISTRY_HIVE_RECOVERED","{Registry Hive Recovered} The registry hive (file): %hs was corrupted and it has been recovered. Some data might have been lost."), + 0x8000002B: ("STATUS_DLL_MIGHT_BE_INSECURE","The application is attempting to run executable code from the module %hs. This may be insecure. An alternative, %hs, is available. Should the application use the secure module %hs?"), + 0x8000002C: ("STATUS_DLL_MIGHT_BE_INCOMPATIBLE","The application is loading executable code from the module %hs. This is secure but may be incompatible with previous releases of the operating system. An alternative, %hs, is available. Should the application use the secure module %hs?"), + 0x8000002D: ("STATUS_STOPPED_ON_SYMLINK","The create operation stopped after reaching a symbolic link."), + 0x80000288: ("STATUS_DEVICE_REQUIRES_CLEANING","The device has indicated that cleaning is necessary."), + 0x80000289: ("STATUS_DEVICE_DOOR_OPEN","The device has indicated that its door is open. Further operations require it closed and secured."), + 0x80000803: ("STATUS_DATA_LOST_REPAIR","Windows discovered a corruption in the file %hs. This file has now been repaired. Check if any data in the file was lost because of the corruption."), + 0x80010001: ("DBG_EXCEPTION_NOT_HANDLED","Debugger did not handle the exception."), + 0x80130001: ("STATUS_CLUSTER_NODE_ALREADY_UP","The cluster node is already up."), + 0x80130002: ("STATUS_CLUSTER_NODE_ALREADY_DOWN","The cluster node is already down."), + 0x80130003: ("STATUS_CLUSTER_NETWORK_ALREADY_ONLINE","The cluster network is already online."), + 0x80130004: ("STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE","The cluster network is already offline."), + 0x80130005: ("STATUS_CLUSTER_NODE_ALREADY_MEMBER","The cluster node is already a member of the cluster."), + 0x80190009: ("STATUS_COULD_NOT_RESIZE_LOG","The log could not be set to the requested size."), + 0x80190029: ("STATUS_NO_TXF_METADATA","There is no transaction metadata on the file."), + 0x80190031: ("STATUS_CANT_RECOVER_WITH_HANDLE_OPEN","The file cannot be recovered because there is a handle still open on it."), + 0x80190041: ("STATUS_TXF_METADATA_ALREADY_PRESENT","Transaction metadata is already present on this file and cannot be superseded."), + 0x80190042: ("STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET","A transaction scope could not be entered because the scope handler has not been initialized."), + 0x801B00EB: ("STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED","{Display Driver Stopped Responding and recovered} The %hs display driver has stopped working normally. The recovery had been performed."), + 0x801C0001: ("STATUS_FLT_BUFFER_TOO_SMALL","{Buffer too small} The buffer is too small to contain the entry. No information has been written to the buffer."), + 0x80210001: ("STATUS_FVE_PARTIAL_METADATA","Volume metadata read or write is incomplete."), + 0x80210002: ("STATUS_FVE_TRANSIENT_STATE","BitLocker encryption keys were ignored because the volume was in a transient state."), + 0xC0000001: ("STATUS_UNSUCCESSFUL","{Operation Failed} The requested operation was unsuccessful."), + 0xC0000002: ("STATUS_NOT_IMPLEMENTED","{Not Implemented} The requested operation is not implemented."), + 0xC0000003: ("STATUS_INVALID_INFO_CLASS","{Invalid Parameter} The specified information class is not a valid information class for the specified object."), + 0xC0000004: ("STATUS_INFO_LENGTH_MISMATCH","The specified information record length does not match the length that is required for the specified information class."), + 0xC0000005: ("STATUS_ACCESS_VIOLATION","The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s."), + 0xC0000006: ("STATUS_IN_PAGE_ERROR","The instruction at 0x%08lx referenced memory at 0x%08lx. The required data was not placed into memory because of an I/O error status of 0x%08lx."), + 0xC0000007: ("STATUS_PAGEFILE_QUOTA","The page file quota for the process has been exhausted."), + 0xC0000008: ("STATUS_INVALID_HANDLE","An invalid HANDLE was specified."), + 0xC0000009: ("STATUS_BAD_INITIAL_STACK","An invalid initial stack was specified in a call to NtCreateThread."), + 0xC000000A: ("STATUS_BAD_INITIAL_PC","An invalid initial start address was specified in a call to NtCreateThread."), + 0xC000000B: ("STATUS_INVALID_CID","An invalid client ID was specified."), + 0xC000000C: ("STATUS_TIMER_NOT_CANCELED","An attempt was made to cancel or set a timer that has an associated APC and the specified thread is not the thread that originally set the timer with an associated APC routine."), + 0xC000000D: ("STATUS_INVALID_PARAMETER","An invalid parameter was passed to a service or function."), + 0xC000000E: ("STATUS_NO_SUCH_DEVICE","A device that does not exist was specified."), + 0xC000000F: ("STATUS_NO_SUCH_FILE","{File Not Found} The file %hs does not exist."), + 0xC0000010: ("STATUS_INVALID_DEVICE_REQUEST","The specified request is not a valid operation for the target device."), + 0xC0000011: ("STATUS_END_OF_FILE","The end-of-file marker has been reached. There is no valid data in the file beyond this marker."), + 0xC0000012: ("STATUS_WRONG_VOLUME","{Wrong Volume} The wrong volume is in the drive. Insert volume %hs into drive %hs."), + 0xC0000013: ("STATUS_NO_MEDIA_IN_DEVICE","{No Disk} There is no disk in the drive. Insert a disk into drive %hs."), + 0xC0000014: ("STATUS_UNRECOGNIZED_MEDIA","{Unknown Disk Format} The disk in drive %hs is not formatted properly. Check the disk, and reformat it, if needed."), + 0xC0000015: ("STATUS_NONEXISTENT_SECTOR","{Sector Not Found} The specified sector does not exist."), + 0xC0000016: ("STATUS_MORE_PROCESSING_REQUIRED","{Still Busy} The specified I/O request packet (IRP) cannot be disposed of because the I/O operation is not complete."), + 0xC0000017: ("STATUS_NO_MEMORY","{Not Enough Quota} Not enough virtual memory or paging file quota is available to complete the specified operation."), + 0xC0000018: ("STATUS_CONFLICTING_ADDRESSES","{Conflicting Address Range} The specified address range conflicts with the address space."), + 0xC0000019: ("STATUS_NOT_MAPPED_VIEW","The address range to unmap is not a mapped view."), + 0xC000001A: ("STATUS_UNABLE_TO_FREE_VM","The virtual memory cannot be freed."), + 0xC000001B: ("STATUS_UNABLE_TO_DELETE_SECTION","The specified section cannot be deleted."), + 0xC000001C: ("STATUS_INVALID_SYSTEM_SERVICE","An invalid system service was specified in a system service call."), + 0xC000001D: ("STATUS_ILLEGAL_INSTRUCTION","{EXCEPTION} Illegal Instruction An attempt was made to execute an illegal instruction."), + 0xC000001E: ("STATUS_INVALID_LOCK_SEQUENCE","{Invalid Lock Sequence} An attempt was made to execute an invalid lock sequence."), + 0xC000001F: ("STATUS_INVALID_VIEW_SIZE","{Invalid Mapping} An attempt was made to create a view for a section that is bigger than the section."), + 0xC0000020: ("STATUS_INVALID_FILE_FOR_SECTION","{Bad File} The attributes of the specified mapping file for a section of memory cannot be read."), + 0xC0000021: ("STATUS_ALREADY_COMMITTED","{Already Committed} The specified address range is already committed."), + 0xC0000022: ("STATUS_ACCESS_DENIED","{Access Denied} A process has requested access to an object but has not been granted those access rights."), + 0xC0000023: ("STATUS_BUFFER_TOO_SMALL","{Buffer Too Small} The buffer is too small to contain the entry. No information has been written to the buffer."), + 0xC0000024: ("STATUS_OBJECT_TYPE_MISMATCH","{Wrong Type} There is a mismatch between the type of object that is required by the requested operation and the type of object that is specified in the request."), + 0xC0000025: ("STATUS_NONCONTINUABLE_EXCEPTION","{EXCEPTION} Cannot Continue Windows cannot continue from this exception."), + 0xC0000026: ("STATUS_INVALID_DISPOSITION","An invalid exception disposition was returned by an exception handler."), + 0xC0000027: ("STATUS_UNWIND","Unwind exception code."), + 0xC0000028: ("STATUS_BAD_STACK","An invalid or unaligned stack was encountered during an unwind operation."), + 0xC0000029: ("STATUS_INVALID_UNWIND_TARGET","An invalid unwind target was encountered during an unwind operation."), + 0xC000002A: ("STATUS_NOT_LOCKED","An attempt was made to unlock a page of memory that was not locked."), + 0xC000002B: ("STATUS_PARITY_ERROR","A device parity error on an I/O operation."), + 0xC000002C: ("STATUS_UNABLE_TO_DECOMMIT_VM","An attempt was made to decommit uncommitted virtual memory."), + 0xC000002D: ("STATUS_NOT_COMMITTED","An attempt was made to change the attributes on memory that has not been committed."), + 0xC000002E: ("STATUS_INVALID_PORT_ATTRIBUTES","Invalid object attributes specified to NtCreatePort or invalid port attributes specified to NtConnectPort."), + 0xC000002F: ("STATUS_PORT_MESSAGE_TOO_LONG","The length of the message that was passed to NtRequestPort or NtRequestWaitReplyPort is longer than the maximum message that is allowed by the port."), + 0xC0000030: ("STATUS_INVALID_PARAMETER_MIX","An invalid combination of parameters was specified."), + 0xC0000031: ("STATUS_INVALID_QUOTA_LOWER","An attempt was made to lower a quota limit below the current usage."), + 0xC0000032: ("STATUS_DISK_CORRUPT_ERROR","{Corrupt Disk} The file system structure on the disk is corrupt and unusable. Run the Chkdsk utility on the volume %hs."), + 0xC0000033: ("STATUS_OBJECT_NAME_INVALID","The object name is invalid."), + 0xC0000034: ("STATUS_OBJECT_NAME_NOT_FOUND","The object name is not found."), + 0xC0000035: ("STATUS_OBJECT_NAME_COLLISION","The object name already exists."), + 0xC0000037: ("STATUS_PORT_DISCONNECTED","An attempt was made to send a message to a disconnected communication port."), + 0xC0000038: ("STATUS_DEVICE_ALREADY_ATTACHED","An attempt was made to attach to a device that was already attached to another device."), + 0xC0000039: ("STATUS_OBJECT_PATH_INVALID","The object path component was not a directory object."), + 0xC000003A: ("STATUS_OBJECT_PATH_NOT_FOUND","{Path Not Found} The path %hs does not exist."), + 0xC000003B: ("STATUS_OBJECT_PATH_SYNTAX_BAD","The object path component was not a directory object."), + 0xC000003C: ("STATUS_DATA_OVERRUN","{Data Overrun} A data overrun error occurred."), + 0xC000003D: ("STATUS_DATA_LATE_ERROR","{Data Late} A data late error occurred."), + 0xC000003E: ("STATUS_DATA_ERROR","{Data Error} An error occurred in reading or writing data."), + 0xC000003F: ("STATUS_CRC_ERROR","{Bad CRC} A cyclic redundancy check (CRC) checksum error occurred."), + 0xC0000040: ("STATUS_SECTION_TOO_BIG","{Section Too Large} The specified section is too big to map the file."), + 0xC0000041: ("STATUS_PORT_CONNECTION_REFUSED","The NtConnectPort request is refused."), + 0xC0000042: ("STATUS_INVALID_PORT_HANDLE","The type of port handle is invalid for the operation that is requested."), + 0xC0000043: ("STATUS_SHARING_VIOLATION","A file cannot be opened because the share access flags are incompatible."), + 0xC0000044: ("STATUS_QUOTA_EXCEEDED","Insufficient quota exists to complete the operation."), + 0xC0000045: ("STATUS_INVALID_PAGE_PROTECTION","The specified page protection was not valid."), + 0xC0000046: ("STATUS_MUTANT_NOT_OWNED","An attempt to release a mutant object was made by a thread that was not the owner of the mutant object."), + 0xC0000047: ("STATUS_SEMAPHORE_LIMIT_EXCEEDED","An attempt was made to release a semaphore such that its maximum count would have been exceeded."), + 0xC0000048: ("STATUS_PORT_ALREADY_SET","An attempt was made to set the DebugPort or ExceptionPort of a process, but a port already exists in the process, or an attempt was made to set the CompletionPort of a file but a port was already set in the file, or an attempt was made to set the associated completion port of an ALPC port but it is already set."), + 0xC0000049: ("STATUS_SECTION_NOT_IMAGE","An attempt was made to query image information on a section that does not map an image."), + 0xC000004A: ("STATUS_SUSPEND_COUNT_EXCEEDED","An attempt was made to suspend a thread whose suspend count was at its maximum."), + 0xC000004B: ("STATUS_THREAD_IS_TERMINATING","An attempt was made to suspend a thread that has begun termination."), + 0xC000004C: ("STATUS_BAD_WORKING_SET_LIMIT","An attempt was made to set the working set limit to an invalid value (for example, the minimum greater than maximum)."), + 0xC000004D: ("STATUS_INCOMPATIBLE_FILE_MAP","A section was created to map a file that is not compatible with an already existing section that maps the same file."), + 0xC000004E: ("STATUS_SECTION_PROTECTION","A view to a section specifies a protection that is incompatible with the protection of the initial view."), + 0xC000004F: ("STATUS_EAS_NOT_SUPPORTED","An operation involving EAs failed because the file system does not support EAs."), + 0xC0000050: ("STATUS_EA_TOO_LARGE","An EA operation failed because the EA set is too large."), + 0xC0000051: ("STATUS_NONEXISTENT_EA_ENTRY","An EA operation failed because the name or EA index is invalid."), + 0xC0000052: ("STATUS_NO_EAS_ON_FILE","The file for which EAs were requested has no EAs."), + 0xC0000053: ("STATUS_EA_CORRUPT_ERROR","The EA is corrupt and cannot be read."), + 0xC0000054: ("STATUS_FILE_LOCK_CONFLICT","A requested read/write cannot be granted due to a conflicting file lock."), + 0xC0000055: ("STATUS_LOCK_NOT_GRANTED","A requested file lock cannot be granted due to other existing locks."), + 0xC0000056: ("STATUS_DELETE_PENDING","A non-close operation has been requested of a file object that has a delete pending."), + 0xC0000057: ("STATUS_CTL_FILE_NOT_SUPPORTED","An attempt was made to set the control attribute on a file. This attribute is not supported in the destination file system."), + 0xC0000058: ("STATUS_UNKNOWN_REVISION","Indicates a revision number that was encountered or specified is not one that is known by the service. It may be a more recent revision than the service is aware of."), + 0xC0000059: ("STATUS_REVISION_MISMATCH","Indicates that two revision levels are incompatible."), + 0xC000005A: ("STATUS_INVALID_OWNER","Indicates a particular security ID may not be assigned as the owner of an object."), + 0xC000005B: ("STATUS_INVALID_PRIMARY_GROUP","Indicates a particular security ID may not be assigned as the primary group of an object."), + 0xC000005C: ("STATUS_NO_IMPERSONATION_TOKEN","An attempt has been made to operate on an impersonation token by a thread that is not currently impersonating a client."), + 0xC000005D: ("STATUS_CANT_DISABLE_MANDATORY","A mandatory group may not be disabled."), + 0xC000005E: ("STATUS_NO_LOGON_SERVERS","No logon servers are currently available to service the logon request."), + 0xC000005F: ("STATUS_NO_SUCH_LOGON_SESSION","A specified logon session does not exist. It may already have been terminated."), + 0xC0000060: ("STATUS_NO_SUCH_PRIVILEGE","A specified privilege does not exist."), + 0xC0000061: ("STATUS_PRIVILEGE_NOT_HELD","A required privilege is not held by the client."), + 0xC0000062: ("STATUS_INVALID_ACCOUNT_NAME","The name provided is not a properly formed account name."), + 0xC0000063: ("STATUS_USER_EXISTS","The specified account already exists."), + 0xC0000064: ("STATUS_NO_SUCH_USER","The specified account does not exist."), + 0xC0000065: ("STATUS_GROUP_EXISTS","The specified group already exists."), + 0xC0000066: ("STATUS_NO_SUCH_GROUP","The specified group does not exist."), + 0xC0000067: ("STATUS_MEMBER_IN_GROUP","The specified user account is already in the specified group account. Also used to indicate a group cannot be deleted because it contains a member."), + 0xC0000068: ("STATUS_MEMBER_NOT_IN_GROUP","The specified user account is not a member of the specified group account."), + 0xC0000069: ("STATUS_LAST_ADMIN","Indicates the requested operation would disable or delete the last remaining administration account. This is not allowed to prevent creating a situation in which the system cannot be administrated."), + 0xC000006A: ("STATUS_WRONG_PASSWORD","When trying to update a password, this return status indicates that the value provided as the current password is not correct."), + 0xC000006B: ("STATUS_ILL_FORMED_PASSWORD","When trying to update a password, this return status indicates that the value provided for the new password contains values that are not allowed in passwords."), + 0xC000006C: ("STATUS_PASSWORD_RESTRICTION","When trying to update a password, this status indicates that some password update rule has been violated. For example, the password may not meet length criteria."), + 0xC000006D: ("STATUS_LOGON_FAILURE","The attempted logon is invalid. This is either due to a bad username or authentication information."), + 0xC000006E: ("STATUS_ACCOUNT_RESTRICTION","Indicates a referenced user name and authentication information are valid, but some user account restriction has prevented successful authentication (such as time-of-day restrictions)."), + 0xC000006F: ("STATUS_INVALID_LOGON_HOURS","The user account has time restrictions and may not be logged onto at this time."), + 0xC0000070: ("STATUS_INVALID_WORKSTATION","The user account is restricted so that it may not be used to log on from the source workstation."), + 0xC0000071: ("STATUS_PASSWORD_EXPIRED","The user account password has expired."), + 0xC0000072: ("STATUS_ACCOUNT_DISABLED","The referenced account is currently disabled and may not be logged on to."), + 0xC0000073: ("STATUS_NONE_MAPPED","None of the information to be translated has been translated."), + 0xC0000074: ("STATUS_TOO_MANY_LUIDS_REQUESTED","The number of LUIDs requested may not be allocated with a single allocation."), + 0xC0000075: ("STATUS_LUIDS_EXHAUSTED","Indicates there are no more LUIDs to allocate."), + 0xC0000076: ("STATUS_INVALID_SUB_AUTHORITY","Indicates the sub-authority value is invalid for the particular use."), + 0xC0000077: ("STATUS_INVALID_ACL","Indicates the ACL structure is not valid."), + 0xC0000078: ("STATUS_INVALID_SID","Indicates the SID structure is not valid."), + 0xC0000079: ("STATUS_INVALID_SECURITY_DESCR","Indicates the SECURITY_DESCRIPTOR structure is not valid."), + 0xC000007A: ("STATUS_PROCEDURE_NOT_FOUND","Indicates the specified procedure address cannot be found in the DLL."), + 0xC000007B: ("STATUS_INVALID_IMAGE_FORMAT","{Bad Image} %hs is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support."), + 0xC000007C: ("STATUS_NO_TOKEN","An attempt was made to reference a token that does not exist. This is typically done by referencing the token that is associated with a thread when the thread is not impersonating a client."), + 0xC000007D: ("STATUS_BAD_INHERITANCE_ACL","Indicates that an attempt to build either an inherited ACL or ACE was not successful. This can be caused by a number of things. One of the more probable causes is the replacement of a CreatorId with a SID that did not fit into the ACE or ACL."), + 0xC000007E: ("STATUS_RANGE_NOT_LOCKED","The range specified in NtUnlockFile was not locked."), + 0xC000007F: ("STATUS_DISK_FULL","An operation failed because the disk was full."), + 0xC0000080: ("STATUS_SERVER_DISABLED","The GUID allocation server is disabled at the moment."), + 0xC0000081: ("STATUS_SERVER_NOT_DISABLED","The GUID allocation server is enabled at the moment."), + 0xC0000082: ("STATUS_TOO_MANY_GUIDS_REQUESTED","Too many GUIDs were requested from the allocation server at once."), + 0xC0000083: ("STATUS_GUIDS_EXHAUSTED","The GUIDs could not be allocated because the Authority Agent was exhausted."), + 0xC0000084: ("STATUS_INVALID_ID_AUTHORITY","The value provided was an invalid value for an identifier authority."), + 0xC0000085: ("STATUS_AGENTS_EXHAUSTED","No more authority agent values are available for the particular identifier authority value."), + 0xC0000086: ("STATUS_INVALID_VOLUME_LABEL","An invalid volume label has been specified."), + 0xC0000087: ("STATUS_SECTION_NOT_EXTENDED","A mapped section could not be extended."), + 0xC0000088: ("STATUS_NOT_MAPPED_DATA","Specified section to flush does not map a data file."), + 0xC0000089: ("STATUS_RESOURCE_DATA_NOT_FOUND","Indicates the specified image file did not contain a resource section."), + 0xC000008A: ("STATUS_RESOURCE_TYPE_NOT_FOUND","Indicates the specified resource type cannot be found in the image file."), + 0xC000008B: ("STATUS_RESOURCE_NAME_NOT_FOUND","Indicates the specified resource name cannot be found in the image file."), + 0xC000008C: ("STATUS_ARRAY_BOUNDS_EXCEEDED","{EXCEPTION} Array bounds exceeded."), + 0xC000008D: ("STATUS_FLOAT_DENORMAL_OPERAND","{EXCEPTION} Floating-point denormal operand."), + 0xC000008E: ("STATUS_FLOAT_DIVIDE_BY_ZERO","{EXCEPTION} Floating-point division by zero."), + 0xC000008F: ("STATUS_FLOAT_INEXACT_RESULT","{EXCEPTION} Floating-point inexact result."), + 0xC0000090: ("STATUS_FLOAT_INVALID_OPERATION","{EXCEPTION} Floating-point invalid operation."), + 0xC0000091: ("STATUS_FLOAT_OVERFLOW","{EXCEPTION} Floating-point overflow."), + 0xC0000092: ("STATUS_FLOAT_STACK_CHECK","{EXCEPTION} Floating-point stack check."), + 0xC0000093: ("STATUS_FLOAT_UNDERFLOW","{EXCEPTION} Floating-point underflow."), + 0xC0000094: ("STATUS_INTEGER_DIVIDE_BY_ZERO","{EXCEPTION} Integer division by zero."), + 0xC0000095: ("STATUS_INTEGER_OVERFLOW","{EXCEPTION} Integer overflow."), + 0xC0000096: ("STATUS_PRIVILEGED_INSTRUCTION","{EXCEPTION} Privileged instruction."), + 0xC0000097: ("STATUS_TOO_MANY_PAGING_FILES","An attempt was made to install more paging files than the system supports."), + 0xC0000098: ("STATUS_FILE_INVALID","The volume for a file has been externally altered such that the opened file is no longer valid."), + 0xC0000099: ("STATUS_ALLOTTED_SPACE_EXCEEDED","When a block of memory is allotted for future updates, such as the memory allocated to hold discretionary access control and primary group information, successive updates may exceed the amount of memory originally allotted. Because a quota may already have been charged to several processes that have handles to the object, it is not reasonable to alter the size of the allocated memory. Instead, a request that requires more memory than has been allotted must fail and the STATUS_ALLOTTED_SPACE_EXCEEDED error returned."), + 0xC000009A: ("STATUS_INSUFFICIENT_RESOURCES","Insufficient system resources exist to complete the API."), + 0xC000009B: ("STATUS_DFS_EXIT_PATH_FOUND","An attempt has been made to open a DFS exit path control file."), + 0xC000009C: ("STATUS_DEVICE_DATA_ERROR","There are bad blocks (sectors) on the hard disk."), + 0xC000009D: ("STATUS_DEVICE_NOT_CONNECTED","There is bad cabling, non-termination, or the controller is not able to obtain access to the hard disk."), + 0xC000009F: ("STATUS_FREE_VM_NOT_AT_BASE","Virtual memory cannot be freed because the base address is not the base of the region and a region size of zero was specified."), + 0xC00000A0: ("STATUS_MEMORY_NOT_ALLOCATED","An attempt was made to free virtual memory that is not allocated."), + 0xC00000A1: ("STATUS_WORKING_SET_QUOTA","The working set is not big enough to allow the requested pages to be locked."), + 0xC00000A2: ("STATUS_MEDIA_WRITE_PROTECTED","{Write Protect Error} The disk cannot be written to because it is write-protected. Remove the write protection from the volume %hs in drive %hs."), + 0xC00000A3: ("STATUS_DEVICE_NOT_READY","{Drive Not Ready} The drive is not ready for use; its door may be open. Check drive %hs and make sure that a disk is inserted and that the drive door is closed."), + 0xC00000A4: ("STATUS_INVALID_GROUP_ATTRIBUTES","The specified attributes are invalid or are incompatible with the attributes for the group as a whole."), + 0xC00000A5: ("STATUS_BAD_IMPERSONATION_LEVEL","A specified impersonation level is invalid. Also used to indicate that a required impersonation level was not provided."), + 0xC00000A6: ("STATUS_CANT_OPEN_ANONYMOUS","An attempt was made to open an anonymous-level token. Anonymous tokens may not be opened."), + 0xC00000A7: ("STATUS_BAD_VALIDATION_CLASS","The validation information class requested was invalid."), + 0xC00000A8: ("STATUS_BAD_TOKEN_TYPE","The type of a token object is inappropriate for its attempted use."), + 0xC00000A9: ("STATUS_BAD_MASTER_BOOT_RECORD","The type of a token object is inappropriate for its attempted use."), + 0xC00000AA: ("STATUS_INSTRUCTION_MISALIGNMENT","An attempt was made to execute an instruction at an unaligned address and the host system does not support unaligned instruction references."), + 0xC00000AB: ("STATUS_INSTANCE_NOT_AVAILABLE","The maximum named pipe instance count has been reached."), + 0xC00000AC: ("STATUS_PIPE_NOT_AVAILABLE","An instance of a named pipe cannot be found in the listening state."), + 0xC00000AD: ("STATUS_INVALID_PIPE_STATE","The named pipe is not in the connected or closing state."), + 0xC00000AE: ("STATUS_PIPE_BUSY","The specified pipe is set to complete operations and there are current I/O operations queued so that it cannot be changed to queue operations."), + 0xC00000AF: ("STATUS_ILLEGAL_FUNCTION","The specified handle is not open to the server end of the named pipe."), + 0xC00000B0: ("STATUS_PIPE_DISCONNECTED","The specified named pipe is in the disconnected state."), + 0xC00000B1: ("STATUS_PIPE_CLOSING","The specified named pipe is in the closing state."), + 0xC00000B2: ("STATUS_PIPE_CONNECTED","The specified named pipe is in the connected state."), + 0xC00000B3: ("STATUS_PIPE_LISTENING","The specified named pipe is in the listening state."), + 0xC00000B4: ("STATUS_INVALID_READ_MODE","The specified named pipe is not in message mode."), + 0xC00000B5: ("STATUS_IO_TIMEOUT","{Device Timeout} The specified I/O operation on %hs was not completed before the time-out period expired."), + 0xC00000B6: ("STATUS_FILE_FORCED_CLOSED","The specified file has been closed by another process."), + 0xC00000B7: ("STATUS_PROFILING_NOT_STARTED","Profiling is not started."), + 0xC00000B8: ("STATUS_PROFILING_NOT_STOPPED","Profiling is not stopped."), + 0xC00000B9: ("STATUS_COULD_NOT_INTERPRET","The passed ACL did not contain the minimum required information."), + 0xC00000BA: ("STATUS_FILE_IS_A_DIRECTORY","The file that was specified as a target is a directory, and the caller specified that it could be anything but a directory."), + 0xC00000BB: ("STATUS_NOT_SUPPORTED","The request is not supported."), + 0xC00000BC: ("STATUS_REMOTE_NOT_LISTENING","This remote computer is not listening."), + 0xC00000BD: ("STATUS_DUPLICATE_NAME","A duplicate name exists on the network."), + 0xC00000BE: ("STATUS_BAD_NETWORK_PATH","The network path cannot be located."), + 0xC00000BF: ("STATUS_NETWORK_BUSY","The network is busy."), + 0xC00000C0: ("STATUS_DEVICE_DOES_NOT_EXIST","This device does not exist."), + 0xC00000C1: ("STATUS_TOO_MANY_COMMANDS","The network BIOS command limit has been reached."), + 0xC00000C2: ("STATUS_ADAPTER_HARDWARE_ERROR","An I/O adapter hardware error has occurred."), + 0xC00000C3: ("STATUS_INVALID_NETWORK_RESPONSE","The network responded incorrectly."), + 0xC00000C4: ("STATUS_UNEXPECTED_NETWORK_ERROR","An unexpected network error occurred."), + 0xC00000C5: ("STATUS_BAD_REMOTE_ADAPTER","The remote adapter is not compatible."), + 0xC00000C6: ("STATUS_PRINT_QUEUE_FULL","The print queue is full."), + 0xC00000C7: ("STATUS_NO_SPOOL_SPACE","Space to store the file that is waiting to be printed is not available on the server."), + 0xC00000C8: ("STATUS_PRINT_CANCELLED","The requested print file has been canceled."), + 0xC00000C9: ("STATUS_NETWORK_NAME_DELETED","The network name was deleted."), + 0xC00000CA: ("STATUS_NETWORK_ACCESS_DENIED","Network access is denied."), + 0xC00000CB: ("STATUS_BAD_DEVICE_TYPE","{Incorrect Network Resource Type} The specified device type (LPT, for example) conflicts with the actual device type on the remote resource."), + 0xC00000CC: ("STATUS_BAD_NETWORK_NAME","{Network Name Not Found} The specified share name cannot be found on the remote server."), + 0xC00000CD: ("STATUS_TOO_MANY_NAMES","The name limit for the network adapter card of the local computer was exceeded."), + 0xC00000CE: ("STATUS_TOO_MANY_SESSIONS","The network BIOS session limit was exceeded."), + 0xC00000CF: ("STATUS_SHARING_PAUSED","File sharing has been temporarily paused."), + 0xC00000D0: ("STATUS_REQUEST_NOT_ACCEPTED","No more connections can be made to this remote computer at this time because the computer has already accepted the maximum number of connections."), + 0xC00000D1: ("STATUS_REDIRECTOR_PAUSED","Print or disk redirection is temporarily paused."), + 0xC00000D2: ("STATUS_NET_WRITE_FAULT","A network data fault occurred."), + 0xC00000D3: ("STATUS_PROFILING_AT_LIMIT","The number of active profiling objects is at the maximum and no more may be started."), + 0xC00000D4: ("STATUS_NOT_SAME_DEVICE","{Incorrect Volume} The destination file of a rename request is located on a different device than the source of the rename request."), + 0xC00000D5: ("STATUS_FILE_RENAMED","The specified file has been renamed and thus cannot be modified."), + 0xC00000D6: ("STATUS_VIRTUAL_CIRCUIT_CLOSED","{Network Request Timeout} The session with a remote server has been disconnected because the time-out interval for a request has expired."), + 0xC00000D7: ("STATUS_NO_SECURITY_ON_OBJECT","Indicates an attempt was made to operate on the security of an object that does not have security associated with it."), + 0xC00000D8: ("STATUS_CANT_WAIT","Used to indicate that an operation cannot continue without blocking for I/O."), + 0xC00000D9: ("STATUS_PIPE_EMPTY","Used to indicate that a read operation was done on an empty pipe."), + 0xC00000DA: ("STATUS_CANT_ACCESS_DOMAIN_INFO","Configuration information could not be read from the domain controller, either because the machine is unavailable or access has been denied."), + 0xC00000DB: ("STATUS_CANT_TERMINATE_SELF","Indicates that a thread attempted to terminate itself by default (called NtTerminateThread with NULL) and it was the last thread in the current process."), + 0xC00000DC: ("STATUS_INVALID_SERVER_STATE","Indicates the Sam Server was in the wrong state to perform the desired operation."), + 0xC00000DD: ("STATUS_INVALID_DOMAIN_STATE","Indicates the domain was in the wrong state to perform the desired operation."), + 0xC00000DE: ("STATUS_INVALID_DOMAIN_ROLE","This operation is only allowed for the primary domain controller of the domain."), + 0xC00000DF: ("STATUS_NO_SUCH_DOMAIN","The specified domain did not exist."), + 0xC00000E0: ("STATUS_DOMAIN_EXISTS","The specified domain already exists."), + 0xC00000E1: ("STATUS_DOMAIN_LIMIT_EXCEEDED","An attempt was made to exceed the limit on the number of domains per server for this release."), + 0xC00000E2: ("STATUS_OPLOCK_NOT_GRANTED","An error status returned when the opportunistic lock (oplock) request is denied."), + 0xC00000E3: ("STATUS_INVALID_OPLOCK_PROTOCOL","An error status returned when an invalid opportunistic lock (oplock) acknowledgment is received by a file system."), + 0xC00000E4: ("STATUS_INTERNAL_DB_CORRUPTION","This error indicates that the requested operation cannot be completed due to a catastrophic media failure or an on-disk data structure corruption."), + 0xC00000E5: ("STATUS_INTERNAL_ERROR","An internal error occurred."), + 0xC00000E6: ("STATUS_GENERIC_NOT_MAPPED","Indicates generic access types were contained in an access mask which should already be mapped to non-generic access types."), + 0xC00000E7: ("STATUS_BAD_DESCRIPTOR_FORMAT","Indicates a security descriptor is not in the necessary format (absolute or self-relative)."), + 0xC00000E8: ("STATUS_INVALID_USER_BUFFER","An access to a user buffer failed at an expected point in time. This code is defined because the caller does not want to accept STATUS_ACCESS_VIOLATION in its filter."), + 0xC00000E9: ("STATUS_UNEXPECTED_IO_ERROR","If an I/O error that is not defined in the standard FsRtl filter is returned, it is converted to the following error, which is guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."), + 0xC00000EA: ("STATUS_UNEXPECTED_MM_CREATE_ERR","If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."), + 0xC00000EB: ("STATUS_UNEXPECTED_MM_MAP_ERROR","If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."), + 0xC00000EC: ("STATUS_UNEXPECTED_MM_EXTEND_ERR","If an MM error that is not defined in the standard FsRtl filter is returned, it is converted to one of the following errors, which are guaranteed to be in the filter. In this case, information is lost; however, the filter correctly handles the exception."), + 0xC00000ED: ("STATUS_NOT_LOGON_PROCESS","The requested action is restricted for use by logon processes only. The calling process has not registered as a logon process."), + 0xC00000EE: ("STATUS_LOGON_SESSION_EXISTS","An attempt has been made to start a new session manager or LSA logon session by using an ID that is already in use."), + 0xC00000EF: ("STATUS_INVALID_PARAMETER_1","An invalid parameter was passed to a service or function as the first argument."), + 0xC00000F0: ("STATUS_INVALID_PARAMETER_2","An invalid parameter was passed to a service or function as the second argument."), + 0xC00000F1: ("STATUS_INVALID_PARAMETER_3","An invalid parameter was passed to a service or function as the third argument."), + 0xC00000F2: ("STATUS_INVALID_PARAMETER_4","An invalid parameter was passed to a service or function as the fourth argument."), + 0xC00000F3: ("STATUS_INVALID_PARAMETER_5","An invalid parameter was passed to a service or function as the fifth argument."), + 0xC00000F4: ("STATUS_INVALID_PARAMETER_6","An invalid parameter was passed to a service or function as the sixth argument."), + 0xC00000F5: ("STATUS_INVALID_PARAMETER_7","An invalid parameter was passed to a service or function as the seventh argument."), + 0xC00000F6: ("STATUS_INVALID_PARAMETER_8","An invalid parameter was passed to a service or function as the eighth argument."), + 0xC00000F7: ("STATUS_INVALID_PARAMETER_9","An invalid parameter was passed to a service or function as the ninth argument."), + 0xC00000F8: ("STATUS_INVALID_PARAMETER_10","An invalid parameter was passed to a service or function as the tenth argument."), + 0xC00000F9: ("STATUS_INVALID_PARAMETER_11","An invalid parameter was passed to a service or function as the eleventh argument."), + 0xC00000FA: ("STATUS_INVALID_PARAMETER_12","An invalid parameter was passed to a service or function as the twelfth argument."), + 0xC00000FB: ("STATUS_REDIRECTOR_NOT_STARTED","An attempt was made to access a network file, but the network software was not yet started."), + 0xC00000FC: ("STATUS_REDIRECTOR_STARTED","An attempt was made to start the redirector, but the redirector has already been started."), + 0xC00000FD: ("STATUS_STACK_OVERFLOW","A new guard page for the stack cannot be created."), + 0xC00000FE: ("STATUS_NO_SUCH_PACKAGE","A specified authentication package is unknown."), + 0xC00000FF: ("STATUS_BAD_FUNCTION_TABLE","A malformed function table was encountered during an unwind operation."), + 0xC0000100: ("STATUS_VARIABLE_NOT_FOUND","Indicates the specified environment variable name was not found in the specified environment block."), + 0xC0000101: ("STATUS_DIRECTORY_NOT_EMPTY","Indicates that the directory trying to be deleted is not empty."), + 0xC0000102: ("STATUS_FILE_CORRUPT_ERROR","{Corrupt File} The file or directory %hs is corrupt and unreadable. Run the Chkdsk utility."), + 0xC0000103: ("STATUS_NOT_A_DIRECTORY","A requested opened file is not a directory."), + 0xC0000104: ("STATUS_BAD_LOGON_SESSION_STATE","The logon session is not in a state that is consistent with the requested operation."), + 0xC0000105: ("STATUS_LOGON_SESSION_COLLISION","An internal LSA error has occurred. An authentication package has requested the creation of a logon session but the ID of an already existing logon session has been specified."), + 0xC0000106: ("STATUS_NAME_TOO_LONG","A specified name string is too long for its intended use."), + 0xC0000107: ("STATUS_FILES_OPEN","The user attempted to force close the files on a redirected drive, but there were opened files on the drive, and the user did not specify a sufficient level of force."), + 0xC0000108: ("STATUS_CONNECTION_IN_USE","The user attempted to force close the files on a redirected drive, but there were opened directories on the drive, and the user did not specify a sufficient level of force."), + 0xC0000109: ("STATUS_MESSAGE_NOT_FOUND","RtlFindMessage could not locate the requested message ID in the message table resource."), + 0xC000010A: ("STATUS_PROCESS_IS_TERMINATING","An attempt was made to duplicate an object handle into or out of an exiting process."), + 0xC000010B: ("STATUS_INVALID_LOGON_TYPE","Indicates an invalid value has been provided for the LogonType requested."), + 0xC000010C: ("STATUS_NO_GUID_TRANSLATION","Indicates that an attempt was made to assign protection to a file system file or directory and one of the SIDs in the security descriptor could not be translated into a GUID that could be stored by the file system. This causes the protection attempt to fail, which may cause a file creation attempt to fail."), + 0xC000010D: ("STATUS_CANNOT_IMPERSONATE","Indicates that an attempt has been made to impersonate via a named pipe that has not yet been read from."), + 0xC000010E: ("STATUS_IMAGE_ALREADY_LOADED","Indicates that the specified image is already loaded."), + 0xC0000117: ("STATUS_NO_LDT","Indicates that an attempt was made to change the size of the LDT for a process that has no LDT."), + 0xC0000118: ("STATUS_INVALID_LDT_SIZE","Indicates that an attempt was made to grow an LDT by setting its size, or that the size was not an even number of selectors."), + 0xC0000119: ("STATUS_INVALID_LDT_OFFSET","Indicates that the starting value for the LDT information was not an integral multiple of the selector size."), + 0xC000011A: ("STATUS_INVALID_LDT_DESCRIPTOR","Indicates that the user supplied an invalid descriptor when trying to set up LDT descriptors."), + 0xC000011B: ("STATUS_INVALID_IMAGE_NE_FORMAT","The specified image file did not have the correct format. It appears to be NE format."), + 0xC000011C: ("STATUS_RXACT_INVALID_STATE","Indicates that the transaction state of a registry subtree is incompatible with the requested operation. For example, a request has been made to start a new transaction with one already in progress, or a request has been made to apply a transaction when one is not currently in progress."), + 0xC000011D: ("STATUS_RXACT_COMMIT_FAILURE","Indicates an error has occurred during a registry transaction commit. The database has been left in an unknown, but probably inconsistent, state. The state of the registry transaction is left as COMMITTING."), + 0xC000011E: ("STATUS_MAPPED_FILE_SIZE_ZERO","An attempt was made to map a file of size zero with the maximum size specified as zero."), + 0xC000011F: ("STATUS_TOO_MANY_OPENED_FILES","Too many files are opened on a remote server. This error should only be returned by the Windows redirector on a remote drive."), + 0xC0000120: ("STATUS_CANCELLED","The I/O request was canceled."), + 0xC0000121: ("STATUS_CANNOT_DELETE","An attempt has been made to remove a file or directory that cannot be deleted."), + 0xC0000122: ("STATUS_INVALID_COMPUTER_NAME","Indicates a name that was specified as a remote computer name is syntactically invalid."), + 0xC0000123: ("STATUS_FILE_DELETED","An I/O request other than close was performed on a file after it was deleted, which can only happen to a request that did not complete before the last handle was closed via NtClose."), + 0xC0000124: ("STATUS_SPECIAL_ACCOUNT","Indicates an operation that is incompatible with built-in accounts has been attempted on a built-in (special) SAM account. For example, built-in accounts cannot be deleted."), + 0xC0000125: ("STATUS_SPECIAL_GROUP","The operation requested may not be performed on the specified group because it is a built-in special group."), + 0xC0000126: ("STATUS_SPECIAL_USER","The operation requested may not be performed on the specified user because it is a built-in special user."), + 0xC0000127: ("STATUS_MEMBERS_PRIMARY_GROUP","Indicates a member cannot be removed from a group because the group is currently the member's primary group."), + 0xC0000128: ("STATUS_FILE_CLOSED","An I/O request other than close and several other special case operations was attempted using a file object that had already been closed."), + 0xC0000129: ("STATUS_TOO_MANY_THREADS","Indicates a process has too many threads to perform the requested action. For example, assignment of a primary token may only be performed when a process has zero or one threads."), + 0xC000012A: ("STATUS_THREAD_NOT_IN_PROCESS","An attempt was made to operate on a thread within a specific process, but the specified thread is not in the specified process."), + 0xC000012B: ("STATUS_TOKEN_ALREADY_IN_USE","An attempt was made to establish a token for use as a primary token but the token is already in use. A token can only be the primary token of one process at a time."), + 0xC000012C: ("STATUS_PAGEFILE_QUOTA_EXCEEDED","The page file quota was exceeded."), + 0xC000012D: ("STATUS_COMMITMENT_LIMIT","{Out of Virtual Memory} Your system is low on virtual memory. To ensure that Windows runs correctly, increase the size of your virtual memory paging file. For more information, see Help."), + 0xC000012E: ("STATUS_INVALID_IMAGE_LE_FORMAT","The specified image file did not have the correct format: it appears to be LE format."), + 0xC000012F: ("STATUS_INVALID_IMAGE_NOT_MZ","The specified image file did not have the correct format: it did not have an initial MZ."), + 0xC0000130: ("STATUS_INVALID_IMAGE_PROTECT","The specified image file did not have the correct format: it did not have a proper e_lfarlc in the MZ header."), + 0xC0000131: ("STATUS_INVALID_IMAGE_WIN_16","The specified image file did not have the correct format: it appears to be a 16-bit Windows image."), + 0xC0000132: ("STATUS_LOGON_SERVER_CONFLICT","The Netlogon service cannot start because another Netlogon service running in the domain conflicts with the specified role."), + 0xC0000133: ("STATUS_TIME_DIFFERENCE_AT_DC","The time at the primary domain controller is different from the time at the backup domain controller or member server by too large an amount."), + 0xC0000134: ("STATUS_SYNCHRONIZATION_REQUIRED","The SAM database on a Windows Server is significantly out of synchronization with the copy on the domain controller. A complete synchronization is required."), + 0xC0000135: ("STATUS_DLL_NOT_FOUND","{Unable To Locate Component} This application has failed to start because %hs was not found. Reinstalling the application may fix this problem."), + 0xC0000136: ("STATUS_OPEN_FAILED","The NtCreateFile API failed. This error should never be returned to an application; it is a place holder for the Windows LAN Manager Redirector to use in its internal error-mapping routines."), + 0xC0000137: ("STATUS_IO_PRIVILEGE_FAILED","{Privilege Failed} The I/O permissions for the process could not be changed."), + 0xC0000138: ("STATUS_ORDINAL_NOT_FOUND","{Ordinal Not Found} The ordinal %ld could not be located in the dynamic link library %hs."), + 0xC0000139: ("STATUS_ENTRYPOINT_NOT_FOUND","{Entry Point Not Found} The procedure entry point %hs could not be located in the dynamic link library %hs."), + 0xC000013A: ("STATUS_CONTROL_C_EXIT","{Application Exit by CTRL+C} The application terminated as a result of a CTRL+C."), + 0xC000013B: ("STATUS_LOCAL_DISCONNECT","{Virtual Circuit Closed} The network transport on your computer has closed a network connection. There may or may not be I/O requests outstanding."), + 0xC000013C: ("STATUS_REMOTE_DISCONNECT","{Virtual Circuit Closed} The network transport on a remote computer has closed a network connection. There may or may not be I/O requests outstanding."), + 0xC000013D: ("STATUS_REMOTE_RESOURCES","{Insufficient Resources on Remote Computer} The remote computer has insufficient resources to complete the network request. For example, the remote computer may not have enough available memory to carry out the request at this time."), + 0xC000013E: ("STATUS_LINK_FAILED","{Virtual Circuit Closed} An existing connection (virtual circuit) has been broken at the remote computer. There is probably something wrong with the network software protocol or the network hardware on the remote computer."), + 0xC000013F: ("STATUS_LINK_TIMEOUT","{Virtual Circuit Closed} The network transport on your computer has closed a network connection because it had to wait too long for a response from the remote computer."), + 0xC0000140: ("STATUS_INVALID_CONNECTION","The connection handle that was given to the transport was invalid."), + 0xC0000141: ("STATUS_INVALID_ADDRESS","The address handle that was given to the transport was invalid."), + 0xC0000142: ("STATUS_DLL_INIT_FAILED","{DLL Initialization Failed} Initialization of the dynamic link library %hs failed. The process is terminating abnormally."), + 0xC0000143: ("STATUS_MISSING_SYSTEMFILE","{Missing System File} The required system file %hs is bad or missing."), + 0xC0000144: ("STATUS_UNHANDLED_EXCEPTION","{Application Error} The exception %s (0x%08lx) occurred in the application at location 0x%08lx."), + 0xC0000145: ("STATUS_APP_INIT_FAILURE","{Application Error} The application failed to initialize properly (0x%lx). Click OK to terminate the application."), + 0xC0000146: ("STATUS_PAGEFILE_CREATE_FAILED","{Unable to Create Paging File} The creation of the paging file %hs failed (%lx). The requested size was %ld."), + 0xC0000147: ("STATUS_NO_PAGEFILE","{No Paging File Specified} No paging file was specified in the system configuration."), + 0xC0000148: ("STATUS_INVALID_LEVEL","{Incorrect System Call Level} An invalid level was passed into the specified system call."), + 0xC0000149: ("STATUS_WRONG_PASSWORD_CORE","{Incorrect Password to LAN Manager Server} You specified an incorrect password to a LAN Manager 2.x or MS-NET server."), + 0xC000014A: ("STATUS_ILLEGAL_FLOAT_CONTEXT","{EXCEPTION} A real-mode application issued a floating-point instruction and floating-point hardware is not present."), + 0xC000014B: ("STATUS_PIPE_BROKEN","The pipe operation has failed because the other end of the pipe has been closed."), + 0xC000014C: ("STATUS_REGISTRY_CORRUPT","{The Registry Is Corrupt} The structure of one of the files that contains registry data is corrupt; the image of the file in memory is corrupt; or the file could not be recovered because the alternate copy or log was absent or corrupt."), + 0xC000014D: ("STATUS_REGISTRY_IO_FAILED","An I/O operation initiated by the Registry failed and cannot be recovered. The registry could not read in, write out, or flush one of the files that contain the system's image of the registry."), + 0xC000014E: ("STATUS_NO_EVENT_PAIR","An event pair synchronization operation was performed using the thread-specific client/server event pair object, but no event pair object was associated with the thread."), + 0xC000014F: ("STATUS_UNRECOGNIZED_VOLUME","The volume does not contain a recognized file system. Be sure that all required file system drivers are loaded and that the volume is not corrupt."), + 0xC0000150: ("STATUS_SERIAL_NO_DEVICE_INITED","No serial device was successfully initialized. The serial driver will unload."), + 0xC0000151: ("STATUS_NO_SUCH_ALIAS","The specified local group does not exist."), + 0xC0000152: ("STATUS_MEMBER_NOT_IN_ALIAS","The specified account name is not a member of the group."), + 0xC0000153: ("STATUS_MEMBER_IN_ALIAS","The specified account name is already a member of the group."), + 0xC0000154: ("STATUS_ALIAS_EXISTS","The specified local group already exists."), + 0xC0000155: ("STATUS_LOGON_NOT_GRANTED","A requested type of logon (for example, interactive, network, and service) is not granted by the local security policy of the target system. Ask the system administrator to grant the necessary form of logon."), + 0xC0000156: ("STATUS_TOO_MANY_SECRETS","The maximum number of secrets that may be stored in a single system was exceeded. The length and number of secrets is limited to satisfy U.S. State Department export restrictions."), + 0xC0000157: ("STATUS_SECRET_TOO_LONG","The length of a secret exceeds the maximum allowable length. The length and number of secrets is limited to satisfy U.S. State Department export restrictions."), + 0xC0000158: ("STATUS_INTERNAL_DB_ERROR","The local security authority (LSA) database contains an internal inconsistency."), + 0xC0000159: ("STATUS_FULLSCREEN_MODE","The requested operation cannot be performed in full-screen mode."), + 0xC000015A: ("STATUS_TOO_MANY_CONTEXT_IDS","During a logon attempt, the user's security context accumulated too many security IDs. This is a very unusual situation. Remove the user from some global or local groups to reduce the number of security IDs to incorporate into the security context."), + 0xC000015B: ("STATUS_LOGON_TYPE_NOT_GRANTED","A user has requested a type of logon (for example, interactive or network) that has not been granted. An administrator has control over who may logon interactively and through the network."), + 0xC000015C: ("STATUS_NOT_REGISTRY_FILE","The system has attempted to load or restore a file into the registry, and the specified file is not in the format of a registry file."), + 0xC000015D: ("STATUS_NT_CROSS_ENCRYPTION_REQUIRED","An attempt was made to change a user password in the security account manager without providing the necessary Windows cross-encrypted password."), + 0xC000015E: ("STATUS_DOMAIN_CTRLR_CONFIG_ERROR","A Windows Server has an incorrect configuration."), + 0xC000015F: ("STATUS_FT_MISSING_MEMBER","An attempt was made to explicitly access the secondary copy of information via a device control to the fault tolerance driver and the secondary copy is not present in the system."), + 0xC0000160: ("STATUS_ILL_FORMED_SERVICE_ENTRY","A configuration registry node that represents a driver service entry was ill-formed and did not contain the required value entries."), + 0xC0000161: ("STATUS_ILLEGAL_CHARACTER","An illegal character was encountered. For a multibyte character set, this includes a lead byte without a succeeding trail byte. For the Unicode character set this includes the characters 0xFFFF and 0xFFFE."), + 0xC0000162: ("STATUS_UNMAPPABLE_CHARACTER","No mapping for the Unicode character exists in the target multibyte code page."), + 0xC0000163: ("STATUS_UNDEFINED_CHARACTER","The Unicode character is not defined in the Unicode character set that is installed on the system."), + 0xC0000164: ("STATUS_FLOPPY_VOLUME","The paging file cannot be created on a floppy disk."), + 0xC0000165: ("STATUS_FLOPPY_ID_MARK_NOT_FOUND","{Floppy Disk Error} While accessing a floppy disk, an ID address mark was not found."), + 0xC0000166: ("STATUS_FLOPPY_WRONG_CYLINDER","{Floppy Disk Error} While accessing a floppy disk, the track address from the sector ID field was found to be different from the track address that is maintained by the controller."), + 0xC0000167: ("STATUS_FLOPPY_UNKNOWN_ERROR","{Floppy Disk Error} The floppy disk controller reported an error that is not recognized by the floppy disk driver."), + 0xC0000168: ("STATUS_FLOPPY_BAD_REGISTERS","{Floppy Disk Error} While accessing a floppy-disk, the controller returned inconsistent results via its registers."), + 0xC0000169: ("STATUS_DISK_RECALIBRATE_FAILED","{Hard Disk Error} While accessing the hard disk, a recalibrate operation failed, even after retries."), + 0xC000016A: ("STATUS_DISK_OPERATION_FAILED","{Hard Disk Error} While accessing the hard disk, a disk operation failed even after retries."), + 0xC000016B: ("STATUS_DISK_RESET_FAILED","{Hard Disk Error} While accessing the hard disk, a disk controller reset was needed, but even that failed."), + 0xC000016C: ("STATUS_SHARED_IRQ_BUSY","An attempt was made to open a device that was sharing an interrupt request (IRQ) with other devices. At least one other device that uses that IRQ was already opened. Two concurrent opens of devices that share an IRQ and only work via interrupts is not supported for the particular bus type that the devices use."), + 0xC000016D: ("STATUS_FT_ORPHANING","{FT Orphaning} A disk that is part of a fault-tolerant volume can no longer be accessed."), + 0xC000016E: ("STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT","The basic input/output system (BIOS) failed to connect a system interrupt to the device or bus for which the device is connected."), + 0xC0000172: ("STATUS_PARTITION_FAILURE","The tape could not be partitioned."), + 0xC0000173: ("STATUS_INVALID_BLOCK_LENGTH","When accessing a new tape of a multi-volume partition, the current blocksize is incorrect."), + 0xC0000174: ("STATUS_DEVICE_NOT_PARTITIONED","The tape partition information could not be found when loading a tape."), + 0xC0000175: ("STATUS_UNABLE_TO_LOCK_MEDIA","An attempt to lock the eject media mechanism failed."), + 0xC0000176: ("STATUS_UNABLE_TO_UNLOAD_MEDIA","An attempt to unload media failed."), + 0xC0000177: ("STATUS_EOM_OVERFLOW","The physical end of tape was detected."), + 0xC0000178: ("STATUS_NO_MEDIA","{No Media} There is no media in the drive. Insert media into drive %hs."), + 0xC000017A: ("STATUS_NO_SUCH_MEMBER","A member could not be added to or removed from the local group because the member does not exist."), + 0xC000017B: ("STATUS_INVALID_MEMBER","A new member could not be added to a local group because the member has the wrong account type."), + 0xC000017C: ("STATUS_KEY_DELETED","An illegal operation was attempted on a registry key that has been marked for deletion."), + 0xC000017D: ("STATUS_NO_LOG_SPACE","The system could not allocate the required space in a registry log."), + 0xC000017E: ("STATUS_TOO_MANY_SIDS","Too many SIDs have been specified."), + 0xC000017F: ("STATUS_LM_CROSS_ENCRYPTION_REQUIRED","An attempt was made to change a user password in the security account manager without providing the necessary LM cross-encrypted password."), + 0xC0000180: ("STATUS_KEY_HAS_CHILDREN","An attempt was made to create a symbolic link in a registry key that already has subkeys or values."), + 0xC0000181: ("STATUS_CHILD_MUST_BE_VOLATILE","An attempt was made to create a stable subkey under a volatile parent key."), + 0xC0000182: ("STATUS_DEVICE_CONFIGURATION_ERROR","The I/O device is configured incorrectly or the configuration parameters to the driver are incorrect."), + 0xC0000183: ("STATUS_DRIVER_INTERNAL_ERROR","An error was detected between two drivers or within an I/O driver."), + 0xC0000184: ("STATUS_INVALID_DEVICE_STATE","The device is not in a valid state to perform this request."), + 0xC0000185: ("STATUS_IO_DEVICE_ERROR","The I/O device reported an I/O error."), + 0xC0000186: ("STATUS_DEVICE_PROTOCOL_ERROR","A protocol error was detected between the driver and the device."), + 0xC0000187: ("STATUS_BACKUP_CONTROLLER","This operation is only allowed for the primary domain controller of the domain."), + 0xC0000188: ("STATUS_LOG_FILE_FULL","The log file space is insufficient to support this operation."), + 0xC0000189: ("STATUS_TOO_LATE","A write operation was attempted to a volume after it was dismounted."), + 0xC000018A: ("STATUS_NO_TRUST_LSA_SECRET","The workstation does not have a trust secret for the primary domain in the local LSA database."), + 0xC000018B: ("STATUS_NO_TRUST_SAM_ACCOUNT","The SAM database on the Windows Server does not have a computer account for this workstation trust relationship."), + 0xC000018C: ("STATUS_TRUSTED_DOMAIN_FAILURE","The logon request failed because the trust relationship between the primary domain and the trusted domain failed."), + 0xC000018D: ("STATUS_TRUSTED_RELATIONSHIP_FAILURE","The logon request failed because the trust relationship between this workstation and the primary domain failed."), + 0xC000018E: ("STATUS_EVENTLOG_FILE_CORRUPT","The Eventlog log file is corrupt."), + 0xC000018F: ("STATUS_EVENTLOG_CANT_START","No Eventlog log file could be opened. The Eventlog service did not start."), + 0xC0000190: ("STATUS_TRUST_FAILURE","The network logon failed. This may be because the validation authority cannot be reached."), + 0xC0000191: ("STATUS_MUTANT_LIMIT_EXCEEDED","An attempt was made to acquire a mutant such that its maximum count would have been exceeded."), + 0xC0000192: ("STATUS_NETLOGON_NOT_STARTED","An attempt was made to logon, but the NetLogon service was not started."), + 0xC0000193: ("STATUS_ACCOUNT_EXPIRED","The user account has expired."), + 0xC0000194: ("STATUS_POSSIBLE_DEADLOCK","{EXCEPTION} Possible deadlock condition."), + 0xC0000195: ("STATUS_NETWORK_CREDENTIAL_CONFLICT","Multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed. Disconnect all previous connections to the server or shared resource and try again."), + 0xC0000196: ("STATUS_REMOTE_SESSION_LIMIT","An attempt was made to establish a session to a network server, but there are already too many sessions established to that server."), + 0xC0000197: ("STATUS_EVENTLOG_FILE_CHANGED","The log file has changed between reads."), + 0xC0000198: ("STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT","The account used is an interdomain trust account. Use your global user account or local user account to access this server."), + 0xC0000199: ("STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT","The account used is a computer account. Use your global user account or local user account to access this server."), + 0xC000019A: ("STATUS_NOLOGON_SERVER_TRUST_ACCOUNT","The account used is a server trust account. Use your global user account or local user account to access this server."), + 0xC000019B: ("STATUS_DOMAIN_TRUST_INCONSISTENT","The name or SID of the specified domain is inconsistent with the trust information for that domain."), + 0xC000019C: ("STATUS_FS_DRIVER_REQUIRED","A volume has been accessed for which a file system driver is required that has not yet been loaded."), + 0xC000019D: ("STATUS_IMAGE_ALREADY_LOADED_AS_DLL","Indicates that the specified image is already loaded as a DLL."), + 0xC000019E: ("STATUS_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING","Short name settings may not be changed on this volume due to the global registry setting."), + 0xC000019F: ("STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME","Short names are not enabled on this volume."), + 0xC00001A0: ("STATUS_SECURITY_STREAM_IS_INCONSISTENT","The security stream for the given volume is in an inconsistent state. Please run CHKDSK on the volume."), + 0xC00001A1: ("STATUS_INVALID_LOCK_RANGE","A requested file lock operation cannot be processed due to an invalid byte range."), + 0xC00001A2: ("STATUS_INVALID_ACE_CONDITION","The specified access control entry (ACE) contains an invalid condition."), + 0xC00001A3: ("STATUS_IMAGE_SUBSYSTEM_NOT_PRESENT","The subsystem needed to support the image type is not present."), + 0xC00001A4: ("STATUS_NOTIFICATION_GUID_ALREADY_DEFINED","The specified file already has a notification GUID associated with it."), + 0xC0000201: ("STATUS_NETWORK_OPEN_RESTRICTION","A remote open failed because the network open restrictions were not satisfied."), + 0xC0000202: ("STATUS_NO_USER_SESSION_KEY","There is no user session key for the specified logon session."), + 0xC0000203: ("STATUS_USER_SESSION_DELETED","The remote user session has been deleted."), + 0xC0000204: ("STATUS_RESOURCE_LANG_NOT_FOUND","Indicates the specified resource language ID cannot be found in the image file."), + 0xC0000205: ("STATUS_INSUFF_SERVER_RESOURCES","Insufficient server resources exist to complete the request."), + 0xC0000206: ("STATUS_INVALID_BUFFER_SIZE","The size of the buffer is invalid for the specified operation."), + 0xC0000207: ("STATUS_INVALID_ADDRESS_COMPONENT","The transport rejected the specified network address as invalid."), + 0xC0000208: ("STATUS_INVALID_ADDRESS_WILDCARD","The transport rejected the specified network address due to invalid use of a wildcard."), + 0xC0000209: ("STATUS_TOO_MANY_ADDRESSES","The transport address could not be opened because all the available addresses are in use."), + 0xC000020A: ("STATUS_ADDRESS_ALREADY_EXISTS","The transport address could not be opened because it already exists."), + 0xC000020B: ("STATUS_ADDRESS_CLOSED","The transport address is now closed."), + 0xC000020C: ("STATUS_CONNECTION_DISCONNECTED","The transport connection is now disconnected."), + 0xC000020D: ("STATUS_CONNECTION_RESET","The transport connection has been reset."), + 0xC000020E: ("STATUS_TOO_MANY_NODES","The transport cannot dynamically acquire any more nodes."), + 0xC000020F: ("STATUS_TRANSACTION_ABORTED","The transport aborted a pending transaction."), + 0xC0000210: ("STATUS_TRANSACTION_TIMED_OUT","The transport timed out a request that is waiting for a response."), + 0xC0000211: ("STATUS_TRANSACTION_NO_RELEASE","The transport did not receive a release for a pending response."), + 0xC0000212: ("STATUS_TRANSACTION_NO_MATCH","The transport did not find a transaction that matches the specific token."), + 0xC0000213: ("STATUS_TRANSACTION_RESPONDED","The transport had previously responded to a transaction request."), + 0xC0000214: ("STATUS_TRANSACTION_INVALID_ID","The transport does not recognize the specified transaction request ID."), + 0xC0000215: ("STATUS_TRANSACTION_INVALID_TYPE","The transport does not recognize the specified transaction request type."), + 0xC0000216: ("STATUS_NOT_SERVER_SESSION","The transport can only process the specified request on the server side of a session."), + 0xC0000217: ("STATUS_NOT_CLIENT_SESSION","The transport can only process the specified request on the client side of a session."), + 0xC0000218: ("STATUS_CANNOT_LOAD_REGISTRY_FILE","{Registry File Failure} The registry cannot load the hive (file): %hs or its log or alternate. It is corrupt, absent, or not writable."), + 0xC0000219: ("STATUS_DEBUG_ATTACH_FAILED","{Unexpected Failure in DebugActiveProcess} An unexpected failure occurred while processing a DebugActiveProcess API request. You may choose OK to terminate the process, or Cancel to ignore the error."), + 0xC000021A: ("STATUS_SYSTEM_PROCESS_TERMINATED","{Fatal System Error} The %hs system process terminated unexpectedly with a status of 0x%08x (0x%08x 0x%08x). The system has been shut down."), + 0xC000021B: ("STATUS_DATA_NOT_ACCEPTED","{Data Not Accepted} The TDI client could not handle the data received during an indication."), + 0xC000021C: ("STATUS_NO_BROWSER_SERVERS_FOUND","{Unable to Retrieve Browser Server List} The list of servers for this workgroup is not currently available."), + 0xC000021D: ("STATUS_VDM_HARD_ERROR","NTVDM encountered a hard error."), + 0xC000021E: ("STATUS_DRIVER_CANCEL_TIMEOUT","{Cancel Timeout} The driver %hs failed to complete a canceled I/O request in the allotted time."), + 0xC000021F: ("STATUS_REPLY_MESSAGE_MISMATCH","{Reply Message Mismatch} An attempt was made to reply to an LPC message, but the thread specified by the client ID in the message was not waiting on that message."), + 0xC0000220: ("STATUS_MAPPED_ALIGNMENT","{Mapped View Alignment Incorrect} An attempt was made to map a view of a file, but either the specified base address or the offset into the file were not aligned on the proper allocation granularity."), + 0xC0000221: ("STATUS_IMAGE_CHECKSUM_MISMATCH","{Bad Image Checksum} The image %hs is possibly corrupt. The header checksum does not match the computed checksum."), + 0xC0000222: ("STATUS_LOST_WRITEBEHIND_DATA","{Delayed Write Failed} Windows was unable to save all the data for the file %hs. The data has been lost. This error may be caused by a failure of your computer hardware or network connection. Try to save this file elsewhere."), + 0xC0000223: ("STATUS_CLIENT_SERVER_PARAMETERS_INVALID","The parameters passed to the server in the client/server shared memory window were invalid. Too much data may have been put in the shared memory window."), + 0xC0000224: ("STATUS_PASSWORD_MUST_CHANGE","The user password must be changed before logging on the first time."), + 0xC0000225: ("STATUS_NOT_FOUND","The object was not found."), + 0xC0000226: ("STATUS_NOT_TINY_STREAM","The stream is not a tiny stream."), + 0xC0000227: ("STATUS_RECOVERY_FAILURE","A transaction recovery failed."), + 0xC0000228: ("STATUS_STACK_OVERFLOW_READ","The request must be handled by the stack overflow code."), + 0xC0000229: ("STATUS_FAIL_CHECK","A consistency check failed."), + 0xC000022A: ("STATUS_DUPLICATE_OBJECTID","The attempt to insert the ID in the index failed because the ID is already in the index."), + 0xC000022B: ("STATUS_OBJECTID_EXISTS","The attempt to set the object ID failed because the object already has an ID."), + 0xC000022C: ("STATUS_CONVERT_TO_LARGE","Internal OFS status codes indicating how an allocation operation is handled. Either it is retried after the containing oNode is moved or the extent stream is converted to a large stream."), + 0xC000022D: ("STATUS_RETRY","The request needs to be retried."), + 0xC000022E: ("STATUS_FOUND_OUT_OF_SCOPE","The attempt to find the object found an object on the volume that matches by ID; however, it is out of the scope of the handle that is used for the operation."), + 0xC000022F: ("STATUS_ALLOCATE_BUCKET","The bucket array must be grown. Retry the transaction after doing so."), + 0xC0000230: ("STATUS_PROPSET_NOT_FOUND","The specified property set does not exist on the object."), + 0xC0000231: ("STATUS_MARSHALL_OVERFLOW","The user/kernel marshaling buffer has overflowed."), + 0xC0000232: ("STATUS_INVALID_VARIANT","The supplied variant structure contains invalid data."), + 0xC0000233: ("STATUS_DOMAIN_CONTROLLER_NOT_FOUND","A domain controller for this domain was not found."), + 0xC0000234: ("STATUS_ACCOUNT_LOCKED_OUT","The user account has been automatically locked because too many invalid logon attempts or password change attempts have been requested."), + 0xC0000235: ("STATUS_HANDLE_NOT_CLOSABLE","NtClose was called on a handle that was protected from close via NtSetInformationObject."), + 0xC0000236: ("STATUS_CONNECTION_REFUSED","The transport-connection attempt was refused by the remote system."), + 0xC0000237: ("STATUS_GRACEFUL_DISCONNECT","The transport connection was gracefully closed."), + 0xC0000238: ("STATUS_ADDRESS_ALREADY_ASSOCIATED","The transport endpoint already has an address associated with it."), + 0xC0000239: ("STATUS_ADDRESS_NOT_ASSOCIATED","An address has not yet been associated with the transport endpoint."), + 0xC000023A: ("STATUS_CONNECTION_INVALID","An operation was attempted on a nonexistent transport connection."), + 0xC000023B: ("STATUS_CONNECTION_ACTIVE","An invalid operation was attempted on an active transport connection."), + 0xC000023C: ("STATUS_NETWORK_UNREACHABLE","The remote network is not reachable by the transport."), + 0xC000023D: ("STATUS_HOST_UNREACHABLE","The remote system is not reachable by the transport."), + 0xC000023E: ("STATUS_PROTOCOL_UNREACHABLE","The remote system does not support the transport protocol."), + 0xC000023F: ("STATUS_PORT_UNREACHABLE","No service is operating at the destination port of the transport on the remote system."), + 0xC0000240: ("STATUS_REQUEST_ABORTED","The request was aborted."), + 0xC0000241: ("STATUS_CONNECTION_ABORTED","The transport connection was aborted by the local system."), + 0xC0000242: ("STATUS_BAD_COMPRESSION_BUFFER","The specified buffer contains ill-formed data."), + 0xC0000243: ("STATUS_USER_MAPPED_FILE","The requested operation cannot be performed on a file with a user mapped section open."), + 0xC0000244: ("STATUS_AUDIT_FAILED","{Audit Failed} An attempt to generate a security audit failed."), + 0xC0000245: ("STATUS_TIMER_RESOLUTION_NOT_SET","The timer resolution was not previously set by the current process."), + 0xC0000246: ("STATUS_CONNECTION_COUNT_LIMIT","A connection to the server could not be made because the limit on the number of concurrent connections for this account has been reached."), + 0xC0000247: ("STATUS_LOGIN_TIME_RESTRICTION","Attempting to log on during an unauthorized time of day for this account."), + 0xC0000248: ("STATUS_LOGIN_WKSTA_RESTRICTION","The account is not authorized to log on from this station."), + 0xC0000249: ("STATUS_IMAGE_MP_UP_MISMATCH","{UP/MP Image Mismatch} The image %hs has been modified for use on a uniprocessor system, but you are running it on a multiprocessor machine. Reinstall the image file."), + 0xC0000250: ("STATUS_INSUFFICIENT_LOGON_INFO","There is insufficient account information to log you on."), + 0xC0000251: ("STATUS_BAD_DLL_ENTRYPOINT","{Invalid DLL Entrypoint} The dynamic link library %hs is not written correctly. The stack pointer has been left in an inconsistent state. The entry point should be declared as WINAPI or STDCALL. Select YES to fail the DLL load. Select NO to continue execution. Selecting NO may cause the application to operate incorrectly."), + 0xC0000252: ("STATUS_BAD_SERVICE_ENTRYPOINT","{Invalid Service Callback Entrypoint} The %hs service is not written correctly. The stack pointer has been left in an inconsistent state. The callback entry point should be declared as WINAPI or STDCALL. Selecting OK will cause the service to continue operation. However, the service process may operate incorrectly."), + 0xC0000253: ("STATUS_LPC_REPLY_LOST","The server received the messages but did not send a reply."), + 0xC0000254: ("STATUS_IP_ADDRESS_CONFLICT1","There is an IP address conflict with another system on the network."), + 0xC0000255: ("STATUS_IP_ADDRESS_CONFLICT2","There is an IP address conflict with another system on the network."), + 0xC0000256: ("STATUS_REGISTRY_QUOTA_LIMIT","{Low On Registry Space} The system has reached the maximum size that is allowed for the system part of the registry. Additional storage requests will be ignored."), + 0xC0000257: ("STATUS_PATH_NOT_COVERED","The contacted server does not support the indicated part of the DFS namespace."), + 0xC0000258: ("STATUS_NO_CALLBACK_ACTIVE","A callback return system service cannot be executed when no callback is active."), + 0xC0000259: ("STATUS_LICENSE_QUOTA_EXCEEDED","The service being accessed is licensed for a particular number of connections. No more connections can be made to the service at this time because the service has already accepted the maximum number of connections."), + 0xC000025A: ("STATUS_PWD_TOO_SHORT","The password provided is too short to meet the policy of your user account. Choose a longer password."), + 0xC000025B: ("STATUS_PWD_TOO_RECENT","The policy of your user account does not allow you to change passwords too frequently. This is done to prevent users from changing back to a familiar, but potentially discovered, password. If you feel your password has been compromised, contact your administrator immediately to have a new one assigned."), + 0xC000025C: ("STATUS_PWD_HISTORY_CONFLICT","You have attempted to change your password to one that you have used in the past. The policy of your user account does not allow this. Select a password that you have not previously used."), + 0xC000025E: ("STATUS_PLUGPLAY_NO_DEVICE","You have attempted to load a legacy device driver while its device instance had been disabled."), + 0xC000025F: ("STATUS_UNSUPPORTED_COMPRESSION","The specified compression format is unsupported."), + 0xC0000260: ("STATUS_INVALID_HW_PROFILE","The specified hardware profile configuration is invalid."), + 0xC0000261: ("STATUS_INVALID_PLUGPLAY_DEVICE_PATH","The specified Plug and Play registry device path is invalid."), + 0xC0000262: ("STATUS_DRIVER_ORDINAL_NOT_FOUND","{Driver Entry Point Not Found} The %hs device driver could not locate the ordinal %ld in driver %hs."), + 0xC0000263: ("STATUS_DRIVER_ENTRYPOINT_NOT_FOUND","{Driver Entry Point Not Found} The %hs device driver could not locate the entry point %hs in driver %hs."), + 0xC0000264: ("STATUS_RESOURCE_NOT_OWNED","{Application Error} The application attempted to release a resource it did not own. Click OK to terminate the application."), + 0xC0000265: ("STATUS_TOO_MANY_LINKS","An attempt was made to create more links on a file than the file system supports."), + 0xC0000266: ("STATUS_QUOTA_LIST_INCONSISTENT","The specified quota list is internally inconsistent with its descriptor."), + 0xC0000267: ("STATUS_FILE_IS_OFFLINE","The specified file has been relocated to offline storage."), + 0xC0000268: ("STATUS_EVALUATION_EXPIRATION","{Windows Evaluation Notification} The evaluation period for this installation of Windows has expired. This system will shutdown in 1 hour. To restore access to this installation of Windows, upgrade this installation by using a licensed distribution of this product."), + 0xC0000269: ("STATUS_ILLEGAL_DLL_RELOCATION","{Illegal System DLL Relocation} The system DLL %hs was relocated in memory. The application will not run properly. The relocation occurred because the DLL %hs occupied an address range that is reserved for Windows system DLLs. The vendor supplying the DLL should be contacted for a new DLL."), + 0xC000026A: ("STATUS_LICENSE_VIOLATION","{License Violation} The system has detected tampering with your registered product type. This is a violation of your software license. Tampering with the product type is not permitted."), + 0xC000026B: ("STATUS_DLL_INIT_FAILED_LOGOFF","{DLL Initialization Failed} The application failed to initialize because the window station is shutting down."), + 0xC000026C: ("STATUS_DRIVER_UNABLE_TO_LOAD","{Unable to Load Device Driver} %hs device driver could not be loaded. Error Status was 0x%x."), + 0xC000026D: ("STATUS_DFS_UNAVAILABLE","DFS is unavailable on the contacted server."), + 0xC000026E: ("STATUS_VOLUME_DISMOUNTED","An operation was attempted to a volume after it was dismounted."), + 0xC000026F: ("STATUS_WX86_INTERNAL_ERROR","An internal error occurred in the Win32 x86 emulation subsystem."), + 0xC0000270: ("STATUS_WX86_FLOAT_STACK_CHECK","Win32 x86 emulation subsystem floating-point stack check."), + 0xC0000271: ("STATUS_VALIDATE_CONTINUE","The validation process needs to continue on to the next step."), + 0xC0000272: ("STATUS_NO_MATCH","There was no match for the specified key in the index."), + 0xC0000273: ("STATUS_NO_MORE_MATCHES","There are no more matches for the current index enumeration."), + 0xC0000275: ("STATUS_NOT_A_REPARSE_POINT","The NTFS file or directory is not a reparse point."), + 0xC0000276: ("STATUS_IO_REPARSE_TAG_INVALID","The Windows I/O reparse tag passed for the NTFS reparse point is invalid."), + 0xC0000277: ("STATUS_IO_REPARSE_TAG_MISMATCH","The Windows I/O reparse tag does not match the one that is in the NTFS reparse point."), + 0xC0000278: ("STATUS_IO_REPARSE_DATA_INVALID","The user data passed for the NTFS reparse point is invalid."), + 0xC0000279: ("STATUS_IO_REPARSE_TAG_NOT_HANDLED","The layered file system driver for this I/O tag did not handle it when needed."), + 0xC0000280: ("STATUS_REPARSE_POINT_NOT_RESOLVED","The NTFS symbolic link could not be resolved even though the initial file name is valid."), + 0xC0000281: ("STATUS_DIRECTORY_IS_A_REPARSE_POINT","The NTFS directory is a reparse point."), + 0xC0000282: ("STATUS_RANGE_LIST_CONFLICT","The range could not be added to the range list because of a conflict."), + 0xC0000283: ("STATUS_SOURCE_ELEMENT_EMPTY","The specified medium changer source element contains no media."), + 0xC0000284: ("STATUS_DESTINATION_ELEMENT_FULL","The specified medium changer destination element already contains media."), + 0xC0000285: ("STATUS_ILLEGAL_ELEMENT_ADDRESS","The specified medium changer element does not exist."), + 0xC0000286: ("STATUS_MAGAZINE_NOT_PRESENT","The specified element is contained in a magazine that is no longer present."), + 0xC0000287: ("STATUS_REINITIALIZATION_NEEDED","The device requires re-initialization due to hardware errors."), + 0xC000028A: ("STATUS_ENCRYPTION_FAILED","The file encryption attempt failed."), + 0xC000028B: ("STATUS_DECRYPTION_FAILED","The file decryption attempt failed."), + 0xC000028C: ("STATUS_RANGE_NOT_FOUND","The specified range could not be found in the range list."), + 0xC000028D: ("STATUS_NO_RECOVERY_POLICY","There is no encryption recovery policy configured for this system."), + 0xC000028E: ("STATUS_NO_EFS","The required encryption driver is not loaded for this system."), + 0xC000028F: ("STATUS_WRONG_EFS","The file was encrypted with a different encryption driver than is currently loaded."), + 0xC0000290: ("STATUS_NO_USER_KEYS","There are no EFS keys defined for the user."), + 0xC0000291: ("STATUS_FILE_NOT_ENCRYPTED","The specified file is not encrypted."), + 0xC0000292: ("STATUS_NOT_EXPORT_FORMAT","The specified file is not in the defined EFS export format."), + 0xC0000293: ("STATUS_FILE_ENCRYPTED","The specified file is encrypted and the user does not have the ability to decrypt it."), + 0xC0000295: ("STATUS_WMI_GUID_NOT_FOUND","The GUID passed was not recognized as valid by a WMI data provider."), + 0xC0000296: ("STATUS_WMI_INSTANCE_NOT_FOUND","The instance name passed was not recognized as valid by a WMI data provider."), + 0xC0000297: ("STATUS_WMI_ITEMID_NOT_FOUND","The data item ID passed was not recognized as valid by a WMI data provider."), + 0xC0000298: ("STATUS_WMI_TRY_AGAIN","The WMI request could not be completed and should be retried."), + 0xC0000299: ("STATUS_SHARED_POLICY","The policy object is shared and can only be modified at the root."), + 0xC000029A: ("STATUS_POLICY_OBJECT_NOT_FOUND","The policy object does not exist when it should."), + 0xC000029B: ("STATUS_POLICY_ONLY_IN_DS","The requested policy information only lives in the Ds."), + 0xC000029C: ("STATUS_VOLUME_NOT_UPGRADED","The volume must be upgraded to enable this feature."), + 0xC000029D: ("STATUS_REMOTE_STORAGE_NOT_ACTIVE","The remote storage service is not operational at this time."), + 0xC000029E: ("STATUS_REMOTE_STORAGE_MEDIA_ERROR","The remote storage service encountered a media error."), + 0xC000029F: ("STATUS_NO_TRACKING_SERVICE","The tracking (workstation) service is not running."), + 0xC00002A0: ("STATUS_SERVER_SID_MISMATCH","The server process is running under a SID that is different from the SID that is required by client."), + 0xC00002A1: ("STATUS_DS_NO_ATTRIBUTE_OR_VALUE","The specified directory service attribute or value does not exist."), + 0xC00002A2: ("STATUS_DS_INVALID_ATTRIBUTE_SYNTAX","The attribute syntax specified to the directory service is invalid."), + 0xC00002A3: ("STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED","The attribute type specified to the directory service is not defined."), + 0xC00002A4: ("STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS","The specified directory service attribute or value already exists."), + 0xC00002A5: ("STATUS_DS_BUSY","The directory service is busy."), + 0xC00002A6: ("STATUS_DS_UNAVAILABLE","The directory service is unavailable."), + 0xC00002A7: ("STATUS_DS_NO_RIDS_ALLOCATED","The directory service was unable to allocate a relative identifier."), + 0xC00002A8: ("STATUS_DS_NO_MORE_RIDS","The directory service has exhausted the pool of relative identifiers."), + 0xC00002A9: ("STATUS_DS_INCORRECT_ROLE_OWNER","The requested operation could not be performed because the directory service is not the master for that type of operation."), + 0xC00002AA: ("STATUS_DS_RIDMGR_INIT_ERROR","The directory service was unable to initialize the subsystem that allocates relative identifiers."), + 0xC00002AB: ("STATUS_DS_OBJ_CLASS_VIOLATION","The requested operation did not satisfy one or more constraints that are associated with the class of the object."), + 0xC00002AC: ("STATUS_DS_CANT_ON_NON_LEAF","The directory service can perform the requested operation only on a leaf object."), + 0xC00002AD: ("STATUS_DS_CANT_ON_RDN","The directory service cannot perform the requested operation on the Relatively Defined Name (RDN) attribute of an object."), + 0xC00002AE: ("STATUS_DS_CANT_MOD_OBJ_CLASS","The directory service detected an attempt to modify the object class of an object."), + 0xC00002AF: ("STATUS_DS_CROSS_DOM_MOVE_FAILED","An error occurred while performing a cross domain move operation."), + 0xC00002B0: ("STATUS_DS_GC_NOT_AVAILABLE","Unable to contact the global catalog server."), + 0xC00002B1: ("STATUS_DIRECTORY_SERVICE_REQUIRED","The requested operation requires a directory service, and none was available."), + 0xC00002B2: ("STATUS_REPARSE_ATTRIBUTE_CONFLICT","The reparse attribute cannot be set because it is incompatible with an existing attribute."), + 0xC00002B3: ("STATUS_CANT_ENABLE_DENY_ONLY","A group marked \"use for deny only\" cannot be enabled."), + 0xC00002B4: ("STATUS_FLOAT_MULTIPLE_FAULTS","{EXCEPTION} Multiple floating-point faults."), + 0xC00002B5: ("STATUS_FLOAT_MULTIPLE_TRAPS","{EXCEPTION} Multiple floating-point traps."), + 0xC00002B6: ("STATUS_DEVICE_REMOVED","The device has been removed."), + 0xC00002B7: ("STATUS_JOURNAL_DELETE_IN_PROGRESS","The volume change journal is being deleted."), + 0xC00002B8: ("STATUS_JOURNAL_NOT_ACTIVE","The volume change journal is not active."), + 0xC00002B9: ("STATUS_NOINTERFACE","The requested interface is not supported."), + 0xC00002C1: ("STATUS_DS_ADMIN_LIMIT_EXCEEDED","A directory service resource limit has been exceeded."), + 0xC00002C2: ("STATUS_DRIVER_FAILED_SLEEP","{System Standby Failed} The driver %hs does not support standby mode. Updating this driver may allow the system to go to standby mode."), + 0xC00002C3: ("STATUS_MUTUAL_AUTHENTICATION_FAILED","Mutual Authentication failed. The server password is out of date at the domain controller."), + 0xC00002C4: ("STATUS_CORRUPT_SYSTEM_FILE","The system file %1 has become corrupt and has been replaced."), + 0xC00002C5: ("STATUS_DATATYPE_MISALIGNMENT_ERROR","{EXCEPTION} Alignment Error A data type misalignment error was detected in a load or store instruction."), + 0xC00002C6: ("STATUS_WMI_READ_ONLY","The WMI data item or data block is read-only."), + 0xC00002C7: ("STATUS_WMI_SET_FAILURE","The WMI data item or data block could not be changed."), + 0xC00002C8: ("STATUS_COMMITMENT_MINIMUM","{Virtual Memory Minimum Too Low} Your system is low on virtual memory. Windows is increasing the size of your virtual memory paging file. During this process, memory requests for some applications may be denied. For more information, see Help."), + 0xC00002C9: ("STATUS_REG_NAT_CONSUMPTION","{EXCEPTION} Register NaT consumption faults. A NaT value is consumed on a non-speculative instruction."), + 0xC00002CA: ("STATUS_TRANSPORT_FULL","The transport element of the medium changer contains media, which is causing the operation to fail."), + 0xC00002CB: ("STATUS_DS_SAM_INIT_FAILURE","Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Directory Services Restore Mode. Check the event log for more detailed information."), + 0xC00002CC: ("STATUS_ONLY_IF_CONNECTED","This operation is supported only when you are connected to the server."), + 0xC00002CD: ("STATUS_DS_SENSITIVE_GROUP_VIOLATION","Only an administrator can modify the membership list of an administrative group."), + 0xC00002CE: ("STATUS_PNP_RESTART_ENUMERATION","A device was removed so enumeration must be restarted."), + 0xC00002CF: ("STATUS_JOURNAL_ENTRY_DELETED","The journal entry has been deleted from the journal."), + 0xC00002D0: ("STATUS_DS_CANT_MOD_PRIMARYGROUPID","Cannot change the primary group ID of a domain controller account."), + 0xC00002D1: ("STATUS_SYSTEM_IMAGE_BAD_SIGNATURE","{Fatal System Error} The system image %s is not properly signed. The file has been replaced with the signed file. The system has been shut down."), + 0xC00002D2: ("STATUS_PNP_REBOOT_REQUIRED","The device will not start without a reboot."), + 0xC00002D3: ("STATUS_POWER_STATE_INVALID","The power state of the current device cannot support this request."), + 0xC00002D4: ("STATUS_DS_INVALID_GROUP_TYPE","The specified group type is invalid."), + 0xC00002D5: ("STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN","In a mixed domain, no nesting of a global group if the group is security enabled."), + 0xC00002D6: ("STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN","In a mixed domain, cannot nest local groups with other local groups, if the group is security enabled."), + 0xC00002D7: ("STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER","A global group cannot have a local group as a member."), + 0xC00002D8: ("STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER","A global group cannot have a universal group as a member."), + 0xC00002D9: ("STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER","A universal group cannot have a local group as a member."), + 0xC00002DA: ("STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER","A global group cannot have a cross-domain member."), + 0xC00002DB: ("STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER","A local group cannot have another cross-domain local group as a member."), + 0xC00002DC: ("STATUS_DS_HAVE_PRIMARY_MEMBERS","Cannot change to a security-disabled group because primary members are in this group."), + 0xC00002DD: ("STATUS_WMI_NOT_SUPPORTED","The WMI operation is not supported by the data block or method."), + 0xC00002DE: ("STATUS_INSUFFICIENT_POWER","There is not enough power to complete the requested operation."), + 0xC00002DF: ("STATUS_SAM_NEED_BOOTKEY_PASSWORD","The Security Accounts Manager needs to get the boot password."), + 0xC00002E0: ("STATUS_SAM_NEED_BOOTKEY_FLOPPY","The Security Accounts Manager needs to get the boot key from the floppy disk."), + 0xC00002E1: ("STATUS_DS_CANT_START","The directory service cannot start."), + 0xC00002E2: ("STATUS_DS_INIT_FAILURE","The directory service could not start because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Directory Services Restore Mode. Check the event log for more detailed information."), + 0xC00002E3: ("STATUS_SAM_INIT_FAILURE","The Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down this system and restart in Safe Mode. Check the event log for more detailed information."), + 0xC00002E4: ("STATUS_DS_GC_REQUIRED","The requested operation can be performed only on a global catalog server."), + 0xC00002E5: ("STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY","A local group can only be a member of other local groups in the same domain."), + 0xC00002E6: ("STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS","Foreign security principals cannot be members of universal groups."), + 0xC00002E7: ("STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED","Your computer could not be joined to the domain. You have exceeded the maximum number of computer accounts you are allowed to create in this domain. Contact your system administrator to have this limit reset or increased."), + 0xC00002E9: ("STATUS_CURRENT_DOMAIN_NOT_ALLOWED","This operation cannot be performed on the current domain."), + 0xC00002EA: ("STATUS_CANNOT_MAKE","The directory or file cannot be created."), + 0xC00002EB: ("STATUS_SYSTEM_SHUTDOWN","The system is in the process of shutting down."), + 0xC00002EC: ("STATUS_DS_INIT_FAILURE_CONSOLE","Directory Services could not start because of the following error: %hs Error Status: 0x%x. Click OK to shut down the system. You can use the recovery console to diagnose the system further."), + 0xC00002ED: ("STATUS_DS_SAM_INIT_FAILURE_CONSOLE","Security Accounts Manager initialization failed because of the following error: %hs Error Status: 0x%x. Click OK to shut down the system. You can use the recovery console to diagnose the system further."), + 0xC00002EE: ("STATUS_UNFINISHED_CONTEXT_DELETED","A security context was deleted before the context was completed. This is considered a logon failure."), + 0xC00002EF: ("STATUS_NO_TGT_REPLY","The client is trying to negotiate a context and the server requires user-to-user but did not send a TGT reply."), + 0xC00002F0: ("STATUS_OBJECTID_NOT_FOUND","An object ID was not found in the file."), + 0xC00002F1: ("STATUS_NO_IP_ADDRESSES","Unable to accomplish the requested task because the local machine does not have any IP addresses."), + 0xC00002F2: ("STATUS_WRONG_CREDENTIAL_HANDLE","The supplied credential handle does not match the credential that is associated with the security context."), + 0xC00002F3: ("STATUS_CRYPTO_SYSTEM_INVALID","The crypto system or checksum function is invalid because a required function is unavailable."), + 0xC00002F4: ("STATUS_MAX_REFERRALS_EXCEEDED","The number of maximum ticket referrals has been exceeded."), + 0xC00002F5: ("STATUS_MUST_BE_KDC","The local machine must be a Kerberos KDC (domain controller) and it is not."), + 0xC00002F6: ("STATUS_STRONG_CRYPTO_NOT_SUPPORTED","The other end of the security negotiation requires strong crypto but it is not supported on the local machine."), + 0xC00002F7: ("STATUS_TOO_MANY_PRINCIPALS","The KDC reply contained more than one principal name."), + 0xC00002F8: ("STATUS_NO_PA_DATA","Expected to find PA data for a hint of what etype to use, but it was not found."), + 0xC00002F9: ("STATUS_PKINIT_NAME_MISMATCH","The client certificate does not contain a valid UPN, or does not match the client name in the logon request. Contact your administrator."), + 0xC00002FA: ("STATUS_SMARTCARD_LOGON_REQUIRED","Smart card logon is required and was not used."), + 0xC00002FB: ("STATUS_KDC_INVALID_REQUEST","An invalid request was sent to the KDC."), + 0xC00002FC: ("STATUS_KDC_UNABLE_TO_REFER","The KDC was unable to generate a referral for the service requested."), + 0xC00002FD: ("STATUS_KDC_UNKNOWN_ETYPE","The encryption type requested is not supported by the KDC."), + 0xC00002FE: ("STATUS_SHUTDOWN_IN_PROGRESS","A system shutdown is in progress."), + 0xC00002FF: ("STATUS_SERVER_SHUTDOWN_IN_PROGRESS","The server machine is shutting down."), + 0xC0000300: ("STATUS_NOT_SUPPORTED_ON_SBS","This operation is not supported on a computer running Windows Server 2003 for Small Business Server."), + 0xC0000301: ("STATUS_WMI_GUID_DISCONNECTED","The WMI GUID is no longer available."), + 0xC0000302: ("STATUS_WMI_ALREADY_DISABLED","Collection or events for the WMI GUID is already disabled."), + 0xC0000303: ("STATUS_WMI_ALREADY_ENABLED","Collection or events for the WMI GUID is already enabled."), + 0xC0000304: ("STATUS_MFT_TOO_FRAGMENTED","The master file table on the volume is too fragmented to complete this operation."), + 0xC0000305: ("STATUS_COPY_PROTECTION_FAILURE","Copy protection failure."), + 0xC0000306: ("STATUS_CSS_AUTHENTICATION_FAILURE","Copy protection error-DVD CSS Authentication failed."), + 0xC0000307: ("STATUS_CSS_KEY_NOT_PRESENT","Copy protection error-The specified sector does not contain a valid key."), + 0xC0000308: ("STATUS_CSS_KEY_NOT_ESTABLISHED","Copy protection error-DVD session key not established."), + 0xC0000309: ("STATUS_CSS_SCRAMBLED_SECTOR","Copy protection error-The read failed because the sector is encrypted."), + 0xC000030A: ("STATUS_CSS_REGION_MISMATCH","Copy protection error-The region of the specified DVD does not correspond to the region setting of the drive."), + 0xC000030B: ("STATUS_CSS_RESETS_EXHAUSTED","Copy protection error-The region setting of the drive may be permanent."), + 0xC0000320: ("STATUS_PKINIT_FAILURE","The Kerberos protocol encountered an error while validating the KDC certificate during smart card logon. There is more information in the system event log."), + 0xC0000321: ("STATUS_SMARTCARD_SUBSYSTEM_FAILURE","The Kerberos protocol encountered an error while attempting to use the smart card subsystem."), + 0xC0000322: ("STATUS_NO_KERB_KEY","The target server does not have acceptable Kerberos credentials."), + 0xC0000350: ("STATUS_HOST_DOWN","The transport determined that the remote system is down."), + 0xC0000351: ("STATUS_UNSUPPORTED_PREAUTH","An unsupported pre-authentication mechanism was presented to the Kerberos package."), + 0xC0000352: ("STATUS_EFS_ALG_BLOB_TOO_BIG","The encryption algorithm that is used on the source file needs a bigger key buffer than the one that is used on the destination file."), + 0xC0000353: ("STATUS_PORT_NOT_SET","An attempt to remove a processes DebugPort was made, but a port was not already associated with the process."), + 0xC0000354: ("STATUS_DEBUGGER_INACTIVE","An attempt to do an operation on a debug port failed because the port is in the process of being deleted."), + 0xC0000355: ("STATUS_DS_VERSION_CHECK_FAILURE","This version of Windows is not compatible with the behavior version of the directory forest, domain, or domain controller."), + 0xC0000356: ("STATUS_AUDITING_DISABLED","The specified event is currently not being audited."), + 0xC0000357: ("STATUS_PRENT4_MACHINE_ACCOUNT","The machine account was created prior to Windows NT 4.0. The account needs to be recreated."), + 0xC0000358: ("STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER","An account group cannot have a universal group as a member."), + 0xC0000359: ("STATUS_INVALID_IMAGE_WIN_32","The specified image file did not have the correct format; it appears to be a 32-bit Windows image."), + 0xC000035A: ("STATUS_INVALID_IMAGE_WIN_64","The specified image file did not have the correct format; it appears to be a 64-bit Windows image."), + 0xC000035B: ("STATUS_BAD_BINDINGS","The client's supplied SSPI channel bindings were incorrect."), + 0xC000035C: ("STATUS_NETWORK_SESSION_EXPIRED","The client session has expired; so the client must re-authenticate to continue accessing the remote resources."), + 0xC000035D: ("STATUS_APPHELP_BLOCK","The AppHelp dialog box canceled; thus preventing the application from starting."), + 0xC000035E: ("STATUS_ALL_SIDS_FILTERED","The SID filtering operation removed all SIDs."), + 0xC000035F: ("STATUS_NOT_SAFE_MODE_DRIVER","The driver was not loaded because the system is starting in safe mode."), + 0xC0000361: ("STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT","Access to %1 has been restricted by your Administrator by the default software restriction policy level."), + 0xC0000362: ("STATUS_ACCESS_DISABLED_BY_POLICY_PATH","Access to %1 has been restricted by your Administrator by location with policy rule %2 placed on path %3."), + 0xC0000363: ("STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER","Access to %1 has been restricted by your Administrator by software publisher policy."), + 0xC0000364: ("STATUS_ACCESS_DISABLED_BY_POLICY_OTHER","Access to %1 has been restricted by your Administrator by policy rule %2."), + 0xC0000365: ("STATUS_FAILED_DRIVER_ENTRY","The driver was not loaded because it failed its initialization call."), + 0xC0000366: ("STATUS_DEVICE_ENUMERATION_ERROR","The device encountered an error while applying power or reading the device configuration. This may be caused by a failure of your hardware or by a poor connection."), + 0xC0000368: ("STATUS_MOUNT_POINT_NOT_RESOLVED","The create operation failed because the name contained at least one mount point that resolves to a volume to which the specified device object is not attached."), + 0xC0000369: ("STATUS_INVALID_DEVICE_OBJECT_PARAMETER","The device object parameter is either not a valid device object or is not attached to the volume that is specified by the file name."), + 0xC000036A: ("STATUS_MCA_OCCURED","A machine check error has occurred. Check the system event log for additional information."), + 0xC000036B: ("STATUS_DRIVER_BLOCKED_CRITICAL","Driver %2 has been blocked from loading."), + 0xC000036C: ("STATUS_DRIVER_BLOCKED","Driver %2 has been blocked from loading."), + 0xC000036D: ("STATUS_DRIVER_DATABASE_ERROR","There was error [%2] processing the driver database."), + 0xC000036E: ("STATUS_SYSTEM_HIVE_TOO_LARGE","System hive size has exceeded its limit."), + 0xC000036F: ("STATUS_INVALID_IMPORT_OF_NON_DLL","A dynamic link library (DLL) referenced a module that was neither a DLL nor the process's executable image."), + 0xC0000371: ("STATUS_NO_SECRETS","The local account store does not contain secret material for the specified account."), + 0xC0000372: ("STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY","Access to %1 has been restricted by your Administrator by policy rule %2."), + 0xC0000373: ("STATUS_FAILED_STACK_SWITCH","The system was not able to allocate enough memory to perform a stack switch."), + 0xC0000374: ("STATUS_HEAP_CORRUPTION","A heap has been corrupted."), + 0xC0000380: ("STATUS_SMARTCARD_WRONG_PIN","An incorrect PIN was presented to the smart card."), + 0xC0000381: ("STATUS_SMARTCARD_CARD_BLOCKED","The smart card is blocked."), + 0xC0000382: ("STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED","No PIN was presented to the smart card."), + 0xC0000383: ("STATUS_SMARTCARD_NO_CARD","No smart card is available."), + 0xC0000384: ("STATUS_SMARTCARD_NO_KEY_CONTAINER","The requested key container does not exist on the smart card."), + 0xC0000385: ("STATUS_SMARTCARD_NO_CERTIFICATE","The requested certificate does not exist on the smart card."), + 0xC0000386: ("STATUS_SMARTCARD_NO_KEYSET","The requested keyset does not exist."), + 0xC0000387: ("STATUS_SMARTCARD_IO_ERROR","A communication error with the smart card has been detected."), + 0xC0000388: ("STATUS_DOWNGRADE_DETECTED","The system detected a possible attempt to compromise security. Ensure that you can contact the server that authenticated you."), + 0xC0000389: ("STATUS_SMARTCARD_CERT_REVOKED","The smart card certificate used for authentication has been revoked. Contact your system administrator. There may be additional information in the event log."), + 0xC000038A: ("STATUS_ISSUING_CA_UNTRUSTED","An untrusted certificate authority was detected while processing the smart card certificate that is used for authentication. Contact your system administrator."), + 0xC000038B: ("STATUS_REVOCATION_OFFLINE_C","The revocation status of the smart card certificate that is used for authentication could not be determined. Contact your system administrator."), + 0xC000038C: ("STATUS_PKINIT_CLIENT_FAILURE","The smart card certificate used for authentication was not trusted. Contact your system administrator."), + 0xC000038D: ("STATUS_SMARTCARD_CERT_EXPIRED","The smart card certificate used for authentication has expired. Contact your system administrator."), + 0xC000038E: ("STATUS_DRIVER_FAILED_PRIOR_UNLOAD","The driver could not be loaded because a previous version of the driver is still in memory."), + 0xC000038F: ("STATUS_SMARTCARD_SILENT_CONTEXT","The smart card provider could not perform the action because the context was acquired as silent."), + 0xC0000401: ("STATUS_PER_USER_TRUST_QUOTA_EXCEEDED","The delegated trust creation quota of the current user has been exceeded."), + 0xC0000402: ("STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED","The total delegated trust creation quota has been exceeded."), + 0xC0000403: ("STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED","The delegated trust deletion quota of the current user has been exceeded."), + 0xC0000404: ("STATUS_DS_NAME_NOT_UNIQUE","The requested name already exists as a unique identifier."), + 0xC0000405: ("STATUS_DS_DUPLICATE_ID_FOUND","The requested object has a non-unique identifier and cannot be retrieved."), + 0xC0000406: ("STATUS_DS_GROUP_CONVERSION_ERROR","The group cannot be converted due to attribute restrictions on the requested group type."), + 0xC0000407: ("STATUS_VOLSNAP_PREPARE_HIBERNATE","{Volume Shadow Copy Service} Wait while the Volume Shadow Copy Service prepares volume %hs for hibernation."), + 0xC0000408: ("STATUS_USER2USER_REQUIRED","Kerberos sub-protocol User2User is required."), + 0xC0000409: ("STATUS_STACK_BUFFER_OVERRUN","The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application."), + 0xC000040A: ("STATUS_NO_S4U_PROT_SUPPORT","The Kerberos subsystem encountered an error. A service for user protocol request was made against a domain controller which does not support service for user."), + 0xC000040B: ("STATUS_CROSSREALM_DELEGATION_FAILURE","An attempt was made by this server to make a Kerberos constrained delegation request for a target that is outside the server realm. This action is not supported and the resulting error indicates a misconfiguration on the allowed-to-delegate-to list for this server. Contact your administrator."), + 0xC000040C: ("STATUS_REVOCATION_OFFLINE_KDC","The revocation status of the domain controller certificate used for smart card authentication could not be determined. There is additional information in the system event log. Contact your system administrator."), + 0xC000040D: ("STATUS_ISSUING_CA_UNTRUSTED_KDC","An untrusted certificate authority was detected while processing the domain controller certificate used for authentication. There is additional information in the system event log. Contact your system administrator."), + 0xC000040E: ("STATUS_KDC_CERT_EXPIRED","The domain controller certificate used for smart card logon has expired. Contact your system administrator with the contents of your system event log."), + 0xC000040F: ("STATUS_KDC_CERT_REVOKED","The domain controller certificate used for smart card logon has been revoked. Contact your system administrator with the contents of your system event log."), + 0xC0000410: ("STATUS_PARAMETER_QUOTA_EXCEEDED","Data present in one of the parameters is more than the function can operate on."), + 0xC0000411: ("STATUS_HIBERNATION_FAILURE","The system has failed to hibernate (The error code is %hs). Hibernation will be disabled until the system is restarted."), + 0xC0000412: ("STATUS_DELAY_LOAD_FAILED","An attempt to delay-load a .dll or get a function address in a delay-loaded .dll failed."), + 0xC0000413: ("STATUS_AUTHENTICATION_FIREWALL_FAILED","Logon Failure: The machine you are logging onto is protected by an authentication firewall. The specified account is not allowed to authenticate to the machine."), + 0xC0000414: ("STATUS_VDM_DISALLOWED","%hs is a 16-bit application. You do not have permissions to execute 16-bit applications. Check your permissions with your system administrator."), + 0xC0000415: ("STATUS_HUNG_DISPLAY_DRIVER_THREAD","{Display Driver Stopped Responding} The %hs display driver has stopped working normally. Save your work and reboot the system to restore full display functionality. The next time you reboot the machine a dialog will be displayed giving you a chance to report this failure to Microsoft."), + 0xC0000416: ("STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE","The Desktop heap encountered an error while allocating session memory. There is more information in the system event log."), + 0xC0000417: ("STATUS_INVALID_CRUNTIME_PARAMETER","An invalid parameter was passed to a C runtime function."), + 0xC0000418: ("STATUS_NTLM_BLOCKED","The authentication failed because NTLM was blocked."), + 0xC0000419: ("STATUS_DS_SRC_SID_EXISTS_IN_FOREST","The source object's SID already exists in destination forest."), + 0xC000041A: ("STATUS_DS_DOMAIN_NAME_EXISTS_IN_FOREST","The domain name of the trusted domain already exists in the forest."), + 0xC000041B: ("STATUS_DS_FLAT_NAME_EXISTS_IN_FOREST","The flat name of the trusted domain already exists in the forest."), + 0xC000041C: ("STATUS_INVALID_USER_PRINCIPAL_NAME","The User Principal Name (UPN) is invalid."), + 0xC0000420: ("STATUS_ASSERTION_FAILURE","There has been an assertion failure."), + 0xC0000421: ("STATUS_VERIFIER_STOP","Application verifier has found an error in the current process."), + 0xC0000423: ("STATUS_CALLBACK_POP_STACK","A user mode unwind is in progress."), + 0xC0000424: ("STATUS_INCOMPATIBLE_DRIVER_BLOCKED","%2 has been blocked from loading due to incompatibility with this system. Contact your software vendor for a compatible version of the driver."), + 0xC0000425: ("STATUS_HIVE_UNLOADED","Illegal operation attempted on a registry key which has already been unloaded."), + 0xC0000426: ("STATUS_COMPRESSION_DISABLED","Compression is disabled for this volume."), + 0xC0000427: ("STATUS_FILE_SYSTEM_LIMITATION","The requested operation could not be completed due to a file system limitation."), + 0xC0000428: ("STATUS_INVALID_IMAGE_HASH","The hash for image %hs cannot be found in the system catalogs. The image is likely corrupt or the victim of tampering."), + 0xC0000429: ("STATUS_NOT_CAPABLE","The implementation is not capable of performing the request."), + 0xC000042A: ("STATUS_REQUEST_OUT_OF_SEQUENCE","The requested operation is out of order with respect to other operations."), + 0xC000042B: ("STATUS_IMPLEMENTATION_LIMIT","An operation attempted to exceed an implementation-defined limit."), + 0xC000042C: ("STATUS_ELEVATION_REQUIRED","The requested operation requires elevation."), + 0xC000042D: ("STATUS_NO_SECURITY_CONTEXT","The required security context does not exist."), + 0xC000042E: ("STATUS_PKU2U_CERT_FAILURE","The PKU2U protocol encountered an error while attempting to utilize the associated certificates."), + 0xC0000432: ("STATUS_BEYOND_VDL","The operation was attempted beyond the valid data length of the file."), + 0xC0000433: ("STATUS_ENCOUNTERED_WRITE_IN_PROGRESS","The attempted write operation encountered a write already in progress for some portion of the range."), + 0xC0000434: ("STATUS_PTE_CHANGED","The page fault mappings changed in the middle of processing a fault so the operation must be retried."), + 0xC0000435: ("STATUS_PURGE_FAILED","The attempt to purge this file from memory failed to purge some or all the data from memory."), + 0xC0000440: ("STATUS_CRED_REQUIRES_CONFIRMATION","The requested credential requires confirmation."), + 0xC0000441: ("STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE","The remote server sent an invalid response for a file being opened with Client Side Encryption."), + 0xC0000442: ("STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER","Client Side Encryption is not supported by the remote server even though it claims to support it."), + 0xC0000443: ("STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE","File is encrypted and should be opened in Client Side Encryption mode."), + 0xC0000444: ("STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE","A new encrypted file is being created and a $EFS needs to be provided."), + 0xC0000445: ("STATUS_CS_ENCRYPTION_FILE_NOT_CSE","The SMB client requested a CSE FSCTL on a non-CSE file."), + 0xC0000446: ("STATUS_INVALID_LABEL","Indicates a particular Security ID may not be assigned as the label of an object."), + 0xC0000450: ("STATUS_DRIVER_PROCESS_TERMINATED","The process hosting the driver for this device has terminated."), + 0xC0000451: ("STATUS_AMBIGUOUS_SYSTEM_DEVICE","The requested system device cannot be identified due to multiple indistinguishable devices potentially matching the identification criteria."), + 0xC0000452: ("STATUS_SYSTEM_DEVICE_NOT_FOUND","The requested system device cannot be found."), + 0xC0000453: ("STATUS_RESTART_BOOT_APPLICATION","This boot application must be restarted."), + 0xC0000454: ("STATUS_INSUFFICIENT_NVRAM_RESOURCES","Insufficient NVRAM resources exist to complete the API. A reboot might be required."), + 0xC0000500: ("STATUS_INVALID_TASK_NAME","The specified task name is invalid."), + 0xC0000501: ("STATUS_INVALID_TASK_INDEX","The specified task index is invalid."), + 0xC0000502: ("STATUS_THREAD_ALREADY_IN_TASK","The specified thread is already joining a task."), + 0xC0000503: ("STATUS_CALLBACK_BYPASS","A callback has requested to bypass native code."), + 0xC0000602: ("STATUS_FAIL_FAST_EXCEPTION","A fail fast exception occurred. Exception handlers will not be invoked and the process will be terminated immediately."), + 0xC0000603: ("STATUS_IMAGE_CERT_REVOKED","Windows cannot verify the digital signature for this file. The signing certificate for this file has been revoked."), + 0xC0000700: ("STATUS_PORT_CLOSED","The ALPC port is closed."), + 0xC0000701: ("STATUS_MESSAGE_LOST","The ALPC message requested is no longer available."), + 0xC0000702: ("STATUS_INVALID_MESSAGE","The ALPC message supplied is invalid."), + 0xC0000703: ("STATUS_REQUEST_CANCELED","The ALPC message has been canceled."), + 0xC0000704: ("STATUS_RECURSIVE_DISPATCH","Invalid recursive dispatch attempt."), + 0xC0000705: ("STATUS_LPC_RECEIVE_BUFFER_EXPECTED","No receive buffer has been supplied in a synchronous request."), + 0xC0000706: ("STATUS_LPC_INVALID_CONNECTION_USAGE","The connection port is used in an invalid context."), + 0xC0000707: ("STATUS_LPC_REQUESTS_NOT_ALLOWED","The ALPC port does not accept new request messages."), + 0xC0000708: ("STATUS_RESOURCE_IN_USE","The resource requested is already in use."), + 0xC0000709: ("STATUS_HARDWARE_MEMORY_ERROR","The hardware has reported an uncorrectable memory error."), + 0xC000070A: ("STATUS_THREADPOOL_HANDLE_EXCEPTION","Status 0x%08x was returned, waiting on handle 0x%x for wait 0x%p, in waiter 0x%p."), + 0xC000070B: ("STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED","After a callback to 0x%p(0x%p), a completion call to Set event(0x%p) failed with status 0x%08x."), + 0xC000070C: ("STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED","After a callback to 0x%p(0x%p), a completion call to ReleaseSemaphore(0x%p, %d) failed with status 0x%08x."), + 0xC000070D: ("STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED","After a callback to 0x%p(0x%p), a completion call to ReleaseMutex(%p) failed with status 0x%08x."), + 0xC000070E: ("STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED","After a callback to 0x%p(0x%p), a completion call to FreeLibrary(%p) failed with status 0x%08x."), + 0xC000070F: ("STATUS_THREADPOOL_RELEASED_DURING_OPERATION","The thread pool 0x%p was released while a thread was posting a callback to 0x%p(0x%p) to it."), + 0xC0000710: ("STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING","A thread pool worker thread is impersonating a client, after a callback to 0x%p(0x%p). This is unexpected, indicating that the callback is missing a call to revert the impersonation."), + 0xC0000711: ("STATUS_APC_RETURNED_WHILE_IMPERSONATING","A thread pool worker thread is impersonating a client, after executing an APC. This is unexpected, indicating that the APC is missing a call to revert the impersonation."), + 0xC0000712: ("STATUS_PROCESS_IS_PROTECTED","Either the target process, or the target thread's containing process, is a protected process."), + 0xC0000713: ("STATUS_MCA_EXCEPTION","A thread is getting dispatched with MCA EXCEPTION because of MCA."), + 0xC0000714: ("STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE","The client certificate account mapping is not unique."), + 0xC0000715: ("STATUS_SYMLINK_CLASS_DISABLED","The symbolic link cannot be followed because its type is disabled."), + 0xC0000716: ("STATUS_INVALID_IDN_NORMALIZATION","Indicates that the specified string is not valid for IDN normalization."), + 0xC0000717: ("STATUS_NO_UNICODE_TRANSLATION","No mapping for the Unicode character exists in the target multi-byte code page."), + 0xC0000718: ("STATUS_ALREADY_REGISTERED","The provided callback is already registered."), + 0xC0000719: ("STATUS_CONTEXT_MISMATCH","The provided context did not match the target."), + 0xC000071A: ("STATUS_PORT_ALREADY_HAS_COMPLETION_LIST","The specified port already has a completion list."), + 0xC000071B: ("STATUS_CALLBACK_RETURNED_THREAD_PRIORITY","A threadpool worker thread entered a callback at thread base priority 0x%x and exited at priority 0x%x. This is unexpected, indicating that the callback missed restoring the priority."), + 0xC000071C: ("STATUS_INVALID_THREAD","An invalid thread, handle %p, is specified for this operation. Possibly, a threadpool worker thread was specified."), + 0xC000071D: ("STATUS_CALLBACK_RETURNED_TRANSACTION","A threadpool worker thread entered a callback, which left transaction state. This is unexpected, indicating that the callback missed clearing the transaction."), + 0xC000071E: ("STATUS_CALLBACK_RETURNED_LDR_LOCK","A threadpool worker thread entered a callback, which left the loader lock held. This is unexpected, indicating that the callback missed releasing the lock."), + 0xC000071F: ("STATUS_CALLBACK_RETURNED_LANG","A threadpool worker thread entered a callback, which left with preferred languages set. This is unexpected, indicating that the callback missed clearing them."), + 0xC0000720: ("STATUS_CALLBACK_RETURNED_PRI_BACK","A threadpool worker thread entered a callback, which left with background priorities set. This is unexpected, indicating that the callback missed restoring the original priorities."), + 0xC0000800: ("STATUS_DISK_REPAIR_DISABLED","The attempted operation required self healing to be enabled."), + 0xC0000801: ("STATUS_DS_DOMAIN_RENAME_IN_PROGRESS","The directory service cannot perform the requested operation because a domain rename operation is in progress."), + 0xC0000802: ("STATUS_DISK_QUOTA_EXCEEDED","An operation failed because the storage quota was exceeded."), + 0xC0000804: ("STATUS_CONTENT_BLOCKED","An operation failed because the content was blocked."), + 0xC0000805: ("STATUS_BAD_CLUSTERS","The operation could not be completed due to bad clusters on disk."), + 0xC0000806: ("STATUS_VOLUME_DIRTY","The operation could not be completed because the volume is dirty. Please run the Chkdsk utility and try again."), + 0xC0000901: ("STATUS_FILE_CHECKED_OUT","This file is checked out or locked for editing by another user."), + 0xC0000902: ("STATUS_CHECKOUT_REQUIRED","The file must be checked out before saving changes."), + 0xC0000903: ("STATUS_BAD_FILE_TYPE","The file type being saved or retrieved has been blocked."), + 0xC0000904: ("STATUS_FILE_TOO_LARGE","The file size exceeds the limit allowed and cannot be saved."), + 0xC0000905: ("STATUS_FORMS_AUTH_REQUIRED","Access Denied. Before opening files in this location, you must first browse to the e.g. site and select the option to log on automatically."), + 0xC0000906: ("STATUS_VIRUS_INFECTED","The operation did not complete successfully because the file contains a virus."), + 0xC0000907: ("STATUS_VIRUS_DELETED","This file contains a virus and cannot be opened. Due to the nature of this virus, the file has been removed from this location."), + 0xC0000908: ("STATUS_BAD_MCFG_TABLE","The resources required for this device conflict with the MCFG table."), + 0xC0000909: ("STATUS_CANNOT_BREAK_OPLOCK","The operation did not complete successfully because it would cause an oplock to be broken. The caller has requested that existing oplocks not be broken."), + 0xC0009898: ("STATUS_WOW_ASSERTION","WOW Assertion Error."), + 0xC000A000: ("STATUS_INVALID_SIGNATURE","The cryptographic signature is invalid."), + 0xC000A001: ("STATUS_HMAC_NOT_SUPPORTED","The cryptographic provider does not support HMAC."), + 0xC000A010: ("STATUS_IPSEC_QUEUE_OVERFLOW","The IPsec queue overflowed."), + 0xC000A011: ("STATUS_ND_QUEUE_OVERFLOW","The neighbor discovery queue overflowed."), + 0xC000A012: ("STATUS_HOPLIMIT_EXCEEDED","An Internet Control Message Protocol (ICMP) hop limit exceeded error was received."), + 0xC000A013: ("STATUS_PROTOCOL_NOT_SUPPORTED","The protocol is not installed on the local machine."), + 0xC000A080: ("STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED","{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error may be caused by network connectivity issues. Try to save this file elsewhere."), + 0xC000A081: ("STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR","{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error was returned by the server on which the file exists. Try to save this file elsewhere."), + 0xC000A082: ("STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR","{Delayed Write Failed} Windows was unable to save all the data for the file %hs; the data has been lost. This error may be caused if the device has been removed or the media is write-protected."), + 0xC000A083: ("STATUS_XML_PARSE_ERROR","Windows was unable to parse the requested XML data."), + 0xC000A084: ("STATUS_XMLDSIG_ERROR","An error was encountered while processing an XML digital signature."), + 0xC000A085: ("STATUS_WRONG_COMPARTMENT","This indicates that the caller made the connection request in the wrong routing compartment."), + 0xC000A086: ("STATUS_AUTHIP_FAILURE","This indicates that there was an AuthIP failure when attempting to connect to the remote host."), + 0xC000A087: ("STATUS_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS","OID mapped groups cannot have members."), + 0xC000A088: ("STATUS_DS_OID_NOT_FOUND","The specified OID cannot be found."), + 0xC000A100: ("STATUS_HASH_NOT_SUPPORTED","Hash generation for the specified version and hash type is not enabled on server."), + 0xC000A101: ("STATUS_HASH_NOT_PRESENT","The hash requests is not present or not up to date with the current file contents."), + 0xC0010001: ("DBG_NO_STATE_CHANGE","The debugger did not perform a state change."), + 0xC0010002: ("DBG_APP_NOT_IDLE","The debugger found that the application is not idle."), + 0xC0020001: ("RPC_NT_INVALID_STRING_BINDING","The string binding is invalid."), + 0xC0020002: ("RPC_NT_WRONG_KIND_OF_BINDING","The binding handle is not the correct type."), + 0xC0020003: ("RPC_NT_INVALID_BINDING","The binding handle is invalid."), + 0xC0020004: ("RPC_NT_PROTSEQ_NOT_SUPPORTED","The RPC protocol sequence is not supported."), + 0xC0020005: ("RPC_NT_INVALID_RPC_PROTSEQ","The RPC protocol sequence is invalid."), + 0xC0020006: ("RPC_NT_INVALID_STRING_UUID","The string UUID is invalid."), + 0xC0020007: ("RPC_NT_INVALID_ENDPOINT_FORMAT","The endpoint format is invalid."), + 0xC0020008: ("RPC_NT_INVALID_NET_ADDR","The network address is invalid."), + 0xC0020009: ("RPC_NT_NO_ENDPOINT_FOUND","No endpoint was found."), + 0xC002000A: ("RPC_NT_INVALID_TIMEOUT","The time-out value is invalid."), + 0xC002000B: ("RPC_NT_OBJECT_NOT_FOUND","The object UUID was not found."), + 0xC002000C: ("RPC_NT_ALREADY_REGISTERED","The object UUID has already been registered."), + 0xC002000D: ("RPC_NT_TYPE_ALREADY_REGISTERED","The type UUID has already been registered."), + 0xC002000E: ("RPC_NT_ALREADY_LISTENING","The RPC server is already listening."), + 0xC002000F: ("RPC_NT_NO_PROTSEQS_REGISTERED","No protocol sequences have been registered."), + 0xC0020010: ("RPC_NT_NOT_LISTENING","The RPC server is not listening."), + 0xC0020011: ("RPC_NT_UNKNOWN_MGR_TYPE","The manager type is unknown."), + 0xC0020012: ("RPC_NT_UNKNOWN_IF","The interface is unknown."), + 0xC0020013: ("RPC_NT_NO_BINDINGS","There are no bindings."), + 0xC0020014: ("RPC_NT_NO_PROTSEQS","There are no protocol sequences."), + 0xC0020015: ("RPC_NT_CANT_CREATE_ENDPOINT","The endpoint cannot be created."), + 0xC0020016: ("RPC_NT_OUT_OF_RESOURCES","Insufficient resources are available to complete this operation."), + 0xC0020017: ("RPC_NT_SERVER_UNAVAILABLE","The RPC server is unavailable."), + 0xC0020018: ("RPC_NT_SERVER_TOO_BUSY","The RPC server is too busy to complete this operation."), + 0xC0020019: ("RPC_NT_INVALID_NETWORK_OPTIONS","The network options are invalid."), + 0xC002001A: ("RPC_NT_NO_CALL_ACTIVE","No RPCs are active on this thread."), + 0xC002001B: ("RPC_NT_CALL_FAILED","The RPC failed."), + 0xC002001C: ("RPC_NT_CALL_FAILED_DNE","The RPC failed and did not execute."), + 0xC002001D: ("RPC_NT_PROTOCOL_ERROR","An RPC protocol error occurred."), + 0xC002001F: ("RPC_NT_UNSUPPORTED_TRANS_SYN","The RPC server does not support the transfer syntax."), + 0xC0020021: ("RPC_NT_UNSUPPORTED_TYPE","The type UUID is not supported."), + 0xC0020022: ("RPC_NT_INVALID_TAG","The tag is invalid."), + 0xC0020023: ("RPC_NT_INVALID_BOUND","The array bounds are invalid."), + 0xC0020024: ("RPC_NT_NO_ENTRY_NAME","The binding does not contain an entry name."), + 0xC0020025: ("RPC_NT_INVALID_NAME_SYNTAX","The name syntax is invalid."), + 0xC0020026: ("RPC_NT_UNSUPPORTED_NAME_SYNTAX","The name syntax is not supported."), + 0xC0020028: ("RPC_NT_UUID_NO_ADDRESS","No network address is available to construct a UUID."), + 0xC0020029: ("RPC_NT_DUPLICATE_ENDPOINT","The endpoint is a duplicate."), + 0xC002002A: ("RPC_NT_UNKNOWN_AUTHN_TYPE","The authentication type is unknown."), + 0xC002002B: ("RPC_NT_MAX_CALLS_TOO_SMALL","The maximum number of calls is too small."), + 0xC002002C: ("RPC_NT_STRING_TOO_LONG","The string is too long."), + 0xC002002D: ("RPC_NT_PROTSEQ_NOT_FOUND","The RPC protocol sequence was not found."), + 0xC002002E: ("RPC_NT_PROCNUM_OUT_OF_RANGE","The procedure number is out of range."), + 0xC002002F: ("RPC_NT_BINDING_HAS_NO_AUTH","The binding does not contain any authentication information."), + 0xC0020030: ("RPC_NT_UNKNOWN_AUTHN_SERVICE","The authentication service is unknown."), + 0xC0020031: ("RPC_NT_UNKNOWN_AUTHN_LEVEL","The authentication level is unknown."), + 0xC0020032: ("RPC_NT_INVALID_AUTH_IDENTITY","The security context is invalid."), + 0xC0020033: ("RPC_NT_UNKNOWN_AUTHZ_SERVICE","The authorization service is unknown."), + 0xC0020034: ("EPT_NT_INVALID_ENTRY","The entry is invalid."), + 0xC0020035: ("EPT_NT_CANT_PERFORM_OP","The operation cannot be performed."), + 0xC0020036: ("EPT_NT_NOT_REGISTERED","No more endpoints are available from the endpoint mapper."), + 0xC0020037: ("RPC_NT_NOTHING_TO_EXPORT","No interfaces have been exported."), + 0xC0020038: ("RPC_NT_INCOMPLETE_NAME","The entry name is incomplete."), + 0xC0020039: ("RPC_NT_INVALID_VERS_OPTION","The version option is invalid."), + 0xC002003A: ("RPC_NT_NO_MORE_MEMBERS","There are no more members."), + 0xC002003B: ("RPC_NT_NOT_ALL_OBJS_UNEXPORTED","There is nothing to unexport."), + 0xC002003C: ("RPC_NT_INTERFACE_NOT_FOUND","The interface was not found."), + 0xC002003D: ("RPC_NT_ENTRY_ALREADY_EXISTS","The entry already exists."), + 0xC002003E: ("RPC_NT_ENTRY_NOT_FOUND","The entry was not found."), + 0xC002003F: ("RPC_NT_NAME_SERVICE_UNAVAILABLE","The name service is unavailable."), + 0xC0020040: ("RPC_NT_INVALID_NAF_ID","The network address family is invalid."), + 0xC0020041: ("RPC_NT_CANNOT_SUPPORT","The requested operation is not supported."), + 0xC0020042: ("RPC_NT_NO_CONTEXT_AVAILABLE","No security context is available to allow impersonation."), + 0xC0020043: ("RPC_NT_INTERNAL_ERROR","An internal error occurred in the RPC."), + 0xC0020044: ("RPC_NT_ZERO_DIVIDE","The RPC server attempted to divide an integer by zero."), + 0xC0020045: ("RPC_NT_ADDRESS_ERROR","An addressing error occurred in the RPC server."), + 0xC0020046: ("RPC_NT_FP_DIV_ZERO","A floating point operation at the RPC server caused a divide by zero."), + 0xC0020047: ("RPC_NT_FP_UNDERFLOW","A floating point underflow occurred at the RPC server."), + 0xC0020048: ("RPC_NT_FP_OVERFLOW","A floating point overflow occurred at the RPC server."), + 0xC0020049: ("RPC_NT_CALL_IN_PROGRESS","An RPC is already in progress for this thread."), + 0xC002004A: ("RPC_NT_NO_MORE_BINDINGS","There are no more bindings."), + 0xC002004B: ("RPC_NT_GROUP_MEMBER_NOT_FOUND","The group member was not found."), + 0xC002004C: ("EPT_NT_CANT_CREATE","The endpoint mapper database entry could not be created."), + 0xC002004D: ("RPC_NT_INVALID_OBJECT","The object UUID is the nil UUID."), + 0xC002004F: ("RPC_NT_NO_INTERFACES","No interfaces have been registered."), + 0xC0020050: ("RPC_NT_CALL_CANCELLED","The RPC was canceled."), + 0xC0020051: ("RPC_NT_BINDING_INCOMPLETE","The binding handle does not contain all the required information."), + 0xC0020052: ("RPC_NT_COMM_FAILURE","A communications failure occurred during an RPC."), + 0xC0020053: ("RPC_NT_UNSUPPORTED_AUTHN_LEVEL","The requested authentication level is not supported."), + 0xC0020054: ("RPC_NT_NO_PRINC_NAME","No principal name was registered."), + 0xC0020055: ("RPC_NT_NOT_RPC_ERROR","The error specified is not a valid Windows RPC error code."), + 0xC0020057: ("RPC_NT_SEC_PKG_ERROR","A security package-specific error occurred."), + 0xC0020058: ("RPC_NT_NOT_CANCELLED","The thread was not canceled."), + 0xC0020062: ("RPC_NT_INVALID_ASYNC_HANDLE","Invalid asynchronous RPC handle."), + 0xC0020063: ("RPC_NT_INVALID_ASYNC_CALL","Invalid asynchronous RPC call handle for this operation."), + 0xC0020064: ("RPC_NT_PROXY_ACCESS_DENIED","Access to the HTTP proxy is denied."), + 0xC0030001: ("RPC_NT_NO_MORE_ENTRIES","The list of RPC servers available for auto-handle binding has been exhausted."), + 0xC0030002: ("RPC_NT_SS_CHAR_TRANS_OPEN_FAIL","The file designated by DCERPCCHARTRANS cannot be opened."), + 0xC0030003: ("RPC_NT_SS_CHAR_TRANS_SHORT_FILE","The file containing the character translation table has fewer than 512 bytes."), + 0xC0030004: ("RPC_NT_SS_IN_NULL_CONTEXT","A null context handle is passed as an [in] parameter."), + 0xC0030005: ("RPC_NT_SS_CONTEXT_MISMATCH","The context handle does not match any known context handles."), + 0xC0030006: ("RPC_NT_SS_CONTEXT_DAMAGED","The context handle changed during a call."), + 0xC0030007: ("RPC_NT_SS_HANDLES_MISMATCH","The binding handles passed to an RPC do not match."), + 0xC0030008: ("RPC_NT_SS_CANNOT_GET_CALL_HANDLE","The stub is unable to get the call handle."), + 0xC0030009: ("RPC_NT_NULL_REF_POINTER","A null reference pointer was passed to the stub."), + 0xC003000A: ("RPC_NT_ENUM_VALUE_OUT_OF_RANGE","The enumeration value is out of range."), + 0xC003000B: ("RPC_NT_BYTE_COUNT_TOO_SMALL","The byte count is too small."), + 0xC003000C: ("RPC_NT_BAD_STUB_DATA","The stub received bad data."), + 0xC0030059: ("RPC_NT_INVALID_ES_ACTION","Invalid operation on the encoding/decoding handle."), + 0xC003005A: ("RPC_NT_WRONG_ES_VERSION","Incompatible version of the serializing package."), + 0xC003005B: ("RPC_NT_WRONG_STUB_VERSION","Incompatible version of the RPC stub."), + 0xC003005C: ("RPC_NT_INVALID_PIPE_OBJECT","The RPC pipe object is invalid or corrupt."), + 0xC003005D: ("RPC_NT_INVALID_PIPE_OPERATION","An invalid operation was attempted on an RPC pipe object."), + 0xC003005E: ("RPC_NT_WRONG_PIPE_VERSION","Unsupported RPC pipe version."), + 0xC003005F: ("RPC_NT_PIPE_CLOSED","The RPC pipe object has already been closed."), + 0xC0030060: ("RPC_NT_PIPE_DISCIPLINE_ERROR","The RPC call completed before all pipes were processed."), + 0xC0030061: ("RPC_NT_PIPE_EMPTY","No more data is available from the RPC pipe."), + 0xC0040035: ("STATUS_PNP_BAD_MPS_TABLE","A device is missing in the system BIOS MPS table. This device will not be used. Contact your system vendor for a system BIOS update."), + 0xC0040036: ("STATUS_PNP_TRANSLATION_FAILED","A translator failed to translate resources."), + 0xC0040037: ("STATUS_PNP_IRQ_TRANSLATION_FAILED","An IRQ translator failed to translate resources."), + 0xC0040038: ("STATUS_PNP_INVALID_ID","Driver %2 returned an invalid ID for a child device (%3)."), + 0xC0040039: ("STATUS_IO_REISSUE_AS_CACHED","Reissue the given operation as a cached I/O operation"), + 0xC00A0001: ("STATUS_CTX_WINSTATION_NAME_INVALID","Session name %1 is invalid."), + 0xC00A0002: ("STATUS_CTX_INVALID_PD","The protocol driver %1 is invalid."), + 0xC00A0003: ("STATUS_CTX_PD_NOT_FOUND","The protocol driver %1 was not found in the system path."), + 0xC00A0006: ("STATUS_CTX_CLOSE_PENDING","A close operation is pending on the terminal connection."), + 0xC00A0007: ("STATUS_CTX_NO_OUTBUF","No free output buffers are available."), + 0xC00A0008: ("STATUS_CTX_MODEM_INF_NOT_FOUND","The MODEM.INF file was not found."), + 0xC00A0009: ("STATUS_CTX_INVALID_MODEMNAME","The modem (%1) was not found in the MODEM.INF file."), + 0xC00A000A: ("STATUS_CTX_RESPONSE_ERROR","The modem did not accept the command sent to it. Verify that the configured modem name matches the attached modem."), + 0xC00A000B: ("STATUS_CTX_MODEM_RESPONSE_TIMEOUT","The modem did not respond to the command sent to it. Verify that the modem cable is properly attached and the modem is turned on."), + 0xC00A000C: ("STATUS_CTX_MODEM_RESPONSE_NO_CARRIER","Carrier detection has failed or the carrier has been dropped due to disconnection."), + 0xC00A000D: ("STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE","A dial tone was not detected within the required time. Verify that the phone cable is properly attached and functional."), + 0xC00A000E: ("STATUS_CTX_MODEM_RESPONSE_BUSY","A busy signal was detected at a remote site on callback."), + 0xC00A000F: ("STATUS_CTX_MODEM_RESPONSE_VOICE","A voice was detected at a remote site on callback."), + 0xC00A0010: ("STATUS_CTX_TD_ERROR","Transport driver error."), + 0xC00A0012: ("STATUS_CTX_LICENSE_CLIENT_INVALID","The client you are using is not licensed to use this system. Your logon request is denied."), + 0xC00A0013: ("STATUS_CTX_LICENSE_NOT_AVAILABLE","The system has reached its licensed logon limit. Try again later."), + 0xC00A0014: ("STATUS_CTX_LICENSE_EXPIRED","The system license has expired. Your logon request is denied."), + 0xC00A0015: ("STATUS_CTX_WINSTATION_NOT_FOUND","The specified session cannot be found."), + 0xC00A0016: ("STATUS_CTX_WINSTATION_NAME_COLLISION","The specified session name is already in use."), + 0xC00A0017: ("STATUS_CTX_WINSTATION_BUSY","The requested operation cannot be completed because the terminal connection is currently processing a connect, disconnect, reset, or delete operation."), + 0xC00A0018: ("STATUS_CTX_BAD_VIDEO_MODE","An attempt has been made to connect to a session whose video mode is not supported by the current client."), + 0xC00A0022: ("STATUS_CTX_GRAPHICS_INVALID","The application attempted to enable DOS graphics mode. DOS graphics mode is not supported."), + 0xC00A0024: ("STATUS_CTX_NOT_CONSOLE","The requested operation can be performed only on the system console. This is most often the result of a driver or system DLL requiring direct console access."), + 0xC00A0026: ("STATUS_CTX_CLIENT_QUERY_TIMEOUT","The client failed to respond to the server connect message."), + 0xC00A0027: ("STATUS_CTX_CONSOLE_DISCONNECT","Disconnecting the console session is not supported."), + 0xC00A0028: ("STATUS_CTX_CONSOLE_CONNECT","Reconnecting a disconnected session to the console is not supported."), + 0xC00A002A: ("STATUS_CTX_SHADOW_DENIED","The request to control another session remotely was denied."), + 0xC00A002B: ("STATUS_CTX_WINSTATION_ACCESS_DENIED","A process has requested access to a session, but has not been granted those access rights."), + 0xC00A002E: ("STATUS_CTX_INVALID_WD","The terminal connection driver %1 is invalid."), + 0xC00A002F: ("STATUS_CTX_WD_NOT_FOUND","The terminal connection driver %1 was not found in the system path."), + 0xC00A0030: ("STATUS_CTX_SHADOW_INVALID","The requested session cannot be controlled remotely. You cannot control your own session, a session that is trying to control your session, a session that has no user logged on, or other sessions from the console."), + 0xC00A0031: ("STATUS_CTX_SHADOW_DISABLED","The requested session is not configured to allow remote control."), + 0xC00A0032: ("STATUS_RDP_PROTOCOL_ERROR","The RDP protocol component %2 detected an error in the protocol stream and has disconnected the client."), + 0xC00A0033: ("STATUS_CTX_CLIENT_LICENSE_NOT_SET","Your request to connect to this terminal server has been rejected. Your terminal server client license number has not been entered for this copy of the terminal client. Contact your system administrator for help in entering a valid, unique license number for this terminal server client. Click OK to continue."), + 0xC00A0034: ("STATUS_CTX_CLIENT_LICENSE_IN_USE","Your request to connect to this terminal server has been rejected. Your terminal server client license number is currently being used by another user. Contact your system administrator to obtain a new copy of the terminal server client with a valid, unique license number. Click OK to continue."), + 0xC00A0035: ("STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE","The remote control of the console was terminated because the display mode was changed. Changing the display mode in a remote control session is not supported."), + 0xC00A0036: ("STATUS_CTX_SHADOW_NOT_RUNNING","Remote control could not be terminated because the specified session is not currently being remotely controlled."), + 0xC00A0037: ("STATUS_CTX_LOGON_DISABLED","Your interactive logon privilege has been disabled. Contact your system administrator."), + 0xC00A0038: ("STATUS_CTX_SECURITY_LAYER_ERROR","The terminal server security layer detected an error in the protocol stream and has disconnected the client."), + 0xC00A0039: ("STATUS_TS_INCOMPATIBLE_SESSIONS","The target session is incompatible with the current session."), + 0xC00B0001: ("STATUS_MUI_FILE_NOT_FOUND","The resource loader failed to find an MUI file."), + 0xC00B0002: ("STATUS_MUI_INVALID_FILE","The resource loader failed to load an MUI file because the file failed to pass validation."), + 0xC00B0003: ("STATUS_MUI_INVALID_RC_CONFIG","The RC manifest is corrupted with garbage data, is an unsupported version, or is missing a required item."), + 0xC00B0004: ("STATUS_MUI_INVALID_LOCALE_NAME","The RC manifest has an invalid culture name."), + 0xC00B0005: ("STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME","The RC manifest has and invalid ultimate fallback name."), + 0xC00B0006: ("STATUS_MUI_FILE_NOT_LOADED","The resource loader cache does not have a loaded MUI entry."), + 0xC00B0007: ("STATUS_RESOURCE_ENUM_USER_STOP","The user stopped resource enumeration."), + 0xC0130001: ("STATUS_CLUSTER_INVALID_NODE","The cluster node is not valid."), + 0xC0130002: ("STATUS_CLUSTER_NODE_EXISTS","The cluster node already exists."), + 0xC0130003: ("STATUS_CLUSTER_JOIN_IN_PROGRESS","A node is in the process of joining the cluster."), + 0xC0130004: ("STATUS_CLUSTER_NODE_NOT_FOUND","The cluster node was not found."), + 0xC0130005: ("STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND","The cluster local node information was not found."), + 0xC0130006: ("STATUS_CLUSTER_NETWORK_EXISTS","The cluster network already exists."), + 0xC0130007: ("STATUS_CLUSTER_NETWORK_NOT_FOUND","The cluster network was not found."), + 0xC0130008: ("STATUS_CLUSTER_NETINTERFACE_EXISTS","The cluster network interface already exists."), + 0xC0130009: ("STATUS_CLUSTER_NETINTERFACE_NOT_FOUND","The cluster network interface was not found."), + 0xC013000A: ("STATUS_CLUSTER_INVALID_REQUEST","The cluster request is not valid for this object."), + 0xC013000B: ("STATUS_CLUSTER_INVALID_NETWORK_PROVIDER","The cluster network provider is not valid."), + 0xC013000C: ("STATUS_CLUSTER_NODE_DOWN","The cluster node is down."), + 0xC013000D: ("STATUS_CLUSTER_NODE_UNREACHABLE","The cluster node is not reachable."), + 0xC013000E: ("STATUS_CLUSTER_NODE_NOT_MEMBER","The cluster node is not a member of the cluster."), + 0xC013000F: ("STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS","A cluster join operation is not in progress."), + 0xC0130010: ("STATUS_CLUSTER_INVALID_NETWORK","The cluster network is not valid."), + 0xC0130011: ("STATUS_CLUSTER_NO_NET_ADAPTERS","No network adapters are available."), + 0xC0130012: ("STATUS_CLUSTER_NODE_UP","The cluster node is up."), + 0xC0130013: ("STATUS_CLUSTER_NODE_PAUSED","The cluster node is paused."), + 0xC0130014: ("STATUS_CLUSTER_NODE_NOT_PAUSED","The cluster node is not paused."), + 0xC0130015: ("STATUS_CLUSTER_NO_SECURITY_CONTEXT","No cluster security context is available."), + 0xC0130016: ("STATUS_CLUSTER_NETWORK_NOT_INTERNAL","The cluster network is not configured for internal cluster communication."), + 0xC0130017: ("STATUS_CLUSTER_POISONED","The cluster node has been poisoned."), + 0xC0140001: ("STATUS_ACPI_INVALID_OPCODE","An attempt was made to run an invalid AML opcode."), + 0xC0140002: ("STATUS_ACPI_STACK_OVERFLOW","The AML interpreter stack has overflowed."), + 0xC0140003: ("STATUS_ACPI_ASSERT_FAILED","An inconsistent state has occurred."), + 0xC0140004: ("STATUS_ACPI_INVALID_INDEX","An attempt was made to access an array outside its bounds."), + 0xC0140005: ("STATUS_ACPI_INVALID_ARGUMENT","A required argument was not specified."), + 0xC0140006: ("STATUS_ACPI_FATAL","A fatal error has occurred."), + 0xC0140007: ("STATUS_ACPI_INVALID_SUPERNAME","An invalid SuperName was specified."), + 0xC0140008: ("STATUS_ACPI_INVALID_ARGTYPE","An argument with an incorrect type was specified."), + 0xC0140009: ("STATUS_ACPI_INVALID_OBJTYPE","An object with an incorrect type was specified."), + 0xC014000A: ("STATUS_ACPI_INVALID_TARGETTYPE","A target with an incorrect type was specified."), + 0xC014000B: ("STATUS_ACPI_INCORRECT_ARGUMENT_COUNT","An incorrect number of arguments was specified."), + 0xC014000C: ("STATUS_ACPI_ADDRESS_NOT_MAPPED","An address failed to translate."), + 0xC014000D: ("STATUS_ACPI_INVALID_EVENTTYPE","An incorrect event type was specified."), + 0xC014000E: ("STATUS_ACPI_HANDLER_COLLISION","A handler for the target already exists."), + 0xC014000F: ("STATUS_ACPI_INVALID_DATA","Invalid data for the target was specified."), + 0xC0140010: ("STATUS_ACPI_INVALID_REGION","An invalid region for the target was specified."), + 0xC0140011: ("STATUS_ACPI_INVALID_ACCESS_SIZE","An attempt was made to access a field outside the defined range."), + 0xC0140012: ("STATUS_ACPI_ACQUIRE_GLOBAL_LOCK","The global system lock could not be acquired."), + 0xC0140013: ("STATUS_ACPI_ALREADY_INITIALIZED","An attempt was made to reinitialize the ACPI subsystem."), + 0xC0140014: ("STATUS_ACPI_NOT_INITIALIZED","The ACPI subsystem has not been initialized."), + 0xC0140015: ("STATUS_ACPI_INVALID_MUTEX_LEVEL","An incorrect mutex was specified."), + 0xC0140016: ("STATUS_ACPI_MUTEX_NOT_OWNED","The mutex is not currently owned."), + 0xC0140017: ("STATUS_ACPI_MUTEX_NOT_OWNER","An attempt was made to access the mutex by a process that was not the owner."), + 0xC0140018: ("STATUS_ACPI_RS_ACCESS","An error occurred during an access to region space."), + 0xC0140019: ("STATUS_ACPI_INVALID_TABLE","An attempt was made to use an incorrect table."), + 0xC0140020: ("STATUS_ACPI_REG_HANDLER_FAILED","The registration of an ACPI event failed."), + 0xC0140021: ("STATUS_ACPI_POWER_REQUEST_FAILED","An ACPI power object failed to transition state."), + 0xC0150001: ("STATUS_SXS_SECTION_NOT_FOUND","The requested section is not present in the activation context."), + 0xC0150002: ("STATUS_SXS_CANT_GEN_ACTCTX","Windows was unble to process the application binding information. Refer to the system event log for further information."), + 0xC0150003: ("STATUS_SXS_INVALID_ACTCTXDATA_FORMAT","The application binding data format is invalid."), + 0xC0150004: ("STATUS_SXS_ASSEMBLY_NOT_FOUND","The referenced assembly is not installed on the system."), + 0xC0150005: ("STATUS_SXS_MANIFEST_FORMAT_ERROR","The manifest file does not begin with the required tag and format information."), + 0xC0150006: ("STATUS_SXS_MANIFEST_PARSE_ERROR","The manifest file contains one or more syntax errors."), + 0xC0150007: ("STATUS_SXS_ACTIVATION_CONTEXT_DISABLED","The application attempted to activate a disabled activation context."), + 0xC0150008: ("STATUS_SXS_KEY_NOT_FOUND","The requested lookup key was not found in any active activation context."), + 0xC0150009: ("STATUS_SXS_VERSION_CONFLICT","A component version required by the application conflicts with another component version that is already active."), + 0xC015000A: ("STATUS_SXS_WRONG_SECTION_TYPE","The type requested activation context section does not match the query API used."), + 0xC015000B: ("STATUS_SXS_THREAD_QUERIES_DISABLED","Lack of system resources has required isolated activation to be disabled for the current thread of execution."), + 0xC015000C: ("STATUS_SXS_ASSEMBLY_MISSING","The referenced assembly could not be found."), + 0xC015000E: ("STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET","An attempt to set the process default activation context failed because the process default activation context was already set."), + 0xC015000F: ("STATUS_SXS_EARLY_DEACTIVATION","The activation context being deactivated is not the most recently activated one."), + 0xC0150010: ("STATUS_SXS_INVALID_DEACTIVATION","The activation context being deactivated is not active for the current thread of execution."), + 0xC0150011: ("STATUS_SXS_MULTIPLE_DEACTIVATION","The activation context being deactivated has already been deactivated."), + 0xC0150012: ("STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY","The activation context of the system default assembly could not be generated."), + 0xC0150013: ("STATUS_SXS_PROCESS_TERMINATION_REQUESTED","A component used by the isolation facility has requested that the process be terminated."), + 0xC0150014: ("STATUS_SXS_CORRUPT_ACTIVATION_STACK","The activation context activation stack for the running thread of execution is corrupt."), + 0xC0150015: ("STATUS_SXS_CORRUPTION","The application isolation metadata for this process or thread has become corrupt."), + 0xC0150016: ("STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE","The value of an attribute in an identity is not within the legal range."), + 0xC0150017: ("STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME","The name of an attribute in an identity is not within the legal range."), + 0xC0150018: ("STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE","An identity contains two definitions for the same attribute."), + 0xC0150019: ("STATUS_SXS_IDENTITY_PARSE_ERROR","The identity string is malformed. This may be due to a trailing comma, more than two unnamed attributes, a missing attribute name, or a missing attribute value."), + 0xC015001A: ("STATUS_SXS_COMPONENT_STORE_CORRUPT","The component store has become corrupted."), + 0xC015001B: ("STATUS_SXS_FILE_HASH_MISMATCH","A component's file does not match the verification information present in the component manifest."), + 0xC015001C: ("STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT","The identities of the manifests are identical, but their contents are different."), + 0xC015001D: ("STATUS_SXS_IDENTITIES_DIFFERENT","The component identities are different."), + 0xC015001E: ("STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT","The assembly is not a deployment."), + 0xC015001F: ("STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY","The file is not a part of the assembly."), + 0xC0150020: ("STATUS_ADVANCED_INSTALLER_FAILED","An advanced installer failed during setup or servicing."), + 0xC0150021: ("STATUS_XML_ENCODING_MISMATCH","The character encoding in the XML declaration did not match the encoding used in the document."), + 0xC0150022: ("STATUS_SXS_MANIFEST_TOO_BIG","The size of the manifest exceeds the maximum allowed."), + 0xC0150023: ("STATUS_SXS_SETTING_NOT_REGISTERED","The setting is not registered."), + 0xC0150024: ("STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE","One or more required transaction members are not present."), + 0xC0150025: ("STATUS_SMI_PRIMITIVE_INSTALLER_FAILED","The SMI primitive installer failed during setup or servicing."), + 0xC0150026: ("STATUS_GENERIC_COMMAND_FAILED","A generic command executable returned a result that indicates failure."), + 0xC0150027: ("STATUS_SXS_FILE_HASH_MISSING","A component is missing file verification information in its manifest."), + 0xC0190001: ("STATUS_TRANSACTIONAL_CONFLICT","The function attempted to use a name that is reserved for use by another transaction."), + 0xC0190002: ("STATUS_INVALID_TRANSACTION","The transaction handle associated with this operation is invalid."), + 0xC0190003: ("STATUS_TRANSACTION_NOT_ACTIVE","The requested operation was made in the context of a transaction that is no longer active."), + 0xC0190004: ("STATUS_TM_INITIALIZATION_FAILED","The transaction manager was unable to be successfully initialized. Transacted operations are not supported."), + 0xC0190005: ("STATUS_RM_NOT_ACTIVE","Transaction support within the specified file system resource manager was not started or was shut down due to an error."), + 0xC0190006: ("STATUS_RM_METADATA_CORRUPT","The metadata of the resource manager has been corrupted. The resource manager will not function."), + 0xC0190007: ("STATUS_TRANSACTION_NOT_JOINED","The resource manager attempted to prepare a transaction that it has not successfully joined."), + 0xC0190008: ("STATUS_DIRECTORY_NOT_RM","The specified directory does not contain a file system resource manager."), + 0xC019000A: ("STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE","The remote server or share does not support transacted file operations."), + 0xC019000B: ("STATUS_LOG_RESIZE_INVALID_SIZE","The requested log size for the file system resource manager is invalid."), + 0xC019000C: ("STATUS_REMOTE_FILE_VERSION_MISMATCH","The remote server sent mismatching version number or Fid for a file opened with transactions."), + 0xC019000F: ("STATUS_CRM_PROTOCOL_ALREADY_EXISTS","The resource manager tried to register a protocol that already exists."), + 0xC0190010: ("STATUS_TRANSACTION_PROPAGATION_FAILED","The attempt to propagate the transaction failed."), + 0xC0190011: ("STATUS_CRM_PROTOCOL_NOT_FOUND","The requested propagation protocol was not registered as a CRM."), + 0xC0190012: ("STATUS_TRANSACTION_SUPERIOR_EXISTS","The transaction object already has a superior enlistment, and the caller attempted an operation that would have created a new superior. Only a single superior enlistment is allowed."), + 0xC0190013: ("STATUS_TRANSACTION_REQUEST_NOT_VALID","The requested operation is not valid on the transaction object in its current state."), + 0xC0190014: ("STATUS_TRANSACTION_NOT_REQUESTED","The caller has called a response API, but the response is not expected because the transaction manager did not issue the corresponding request to the caller."), + 0xC0190015: ("STATUS_TRANSACTION_ALREADY_ABORTED","It is too late to perform the requested operation, because the transaction has already been aborted."), + 0xC0190016: ("STATUS_TRANSACTION_ALREADY_COMMITTED","It is too late to perform the requested operation, because the transaction has already been committed."), + 0xC0190017: ("STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER","The buffer passed in to NtPushTransaction or NtPullTransaction is not in a valid format."), + 0xC0190018: ("STATUS_CURRENT_TRANSACTION_NOT_VALID","The current transaction context associated with the thread is not a valid handle to a transaction object."), + 0xC0190019: ("STATUS_LOG_GROWTH_FAILED","An attempt to create space in the transactional resource manager's log failed. The failure status has been recorded in the event log."), + 0xC0190021: ("STATUS_OBJECT_NO_LONGER_EXISTS","The object (file, stream, or link) that corresponds to the handle has been deleted by a transaction savepoint rollback."), + 0xC0190022: ("STATUS_STREAM_MINIVERSION_NOT_FOUND","The specified file miniversion was not found for this transacted file open."), + 0xC0190023: ("STATUS_STREAM_MINIVERSION_NOT_VALID","The specified file miniversion was found but has been invalidated. The most likely cause is a transaction savepoint rollback."), + 0xC0190024: ("STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION","A miniversion may be opened only in the context of the transaction that created it."), + 0xC0190025: ("STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT","It is not possible to open a miniversion with modify access."), + 0xC0190026: ("STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS","It is not possible to create any more miniversions for this stream."), + 0xC0190028: ("STATUS_HANDLE_NO_LONGER_VALID","The handle has been invalidated by a transaction. The most likely cause is the presence of memory mapping on a file or an open handle when the transaction ended or rolled back to savepoint."), + 0xC0190030: ("STATUS_LOG_CORRUPTION_DETECTED","The log data is corrupt."), + 0xC0190032: ("STATUS_RM_DISCONNECTED","The transaction outcome is unavailable because the resource manager responsible for it is disconnected."), + 0xC0190033: ("STATUS_ENLISTMENT_NOT_SUPERIOR","The request was rejected because the enlistment in question is not a superior enlistment."), + 0xC0190036: ("STATUS_FILE_IDENTITY_NOT_PERSISTENT","The file cannot be opened in a transaction because its identity depends on the outcome of an unresolved transaction."), + 0xC0190037: ("STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY","The operation cannot be performed because another transaction is depending on this property not changing."), + 0xC0190038: ("STATUS_CANT_CROSS_RM_BOUNDARY","The operation would involve a single file with two transactional resource managers and is, therefore, not allowed."), + 0xC0190039: ("STATUS_TXF_DIR_NOT_EMPTY","The $Txf directory must be empty for this operation to succeed."), + 0xC019003A: ("STATUS_INDOUBT_TRANSACTIONS_EXIST","The operation would leave a transactional resource manager in an inconsistent state and is therefore not allowed."), + 0xC019003B: ("STATUS_TM_VOLATILE","The operation could not be completed because the transaction manager does not have a log."), + 0xC019003C: ("STATUS_ROLLBACK_TIMER_EXPIRED","A rollback could not be scheduled because a previously scheduled rollback has already executed or been queued for execution."), + 0xC019003D: ("STATUS_TXF_ATTRIBUTE_CORRUPT","The transactional metadata attribute on the file or directory %hs is corrupt and unreadable."), + 0xC019003E: ("STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION","The encryption operation could not be completed because a transaction is active."), + 0xC019003F: ("STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED","This object is not allowed to be opened in a transaction."), + 0xC0190040: ("STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE","Memory mapping (creating a mapped section) a remote file under a transaction is not supported."), + 0xC0190043: ("STATUS_TRANSACTION_REQUIRED_PROMOTION","Promotion was required to allow the resource manager to enlist, but the transaction was set to disallow it."), + 0xC0190044: ("STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION","This file is open for modification in an unresolved transaction and may be opened for execute only by a transacted reader."), + 0xC0190045: ("STATUS_TRANSACTIONS_NOT_FROZEN","The request to thaw frozen transactions was ignored because transactions were not previously frozen."), + 0xC0190046: ("STATUS_TRANSACTION_FREEZE_IN_PROGRESS","Transactions cannot be frozen because a freeze is already in progress."), + 0xC0190047: ("STATUS_NOT_SNAPSHOT_VOLUME","The target volume is not a snapshot volume. This operation is valid only on a volume mounted as a snapshot."), + 0xC0190048: ("STATUS_NO_SAVEPOINT_WITH_OPEN_FILES","The savepoint operation failed because files are open on the transaction, which is not permitted."), + 0xC0190049: ("STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION","The sparse operation could not be completed because a transaction is active on the file."), + 0xC019004A: ("STATUS_TM_IDENTITY_MISMATCH","The call to create a transaction manager object failed because the Tm Identity that is stored in the log file does not match the Tm Identity that was passed in as an argument."), + 0xC019004B: ("STATUS_FLOATED_SECTION","I/O was attempted on a section object that has been floated as a result of a transaction ending. There is no valid data."), + 0xC019004C: ("STATUS_CANNOT_ACCEPT_TRANSACTED_WORK","The transactional resource manager cannot currently accept transacted work due to a transient condition, such as low resources."), + 0xC019004D: ("STATUS_CANNOT_ABORT_TRANSACTIONS","The transactional resource manager had too many transactions outstanding that could not be aborted. The transactional resource manager has been shut down."), + 0xC019004E: ("STATUS_TRANSACTION_NOT_FOUND","The specified transaction was unable to be opened because it was not found."), + 0xC019004F: ("STATUS_RESOURCEMANAGER_NOT_FOUND","The specified resource manager was unable to be opened because it was not found."), + 0xC0190050: ("STATUS_ENLISTMENT_NOT_FOUND","The specified enlistment was unable to be opened because it was not found."), + 0xC0190051: ("STATUS_TRANSACTIONMANAGER_NOT_FOUND","The specified transaction manager was unable to be opened because it was not found."), + 0xC0190052: ("STATUS_TRANSACTIONMANAGER_NOT_ONLINE","The specified resource manager was unable to create an enlistment because its associated transaction manager is not online."), + 0xC0190053: ("STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION","The specified transaction manager was unable to create the objects contained in its log file in the Ob namespace. Therefore, the transaction manager was unable to recover."), + 0xC0190054: ("STATUS_TRANSACTION_NOT_ROOT","The call to create a superior enlistment on this transaction object could not be completed because the transaction object specified for the enlistment is a subordinate branch of the transaction. Only the root of the transaction can be enlisted as a superior."), + 0xC0190055: ("STATUS_TRANSACTION_OBJECT_EXPIRED","Because the associated transaction manager or resource manager has been closed, the handle is no longer valid."), + 0xC0190056: ("STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION","The compression operation could not be completed because a transaction is active on the file."), + 0xC0190057: ("STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED","The specified operation could not be performed on this superior enlistment because the enlistment was not created with the corresponding completion response in the NotificationMask."), + 0xC0190058: ("STATUS_TRANSACTION_RECORD_TOO_LONG","The specified operation could not be performed because the record to be logged was too long. This can occur because either there are too many enlistments on this transaction or the combined RecoveryInformation being logged on behalf of those enlistments is too long."), + 0xC0190059: ("STATUS_NO_LINK_TRACKING_IN_TRANSACTION","The link-tracking operation could not be completed because a transaction is active."), + 0xC019005A: ("STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION","This operation cannot be performed in a transaction."), + 0xC019005B: ("STATUS_TRANSACTION_INTEGRITY_VIOLATED","The kernel transaction manager had to abort or forget the transaction because it blocked forward progress."), + 0xC0190060: ("STATUS_EXPIRED_HANDLE","The handle is no longer properly associated with its transaction. It may have been opened in a transactional resource manager that was subsequently forced to restart. Please close the handle and open a new one."), + 0xC0190061: ("STATUS_TRANSACTION_NOT_ENLISTED","The specified operation could not be performed because the resource manager is not enlisted in the transaction."), + 0xC01A0001: ("STATUS_LOG_SECTOR_INVALID","The log service found an invalid log sector."), + 0xC01A0002: ("STATUS_LOG_SECTOR_PARITY_INVALID","The log service encountered a log sector with invalid block parity."), + 0xC01A0003: ("STATUS_LOG_SECTOR_REMAPPED","The log service encountered a remapped log sector."), + 0xC01A0004: ("STATUS_LOG_BLOCK_INCOMPLETE","The log service encountered a partial or incomplete log block."), + 0xC01A0005: ("STATUS_LOG_INVALID_RANGE","The log service encountered an attempt to access data outside the active log range."), + 0xC01A0006: ("STATUS_LOG_BLOCKS_EXHAUSTED","The log service user-log marshaling buffers are exhausted."), + 0xC01A0007: ("STATUS_LOG_READ_CONTEXT_INVALID","The log service encountered an attempt to read from a marshaling area with an invalid read context."), + 0xC01A0008: ("STATUS_LOG_RESTART_INVALID","The log service encountered an invalid log restart area."), + 0xC01A0009: ("STATUS_LOG_BLOCK_VERSION","The log service encountered an invalid log block version."), + 0xC01A000A: ("STATUS_LOG_BLOCK_INVALID","The log service encountered an invalid log block."), + 0xC01A000B: ("STATUS_LOG_READ_MODE_INVALID","The log service encountered an attempt to read the log with an invalid read mode."), + 0xC01A000D: ("STATUS_LOG_METADATA_CORRUPT","The log service encountered a corrupted metadata file."), + 0xC01A000E: ("STATUS_LOG_METADATA_INVALID","The log service encountered a metadata file that could not be created by the log file system."), + 0xC01A000F: ("STATUS_LOG_METADATA_INCONSISTENT","The log service encountered a metadata file with inconsistent data."), + 0xC01A0010: ("STATUS_LOG_RESERVATION_INVALID","The log service encountered an attempt to erroneously allocate or dispose reservation space."), + 0xC01A0011: ("STATUS_LOG_CANT_DELETE","The log service cannot delete the log file or the file system container."), + 0xC01A0012: ("STATUS_LOG_CONTAINER_LIMIT_EXCEEDED","The log service has reached the maximum allowable containers allocated to a log file."), + 0xC01A0013: ("STATUS_LOG_START_OF_LOG","The log service has attempted to read or write backward past the start of the log."), + 0xC01A0014: ("STATUS_LOG_POLICY_ALREADY_INSTALLED","The log policy could not be installed because a policy of the same type is already present."), + 0xC01A0015: ("STATUS_LOG_POLICY_NOT_INSTALLED","The log policy in question was not installed at the time of the request."), + 0xC01A0016: ("STATUS_LOG_POLICY_INVALID","The installed set of policies on the log is invalid."), + 0xC01A0017: ("STATUS_LOG_POLICY_CONFLICT","A policy on the log in question prevented the operation from completing."), + 0xC01A0018: ("STATUS_LOG_PINNED_ARCHIVE_TAIL","The log space cannot be reclaimed because the log is pinned by the archive tail."), + 0xC01A0019: ("STATUS_LOG_RECORD_NONEXISTENT","The log record is not a record in the log file."), + 0xC01A001A: ("STATUS_LOG_RECORDS_RESERVED_INVALID","The number of reserved log records or the adjustment of the number of reserved log records is invalid."), + 0xC01A001B: ("STATUS_LOG_SPACE_RESERVED_INVALID","The reserved log space or the adjustment of the log space is invalid."), + 0xC01A001C: ("STATUS_LOG_TAIL_INVALID","A new or existing archive tail or the base of the active log is invalid."), + 0xC01A001D: ("STATUS_LOG_FULL","The log space is exhausted."), + 0xC01A001E: ("STATUS_LOG_MULTIPLEXED","The log is multiplexed; no direct writes to the physical log are allowed."), + 0xC01A001F: ("STATUS_LOG_DEDICATED","The operation failed because the log is dedicated."), + 0xC01A0020: ("STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS","The operation requires an archive context."), + 0xC01A0021: ("STATUS_LOG_ARCHIVE_IN_PROGRESS","Log archival is in progress."), + 0xC01A0022: ("STATUS_LOG_EPHEMERAL","The operation requires a nonephemeral log, but the log is ephemeral."), + 0xC01A0023: ("STATUS_LOG_NOT_ENOUGH_CONTAINERS","The log must have at least two containers before it can be read from or written to."), + 0xC01A0024: ("STATUS_LOG_CLIENT_ALREADY_REGISTERED","A log client has already registered on the stream."), + 0xC01A0025: ("STATUS_LOG_CLIENT_NOT_REGISTERED","A log client has not been registered on the stream."), + 0xC01A0026: ("STATUS_LOG_FULL_HANDLER_IN_PROGRESS","A request has already been made to handle the log full condition."), + 0xC01A0027: ("STATUS_LOG_CONTAINER_READ_FAILED","The log service encountered an error when attempting to read from a log container."), + 0xC01A0028: ("STATUS_LOG_CONTAINER_WRITE_FAILED","The log service encountered an error when attempting to write to a log container."), + 0xC01A0029: ("STATUS_LOG_CONTAINER_OPEN_FAILED","The log service encountered an error when attempting to open a log container."), + 0xC01A002A: ("STATUS_LOG_CONTAINER_STATE_INVALID","The log service encountered an invalid container state when attempting a requested action."), + 0xC01A002B: ("STATUS_LOG_STATE_INVALID","The log service is not in the correct state to perform a requested action."), + 0xC01A002C: ("STATUS_LOG_PINNED","The log space cannot be reclaimed because the log is pinned."), + 0xC01A002D: ("STATUS_LOG_METADATA_FLUSH_FAILED","The log metadata flush failed."), + 0xC01A002E: ("STATUS_LOG_INCONSISTENT_SECURITY","Security on the log and its containers is inconsistent."), + 0xC01A002F: ("STATUS_LOG_APPENDED_FLUSH_FAILED","Records were appended to the log or reservation changes were made, but the log could not be flushed."), + 0xC01A0030: ("STATUS_LOG_PINNED_RESERVATION","The log is pinned due to reservation consuming most of the log space. Free some reserved records to make space available."), + 0xC01B00EA: ("STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD","{Display Driver Stopped Responding} The %hs display driver has stopped working normally. Save your work and reboot the system to restore full display functionality. The next time you reboot the computer, a dialog box will allow you to upload data about this failure to Microsoft."), + 0xC01C0001: ("STATUS_FLT_NO_HANDLER_DEFINED","A handler was not defined by the filter for this operation."), + 0xC01C0002: ("STATUS_FLT_CONTEXT_ALREADY_DEFINED","A context is already defined for this object."), + 0xC01C0003: ("STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST","Asynchronous requests are not valid for this operation."), + 0xC01C0004: ("STATUS_FLT_DISALLOW_FAST_IO","This is an internal error code used by the filter manager to determine if a fast I/O operation should be forced down the input/output request packet (IRP) path. Minifilters should never return this value."), + 0xC01C0005: ("STATUS_FLT_INVALID_NAME_REQUEST","An invalid name request was made. The name requested cannot be retrieved at this time."), + 0xC01C0006: ("STATUS_FLT_NOT_SAFE_TO_POST_OPERATION","Posting this operation to a worker thread for further processing is not safe at this time because it could lead to a system deadlock."), + 0xC01C0007: ("STATUS_FLT_NOT_INITIALIZED","The Filter Manager was not initialized when a filter tried to register. Make sure that the Filter Manager is loaded as a driver."), + 0xC01C0008: ("STATUS_FLT_FILTER_NOT_READY","The filter is not ready for attachment to volumes because it has not finished initializing (FltStartFiltering has not been called)."), + 0xC01C0009: ("STATUS_FLT_POST_OPERATION_CLEANUP","The filter must clean up any operation-specific context at this time because it is being removed from the system before the operation is completed by the lower drivers."), + 0xC01C000A: ("STATUS_FLT_INTERNAL_ERROR","The Filter Manager had an internal error from which it cannot recover; therefore, the operation has failed. This is usually the result of a filter returning an invalid value from a pre-operation callback."), + 0xC01C000B: ("STATUS_FLT_DELETING_OBJECT","The object specified for this action is in the process of being deleted; therefore, the action requested cannot be completed at this time."), + 0xC01C000C: ("STATUS_FLT_MUST_BE_NONPAGED_POOL","A nonpaged pool must be used for this type of context."), + 0xC01C000D: ("STATUS_FLT_DUPLICATE_ENTRY","A duplicate handler definition has been provided for an operation."), + 0xC01C000E: ("STATUS_FLT_CBDQ_DISABLED","The callback data queue has been disabled."), + 0xC01C000F: ("STATUS_FLT_DO_NOT_ATTACH","Do not attach the filter to the volume at this time."), + 0xC01C0010: ("STATUS_FLT_DO_NOT_DETACH","Do not detach the filter from the volume at this time."), + 0xC01C0011: ("STATUS_FLT_INSTANCE_ALTITUDE_COLLISION","An instance already exists at this altitude on the volume specified."), + 0xC01C0012: ("STATUS_FLT_INSTANCE_NAME_COLLISION","An instance already exists with this name on the volume specified."), + 0xC01C0013: ("STATUS_FLT_FILTER_NOT_FOUND","The system could not find the filter specified."), + 0xC01C0014: ("STATUS_FLT_VOLUME_NOT_FOUND","The system could not find the volume specified."), + 0xC01C0015: ("STATUS_FLT_INSTANCE_NOT_FOUND","The system could not find the instance specified."), + 0xC01C0016: ("STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND","No registered context allocation definition was found for the given request."), + 0xC01C0017: ("STATUS_FLT_INVALID_CONTEXT_REGISTRATION","An invalid parameter was specified during context registration."), + 0xC01C0018: ("STATUS_FLT_NAME_CACHE_MISS","The name requested was not found in the Filter Manager name cache and could not be retrieved from the file system."), + 0xC01C0019: ("STATUS_FLT_NO_DEVICE_OBJECT","The requested device object does not exist for the given volume."), + 0xC01C001A: ("STATUS_FLT_VOLUME_ALREADY_MOUNTED","The specified volume is already mounted."), + 0xC01C001B: ("STATUS_FLT_ALREADY_ENLISTED","The specified transaction context is already enlisted in a transaction."), + 0xC01C001C: ("STATUS_FLT_CONTEXT_ALREADY_LINKED","The specified context is already attached to another object."), + 0xC01C0020: ("STATUS_FLT_NO_WAITER_FOR_REPLY","No waiter is present for the filter's reply to this message."), + 0xC01D0001: ("STATUS_MONITOR_NO_DESCRIPTOR","A monitor descriptor could not be obtained."), + 0xC01D0002: ("STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT","This release does not support the format of the obtained monitor descriptor."), + 0xC01D0003: ("STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM","The checksum of the obtained monitor descriptor is invalid."), + 0xC01D0004: ("STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK","The monitor descriptor contains an invalid standard timing block."), + 0xC01D0005: ("STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED","WMI data-block registration failed for one of the MSMonitorClass WMI subclasses."), + 0xC01D0006: ("STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK","The provided monitor descriptor block is either corrupted or does not contain the monitor's detailed serial number."), + 0xC01D0007: ("STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK","The provided monitor descriptor block is either corrupted or does not contain the monitor's user-friendly name."), + 0xC01D0008: ("STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA","There is no monitor descriptor data at the specified (offset or size) region."), + 0xC01D0009: ("STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK","The monitor descriptor contains an invalid detailed timing block."), + 0xC01D000A: ("STATUS_MONITOR_INVALID_MANUFACTURE_DATE","Monitor descriptor contains invalid manufacture date."), + 0xC01E0000: ("STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER","Exclusive mode ownership is needed to create an unmanaged primary allocation."), + 0xC01E0001: ("STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER","The driver needs more DMA buffer space to complete the requested operation."), + 0xC01E0002: ("STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER","The specified display adapter handle is invalid."), + 0xC01E0003: ("STATUS_GRAPHICS_ADAPTER_WAS_RESET","The specified display adapter and all of its state have been reset."), + 0xC01E0004: ("STATUS_GRAPHICS_INVALID_DRIVER_MODEL","The driver stack does not match the expected driver model."), + 0xC01E0005: ("STATUS_GRAPHICS_PRESENT_MODE_CHANGED","Present happened but ended up into the changed desktop mode."), + 0xC01E0006: ("STATUS_GRAPHICS_PRESENT_OCCLUDED","Nothing to present due to desktop occlusion."), + 0xC01E0007: ("STATUS_GRAPHICS_PRESENT_DENIED","Not able to present due to denial of desktop access."), + 0xC01E0008: ("STATUS_GRAPHICS_CANNOTCOLORCONVERT","Not able to present with color conversion."), + 0xC01E000B: ("STATUS_GRAPHICS_PRESENT_REDIRECTION_DISABLED","Present redirection is disabled (desktop windowing management subsystem is off)."), + 0xC01E000C: ("STATUS_GRAPHICS_PRESENT_UNOCCLUDED","Previous exclusive VidPn source owner has released its ownership"), + 0xC01E0100: ("STATUS_GRAPHICS_NO_VIDEO_MEMORY","Not enough video memory is available to complete the operation."), + 0xC01E0101: ("STATUS_GRAPHICS_CANT_LOCK_MEMORY","Could not probe and lock the underlying memory of an allocation."), + 0xC01E0102: ("STATUS_GRAPHICS_ALLOCATION_BUSY","The allocation is currently busy."), + 0xC01E0103: ("STATUS_GRAPHICS_TOO_MANY_REFERENCES","An object being referenced has already reached the maximum reference count and cannot be referenced further."), + 0xC01E0104: ("STATUS_GRAPHICS_TRY_AGAIN_LATER","A problem could not be solved due to an existing condition. Try again later."), + 0xC01E0105: ("STATUS_GRAPHICS_TRY_AGAIN_NOW","A problem could not be solved due to an existing condition. Try again now."), + 0xC01E0106: ("STATUS_GRAPHICS_ALLOCATION_INVALID","The allocation is invalid."), + 0xC01E0107: ("STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE","No more unswizzling apertures are currently available."), + 0xC01E0108: ("STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED","The current allocation cannot be unswizzled by an aperture."), + 0xC01E0109: ("STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION","The request failed because a pinned allocation cannot be evicted."), + 0xC01E0110: ("STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE","The allocation cannot be used from its current segment location for the specified operation."), + 0xC01E0111: ("STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION","A locked allocation cannot be used in the current command buffer."), + 0xC01E0112: ("STATUS_GRAPHICS_ALLOCATION_CLOSED","The allocation being referenced has been closed permanently."), + 0xC01E0113: ("STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE","An invalid allocation instance is being referenced."), + 0xC01E0114: ("STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE","An invalid allocation handle is being referenced."), + 0xC01E0115: ("STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE","The allocation being referenced does not belong to the current device."), + 0xC01E0116: ("STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST","The specified allocation lost its content."), + 0xC01E0200: ("STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE","A GPU exception was detected on the given device. The device cannot be scheduled."), + 0xC01E0300: ("STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY","The specified VidPN topology is invalid."), + 0xC01E0301: ("STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED","The specified VidPN topology is valid but is not supported by this model of the display adapter."), + 0xC01E0302: ("STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED","The specified VidPN topology is valid but is not currently supported by the display adapter due to allocation of its resources."), + 0xC01E0303: ("STATUS_GRAPHICS_INVALID_VIDPN","The specified VidPN handle is invalid."), + 0xC01E0304: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE","The specified video present source is invalid."), + 0xC01E0305: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET","The specified video present target is invalid."), + 0xC01E0306: ("STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED","The specified VidPN modality is not supported (for example, at least two of the pinned modes are not co-functional)."), + 0xC01E0308: ("STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET","The specified VidPN source mode set is invalid."), + 0xC01E0309: ("STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET","The specified VidPN target mode set is invalid."), + 0xC01E030A: ("STATUS_GRAPHICS_INVALID_FREQUENCY","The specified video signal frequency is invalid."), + 0xC01E030B: ("STATUS_GRAPHICS_INVALID_ACTIVE_REGION","The specified video signal active region is invalid."), + 0xC01E030C: ("STATUS_GRAPHICS_INVALID_TOTAL_REGION","The specified video signal total region is invalid."), + 0xC01E0310: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE","The specified video present source mode is invalid."), + 0xC01E0311: ("STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE","The specified video present target mode is invalid."), + 0xC01E0312: ("STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET","The pinned mode must remain in the set on the VidPN's co-functional modality enumeration."), + 0xC01E0313: ("STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY","The specified video present path is already in the VidPN's topology."), + 0xC01E0314: ("STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET","The specified mode is already in the mode set."), + 0xC01E0315: ("STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET","The specified video present source set is invalid."), + 0xC01E0316: ("STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET","The specified video present target set is invalid."), + 0xC01E0317: ("STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET","The specified video present source is already in the video present source set."), + 0xC01E0318: ("STATUS_GRAPHICS_TARGET_ALREADY_IN_SET","The specified video present target is already in the video present target set."), + 0xC01E0319: ("STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH","The specified VidPN present path is invalid."), + 0xC01E031A: ("STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY","The miniport has no recommendation for augmenting the specified VidPN's topology."), + 0xC01E031B: ("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET","The specified monitor frequency range set is invalid."), + 0xC01E031C: ("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE","The specified monitor frequency range is invalid."), + 0xC01E031D: ("STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET","The specified frequency range is not in the specified monitor frequency range set."), + 0xC01E031F: ("STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET","The specified frequency range is already in the specified monitor frequency range set."), + 0xC01E0320: ("STATUS_GRAPHICS_STALE_MODESET","The specified mode set is stale. Reacquire the new mode set."), + 0xC01E0321: ("STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET","The specified monitor source mode set is invalid."), + 0xC01E0322: ("STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE","The specified monitor source mode is invalid."), + 0xC01E0323: ("STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN","The miniport does not have a recommendation regarding the request to provide a functional VidPN given the current display adapter configuration."), + 0xC01E0324: ("STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE","The ID of the specified mode is being used by another mode in the set."), + 0xC01E0325: ("STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION","The system failed to determine a mode that is supported by both the display adapter and the monitor connected to it."), + 0xC01E0326: ("STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES","The number of video present targets must be greater than or equal to the number of video present sources."), + 0xC01E0327: ("STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY","The specified present path is not in the VidPN's topology."), + 0xC01E0328: ("STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE","The display adapter must have at least one video present source."), + 0xC01E0329: ("STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET","The display adapter must have at least one video present target."), + 0xC01E032A: ("STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET","The specified monitor descriptor set is invalid."), + 0xC01E032B: ("STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR","The specified monitor descriptor is invalid."), + 0xC01E032C: ("STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET","The specified descriptor is not in the specified monitor descriptor set."), + 0xC01E032D: ("STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET","The specified descriptor is already in the specified monitor descriptor set."), + 0xC01E032E: ("STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE","The ID of the specified monitor descriptor is being used by another descriptor in the set."), + 0xC01E032F: ("STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE","The specified video present target subset type is invalid."), + 0xC01E0330: ("STATUS_GRAPHICS_RESOURCES_NOT_RELATED","Two or more of the specified resources are not related to each other, as defined by the interface semantics."), + 0xC01E0331: ("STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE","The ID of the specified video present source is being used by another source in the set."), + 0xC01E0332: ("STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE","The ID of the specified video present target is being used by another target in the set."), + 0xC01E0333: ("STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET","The specified VidPN source cannot be used because there is no available VidPN target to connect it to."), + 0xC01E0334: ("STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER","The newly arrived monitor could not be associated with a display adapter."), + 0xC01E0335: ("STATUS_GRAPHICS_NO_VIDPNMGR","The particular display adapter does not have an associated VidPN manager."), + 0xC01E0336: ("STATUS_GRAPHICS_NO_ACTIVE_VIDPN","The VidPN manager of the particular display adapter does not have an active VidPN."), + 0xC01E0337: ("STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY","The specified VidPN topology is stale; obtain the new topology."), + 0xC01E0338: ("STATUS_GRAPHICS_MONITOR_NOT_CONNECTED","No monitor is connected on the specified video present target."), + 0xC01E0339: ("STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY","The specified source is not part of the specified VidPN's topology."), + 0xC01E033A: ("STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE","The specified primary surface size is invalid."), + 0xC01E033B: ("STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE","The specified visible region size is invalid."), + 0xC01E033C: ("STATUS_GRAPHICS_INVALID_STRIDE","The specified stride is invalid."), + 0xC01E033D: ("STATUS_GRAPHICS_INVALID_PIXELFORMAT","The specified pixel format is invalid."), + 0xC01E033E: ("STATUS_GRAPHICS_INVALID_COLORBASIS","The specified color basis is invalid."), + 0xC01E033F: ("STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE","The specified pixel value access mode is invalid."), + 0xC01E0340: ("STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY","The specified target is not part of the specified VidPN's topology."), + 0xC01E0341: ("STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT","Failed to acquire the display mode management interface."), + 0xC01E0342: ("STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE","The specified VidPN source is already owned by a DMM client and cannot be used until that client releases it."), + 0xC01E0343: ("STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN","The specified VidPN is active and cannot be accessed."), + 0xC01E0344: ("STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL","The specified VidPN's present path importance ordinal is invalid."), + 0xC01E0345: ("STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION","The specified VidPN's present path content geometry transformation is invalid."), + 0xC01E0346: ("STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED","The specified content geometry transformation is not supported on the respective VidPN present path."), + 0xC01E0347: ("STATUS_GRAPHICS_INVALID_GAMMA_RAMP","The specified gamma ramp is invalid."), + 0xC01E0348: ("STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED","The specified gamma ramp is not supported on the respective VidPN present path."), + 0xC01E0349: ("STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED","Multisampling is not supported on the respective VidPN present path."), + 0xC01E034A: ("STATUS_GRAPHICS_MODE_NOT_IN_MODESET","The specified mode is not in the specified mode set."), + 0xC01E034D: ("STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON","The specified VidPN topology recommendation reason is invalid."), + 0xC01E034E: ("STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE","The specified VidPN present path content type is invalid."), + 0xC01E034F: ("STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE","The specified VidPN present path copy protection type is invalid."), + 0xC01E0350: ("STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS","Only one unassigned mode set can exist at any one time for a particular VidPN source or target."), + 0xC01E0352: ("STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING","The specified scan line ordering type is invalid."), + 0xC01E0353: ("STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED","The topology changes are not allowed for the specified VidPN."), + 0xC01E0354: ("STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS","All available importance ordinals are being used in the specified topology."), + 0xC01E0355: ("STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT","The specified primary surface has a different private-format attribute than the current primary surface."), + 0xC01E0356: ("STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM","The specified mode-pruning algorithm is invalid."), + 0xC01E0357: ("STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN","The specified monitor-capability origin is invalid."), + 0xC01E0358: ("STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT","The specified monitor-frequency range constraint is invalid."), + 0xC01E0359: ("STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED","The maximum supported number of present paths has been reached."), + 0xC01E035A: ("STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION","The miniport requested that augmentation be canceled for the specified source of the specified VidPN's topology."), + 0xC01E035B: ("STATUS_GRAPHICS_INVALID_CLIENT_TYPE","The specified client type was not recognized."), + 0xC01E035C: ("STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET","The client VidPN is not set on this adapter (for example, no user mode-initiated mode changes have taken place on this adapter)."), + 0xC01E0400: ("STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED","The specified display adapter child device already has an external device connected to it."), + 0xC01E0401: ("STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED","The display adapter child device does not support reporting a descriptor."), + 0xC01E0430: ("STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER","The display adapter is not linked to any other adapters."), + 0xC01E0431: ("STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED","The lead adapter in a linked configuration was not enumerated yet."), + 0xC01E0432: ("STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED","Some chain adapters in a linked configuration have not yet been enumerated."), + 0xC01E0433: ("STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY","The chain of linked adapters is not ready to start because of an unknown failure."), + 0xC01E0434: ("STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED","An attempt was made to start a lead link display adapter when the chain links had not yet started."), + 0xC01E0435: ("STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON","An attempt was made to turn on a lead link display adapter when the chain links were turned off."), + 0xC01E0436: ("STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE","The adapter link was found in an inconsistent state. Not all adapters are in an expected PNP/power state."), + 0xC01E0438: ("STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER","The driver trying to start is not the same as the driver for the posted display adapter."), + 0xC01E043B: ("STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED","An operation is being attempted that requires the display adapter to be in a quiescent state."), + 0xC01E0500: ("STATUS_GRAPHICS_OPM_NOT_SUPPORTED","The driver does not support OPM."), + 0xC01E0501: ("STATUS_GRAPHICS_COPP_NOT_SUPPORTED","The driver does not support COPP."), + 0xC01E0502: ("STATUS_GRAPHICS_UAB_NOT_SUPPORTED","The driver does not support UAB."), + 0xC01E0503: ("STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS","The specified encrypted parameters are invalid."), + 0xC01E0504: ("STATUS_GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL","An array passed to a function cannot hold all of the data that the function wants to put in it."), + 0xC01E0505: ("STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST","The GDI display device passed to this function does not have any active protected outputs."), + 0xC01E0506: ("STATUS_GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME","The PVP cannot find an actual GDI display device that corresponds to the passed-in GDI display device name."), + 0xC01E0507: ("STATUS_GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP","This function failed because the GDI display device passed to it was not attached to the Windows desktop."), + 0xC01E0508: ("STATUS_GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED","The PVP does not support mirroring display devices because they do not have any protected outputs."), + 0xC01E050A: ("STATUS_GRAPHICS_OPM_INVALID_POINTER","The function failed because an invalid pointer parameter was passed to it. A pointer parameter is invalid if it is null, is not correctly aligned, or it points to an invalid address or a kernel mode address."), + 0xC01E050B: ("STATUS_GRAPHICS_OPM_INTERNAL_ERROR","An internal error caused an operation to fail."), + 0xC01E050C: ("STATUS_GRAPHICS_OPM_INVALID_HANDLE","The function failed because the caller passed in an invalid OPM user-mode handle."), + 0xC01E050D: ("STATUS_GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE","This function failed because the GDI device passed to it did not have any monitors associated with it."), + 0xC01E050E: ("STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH","A certificate could not be returned because the certificate buffer passed to the function was too small."), + 0xC01E050F: ("STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED","DxgkDdiOpmCreateProtectedOutput() could not create a protected output because the video present yarget is in spanning mode."), + 0xC01E0510: ("STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED","DxgkDdiOpmCreateProtectedOutput() could not create a protected output because the video present target is in theater mode."), + 0xC01E0511: ("STATUS_GRAPHICS_PVP_HFS_FAILED","The function call failed because the display adapter's hardware functionality scan (HFS) failed to validate the graphics hardware."), + 0xC01E0512: ("STATUS_GRAPHICS_OPM_INVALID_SRM","The HDCP SRM passed to this function did not comply with section 5 of the HDCP 1.1 specification."), + 0xC01E0513: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP","The protected output cannot enable the HDCP system because it does not support it."), + 0xC01E0514: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP","The protected output cannot enable analog copy protection because it does not support it."), + 0xC01E0515: ("STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA","The protected output cannot enable the CGMS-A protection technology because it does not support it."), + 0xC01E0516: ("STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET","DxgkDdiOPMGetInformation() cannot return the version of the SRM being used because the application never successfully passed an SRM to the protected output."), + 0xC01E0517: ("STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH","DxgkDdiOPMConfigureProtectedOutput() cannot enable the specified output protection technology because the output's screen resolution is too high."), + 0xC01E0518: ("STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE","DxgkDdiOPMConfigureProtectedOutput() cannot enable HDCP because other physical outputs are using the display adapter's HDCP hardware."), + 0xC01E051A: ("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS","The operating system asynchronously destroyed this OPM-protected output because the operating system state changed. This error typically occurs because the monitor PDO associated with this protected output was removed or stopped, the protected output's session became a nonconsole session, or the protected output's desktop became inactive."), + 0xC01E051B: ("STATUS_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS","OPM functions cannot be called when a session is changing its type. Three types of sessions currently exist: console, disconnected, and remote (RDP or ICA)."), + 0xC01E051C: ("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS","The DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only if a protected output has OPM semantics. DxgkDdiOPMGetCOPPCompatibleInformation always returns this error if a protected output has OPM semantics. DxgkDdiOPMGetInformation returns this error code if the caller requested COPP-specific information. DxgkDdiOPMConfigureProtectedOutput returns this error when the caller tries to use a COPP-specific command."), + 0xC01E051D: ("STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST","The DxgkDdiOPMGetInformation and DxgkDdiOPMGetCOPPCompatibleInformation functions return this error code if the passed-in sequence number is not the expected sequence number or the passed-in OMAC value is invalid."), + 0xC01E051E: ("STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR","The function failed because an unexpected error occurred inside a display driver."), + 0xC01E051F: ("STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS","The DxgkDdiOPMGetCOPPCompatibleInformation, DxgkDdiOPMGetInformation, or DxgkDdiOPMConfigureProtectedOutput function failed. This error is returned only if a protected output has COPP semantics. DxgkDdiOPMGetCOPPCompatibleInformation returns this error code if the caller requested OPM-specific information. DxgkDdiOPMGetInformation always returns this error if a protected output has COPP semantics. DxgkDdiOPMConfigureProtectedOutput returns this error when the caller tries to use an OPM-specific command."), + 0xC01E0520: ("STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED","The DxgkDdiOPMGetCOPPCompatibleInformation and DxgkDdiOPMConfigureProtectedOutput functions return this error if the display driver does not support the DXGKMDT_OPM_GET_ACP_AND_CGMSA_SIGNALING and DXGKMDT_OPM_SET_ACP_AND_CGMSA_SIGNALING GUIDs."), + 0xC01E0521: ("STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST","The DxgkDdiOPMConfigureProtectedOutput function returns this error code if the passed-in sequence number is not the expected sequence number or the passed-in OMAC value is invalid."), + 0xC01E0580: ("STATUS_GRAPHICS_I2C_NOT_SUPPORTED","The monitor connected to the specified video output does not have an I2C bus."), + 0xC01E0581: ("STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST","No device on the I2C bus has the specified address."), + 0xC01E0582: ("STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA","An error occurred while transmitting data to the device on the I2C bus."), + 0xC01E0583: ("STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA","An error occurred while receiving data from the device on the I2C bus."), + 0xC01E0584: ("STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED","The monitor does not support the specified VCP code."), + 0xC01E0585: ("STATUS_GRAPHICS_DDCCI_INVALID_DATA","The data received from the monitor is invalid."), + 0xC01E0586: ("STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE","A function call failed because a monitor returned an invalid timing status byte when the operating system used the DDC/CI get timing report and timing message command to get a timing report from a monitor."), + 0xC01E0587: ("STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING","A monitor returned a DDC/CI capabilities string that did not comply with the ACCESS.bus 3.0, DDC/CI 1.1, or MCCS 2 Revision 1 specification."), + 0xC01E0588: ("STATUS_GRAPHICS_MCA_INTERNAL_ERROR","An internal error caused an operation to fail."), + 0xC01E0589: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND","An operation failed because a DDC/CI message had an invalid value in its command field."), + 0xC01E058A: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH","This error occurred because a DDC/CI message had an invalid value in its length field."), + 0xC01E058B: ("STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM","This error occurred because the value in a DDC/CI message's checksum field did not match the message's computed checksum value. This error implies that the data was corrupted while it was being transmitted from a monitor to a computer."), + 0xC01E058C: ("STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE","This function failed because an invalid monitor handle was passed to it."), + 0xC01E058D: ("STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS","The operating system asynchronously destroyed the monitor that corresponds to this handle because the operating system's state changed. This error typically occurs because the monitor PDO associated with this handle was removed or stopped, or a display mode change occurred. A display mode change occurs when Windows sends a WM_DISPLAYCHANGE message to applications."), + 0xC01E05E0: ("STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED","This function can be used only if a program is running in the local console session. It cannot be used if a program is running on a remote desktop session or on a terminal server session."), + 0xC01E05E1: ("STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME","This function cannot find an actual GDI display device that corresponds to the specified GDI display device name."), + 0xC01E05E2: ("STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP","The function failed because the specified GDI display device was not attached to the Windows desktop."), + 0xC01E05E3: ("STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED","This function does not support GDI mirroring display devices because GDI mirroring display devices do not have any physical monitors associated with them."), + 0xC01E05E4: ("STATUS_GRAPHICS_INVALID_POINTER","The function failed because an invalid pointer parameter was passed to it. A pointer parameter is invalid if it is null, is not correctly aligned, or points to an invalid address or to a kernel mode address."), + 0xC01E05E5: ("STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE","This function failed because the GDI device passed to it did not have a monitor associated with it."), + 0xC01E05E6: ("STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL","An array passed to the function cannot hold all of the data that the function must copy into the array."), + 0xC01E05E7: ("STATUS_GRAPHICS_INTERNAL_ERROR","An internal error caused an operation to fail."), + 0xC01E05E8: ("STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS","The function failed because the current session is changing its type. This function cannot be called when the current session is changing its type. Three types of sessions currently exist: console, disconnected, and remote (RDP or ICA)."), + 0xC0210000: ("STATUS_FVE_LOCKED_VOLUME","The volume must be unlocked before it can be used."), + 0xC0210001: ("STATUS_FVE_NOT_ENCRYPTED","The volume is fully decrypted and no key is available."), + 0xC0210002: ("STATUS_FVE_BAD_INFORMATION","The control block for the encrypted volume is not valid."), + 0xC0210003: ("STATUS_FVE_TOO_SMALL","Not enough free space remains on the volume to allow encryption."), + 0xC0210004: ("STATUS_FVE_FAILED_WRONG_FS","The partition cannot be encrypted because the file system is not supported."), + 0xC0210005: ("STATUS_FVE_FAILED_BAD_FS","The file system is inconsistent. Run the Check Disk utility."), + 0xC0210006: ("STATUS_FVE_FS_NOT_EXTENDED","The file system does not extend to the end of the volume."), + 0xC0210007: ("STATUS_FVE_FS_MOUNTED","This operation cannot be performed while a file system is mounted on the volume."), + 0xC0210008: ("STATUS_FVE_NO_LICENSE","BitLocker Drive Encryption is not included with this version of Windows."), + 0xC0210009: ("STATUS_FVE_ACTION_NOT_ALLOWED","The requested action was denied by the FVE control engine."), + 0xC021000A: ("STATUS_FVE_BAD_DATA","The data supplied is malformed."), + 0xC021000B: ("STATUS_FVE_VOLUME_NOT_BOUND","The volume is not bound to the system."), + 0xC021000C: ("STATUS_FVE_NOT_DATA_VOLUME","The volume specified is not a data volume."), + 0xC021000D: ("STATUS_FVE_CONV_READ_ERROR","A read operation failed while converting the volume."), + 0xC021000E: ("STATUS_FVE_CONV_WRITE_ERROR","A write operation failed while converting the volume."), + 0xC021000F: ("STATUS_FVE_OVERLAPPED_UPDATE","The control block for the encrypted volume was updated by another thread. Try again."), + 0xC0210010: ("STATUS_FVE_FAILED_SECTOR_SIZE","The volume encryption algorithm cannot be used on this sector size."), + 0xC0210011: ("STATUS_FVE_FAILED_AUTHENTICATION","BitLocker recovery authentication failed."), + 0xC0210012: ("STATUS_FVE_NOT_OS_VOLUME","The volume specified is not the boot operating system volume."), + 0xC0210013: ("STATUS_FVE_KEYFILE_NOT_FOUND","The BitLocker startup key or recovery password could not be read from external media."), + 0xC0210014: ("STATUS_FVE_KEYFILE_INVALID","The BitLocker startup key or recovery password file is corrupt or invalid."), + 0xC0210015: ("STATUS_FVE_KEYFILE_NO_VMK","The BitLocker encryption key could not be obtained from the startup key or the recovery password."), + 0xC0210016: ("STATUS_FVE_TPM_DISABLED","The TPM is disabled."), + 0xC0210017: ("STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO","The authorization data for the SRK of the TPM is not zero."), + 0xC0210018: ("STATUS_FVE_TPM_INVALID_PCR","The system boot information changed or the TPM locked out access to BitLocker encryption keys until the computer is restarted."), + 0xC0210019: ("STATUS_FVE_TPM_NO_VMK","The BitLocker encryption key could not be obtained from the TPM."), + 0xC021001A: ("STATUS_FVE_PIN_INVALID","The BitLocker encryption key could not be obtained from the TPM and PIN."), + 0xC021001B: ("STATUS_FVE_AUTH_INVALID_APPLICATION","A boot application hash does not match the hash computed when BitLocker was turned on."), + 0xC021001C: ("STATUS_FVE_AUTH_INVALID_CONFIG","The Boot Configuration Data (BCD) settings are not supported or have changed because BitLocker was enabled."), + 0xC021001D: ("STATUS_FVE_DEBUGGER_ENABLED","Boot debugging is enabled. Run Windows Boot Configuration Data Store Editor (bcdedit.exe) to turn it off."), + 0xC021001E: ("STATUS_FVE_DRY_RUN_FAILED","The BitLocker encryption key could not be obtained."), + 0xC021001F: ("STATUS_FVE_BAD_METADATA_POINTER","The metadata disk region pointer is incorrect."), + 0xC0210020: ("STATUS_FVE_OLD_METADATA_COPY","The backup copy of the metadata is out of date."), + 0xC0210021: ("STATUS_FVE_REBOOT_REQUIRED","No action was taken because a system restart is required."), + 0xC0210022: ("STATUS_FVE_RAW_ACCESS","No action was taken because BitLocker Drive Encryption is in RAW access mode."), + 0xC0210023: ("STATUS_FVE_RAW_BLOCKED","BitLocker Drive Encryption cannot enter RAW access mode for this volume."), + 0xC0210026: ("STATUS_FVE_NO_FEATURE_LICENSE","This feature of BitLocker Drive Encryption is not included with this version of Windows."), + 0xC0210027: ("STATUS_FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED","Group policy does not permit turning off BitLocker Drive Encryption on roaming data volumes."), + 0xC0210028: ("STATUS_FVE_CONV_RECOVERY_FAILED","Bitlocker Drive Encryption failed to recover from aborted conversion. This could be due to either all conversion logs being corrupted or the media being write-protected."), + 0xC0210029: ("STATUS_FVE_VIRTUALIZED_SPACE_TOO_BIG","The requested virtualization size is too big."), + 0xC0210030: ("STATUS_FVE_VOLUME_TOO_SMALL","The drive is too small to be protected using BitLocker Drive Encryption."), + 0xC0220001: ("STATUS_FWP_CALLOUT_NOT_FOUND","The callout does not exist."), + 0xC0220002: ("STATUS_FWP_CONDITION_NOT_FOUND","The filter condition does not exist."), + 0xC0220003: ("STATUS_FWP_FILTER_NOT_FOUND","The filter does not exist."), + 0xC0220004: ("STATUS_FWP_LAYER_NOT_FOUND","The layer does not exist."), + 0xC0220005: ("STATUS_FWP_PROVIDER_NOT_FOUND","The provider does not exist."), + 0xC0220006: ("STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND","The provider context does not exist."), + 0xC0220007: ("STATUS_FWP_SUBLAYER_NOT_FOUND","The sublayer does not exist."), + 0xC0220008: ("STATUS_FWP_NOT_FOUND","The object does not exist."), + 0xC0220009: ("STATUS_FWP_ALREADY_EXISTS","An object with that GUID or LUID already exists."), + 0xC022000A: ("STATUS_FWP_IN_USE","The object is referenced by other objects and cannot be deleted."), + 0xC022000B: ("STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS","The call is not allowed from within a dynamic session."), + 0xC022000C: ("STATUS_FWP_WRONG_SESSION","The call was made from the wrong session and cannot be completed."), + 0xC022000D: ("STATUS_FWP_NO_TXN_IN_PROGRESS","The call must be made from within an explicit transaction."), + 0xC022000E: ("STATUS_FWP_TXN_IN_PROGRESS","The call is not allowed from within an explicit transaction."), + 0xC022000F: ("STATUS_FWP_TXN_ABORTED","The explicit transaction has been forcibly canceled."), + 0xC0220010: ("STATUS_FWP_SESSION_ABORTED","The session has been canceled."), + 0xC0220011: ("STATUS_FWP_INCOMPATIBLE_TXN","The call is not allowed from within a read-only transaction."), + 0xC0220012: ("STATUS_FWP_TIMEOUT","The call timed out while waiting to acquire the transaction lock."), + 0xC0220013: ("STATUS_FWP_NET_EVENTS_DISABLED","The collection of network diagnostic events is disabled."), + 0xC0220014: ("STATUS_FWP_INCOMPATIBLE_LAYER","The operation is not supported by the specified layer."), + 0xC0220015: ("STATUS_FWP_KM_CLIENTS_ONLY","The call is allowed for kernel-mode callers only."), + 0xC0220016: ("STATUS_FWP_LIFETIME_MISMATCH","The call tried to associate two objects with incompatible lifetimes."), + 0xC0220017: ("STATUS_FWP_BUILTIN_OBJECT","The object is built-in and cannot be deleted."), + 0xC0220018: ("STATUS_FWP_TOO_MANY_BOOTTIME_FILTERS","The maximum number of boot-time filters has been reached."), + 0xC0220018: ("STATUS_FWP_TOO_MANY_CALLOUTS","The maximum number of callouts has been reached."), + 0xC0220019: ("STATUS_FWP_NOTIFICATION_DROPPED","A notification could not be delivered because a message queue has reached maximum capacity."), + 0xC022001A: ("STATUS_FWP_TRAFFIC_MISMATCH","The traffic parameters do not match those for the security association context."), + 0xC022001B: ("STATUS_FWP_INCOMPATIBLE_SA_STATE","The call is not allowed for the current security association state."), + 0xC022001C: ("STATUS_FWP_NULL_POINTER","A required pointer is null."), + 0xC022001D: ("STATUS_FWP_INVALID_ENUMERATOR","An enumerator is not valid."), + 0xC022001E: ("STATUS_FWP_INVALID_FLAGS","The flags field contains an invalid value."), + 0xC022001F: ("STATUS_FWP_INVALID_NET_MASK","A network mask is not valid."), + 0xC0220020: ("STATUS_FWP_INVALID_RANGE","An FWP_RANGE is not valid."), + 0xC0220021: ("STATUS_FWP_INVALID_INTERVAL","The time interval is not valid."), + 0xC0220022: ("STATUS_FWP_ZERO_LENGTH_ARRAY","An array that must contain at least one element has a zero length."), + 0xC0220023: ("STATUS_FWP_NULL_DISPLAY_NAME","The displayData.name field cannot be null."), + 0xC0220024: ("STATUS_FWP_INVALID_ACTION_TYPE","The action type is not one of the allowed action types for a filter."), + 0xC0220025: ("STATUS_FWP_INVALID_WEIGHT","The filter weight is not valid."), + 0xC0220026: ("STATUS_FWP_MATCH_TYPE_MISMATCH","A filter condition contains a match type that is not compatible with the operands."), + 0xC0220027: ("STATUS_FWP_TYPE_MISMATCH","An FWP_VALUE or FWPM_CONDITION_VALUE is of the wrong type."), + 0xC0220028: ("STATUS_FWP_OUT_OF_BOUNDS","An integer value is outside the allowed range."), + 0xC0220029: ("STATUS_FWP_RESERVED","A reserved field is nonzero."), + 0xC022002A: ("STATUS_FWP_DUPLICATE_CONDITION","A filter cannot contain multiple conditions operating on a single field."), + 0xC022002B: ("STATUS_FWP_DUPLICATE_KEYMOD","A policy cannot contain the same keying module more than once."), + 0xC022002C: ("STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER","The action type is not compatible with the layer."), + 0xC022002D: ("STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER","The action type is not compatible with the sublayer."), + 0xC022002E: ("STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER","The raw context or the provider context is not compatible with the layer."), + 0xC022002F: ("STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT","The raw context or the provider context is not compatible with the callout."), + 0xC0220030: ("STATUS_FWP_INCOMPATIBLE_AUTH_METHOD","The authentication method is not compatible with the policy type."), + 0xC0220031: ("STATUS_FWP_INCOMPATIBLE_DH_GROUP","The Diffie-Hellman group is not compatible with the policy type."), + 0xC0220032: ("STATUS_FWP_EM_NOT_SUPPORTED","An IKE policy cannot contain an Extended Mode policy."), + 0xC0220033: ("STATUS_FWP_NEVER_MATCH","The enumeration template or subscription will never match any objects."), + 0xC0220034: ("STATUS_FWP_PROVIDER_CONTEXT_MISMATCH","The provider context is of the wrong type."), + 0xC0220035: ("STATUS_FWP_INVALID_PARAMETER","The parameter is incorrect."), + 0xC0220036: ("STATUS_FWP_TOO_MANY_SUBLAYERS","The maximum number of sublayers has been reached."), + 0xC0220037: ("STATUS_FWP_CALLOUT_NOTIFICATION_FAILED","The notification function for a callout returned an error."), + 0xC0220038: ("STATUS_FWP_INCOMPATIBLE_AUTH_CONFIG","The IPsec authentication configuration is not compatible with the authentication type."), + 0xC0220039: ("STATUS_FWP_INCOMPATIBLE_CIPHER_CONFIG","The IPsec cipher configuration is not compatible with the cipher type."), + 0xC022003C: ("STATUS_FWP_DUPLICATE_AUTH_METHOD","A policy cannot contain the same auth method more than once."), + 0xC0220100: ("STATUS_FWP_TCPIP_NOT_READY","The TCP/IP stack is not ready."), + 0xC0220101: ("STATUS_FWP_INJECT_HANDLE_CLOSING","The injection handle is being closed by another thread."), + 0xC0220102: ("STATUS_FWP_INJECT_HANDLE_STALE","The injection handle is stale."), + 0xC0220103: ("STATUS_FWP_CANNOT_PEND","The classify cannot be pended."), + 0xC0230002: ("STATUS_NDIS_CLOSING","The binding to the network interface is being closed."), + 0xC0230004: ("STATUS_NDIS_BAD_VERSION","An invalid version was specified."), + 0xC0230005: ("STATUS_NDIS_BAD_CHARACTERISTICS","An invalid characteristics table was used."), + 0xC0230006: ("STATUS_NDIS_ADAPTER_NOT_FOUND","Failed to find the network interface or the network interface is not ready."), + 0xC0230007: ("STATUS_NDIS_OPEN_FAILED","Failed to open the network interface."), + 0xC0230008: ("STATUS_NDIS_DEVICE_FAILED","The network interface has encountered an internal unrecoverable failure."), + 0xC0230009: ("STATUS_NDIS_MULTICAST_FULL","The multicast list on the network interface is full."), + 0xC023000A: ("STATUS_NDIS_MULTICAST_EXISTS","An attempt was made to add a duplicate multicast address to the list."), + 0xC023000B: ("STATUS_NDIS_MULTICAST_NOT_FOUND","At attempt was made to remove a multicast address that was never added."), + 0xC023000C: ("STATUS_NDIS_REQUEST_ABORTED","The network interface aborted the request."), + 0xC023000D: ("STATUS_NDIS_RESET_IN_PROGRESS","The network interface cannot process the request because it is being reset."), + 0xC023000F: ("STATUS_NDIS_INVALID_PACKET","An attempt was made to send an invalid packet on a network interface."), + 0xC0230010: ("STATUS_NDIS_INVALID_DEVICE_REQUEST","The specified request is not a valid operation for the target device."), + 0xC0230011: ("STATUS_NDIS_ADAPTER_NOT_READY","The network interface is not ready to complete this operation."), + 0xC0230014: ("STATUS_NDIS_INVALID_LENGTH","The length of the buffer submitted for this operation is not valid."), + 0xC0230015: ("STATUS_NDIS_INVALID_DATA","The data used for this operation is not valid."), + 0xC0230016: ("STATUS_NDIS_BUFFER_TOO_SHORT","The length of the submitted buffer for this operation is too small."), + 0xC0230017: ("STATUS_NDIS_INVALID_OID","The network interface does not support this object identifier."), + 0xC0230018: ("STATUS_NDIS_ADAPTER_REMOVED","The network interface has been removed."), + 0xC0230019: ("STATUS_NDIS_UNSUPPORTED_MEDIA","The network interface does not support this media type."), + 0xC023001A: ("STATUS_NDIS_GROUP_ADDRESS_IN_USE","An attempt was made to remove a token ring group address that is in use by other components."), + 0xC023001B: ("STATUS_NDIS_FILE_NOT_FOUND","An attempt was made to map a file that cannot be found."), + 0xC023001C: ("STATUS_NDIS_ERROR_READING_FILE","An error occurred while NDIS tried to map the file."), + 0xC023001D: ("STATUS_NDIS_ALREADY_MAPPED","An attempt was made to map a file that is already mapped."), + 0xC023001E: ("STATUS_NDIS_RESOURCE_CONFLICT","An attempt to allocate a hardware resource failed because the resource is used by another component."), + 0xC023001F: ("STATUS_NDIS_MEDIA_DISCONNECTED","The I/O operation failed because the network media is disconnected or the wireless access point is out of range."), + 0xC0230022: ("STATUS_NDIS_INVALID_ADDRESS","The network address used in the request is invalid."), + 0xC023002A: ("STATUS_NDIS_PAUSED","The offload operation on the network interface has been paused."), + 0xC023002B: ("STATUS_NDIS_INTERFACE_NOT_FOUND","The network interface was not found."), + 0xC023002C: ("STATUS_NDIS_UNSUPPORTED_REVISION","The revision number specified in the structure is not supported."), + 0xC023002D: ("STATUS_NDIS_INVALID_PORT","The specified port does not exist on this network interface."), + 0xC023002E: ("STATUS_NDIS_INVALID_PORT_STATE","The current state of the specified port on this network interface does not support the requested operation."), + 0xC023002F: ("STATUS_NDIS_LOW_POWER_STATE","The miniport adapter is in a lower power state."), + 0xC02300BB: ("STATUS_NDIS_NOT_SUPPORTED","The network interface does not support this request."), + 0xC023100F: ("STATUS_NDIS_OFFLOAD_POLICY","The TCP connection is not offloadable because of a local policy setting."), + 0xC0231012: ("STATUS_NDIS_OFFLOAD_CONNECTION_REJECTED","The TCP connection is not offloadable by the Chimney offload target."), + 0xC0231013: ("STATUS_NDIS_OFFLOAD_PATH_REJECTED","The IP Path object is not in an offloadable state."), + 0xC0232000: ("STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED","The wireless LAN interface is in auto-configuration mode and does not support the requested parameter change operation."), + 0xC0232001: ("STATUS_NDIS_DOT11_MEDIA_IN_USE","The wireless LAN interface is busy and cannot perform the requested operation."), + 0xC0232002: ("STATUS_NDIS_DOT11_POWER_STATE_INVALID","The wireless LAN interface is power down and does not support the requested operation."), + 0xC0232003: ("STATUS_NDIS_PM_WOL_PATTERN_LIST_FULL","The list of wake on LAN patterns is full."), + 0xC0232004: ("STATUS_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL","The list of low power protocol offloads is full."), + 0xC0360001: ("STATUS_IPSEC_BAD_SPI","The SPI in the packet does not match a valid IPsec SA."), + 0xC0360002: ("STATUS_IPSEC_SA_LIFETIME_EXPIRED","The packet was received on an IPsec SA whose lifetime has expired."), + 0xC0360003: ("STATUS_IPSEC_WRONG_SA","The packet was received on an IPsec SA that does not match the packet characteristics."), + 0xC0360004: ("STATUS_IPSEC_REPLAY_CHECK_FAILED","The packet sequence number replay check failed."), + 0xC0360005: ("STATUS_IPSEC_INVALID_PACKET","The IPsec header and/or trailer in the packet is invalid."), + 0xC0360006: ("STATUS_IPSEC_INTEGRITY_CHECK_FAILED","The IPsec integrity check failed."), + 0xC0360007: ("STATUS_IPSEC_CLEAR_TEXT_DROP","IPsec dropped a clear text packet."), + 0xC0360008: ("STATUS_IPSEC_AUTH_FIREWALL_DROP","IPsec dropped an incoming ESP packet in authenticated firewall mode. This drop is benign."), + 0xC0360009: ("STATUS_IPSEC_THROTTLE_DROP","IPsec dropped a packet due to DOS throttle."), + 0xC0368000: ("STATUS_IPSEC_DOSP_BLOCK","IPsec Dos Protection matched an explicit block rule."), + 0xC0368001: ("STATUS_IPSEC_DOSP_RECEIVED_MULTICAST","IPsec Dos Protection received an IPsec specific multicast packet which is not allowed."), + 0xC0368002: ("STATUS_IPSEC_DOSP_INVALID_PACKET","IPsec Dos Protection received an incorrectly formatted packet."), + 0xC0368003: ("STATUS_IPSEC_DOSP_STATE_LOOKUP_FAILED","IPsec Dos Protection failed to lookup state."), + 0xC0368004: ("STATUS_IPSEC_DOSP_MAX_ENTRIES","IPsec Dos Protection failed to create state because there are already maximum number of entries allowed by policy."), + 0xC0368005: ("STATUS_IPSEC_DOSP_KEYMOD_NOT_ALLOWED","IPsec Dos Protection received an IPsec negotiation packet for a keying module which is not allowed by policy."), + 0xC0368006: ("STATUS_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES","IPsec Dos Protection failed to create per internal IP ratelimit queue because there is already maximum number of queues allowed by policy."), + 0xC038005B: ("STATUS_VOLMGR_MIRROR_NOT_SUPPORTED","The system does not support mirrored volumes."), + 0xC038005C: ("STATUS_VOLMGR_RAID5_NOT_SUPPORTED","The system does not support RAID-5 volumes."), + 0xC03A0014: ("STATUS_VIRTDISK_PROVIDER_NOT_FOUND","A virtual disk support provider for the specified file was not found."), + 0xC03A0015: ("STATUS_VIRTDISK_NOT_VIRTUAL_DISK","The specified disk is not a virtual disk."), + 0xC03A0016: ("STATUS_VHD_PARENT_VHD_ACCESS_DENIED","The chain of virtual hard disks is inaccessible. The process has not been granted access rights to the parent virtual hard disk for the differencing disk."), + 0xC03A0017: ("STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH","The chain of virtual hard disks is corrupted. There is a mismatch in the virtual sizes of the parent virtual hard disk and differencing disk."), + 0xC03A0018: ("STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED","The chain of virtual hard disks is corrupted. A differencing disk is indicated in its own parent chain."), + 0xC03A0019: ("STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT","The chain of virtual hard disks is inaccessible. There was an error opening a virtual hard disk further up the chain."), +} + +# Error Codes + +STATUS_SUCCESS = 0x00000000 +STATUS_WAIT_1 = 0x00000001 +STATUS_WAIT_2 = 0x00000002 +STATUS_WAIT_3 = 0x00000003 +STATUS_WAIT_63 = 0x0000003F +STATUS_ABANDONED = 0x00000080 +STATUS_ABANDONED_WAIT_0 = 0x00000080 +STATUS_ABANDONED_WAIT_63 = 0x000000BF +STATUS_USER_APC = 0x000000C0 +STATUS_ALERTED = 0x00000101 +STATUS_TIMEOUT = 0x00000102 +STATUS_PENDING = 0x00000103 +STATUS_REPARSE = 0x00000104 +STATUS_MORE_ENTRIES = 0x00000105 +STATUS_NOT_ALL_ASSIGNED = 0x00000106 +STATUS_SOME_NOT_MAPPED = 0x00000107 +STATUS_OPLOCK_BREAK_IN_PROGRESS = 0x00000108 +STATUS_VOLUME_MOUNTED = 0x00000109 +STATUS_RXACT_COMMITTED = 0x0000010A +STATUS_NOTIFY_CLEANUP = 0x0000010B +STATUS_NOTIFY_ENUM_DIR = 0x0000010C +STATUS_NO_QUOTAS_FOR_ACCOUNT = 0x0000010D +STATUS_PRIMARY_TRANSPORT_CONNECT_FAILED = 0x0000010E +STATUS_PAGE_FAULT_TRANSITION = 0x00000110 +STATUS_PAGE_FAULT_DEMAND_ZERO = 0x00000111 +STATUS_PAGE_FAULT_COPY_ON_WRITE = 0x00000112 +STATUS_PAGE_FAULT_GUARD_PAGE = 0x00000113 +STATUS_PAGE_FAULT_PAGING_FILE = 0x00000114 +STATUS_CACHE_PAGE_LOCKED = 0x00000115 +STATUS_CRASH_DUMP = 0x00000116 +STATUS_BUFFER_ALL_ZEROS = 0x00000117 +STATUS_REPARSE_OBJECT = 0x00000118 +STATUS_RESOURCE_REQUIREMENTS_CHANGED = 0x00000119 +STATUS_TRANSLATION_COMPLETE = 0x00000120 +STATUS_DS_MEMBERSHIP_EVALUATED_LOCALLY = 0x00000121 +STATUS_NOTHING_TO_TERMINATE = 0x00000122 +STATUS_PROCESS_NOT_IN_JOB = 0x00000123 +STATUS_PROCESS_IN_JOB = 0x00000124 +STATUS_VOLSNAP_HIBERNATE_READY = 0x00000125 +STATUS_FSFILTER_OP_COMPLETED_SUCCESSFULLY = 0x00000126 +STATUS_INTERRUPT_VECTOR_ALREADY_CONNECTED = 0x00000127 +STATUS_INTERRUPT_STILL_CONNECTED = 0x00000128 +STATUS_PROCESS_CLONED = 0x00000129 +STATUS_FILE_LOCKED_WITH_ONLY_READERS = 0x0000012A +STATUS_FILE_LOCKED_WITH_WRITERS = 0x0000012B +STATUS_RESOURCEMANAGER_READ_ONLY = 0x00000202 +STATUS_WAIT_FOR_OPLOCK = 0x00000367 +DBG_EXCEPTION_HANDLED = 0x00010001 +DBG_CONTINUE = 0x00010002 +STATUS_FLT_IO_COMPLETE = 0x001C0001 +STATUS_FILE_NOT_AVAILABLE = 0xC0000467 +STATUS_CALLBACK_RETURNED_THREAD_AFFINITY = 0xC0000721 +STATUS_OBJECT_NAME_EXISTS = 0x40000000 +STATUS_THREAD_WAS_SUSPENDED = 0x40000001 +STATUS_WORKING_SET_LIMIT_RANGE = 0x40000002 +STATUS_IMAGE_NOT_AT_BASE = 0x40000003 +STATUS_RXACT_STATE_CREATED = 0x40000004 +STATUS_SEGMENT_NOTIFICATION = 0x40000005 +STATUS_LOCAL_USER_SESSION_KEY = 0x40000006 +STATUS_BAD_CURRENT_DIRECTORY = 0x40000007 +STATUS_SERIAL_MORE_WRITES = 0x40000008 +STATUS_REGISTRY_RECOVERED = 0x40000009 +STATUS_FT_READ_RECOVERY_FROM_BACKUP = 0x4000000A +STATUS_FT_WRITE_RECOVERY = 0x4000000B +STATUS_SERIAL_COUNTER_TIMEOUT = 0x4000000C +STATUS_NULL_LM_PASSWORD = 0x4000000D +STATUS_IMAGE_MACHINE_TYPE_MISMATCH = 0x4000000E +STATUS_RECEIVE_PARTIAL = 0x4000000F +STATUS_RECEIVE_EXPEDITED = 0x40000010 +STATUS_RECEIVE_PARTIAL_EXPEDITED = 0x40000011 +STATUS_EVENT_DONE = 0x40000012 +STATUS_EVENT_PENDING = 0x40000013 +STATUS_CHECKING_FILE_SYSTEM = 0x40000014 +STATUS_FATAL_APP_EXIT = 0x40000015 +STATUS_PREDEFINED_HANDLE = 0x40000016 +STATUS_WAS_UNLOCKED = 0x40000017 +STATUS_SERVICE_NOTIFICATION = 0x40000018 +STATUS_WAS_LOCKED = 0x40000019 +STATUS_LOG_HARD_ERROR = 0x4000001A +STATUS_ALREADY_WIN32 = 0x4000001B +STATUS_WX86_UNSIMULATE = 0x4000001C +STATUS_WX86_CONTINUE = 0x4000001D +STATUS_WX86_SINGLE_STEP = 0x4000001E +STATUS_WX86_BREAKPOINT = 0x4000001F +STATUS_WX86_EXCEPTION_CONTINUE = 0x40000020 +STATUS_WX86_EXCEPTION_LASTCHANCE = 0x40000021 +STATUS_WX86_EXCEPTION_CHAIN = 0x40000022 +STATUS_IMAGE_MACHINE_TYPE_MISMATCH_EXE = 0x40000023 +STATUS_NO_YIELD_PERFORMED = 0x40000024 +STATUS_TIMER_RESUME_IGNORED = 0x40000025 +STATUS_ARBITRATION_UNHANDLED = 0x40000026 +STATUS_CARDBUS_NOT_SUPPORTED = 0x40000027 +STATUS_WX86_CREATEWX86TIB = 0x40000028 +STATUS_MP_PROCESSOR_MISMATCH = 0x40000029 +STATUS_HIBERNATED = 0x4000002A +STATUS_RESUME_HIBERNATION = 0x4000002B +STATUS_FIRMWARE_UPDATED = 0x4000002C +STATUS_DRIVERS_LEAKING_LOCKED_PAGES = 0x4000002D +STATUS_MESSAGE_RETRIEVED = 0x4000002E +STATUS_SYSTEM_POWERSTATE_TRANSITION = 0x4000002F +STATUS_ALPC_CHECK_COMPLETION_LIST = 0x40000030 +STATUS_SYSTEM_POWERSTATE_COMPLEX_TRANSITION = 0x40000031 +STATUS_ACCESS_AUDIT_BY_POLICY = 0x40000032 +STATUS_ABANDON_HIBERFILE = 0x40000033 +STATUS_BIZRULES_NOT_ENABLED = 0x40000034 +STATUS_WAKE_SYSTEM = 0x40000294 +STATUS_DS_SHUTTING_DOWN = 0x40000370 +DBG_REPLY_LATER = 0x40010001 +DBG_UNABLE_TO_PROVIDE_HANDLE = 0x40010002 +DBG_TERMINATE_THREAD = 0x40010003 +DBG_TERMINATE_PROCESS = 0x40010004 +DBG_CONTROL_C = 0x40010005 +DBG_PRINTEXCEPTION_C = 0x40010006 +DBG_RIPEXCEPTION = 0x40010007 +DBG_CONTROL_BREAK = 0x40010008 +DBG_COMMAND_EXCEPTION = 0x40010009 +RPC_NT_UUID_LOCAL_ONLY = 0x40020056 +RPC_NT_SEND_INCOMPLETE = 0x400200AF +STATUS_CTX_CDM_CONNECT = 0x400A0004 +STATUS_CTX_CDM_DISCONNECT = 0x400A0005 +STATUS_SXS_RELEASE_ACTIVATION_CONTEXT = 0x4015000D +STATUS_RECOVERY_NOT_NEEDED = 0x40190034 +STATUS_RM_ALREADY_STARTED = 0x40190035 +STATUS_LOG_NO_RESTART = 0x401A000C +STATUS_VIDEO_DRIVER_DEBUG_REPORT_REQUEST = 0x401B00EC +STATUS_GRAPHICS_PARTIAL_DATA_POPULATED = 0x401E000A +STATUS_GRAPHICS_DRIVER_MISMATCH = 0x401E0117 +STATUS_GRAPHICS_MODE_NOT_PINNED = 0x401E0307 +STATUS_GRAPHICS_NO_PREFERRED_MODE = 0x401E031E +STATUS_GRAPHICS_DATASET_IS_EMPTY = 0x401E034B +STATUS_GRAPHICS_NO_MORE_ELEMENTS_IN_DATASET = 0x401E034C +STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_PINNED = 0x401E0351 +STATUS_GRAPHICS_UNKNOWN_CHILD_STATUS = 0x401E042F +STATUS_GRAPHICS_LEADLINK_START_DEFERRED = 0x401E0437 +STATUS_GRAPHICS_POLLING_TOO_FREQUENTLY = 0x401E0439 +STATUS_GRAPHICS_START_DEFERRED = 0x401E043A +STATUS_NDIS_INDICATION_REQUIRED = 0x40230001 +STATUS_GUARD_PAGE_VIOLATION = 0x80000001 +STATUS_DATATYPE_MISALIGNMENT = 0x80000002 +STATUS_BREAKPOINT = 0x80000003 +STATUS_SINGLE_STEP = 0x80000004 +STATUS_BUFFER_OVERFLOW = 0x80000005 +STATUS_NO_MORE_FILES = 0x80000006 +STATUS_WAKE_SYSTEM_DEBUGGER = 0x80000007 +STATUS_HANDLES_CLOSED = 0x8000000A +STATUS_NO_INHERITANCE = 0x8000000B +STATUS_GUID_SUBSTITUTION_MADE = 0x8000000C +STATUS_PARTIAL_COPY = 0x8000000D +STATUS_DEVICE_PAPER_EMPTY = 0x8000000E +STATUS_DEVICE_POWERED_OFF = 0x8000000F +STATUS_DEVICE_OFF_LINE = 0x80000010 +STATUS_DEVICE_BUSY = 0x80000011 +STATUS_NO_MORE_EAS = 0x80000012 +STATUS_INVALID_EA_NAME = 0x80000013 +STATUS_EA_LIST_INCONSISTENT = 0x80000014 +STATUS_INVALID_EA_FLAG = 0x80000015 +STATUS_VERIFY_REQUIRED = 0x80000016 +STATUS_EXTRANEOUS_INFORMATION = 0x80000017 +STATUS_RXACT_COMMIT_NECESSARY = 0x80000018 +STATUS_NO_MORE_ENTRIES = 0x8000001A +STATUS_FILEMARK_DETECTED = 0x8000001B +STATUS_MEDIA_CHANGED = 0x8000001C +STATUS_BUS_RESET = 0x8000001D +STATUS_END_OF_MEDIA = 0x8000001E +STATUS_BEGINNING_OF_MEDIA = 0x8000001F +STATUS_MEDIA_CHECK = 0x80000020 +STATUS_SETMARK_DETECTED = 0x80000021 +STATUS_NO_DATA_DETECTED = 0x80000022 +STATUS_REDIRECTOR_HAS_OPEN_HANDLES = 0x80000023 +STATUS_SERVER_HAS_OPEN_HANDLES = 0x80000024 +STATUS_ALREADY_DISCONNECTED = 0x80000025 +STATUS_LONGJUMP = 0x80000026 +STATUS_CLEANER_CARTRIDGE_INSTALLED = 0x80000027 +STATUS_PLUGPLAY_QUERY_VETOED = 0x80000028 +STATUS_UNWIND_CONSOLIDATE = 0x80000029 +STATUS_REGISTRY_HIVE_RECOVERED = 0x8000002A +STATUS_DLL_MIGHT_BE_INSECURE = 0x8000002B +STATUS_DLL_MIGHT_BE_INCOMPATIBLE = 0x8000002C +STATUS_STOPPED_ON_SYMLINK = 0x8000002D +STATUS_DEVICE_REQUIRES_CLEANING = 0x80000288 +STATUS_DEVICE_DOOR_OPEN = 0x80000289 +STATUS_DATA_LOST_REPAIR = 0x80000803 +DBG_EXCEPTION_NOT_HANDLED = 0x80010001 +STATUS_CLUSTER_NODE_ALREADY_UP = 0x80130001 +STATUS_CLUSTER_NODE_ALREADY_DOWN = 0x80130002 +STATUS_CLUSTER_NETWORK_ALREADY_ONLINE = 0x80130003 +STATUS_CLUSTER_NETWORK_ALREADY_OFFLINE = 0x80130004 +STATUS_CLUSTER_NODE_ALREADY_MEMBER = 0x80130005 +STATUS_COULD_NOT_RESIZE_LOG = 0x80190009 +STATUS_NO_TXF_METADATA = 0x80190029 +STATUS_CANT_RECOVER_WITH_HANDLE_OPEN = 0x80190031 +STATUS_TXF_METADATA_ALREADY_PRESENT = 0x80190041 +STATUS_TRANSACTION_SCOPE_CALLBACKS_NOT_SET = 0x80190042 +STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD_RECOVERED = 0x801B00EB +STATUS_FLT_BUFFER_TOO_SMALL = 0x801C0001 +STATUS_FVE_PARTIAL_METADATA = 0x80210001 +STATUS_FVE_TRANSIENT_STATE = 0x80210002 +STATUS_UNSUCCESSFUL = 0xC0000001 +STATUS_NOT_IMPLEMENTED = 0xC0000002 +STATUS_INVALID_INFO_CLASS = 0xC0000003 +STATUS_INFO_LENGTH_MISMATCH = 0xC0000004 +STATUS_ACCESS_VIOLATION = 0xC0000005 +STATUS_IN_PAGE_ERROR = 0xC0000006 +STATUS_PAGEFILE_QUOTA = 0xC0000007 +STATUS_INVALID_HANDLE = 0xC0000008 +STATUS_BAD_INITIAL_STACK = 0xC0000009 +STATUS_BAD_INITIAL_PC = 0xC000000A +STATUS_INVALID_CID = 0xC000000B +STATUS_TIMER_NOT_CANCELED = 0xC000000C +STATUS_INVALID_PARAMETER = 0xC000000D +STATUS_NO_SUCH_DEVICE = 0xC000000E +STATUS_NO_SUCH_FILE = 0xC000000F +STATUS_INVALID_DEVICE_REQUEST = 0xC0000010 +STATUS_END_OF_FILE = 0xC0000011 +STATUS_WRONG_VOLUME = 0xC0000012 +STATUS_NO_MEDIA_IN_DEVICE = 0xC0000013 +STATUS_UNRECOGNIZED_MEDIA = 0xC0000014 +STATUS_NONEXISTENT_SECTOR = 0xC0000015 +STATUS_MORE_PROCESSING_REQUIRED = 0xC0000016 +STATUS_NO_MEMORY = 0xC0000017 +STATUS_CONFLICTING_ADDRESSES = 0xC0000018 +STATUS_NOT_MAPPED_VIEW = 0xC0000019 +STATUS_UNABLE_TO_FREE_VM = 0xC000001A +STATUS_UNABLE_TO_DELETE_SECTION = 0xC000001B +STATUS_INVALID_SYSTEM_SERVICE = 0xC000001C +STATUS_ILLEGAL_INSTRUCTION = 0xC000001D +STATUS_INVALID_LOCK_SEQUENCE = 0xC000001E +STATUS_INVALID_VIEW_SIZE = 0xC000001F +STATUS_INVALID_FILE_FOR_SECTION = 0xC0000020 +STATUS_ALREADY_COMMITTED = 0xC0000021 +STATUS_ACCESS_DENIED = 0xC0000022 +STATUS_BUFFER_TOO_SMALL = 0xC0000023 +STATUS_OBJECT_TYPE_MISMATCH = 0xC0000024 +STATUS_NONCONTINUABLE_EXCEPTION = 0xC0000025 +STATUS_INVALID_DISPOSITION = 0xC0000026 +STATUS_UNWIND = 0xC0000027 +STATUS_BAD_STACK = 0xC0000028 +STATUS_INVALID_UNWIND_TARGET = 0xC0000029 +STATUS_NOT_LOCKED = 0xC000002A +STATUS_PARITY_ERROR = 0xC000002B +STATUS_UNABLE_TO_DECOMMIT_VM = 0xC000002C +STATUS_NOT_COMMITTED = 0xC000002D +STATUS_INVALID_PORT_ATTRIBUTES = 0xC000002E +STATUS_PORT_MESSAGE_TOO_LONG = 0xC000002F +STATUS_INVALID_PARAMETER_MIX = 0xC0000030 +STATUS_INVALID_QUOTA_LOWER = 0xC0000031 +STATUS_DISK_CORRUPT_ERROR = 0xC0000032 +STATUS_OBJECT_NAME_INVALID = 0xC0000033 +STATUS_OBJECT_NAME_NOT_FOUND = 0xC0000034 +STATUS_OBJECT_NAME_COLLISION = 0xC0000035 +STATUS_PORT_DISCONNECTED = 0xC0000037 +STATUS_DEVICE_ALREADY_ATTACHED = 0xC0000038 +STATUS_OBJECT_PATH_INVALID = 0xC0000039 +STATUS_OBJECT_PATH_NOT_FOUND = 0xC000003A +STATUS_OBJECT_PATH_SYNTAX_BAD = 0xC000003B +STATUS_DATA_OVERRUN = 0xC000003C +STATUS_DATA_LATE_ERROR = 0xC000003D +STATUS_DATA_ERROR = 0xC000003E +STATUS_CRC_ERROR = 0xC000003F +STATUS_SECTION_TOO_BIG = 0xC0000040 +STATUS_PORT_CONNECTION_REFUSED = 0xC0000041 +STATUS_INVALID_PORT_HANDLE = 0xC0000042 +STATUS_SHARING_VIOLATION = 0xC0000043 +STATUS_QUOTA_EXCEEDED = 0xC0000044 +STATUS_INVALID_PAGE_PROTECTION = 0xC0000045 +STATUS_MUTANT_NOT_OWNED = 0xC0000046 +STATUS_SEMAPHORE_LIMIT_EXCEEDED = 0xC0000047 +STATUS_PORT_ALREADY_SET = 0xC0000048 +STATUS_SECTION_NOT_IMAGE = 0xC0000049 +STATUS_SUSPEND_COUNT_EXCEEDED = 0xC000004A +STATUS_THREAD_IS_TERMINATING = 0xC000004B +STATUS_BAD_WORKING_SET_LIMIT = 0xC000004C +STATUS_INCOMPATIBLE_FILE_MAP = 0xC000004D +STATUS_SECTION_PROTECTION = 0xC000004E +STATUS_EAS_NOT_SUPPORTED = 0xC000004F +STATUS_EA_TOO_LARGE = 0xC0000050 +STATUS_NONEXISTENT_EA_ENTRY = 0xC0000051 +STATUS_NO_EAS_ON_FILE = 0xC0000052 +STATUS_EA_CORRUPT_ERROR = 0xC0000053 +STATUS_FILE_LOCK_CONFLICT = 0xC0000054 +STATUS_LOCK_NOT_GRANTED = 0xC0000055 +STATUS_DELETE_PENDING = 0xC0000056 +STATUS_CTL_FILE_NOT_SUPPORTED = 0xC0000057 +STATUS_UNKNOWN_REVISION = 0xC0000058 +STATUS_REVISION_MISMATCH = 0xC0000059 +STATUS_INVALID_OWNER = 0xC000005A +STATUS_INVALID_PRIMARY_GROUP = 0xC000005B +STATUS_NO_IMPERSONATION_TOKEN = 0xC000005C +STATUS_CANT_DISABLE_MANDATORY = 0xC000005D +STATUS_NO_LOGON_SERVERS = 0xC000005E +STATUS_NO_SUCH_LOGON_SESSION = 0xC000005F +STATUS_NO_SUCH_PRIVILEGE = 0xC0000060 +STATUS_PRIVILEGE_NOT_HELD = 0xC0000061 +STATUS_INVALID_ACCOUNT_NAME = 0xC0000062 +STATUS_USER_EXISTS = 0xC0000063 +STATUS_NO_SUCH_USER = 0xC0000064 +STATUS_GROUP_EXISTS = 0xC0000065 +STATUS_NO_SUCH_GROUP = 0xC0000066 +STATUS_MEMBER_IN_GROUP = 0xC0000067 +STATUS_MEMBER_NOT_IN_GROUP = 0xC0000068 +STATUS_LAST_ADMIN = 0xC0000069 +STATUS_WRONG_PASSWORD = 0xC000006A +STATUS_ILL_FORMED_PASSWORD = 0xC000006B +STATUS_PASSWORD_RESTRICTION = 0xC000006C +STATUS_LOGON_FAILURE = 0xC000006D +STATUS_ACCOUNT_RESTRICTION = 0xC000006E +STATUS_INVALID_LOGON_HOURS = 0xC000006F +STATUS_INVALID_WORKSTATION = 0xC0000070 +STATUS_PASSWORD_EXPIRED = 0xC0000071 +STATUS_ACCOUNT_DISABLED = 0xC0000072 +STATUS_NONE_MAPPED = 0xC0000073 +STATUS_TOO_MANY_LUIDS_REQUESTED = 0xC0000074 +STATUS_LUIDS_EXHAUSTED = 0xC0000075 +STATUS_INVALID_SUB_AUTHORITY = 0xC0000076 +STATUS_INVALID_ACL = 0xC0000077 +STATUS_INVALID_SID = 0xC0000078 +STATUS_INVALID_SECURITY_DESCR = 0xC0000079 +STATUS_PROCEDURE_NOT_FOUND = 0xC000007A +STATUS_INVALID_IMAGE_FORMAT = 0xC000007B +STATUS_NO_TOKEN = 0xC000007C +STATUS_BAD_INHERITANCE_ACL = 0xC000007D +STATUS_RANGE_NOT_LOCKED = 0xC000007E +STATUS_DISK_FULL = 0xC000007F +STATUS_SERVER_DISABLED = 0xC0000080 +STATUS_SERVER_NOT_DISABLED = 0xC0000081 +STATUS_TOO_MANY_GUIDS_REQUESTED = 0xC0000082 +STATUS_GUIDS_EXHAUSTED = 0xC0000083 +STATUS_INVALID_ID_AUTHORITY = 0xC0000084 +STATUS_AGENTS_EXHAUSTED = 0xC0000085 +STATUS_INVALID_VOLUME_LABEL = 0xC0000086 +STATUS_SECTION_NOT_EXTENDED = 0xC0000087 +STATUS_NOT_MAPPED_DATA = 0xC0000088 +STATUS_RESOURCE_DATA_NOT_FOUND = 0xC0000089 +STATUS_RESOURCE_TYPE_NOT_FOUND = 0xC000008A +STATUS_RESOURCE_NAME_NOT_FOUND = 0xC000008B +STATUS_ARRAY_BOUNDS_EXCEEDED = 0xC000008C +STATUS_FLOAT_DENORMAL_OPERAND = 0xC000008D +STATUS_FLOAT_DIVIDE_BY_ZERO = 0xC000008E +STATUS_FLOAT_INEXACT_RESULT = 0xC000008F +STATUS_FLOAT_INVALID_OPERATION = 0xC0000090 +STATUS_FLOAT_OVERFLOW = 0xC0000091 +STATUS_FLOAT_STACK_CHECK = 0xC0000092 +STATUS_FLOAT_UNDERFLOW = 0xC0000093 +STATUS_INTEGER_DIVIDE_BY_ZERO = 0xC0000094 +STATUS_INTEGER_OVERFLOW = 0xC0000095 +STATUS_PRIVILEGED_INSTRUCTION = 0xC0000096 +STATUS_TOO_MANY_PAGING_FILES = 0xC0000097 +STATUS_FILE_INVALID = 0xC0000098 +STATUS_ALLOTTED_SPACE_EXCEEDED = 0xC0000099 +STATUS_INSUFFICIENT_RESOURCES = 0xC000009A +STATUS_DFS_EXIT_PATH_FOUND = 0xC000009B +STATUS_DEVICE_DATA_ERROR = 0xC000009C +STATUS_DEVICE_NOT_CONNECTED = 0xC000009D +STATUS_FREE_VM_NOT_AT_BASE = 0xC000009F +STATUS_MEMORY_NOT_ALLOCATED = 0xC00000A0 +STATUS_WORKING_SET_QUOTA = 0xC00000A1 +STATUS_MEDIA_WRITE_PROTECTED = 0xC00000A2 +STATUS_DEVICE_NOT_READY = 0xC00000A3 +STATUS_INVALID_GROUP_ATTRIBUTES = 0xC00000A4 +STATUS_BAD_IMPERSONATION_LEVEL = 0xC00000A5 +STATUS_CANT_OPEN_ANONYMOUS = 0xC00000A6 +STATUS_BAD_VALIDATION_CLASS = 0xC00000A7 +STATUS_BAD_TOKEN_TYPE = 0xC00000A8 +STATUS_BAD_MASTER_BOOT_RECORD = 0xC00000A9 +STATUS_INSTRUCTION_MISALIGNMENT = 0xC00000AA +STATUS_INSTANCE_NOT_AVAILABLE = 0xC00000AB +STATUS_PIPE_NOT_AVAILABLE = 0xC00000AC +STATUS_INVALID_PIPE_STATE = 0xC00000AD +STATUS_PIPE_BUSY = 0xC00000AE +STATUS_ILLEGAL_FUNCTION = 0xC00000AF +STATUS_PIPE_DISCONNECTED = 0xC00000B0 +STATUS_PIPE_CLOSING = 0xC00000B1 +STATUS_PIPE_CONNECTED = 0xC00000B2 +STATUS_PIPE_LISTENING = 0xC00000B3 +STATUS_INVALID_READ_MODE = 0xC00000B4 +STATUS_IO_TIMEOUT = 0xC00000B5 +STATUS_FILE_FORCED_CLOSED = 0xC00000B6 +STATUS_PROFILING_NOT_STARTED = 0xC00000B7 +STATUS_PROFILING_NOT_STOPPED = 0xC00000B8 +STATUS_COULD_NOT_INTERPRET = 0xC00000B9 +STATUS_FILE_IS_A_DIRECTORY = 0xC00000BA +STATUS_NOT_SUPPORTED = 0xC00000BB +STATUS_REMOTE_NOT_LISTENING = 0xC00000BC +STATUS_DUPLICATE_NAME = 0xC00000BD +STATUS_BAD_NETWORK_PATH = 0xC00000BE +STATUS_NETWORK_BUSY = 0xC00000BF +STATUS_DEVICE_DOES_NOT_EXIST = 0xC00000C0 +STATUS_TOO_MANY_COMMANDS = 0xC00000C1 +STATUS_ADAPTER_HARDWARE_ERROR = 0xC00000C2 +STATUS_INVALID_NETWORK_RESPONSE = 0xC00000C3 +STATUS_UNEXPECTED_NETWORK_ERROR = 0xC00000C4 +STATUS_BAD_REMOTE_ADAPTER = 0xC00000C5 +STATUS_PRINT_QUEUE_FULL = 0xC00000C6 +STATUS_NO_SPOOL_SPACE = 0xC00000C7 +STATUS_PRINT_CANCELLED = 0xC00000C8 +STATUS_NETWORK_NAME_DELETED = 0xC00000C9 +STATUS_NETWORK_ACCESS_DENIED = 0xC00000CA +STATUS_BAD_DEVICE_TYPE = 0xC00000CB +STATUS_BAD_NETWORK_NAME = 0xC00000CC +STATUS_TOO_MANY_NAMES = 0xC00000CD +STATUS_TOO_MANY_SESSIONS = 0xC00000CE +STATUS_SHARING_PAUSED = 0xC00000CF +STATUS_REQUEST_NOT_ACCEPTED = 0xC00000D0 +STATUS_REDIRECTOR_PAUSED = 0xC00000D1 +STATUS_NET_WRITE_FAULT = 0xC00000D2 +STATUS_PROFILING_AT_LIMIT = 0xC00000D3 +STATUS_NOT_SAME_DEVICE = 0xC00000D4 +STATUS_FILE_RENAMED = 0xC00000D5 +STATUS_VIRTUAL_CIRCUIT_CLOSED = 0xC00000D6 +STATUS_NO_SECURITY_ON_OBJECT = 0xC00000D7 +STATUS_CANT_WAIT = 0xC00000D8 +STATUS_PIPE_EMPTY = 0xC00000D9 +STATUS_CANT_ACCESS_DOMAIN_INFO = 0xC00000DA +STATUS_CANT_TERMINATE_SELF = 0xC00000DB +STATUS_INVALID_SERVER_STATE = 0xC00000DC +STATUS_INVALID_DOMAIN_STATE = 0xC00000DD +STATUS_INVALID_DOMAIN_ROLE = 0xC00000DE +STATUS_NO_SUCH_DOMAIN = 0xC00000DF +STATUS_DOMAIN_EXISTS = 0xC00000E0 +STATUS_DOMAIN_LIMIT_EXCEEDED = 0xC00000E1 +STATUS_OPLOCK_NOT_GRANTED = 0xC00000E2 +STATUS_INVALID_OPLOCK_PROTOCOL = 0xC00000E3 +STATUS_INTERNAL_DB_CORRUPTION = 0xC00000E4 +STATUS_INTERNAL_ERROR = 0xC00000E5 +STATUS_GENERIC_NOT_MAPPED = 0xC00000E6 +STATUS_BAD_DESCRIPTOR_FORMAT = 0xC00000E7 +STATUS_INVALID_USER_BUFFER = 0xC00000E8 +STATUS_UNEXPECTED_IO_ERROR = 0xC00000E9 +STATUS_UNEXPECTED_MM_CREATE_ERR = 0xC00000EA +STATUS_UNEXPECTED_MM_MAP_ERROR = 0xC00000EB +STATUS_UNEXPECTED_MM_EXTEND_ERR = 0xC00000EC +STATUS_NOT_LOGON_PROCESS = 0xC00000ED +STATUS_LOGON_SESSION_EXISTS = 0xC00000EE +STATUS_INVALID_PARAMETER_1 = 0xC00000EF +STATUS_INVALID_PARAMETER_2 = 0xC00000F0 +STATUS_INVALID_PARAMETER_3 = 0xC00000F1 +STATUS_INVALID_PARAMETER_4 = 0xC00000F2 +STATUS_INVALID_PARAMETER_5 = 0xC00000F3 +STATUS_INVALID_PARAMETER_6 = 0xC00000F4 +STATUS_INVALID_PARAMETER_7 = 0xC00000F5 +STATUS_INVALID_PARAMETER_8 = 0xC00000F6 +STATUS_INVALID_PARAMETER_9 = 0xC00000F7 +STATUS_INVALID_PARAMETER_10 = 0xC00000F8 +STATUS_INVALID_PARAMETER_11 = 0xC00000F9 +STATUS_INVALID_PARAMETER_12 = 0xC00000FA +STATUS_REDIRECTOR_NOT_STARTED = 0xC00000FB +STATUS_REDIRECTOR_STARTED = 0xC00000FC +STATUS_STACK_OVERFLOW = 0xC00000FD +STATUS_NO_SUCH_PACKAGE = 0xC00000FE +STATUS_BAD_FUNCTION_TABLE = 0xC00000FF +STATUS_VARIABLE_NOT_FOUND = 0xC0000100 +STATUS_DIRECTORY_NOT_EMPTY = 0xC0000101 +STATUS_FILE_CORRUPT_ERROR = 0xC0000102 +STATUS_NOT_A_DIRECTORY = 0xC0000103 +STATUS_BAD_LOGON_SESSION_STATE = 0xC0000104 +STATUS_LOGON_SESSION_COLLISION = 0xC0000105 +STATUS_NAME_TOO_LONG = 0xC0000106 +STATUS_FILES_OPEN = 0xC0000107 +STATUS_CONNECTION_IN_USE = 0xC0000108 +STATUS_MESSAGE_NOT_FOUND = 0xC0000109 +STATUS_PROCESS_IS_TERMINATING = 0xC000010A +STATUS_INVALID_LOGON_TYPE = 0xC000010B +STATUS_NO_GUID_TRANSLATION = 0xC000010C +STATUS_CANNOT_IMPERSONATE = 0xC000010D +STATUS_IMAGE_ALREADY_LOADED = 0xC000010E +STATUS_NO_LDT = 0xC0000117 +STATUS_INVALID_LDT_SIZE = 0xC0000118 +STATUS_INVALID_LDT_OFFSET = 0xC0000119 +STATUS_INVALID_LDT_DESCRIPTOR = 0xC000011A +STATUS_INVALID_IMAGE_NE_FORMAT = 0xC000011B +STATUS_RXACT_INVALID_STATE = 0xC000011C +STATUS_RXACT_COMMIT_FAILURE = 0xC000011D +STATUS_MAPPED_FILE_SIZE_ZERO = 0xC000011E +STATUS_TOO_MANY_OPENED_FILES = 0xC000011F +STATUS_CANCELLED = 0xC0000120 +STATUS_CANNOT_DELETE = 0xC0000121 +STATUS_INVALID_COMPUTER_NAME = 0xC0000122 +STATUS_FILE_DELETED = 0xC0000123 +STATUS_SPECIAL_ACCOUNT = 0xC0000124 +STATUS_SPECIAL_GROUP = 0xC0000125 +STATUS_SPECIAL_USER = 0xC0000126 +STATUS_MEMBERS_PRIMARY_GROUP = 0xC0000127 +STATUS_FILE_CLOSED = 0xC0000128 +STATUS_TOO_MANY_THREADS = 0xC0000129 +STATUS_THREAD_NOT_IN_PROCESS = 0xC000012A +STATUS_TOKEN_ALREADY_IN_USE = 0xC000012B +STATUS_PAGEFILE_QUOTA_EXCEEDED = 0xC000012C +STATUS_COMMITMENT_LIMIT = 0xC000012D +STATUS_INVALID_IMAGE_LE_FORMAT = 0xC000012E +STATUS_INVALID_IMAGE_NOT_MZ = 0xC000012F +STATUS_INVALID_IMAGE_PROTECT = 0xC0000130 +STATUS_INVALID_IMAGE_WIN_16 = 0xC0000131 +STATUS_LOGON_SERVER_CONFLICT = 0xC0000132 +STATUS_TIME_DIFFERENCE_AT_DC = 0xC0000133 +STATUS_SYNCHRONIZATION_REQUIRED = 0xC0000134 +STATUS_DLL_NOT_FOUND = 0xC0000135 +STATUS_OPEN_FAILED = 0xC0000136 +STATUS_IO_PRIVILEGE_FAILED = 0xC0000137 +STATUS_ORDINAL_NOT_FOUND = 0xC0000138 +STATUS_ENTRYPOINT_NOT_FOUND = 0xC0000139 +STATUS_CONTROL_C_EXIT = 0xC000013A +STATUS_LOCAL_DISCONNECT = 0xC000013B +STATUS_REMOTE_DISCONNECT = 0xC000013C +STATUS_REMOTE_RESOURCES = 0xC000013D +STATUS_LINK_FAILED = 0xC000013E +STATUS_LINK_TIMEOUT = 0xC000013F +STATUS_INVALID_CONNECTION = 0xC0000140 +STATUS_INVALID_ADDRESS = 0xC0000141 +STATUS_DLL_INIT_FAILED = 0xC0000142 +STATUS_MISSING_SYSTEMFILE = 0xC0000143 +STATUS_UNHANDLED_EXCEPTION = 0xC0000144 +STATUS_APP_INIT_FAILURE = 0xC0000145 +STATUS_PAGEFILE_CREATE_FAILED = 0xC0000146 +STATUS_NO_PAGEFILE = 0xC0000147 +STATUS_INVALID_LEVEL = 0xC0000148 +STATUS_WRONG_PASSWORD_CORE = 0xC0000149 +STATUS_ILLEGAL_FLOAT_CONTEXT = 0xC000014A +STATUS_PIPE_BROKEN = 0xC000014B +STATUS_REGISTRY_CORRUPT = 0xC000014C +STATUS_REGISTRY_IO_FAILED = 0xC000014D +STATUS_NO_EVENT_PAIR = 0xC000014E +STATUS_UNRECOGNIZED_VOLUME = 0xC000014F +STATUS_SERIAL_NO_DEVICE_INITED = 0xC0000150 +STATUS_NO_SUCH_ALIAS = 0xC0000151 +STATUS_MEMBER_NOT_IN_ALIAS = 0xC0000152 +STATUS_MEMBER_IN_ALIAS = 0xC0000153 +STATUS_ALIAS_EXISTS = 0xC0000154 +STATUS_LOGON_NOT_GRANTED = 0xC0000155 +STATUS_TOO_MANY_SECRETS = 0xC0000156 +STATUS_SECRET_TOO_LONG = 0xC0000157 +STATUS_INTERNAL_DB_ERROR = 0xC0000158 +STATUS_FULLSCREEN_MODE = 0xC0000159 +STATUS_TOO_MANY_CONTEXT_IDS = 0xC000015A +STATUS_LOGON_TYPE_NOT_GRANTED = 0xC000015B +STATUS_NOT_REGISTRY_FILE = 0xC000015C +STATUS_NT_CROSS_ENCRYPTION_REQUIRED = 0xC000015D +STATUS_DOMAIN_CTRLR_CONFIG_ERROR = 0xC000015E +STATUS_FT_MISSING_MEMBER = 0xC000015F +STATUS_ILL_FORMED_SERVICE_ENTRY = 0xC0000160 +STATUS_ILLEGAL_CHARACTER = 0xC0000161 +STATUS_UNMAPPABLE_CHARACTER = 0xC0000162 +STATUS_UNDEFINED_CHARACTER = 0xC0000163 +STATUS_FLOPPY_VOLUME = 0xC0000164 +STATUS_FLOPPY_ID_MARK_NOT_FOUND = 0xC0000165 +STATUS_FLOPPY_WRONG_CYLINDER = 0xC0000166 +STATUS_FLOPPY_UNKNOWN_ERROR = 0xC0000167 +STATUS_FLOPPY_BAD_REGISTERS = 0xC0000168 +STATUS_DISK_RECALIBRATE_FAILED = 0xC0000169 +STATUS_DISK_OPERATION_FAILED = 0xC000016A +STATUS_DISK_RESET_FAILED = 0xC000016B +STATUS_SHARED_IRQ_BUSY = 0xC000016C +STATUS_FT_ORPHANING = 0xC000016D +STATUS_BIOS_FAILED_TO_CONNECT_INTERRUPT = 0xC000016E +STATUS_PARTITION_FAILURE = 0xC0000172 +STATUS_INVALID_BLOCK_LENGTH = 0xC0000173 +STATUS_DEVICE_NOT_PARTITIONED = 0xC0000174 +STATUS_UNABLE_TO_LOCK_MEDIA = 0xC0000175 +STATUS_UNABLE_TO_UNLOAD_MEDIA = 0xC0000176 +STATUS_EOM_OVERFLOW = 0xC0000177 +STATUS_NO_MEDIA = 0xC0000178 +STATUS_NO_SUCH_MEMBER = 0xC000017A +STATUS_INVALID_MEMBER = 0xC000017B +STATUS_KEY_DELETED = 0xC000017C +STATUS_NO_LOG_SPACE = 0xC000017D +STATUS_TOO_MANY_SIDS = 0xC000017E +STATUS_LM_CROSS_ENCRYPTION_REQUIRED = 0xC000017F +STATUS_KEY_HAS_CHILDREN = 0xC0000180 +STATUS_CHILD_MUST_BE_VOLATILE = 0xC0000181 +STATUS_DEVICE_CONFIGURATION_ERROR = 0xC0000182 +STATUS_DRIVER_INTERNAL_ERROR = 0xC0000183 +STATUS_INVALID_DEVICE_STATE = 0xC0000184 +STATUS_IO_DEVICE_ERROR = 0xC0000185 +STATUS_DEVICE_PROTOCOL_ERROR = 0xC0000186 +STATUS_BACKUP_CONTROLLER = 0xC0000187 +STATUS_LOG_FILE_FULL = 0xC0000188 +STATUS_TOO_LATE = 0xC0000189 +STATUS_NO_TRUST_LSA_SECRET = 0xC000018A +STATUS_NO_TRUST_SAM_ACCOUNT = 0xC000018B +STATUS_TRUSTED_DOMAIN_FAILURE = 0xC000018C +STATUS_TRUSTED_RELATIONSHIP_FAILURE = 0xC000018D +STATUS_EVENTLOG_FILE_CORRUPT = 0xC000018E +STATUS_EVENTLOG_CANT_START = 0xC000018F +STATUS_TRUST_FAILURE = 0xC0000190 +STATUS_MUTANT_LIMIT_EXCEEDED = 0xC0000191 +STATUS_NETLOGON_NOT_STARTED = 0xC0000192 +STATUS_ACCOUNT_EXPIRED = 0xC0000193 +STATUS_POSSIBLE_DEADLOCK = 0xC0000194 +STATUS_NETWORK_CREDENTIAL_CONFLICT = 0xC0000195 +STATUS_REMOTE_SESSION_LIMIT = 0xC0000196 +STATUS_EVENTLOG_FILE_CHANGED = 0xC0000197 +STATUS_NOLOGON_INTERDOMAIN_TRUST_ACCOUNT = 0xC0000198 +STATUS_NOLOGON_WORKSTATION_TRUST_ACCOUNT = 0xC0000199 +STATUS_NOLOGON_SERVER_TRUST_ACCOUNT = 0xC000019A +STATUS_DOMAIN_TRUST_INCONSISTENT = 0xC000019B +STATUS_FS_DRIVER_REQUIRED = 0xC000019C +STATUS_IMAGE_ALREADY_LOADED_AS_DLL = 0xC000019D +STATUS_INCOMPATIBLE_WITH_GLOBAL_SHORT_NAME_REGISTRY_SETTING = 0xC000019E +STATUS_SHORT_NAMES_NOT_ENABLED_ON_VOLUME = 0xC000019F +STATUS_SECURITY_STREAM_IS_INCONSISTENT = 0xC00001A0 +STATUS_INVALID_LOCK_RANGE = 0xC00001A1 +STATUS_INVALID_ACE_CONDITION = 0xC00001A2 +STATUS_IMAGE_SUBSYSTEM_NOT_PRESENT = 0xC00001A3 +STATUS_NOTIFICATION_GUID_ALREADY_DEFINED = 0xC00001A4 +STATUS_NETWORK_OPEN_RESTRICTION = 0xC0000201 +STATUS_NO_USER_SESSION_KEY = 0xC0000202 +STATUS_USER_SESSION_DELETED = 0xC0000203 +STATUS_RESOURCE_LANG_NOT_FOUND = 0xC0000204 +STATUS_INSUFF_SERVER_RESOURCES = 0xC0000205 +STATUS_INVALID_BUFFER_SIZE = 0xC0000206 +STATUS_INVALID_ADDRESS_COMPONENT = 0xC0000207 +STATUS_INVALID_ADDRESS_WILDCARD = 0xC0000208 +STATUS_TOO_MANY_ADDRESSES = 0xC0000209 +STATUS_ADDRESS_ALREADY_EXISTS = 0xC000020A +STATUS_ADDRESS_CLOSED = 0xC000020B +STATUS_CONNECTION_DISCONNECTED = 0xC000020C +STATUS_CONNECTION_RESET = 0xC000020D +STATUS_TOO_MANY_NODES = 0xC000020E +STATUS_TRANSACTION_ABORTED = 0xC000020F +STATUS_TRANSACTION_TIMED_OUT = 0xC0000210 +STATUS_TRANSACTION_NO_RELEASE = 0xC0000211 +STATUS_TRANSACTION_NO_MATCH = 0xC0000212 +STATUS_TRANSACTION_RESPONDED = 0xC0000213 +STATUS_TRANSACTION_INVALID_ID = 0xC0000214 +STATUS_TRANSACTION_INVALID_TYPE = 0xC0000215 +STATUS_NOT_SERVER_SESSION = 0xC0000216 +STATUS_NOT_CLIENT_SESSION = 0xC0000217 +STATUS_CANNOT_LOAD_REGISTRY_FILE = 0xC0000218 +STATUS_DEBUG_ATTACH_FAILED = 0xC0000219 +STATUS_SYSTEM_PROCESS_TERMINATED = 0xC000021A +STATUS_DATA_NOT_ACCEPTED = 0xC000021B +STATUS_NO_BROWSER_SERVERS_FOUND = 0xC000021C +STATUS_VDM_HARD_ERROR = 0xC000021D +STATUS_DRIVER_CANCEL_TIMEOUT = 0xC000021E +STATUS_REPLY_MESSAGE_MISMATCH = 0xC000021F +STATUS_MAPPED_ALIGNMENT = 0xC0000220 +STATUS_IMAGE_CHECKSUM_MISMATCH = 0xC0000221 +STATUS_LOST_WRITEBEHIND_DATA = 0xC0000222 +STATUS_CLIENT_SERVER_PARAMETERS_INVALID = 0xC0000223 +STATUS_PASSWORD_MUST_CHANGE = 0xC0000224 +STATUS_NOT_FOUND = 0xC0000225 +STATUS_NOT_TINY_STREAM = 0xC0000226 +STATUS_RECOVERY_FAILURE = 0xC0000227 +STATUS_STACK_OVERFLOW_READ = 0xC0000228 +STATUS_FAIL_CHECK = 0xC0000229 +STATUS_DUPLICATE_OBJECTID = 0xC000022A +STATUS_OBJECTID_EXISTS = 0xC000022B +STATUS_CONVERT_TO_LARGE = 0xC000022C +STATUS_RETRY = 0xC000022D +STATUS_FOUND_OUT_OF_SCOPE = 0xC000022E +STATUS_ALLOCATE_BUCKET = 0xC000022F +STATUS_PROPSET_NOT_FOUND = 0xC0000230 +STATUS_MARSHALL_OVERFLOW = 0xC0000231 +STATUS_INVALID_VARIANT = 0xC0000232 +STATUS_DOMAIN_CONTROLLER_NOT_FOUND = 0xC0000233 +STATUS_ACCOUNT_LOCKED_OUT = 0xC0000234 +STATUS_HANDLE_NOT_CLOSABLE = 0xC0000235 +STATUS_CONNECTION_REFUSED = 0xC0000236 +STATUS_GRACEFUL_DISCONNECT = 0xC0000237 +STATUS_ADDRESS_ALREADY_ASSOCIATED = 0xC0000238 +STATUS_ADDRESS_NOT_ASSOCIATED = 0xC0000239 +STATUS_CONNECTION_INVALID = 0xC000023A +STATUS_CONNECTION_ACTIVE = 0xC000023B +STATUS_NETWORK_UNREACHABLE = 0xC000023C +STATUS_HOST_UNREACHABLE = 0xC000023D +STATUS_PROTOCOL_UNREACHABLE = 0xC000023E +STATUS_PORT_UNREACHABLE = 0xC000023F +STATUS_REQUEST_ABORTED = 0xC0000240 +STATUS_CONNECTION_ABORTED = 0xC0000241 +STATUS_BAD_COMPRESSION_BUFFER = 0xC0000242 +STATUS_USER_MAPPED_FILE = 0xC0000243 +STATUS_AUDIT_FAILED = 0xC0000244 +STATUS_TIMER_RESOLUTION_NOT_SET = 0xC0000245 +STATUS_CONNECTION_COUNT_LIMIT = 0xC0000246 +STATUS_LOGIN_TIME_RESTRICTION = 0xC0000247 +STATUS_LOGIN_WKSTA_RESTRICTION = 0xC0000248 +STATUS_IMAGE_MP_UP_MISMATCH = 0xC0000249 +STATUS_INSUFFICIENT_LOGON_INFO = 0xC0000250 +STATUS_BAD_DLL_ENTRYPOINT = 0xC0000251 +STATUS_BAD_SERVICE_ENTRYPOINT = 0xC0000252 +STATUS_LPC_REPLY_LOST = 0xC0000253 +STATUS_IP_ADDRESS_CONFLICT1 = 0xC0000254 +STATUS_IP_ADDRESS_CONFLICT2 = 0xC0000255 +STATUS_REGISTRY_QUOTA_LIMIT = 0xC0000256 +STATUS_PATH_NOT_COVERED = 0xC0000257 +STATUS_NO_CALLBACK_ACTIVE = 0xC0000258 +STATUS_LICENSE_QUOTA_EXCEEDED = 0xC0000259 +STATUS_PWD_TOO_SHORT = 0xC000025A +STATUS_PWD_TOO_RECENT = 0xC000025B +STATUS_PWD_HISTORY_CONFLICT = 0xC000025C +STATUS_PLUGPLAY_NO_DEVICE = 0xC000025E +STATUS_UNSUPPORTED_COMPRESSION = 0xC000025F +STATUS_INVALID_HW_PROFILE = 0xC0000260 +STATUS_INVALID_PLUGPLAY_DEVICE_PATH = 0xC0000261 +STATUS_DRIVER_ORDINAL_NOT_FOUND = 0xC0000262 +STATUS_DRIVER_ENTRYPOINT_NOT_FOUND = 0xC0000263 +STATUS_RESOURCE_NOT_OWNED = 0xC0000264 +STATUS_TOO_MANY_LINKS = 0xC0000265 +STATUS_QUOTA_LIST_INCONSISTENT = 0xC0000266 +STATUS_FILE_IS_OFFLINE = 0xC0000267 +STATUS_EVALUATION_EXPIRATION = 0xC0000268 +STATUS_ILLEGAL_DLL_RELOCATION = 0xC0000269 +STATUS_LICENSE_VIOLATION = 0xC000026A +STATUS_DLL_INIT_FAILED_LOGOFF = 0xC000026B +STATUS_DRIVER_UNABLE_TO_LOAD = 0xC000026C +STATUS_DFS_UNAVAILABLE = 0xC000026D +STATUS_VOLUME_DISMOUNTED = 0xC000026E +STATUS_WX86_INTERNAL_ERROR = 0xC000026F +STATUS_WX86_FLOAT_STACK_CHECK = 0xC0000270 +STATUS_VALIDATE_CONTINUE = 0xC0000271 +STATUS_NO_MATCH = 0xC0000272 +STATUS_NO_MORE_MATCHES = 0xC0000273 +STATUS_NOT_A_REPARSE_POINT = 0xC0000275 +STATUS_IO_REPARSE_TAG_INVALID = 0xC0000276 +STATUS_IO_REPARSE_TAG_MISMATCH = 0xC0000277 +STATUS_IO_REPARSE_DATA_INVALID = 0xC0000278 +STATUS_IO_REPARSE_TAG_NOT_HANDLED = 0xC0000279 +STATUS_REPARSE_POINT_NOT_RESOLVED = 0xC0000280 +STATUS_DIRECTORY_IS_A_REPARSE_POINT = 0xC0000281 +STATUS_RANGE_LIST_CONFLICT = 0xC0000282 +STATUS_SOURCE_ELEMENT_EMPTY = 0xC0000283 +STATUS_DESTINATION_ELEMENT_FULL = 0xC0000284 +STATUS_ILLEGAL_ELEMENT_ADDRESS = 0xC0000285 +STATUS_MAGAZINE_NOT_PRESENT = 0xC0000286 +STATUS_REINITIALIZATION_NEEDED = 0xC0000287 +STATUS_ENCRYPTION_FAILED = 0xC000028A +STATUS_DECRYPTION_FAILED = 0xC000028B +STATUS_RANGE_NOT_FOUND = 0xC000028C +STATUS_NO_RECOVERY_POLICY = 0xC000028D +STATUS_NO_EFS = 0xC000028E +STATUS_WRONG_EFS = 0xC000028F +STATUS_NO_USER_KEYS = 0xC0000290 +STATUS_FILE_NOT_ENCRYPTED = 0xC0000291 +STATUS_NOT_EXPORT_FORMAT = 0xC0000292 +STATUS_FILE_ENCRYPTED = 0xC0000293 +STATUS_WMI_GUID_NOT_FOUND = 0xC0000295 +STATUS_WMI_INSTANCE_NOT_FOUND = 0xC0000296 +STATUS_WMI_ITEMID_NOT_FOUND = 0xC0000297 +STATUS_WMI_TRY_AGAIN = 0xC0000298 +STATUS_SHARED_POLICY = 0xC0000299 +STATUS_POLICY_OBJECT_NOT_FOUND = 0xC000029A +STATUS_POLICY_ONLY_IN_DS = 0xC000029B +STATUS_VOLUME_NOT_UPGRADED = 0xC000029C +STATUS_REMOTE_STORAGE_NOT_ACTIVE = 0xC000029D +STATUS_REMOTE_STORAGE_MEDIA_ERROR = 0xC000029E +STATUS_NO_TRACKING_SERVICE = 0xC000029F +STATUS_SERVER_SID_MISMATCH = 0xC00002A0 +STATUS_DS_NO_ATTRIBUTE_OR_VALUE = 0xC00002A1 +STATUS_DS_INVALID_ATTRIBUTE_SYNTAX = 0xC00002A2 +STATUS_DS_ATTRIBUTE_TYPE_UNDEFINED = 0xC00002A3 +STATUS_DS_ATTRIBUTE_OR_VALUE_EXISTS = 0xC00002A4 +STATUS_DS_BUSY = 0xC00002A5 +STATUS_DS_UNAVAILABLE = 0xC00002A6 +STATUS_DS_NO_RIDS_ALLOCATED = 0xC00002A7 +STATUS_DS_NO_MORE_RIDS = 0xC00002A8 +STATUS_DS_INCORRECT_ROLE_OWNER = 0xC00002A9 +STATUS_DS_RIDMGR_INIT_ERROR = 0xC00002AA +STATUS_DS_OBJ_CLASS_VIOLATION = 0xC00002AB +STATUS_DS_CANT_ON_NON_LEAF = 0xC00002AC +STATUS_DS_CANT_ON_RDN = 0xC00002AD +STATUS_DS_CANT_MOD_OBJ_CLASS = 0xC00002AE +STATUS_DS_CROSS_DOM_MOVE_FAILED = 0xC00002AF +STATUS_DS_GC_NOT_AVAILABLE = 0xC00002B0 +STATUS_DIRECTORY_SERVICE_REQUIRED = 0xC00002B1 +STATUS_REPARSE_ATTRIBUTE_CONFLICT = 0xC00002B2 +STATUS_CANT_ENABLE_DENY_ONLY = 0xC00002B3 +STATUS_FLOAT_MULTIPLE_FAULTS = 0xC00002B4 +STATUS_FLOAT_MULTIPLE_TRAPS = 0xC00002B5 +STATUS_DEVICE_REMOVED = 0xC00002B6 +STATUS_JOURNAL_DELETE_IN_PROGRESS = 0xC00002B7 +STATUS_JOURNAL_NOT_ACTIVE = 0xC00002B8 +STATUS_NOINTERFACE = 0xC00002B9 +STATUS_DS_ADMIN_LIMIT_EXCEEDED = 0xC00002C1 +STATUS_DRIVER_FAILED_SLEEP = 0xC00002C2 +STATUS_MUTUAL_AUTHENTICATION_FAILED = 0xC00002C3 +STATUS_CORRUPT_SYSTEM_FILE = 0xC00002C4 +STATUS_DATATYPE_MISALIGNMENT_ERROR = 0xC00002C5 +STATUS_WMI_READ_ONLY = 0xC00002C6 +STATUS_WMI_SET_FAILURE = 0xC00002C7 +STATUS_COMMITMENT_MINIMUM = 0xC00002C8 +STATUS_REG_NAT_CONSUMPTION = 0xC00002C9 +STATUS_TRANSPORT_FULL = 0xC00002CA +STATUS_DS_SAM_INIT_FAILURE = 0xC00002CB +STATUS_ONLY_IF_CONNECTED = 0xC00002CC +STATUS_DS_SENSITIVE_GROUP_VIOLATION = 0xC00002CD +STATUS_PNP_RESTART_ENUMERATION = 0xC00002CE +STATUS_JOURNAL_ENTRY_DELETED = 0xC00002CF +STATUS_DS_CANT_MOD_PRIMARYGROUPID = 0xC00002D0 +STATUS_SYSTEM_IMAGE_BAD_SIGNATURE = 0xC00002D1 +STATUS_PNP_REBOOT_REQUIRED = 0xC00002D2 +STATUS_POWER_STATE_INVALID = 0xC00002D3 +STATUS_DS_INVALID_GROUP_TYPE = 0xC00002D4 +STATUS_DS_NO_NEST_GLOBALGROUP_IN_MIXEDDOMAIN = 0xC00002D5 +STATUS_DS_NO_NEST_LOCALGROUP_IN_MIXEDDOMAIN = 0xC00002D6 +STATUS_DS_GLOBAL_CANT_HAVE_LOCAL_MEMBER = 0xC00002D7 +STATUS_DS_GLOBAL_CANT_HAVE_UNIVERSAL_MEMBER = 0xC00002D8 +STATUS_DS_UNIVERSAL_CANT_HAVE_LOCAL_MEMBER = 0xC00002D9 +STATUS_DS_GLOBAL_CANT_HAVE_CROSSDOMAIN_MEMBER = 0xC00002DA +STATUS_DS_LOCAL_CANT_HAVE_CROSSDOMAIN_LOCAL_MEMBER = 0xC00002DB +STATUS_DS_HAVE_PRIMARY_MEMBERS = 0xC00002DC +STATUS_WMI_NOT_SUPPORTED = 0xC00002DD +STATUS_INSUFFICIENT_POWER = 0xC00002DE +STATUS_SAM_NEED_BOOTKEY_PASSWORD = 0xC00002DF +STATUS_SAM_NEED_BOOTKEY_FLOPPY = 0xC00002E0 +STATUS_DS_CANT_START = 0xC00002E1 +STATUS_DS_INIT_FAILURE = 0xC00002E2 +STATUS_SAM_INIT_FAILURE = 0xC00002E3 +STATUS_DS_GC_REQUIRED = 0xC00002E4 +STATUS_DS_LOCAL_MEMBER_OF_LOCAL_ONLY = 0xC00002E5 +STATUS_DS_NO_FPO_IN_UNIVERSAL_GROUPS = 0xC00002E6 +STATUS_DS_MACHINE_ACCOUNT_QUOTA_EXCEEDED = 0xC00002E7 +STATUS_CURRENT_DOMAIN_NOT_ALLOWED = 0xC00002E9 +STATUS_CANNOT_MAKE = 0xC00002EA +STATUS_SYSTEM_SHUTDOWN = 0xC00002EB +STATUS_DS_INIT_FAILURE_CONSOLE = 0xC00002EC +STATUS_DS_SAM_INIT_FAILURE_CONSOLE = 0xC00002ED +STATUS_UNFINISHED_CONTEXT_DELETED = 0xC00002EE +STATUS_NO_TGT_REPLY = 0xC00002EF +STATUS_OBJECTID_NOT_FOUND = 0xC00002F0 +STATUS_NO_IP_ADDRESSES = 0xC00002F1 +STATUS_WRONG_CREDENTIAL_HANDLE = 0xC00002F2 +STATUS_CRYPTO_SYSTEM_INVALID = 0xC00002F3 +STATUS_MAX_REFERRALS_EXCEEDED = 0xC00002F4 +STATUS_MUST_BE_KDC = 0xC00002F5 +STATUS_STRONG_CRYPTO_NOT_SUPPORTED = 0xC00002F6 +STATUS_TOO_MANY_PRINCIPALS = 0xC00002F7 +STATUS_NO_PA_DATA = 0xC00002F8 +STATUS_PKINIT_NAME_MISMATCH = 0xC00002F9 +STATUS_SMARTCARD_LOGON_REQUIRED = 0xC00002FA +STATUS_KDC_INVALID_REQUEST = 0xC00002FB +STATUS_KDC_UNABLE_TO_REFER = 0xC00002FC +STATUS_KDC_UNKNOWN_ETYPE = 0xC00002FD +STATUS_SHUTDOWN_IN_PROGRESS = 0xC00002FE +STATUS_SERVER_SHUTDOWN_IN_PROGRESS = 0xC00002FF +STATUS_NOT_SUPPORTED_ON_SBS = 0xC0000300 +STATUS_WMI_GUID_DISCONNECTED = 0xC0000301 +STATUS_WMI_ALREADY_DISABLED = 0xC0000302 +STATUS_WMI_ALREADY_ENABLED = 0xC0000303 +STATUS_MFT_TOO_FRAGMENTED = 0xC0000304 +STATUS_COPY_PROTECTION_FAILURE = 0xC0000305 +STATUS_CSS_AUTHENTICATION_FAILURE = 0xC0000306 +STATUS_CSS_KEY_NOT_PRESENT = 0xC0000307 +STATUS_CSS_KEY_NOT_ESTABLISHED = 0xC0000308 +STATUS_CSS_SCRAMBLED_SECTOR = 0xC0000309 +STATUS_CSS_REGION_MISMATCH = 0xC000030A +STATUS_CSS_RESETS_EXHAUSTED = 0xC000030B +STATUS_PKINIT_FAILURE = 0xC0000320 +STATUS_SMARTCARD_SUBSYSTEM_FAILURE = 0xC0000321 +STATUS_NO_KERB_KEY = 0xC0000322 +STATUS_HOST_DOWN = 0xC0000350 +STATUS_UNSUPPORTED_PREAUTH = 0xC0000351 +STATUS_EFS_ALG_BLOB_TOO_BIG = 0xC0000352 +STATUS_PORT_NOT_SET = 0xC0000353 +STATUS_DEBUGGER_INACTIVE = 0xC0000354 +STATUS_DS_VERSION_CHECK_FAILURE = 0xC0000355 +STATUS_AUDITING_DISABLED = 0xC0000356 +STATUS_PRENT4_MACHINE_ACCOUNT = 0xC0000357 +STATUS_DS_AG_CANT_HAVE_UNIVERSAL_MEMBER = 0xC0000358 +STATUS_INVALID_IMAGE_WIN_32 = 0xC0000359 +STATUS_INVALID_IMAGE_WIN_64 = 0xC000035A +STATUS_BAD_BINDINGS = 0xC000035B +STATUS_NETWORK_SESSION_EXPIRED = 0xC000035C +STATUS_APPHELP_BLOCK = 0xC000035D +STATUS_ALL_SIDS_FILTERED = 0xC000035E +STATUS_NOT_SAFE_MODE_DRIVER = 0xC000035F +STATUS_ACCESS_DISABLED_BY_POLICY_DEFAULT = 0xC0000361 +STATUS_ACCESS_DISABLED_BY_POLICY_PATH = 0xC0000362 +STATUS_ACCESS_DISABLED_BY_POLICY_PUBLISHER = 0xC0000363 +STATUS_ACCESS_DISABLED_BY_POLICY_OTHER = 0xC0000364 +STATUS_FAILED_DRIVER_ENTRY = 0xC0000365 +STATUS_DEVICE_ENUMERATION_ERROR = 0xC0000366 +STATUS_MOUNT_POINT_NOT_RESOLVED = 0xC0000368 +STATUS_INVALID_DEVICE_OBJECT_PARAMETER = 0xC0000369 +STATUS_MCA_OCCURED = 0xC000036A +STATUS_DRIVER_BLOCKED_CRITICAL = 0xC000036B +STATUS_DRIVER_BLOCKED = 0xC000036C +STATUS_DRIVER_DATABASE_ERROR = 0xC000036D +STATUS_SYSTEM_HIVE_TOO_LARGE = 0xC000036E +STATUS_INVALID_IMPORT_OF_NON_DLL = 0xC000036F +STATUS_NO_SECRETS = 0xC0000371 +STATUS_ACCESS_DISABLED_NO_SAFER_UI_BY_POLICY = 0xC0000372 +STATUS_FAILED_STACK_SWITCH = 0xC0000373 +STATUS_HEAP_CORRUPTION = 0xC0000374 +STATUS_SMARTCARD_WRONG_PIN = 0xC0000380 +STATUS_SMARTCARD_CARD_BLOCKED = 0xC0000381 +STATUS_SMARTCARD_CARD_NOT_AUTHENTICATED = 0xC0000382 +STATUS_SMARTCARD_NO_CARD = 0xC0000383 +STATUS_SMARTCARD_NO_KEY_CONTAINER = 0xC0000384 +STATUS_SMARTCARD_NO_CERTIFICATE = 0xC0000385 +STATUS_SMARTCARD_NO_KEYSET = 0xC0000386 +STATUS_SMARTCARD_IO_ERROR = 0xC0000387 +STATUS_DOWNGRADE_DETECTED = 0xC0000388 +STATUS_SMARTCARD_CERT_REVOKED = 0xC0000389 +STATUS_ISSUING_CA_UNTRUSTED = 0xC000038A +STATUS_REVOCATION_OFFLINE_C = 0xC000038B +STATUS_PKINIT_CLIENT_FAILURE = 0xC000038C +STATUS_SMARTCARD_CERT_EXPIRED = 0xC000038D +STATUS_DRIVER_FAILED_PRIOR_UNLOAD = 0xC000038E +STATUS_SMARTCARD_SILENT_CONTEXT = 0xC000038F +STATUS_PER_USER_TRUST_QUOTA_EXCEEDED = 0xC0000401 +STATUS_ALL_USER_TRUST_QUOTA_EXCEEDED = 0xC0000402 +STATUS_USER_DELETE_TRUST_QUOTA_EXCEEDED = 0xC0000403 +STATUS_DS_NAME_NOT_UNIQUE = 0xC0000404 +STATUS_DS_DUPLICATE_ID_FOUND = 0xC0000405 +STATUS_DS_GROUP_CONVERSION_ERROR = 0xC0000406 +STATUS_VOLSNAP_PREPARE_HIBERNATE = 0xC0000407 +STATUS_USER2USER_REQUIRED = 0xC0000408 +STATUS_STACK_BUFFER_OVERRUN = 0xC0000409 +STATUS_NO_S4U_PROT_SUPPORT = 0xC000040A +STATUS_CROSSREALM_DELEGATION_FAILURE = 0xC000040B +STATUS_REVOCATION_OFFLINE_KDC = 0xC000040C +STATUS_ISSUING_CA_UNTRUSTED_KDC = 0xC000040D +STATUS_KDC_CERT_EXPIRED = 0xC000040E +STATUS_KDC_CERT_REVOKED = 0xC000040F +STATUS_PARAMETER_QUOTA_EXCEEDED = 0xC0000410 +STATUS_HIBERNATION_FAILURE = 0xC0000411 +STATUS_DELAY_LOAD_FAILED = 0xC0000412 +STATUS_AUTHENTICATION_FIREWALL_FAILED = 0xC0000413 +STATUS_VDM_DISALLOWED = 0xC0000414 +STATUS_HUNG_DISPLAY_DRIVER_THREAD = 0xC0000415 +STATUS_INSUFFICIENT_RESOURCE_FOR_SPECIFIED_SHARED_SECTION_SIZE = 0xC0000416 +STATUS_INVALID_CRUNTIME_PARAMETER = 0xC0000417 +STATUS_NTLM_BLOCKED = 0xC0000418 +STATUS_DS_SRC_SID_EXISTS_IN_FOREST = 0xC0000419 +STATUS_DS_DOMAIN_NAME_EXISTS_IN_FOREST = 0xC000041A +STATUS_DS_FLAT_NAME_EXISTS_IN_FOREST = 0xC000041B +STATUS_INVALID_USER_PRINCIPAL_NAME = 0xC000041C +STATUS_ASSERTION_FAILURE = 0xC0000420 +STATUS_VERIFIER_STOP = 0xC0000421 +STATUS_CALLBACK_POP_STACK = 0xC0000423 +STATUS_INCOMPATIBLE_DRIVER_BLOCKED = 0xC0000424 +STATUS_HIVE_UNLOADED = 0xC0000425 +STATUS_COMPRESSION_DISABLED = 0xC0000426 +STATUS_FILE_SYSTEM_LIMITATION = 0xC0000427 +STATUS_INVALID_IMAGE_HASH = 0xC0000428 +STATUS_NOT_CAPABLE = 0xC0000429 +STATUS_REQUEST_OUT_OF_SEQUENCE = 0xC000042A +STATUS_IMPLEMENTATION_LIMIT = 0xC000042B +STATUS_ELEVATION_REQUIRED = 0xC000042C +STATUS_NO_SECURITY_CONTEXT = 0xC000042D +STATUS_PKU2U_CERT_FAILURE = 0xC000042E +STATUS_BEYOND_VDL = 0xC0000432 +STATUS_ENCOUNTERED_WRITE_IN_PROGRESS = 0xC0000433 +STATUS_PTE_CHANGED = 0xC0000434 +STATUS_PURGE_FAILED = 0xC0000435 +STATUS_CRED_REQUIRES_CONFIRMATION = 0xC0000440 +STATUS_CS_ENCRYPTION_INVALID_SERVER_RESPONSE = 0xC0000441 +STATUS_CS_ENCRYPTION_UNSUPPORTED_SERVER = 0xC0000442 +STATUS_CS_ENCRYPTION_EXISTING_ENCRYPTED_FILE = 0xC0000443 +STATUS_CS_ENCRYPTION_NEW_ENCRYPTED_FILE = 0xC0000444 +STATUS_CS_ENCRYPTION_FILE_NOT_CSE = 0xC0000445 +STATUS_INVALID_LABEL = 0xC0000446 +STATUS_DRIVER_PROCESS_TERMINATED = 0xC0000450 +STATUS_AMBIGUOUS_SYSTEM_DEVICE = 0xC0000451 +STATUS_SYSTEM_DEVICE_NOT_FOUND = 0xC0000452 +STATUS_RESTART_BOOT_APPLICATION = 0xC0000453 +STATUS_INSUFFICIENT_NVRAM_RESOURCES = 0xC0000454 +STATUS_INVALID_TASK_NAME = 0xC0000500 +STATUS_INVALID_TASK_INDEX = 0xC0000501 +STATUS_THREAD_ALREADY_IN_TASK = 0xC0000502 +STATUS_CALLBACK_BYPASS = 0xC0000503 +STATUS_FAIL_FAST_EXCEPTION = 0xC0000602 +STATUS_IMAGE_CERT_REVOKED = 0xC0000603 +STATUS_PORT_CLOSED = 0xC0000700 +STATUS_MESSAGE_LOST = 0xC0000701 +STATUS_INVALID_MESSAGE = 0xC0000702 +STATUS_REQUEST_CANCELED = 0xC0000703 +STATUS_RECURSIVE_DISPATCH = 0xC0000704 +STATUS_LPC_RECEIVE_BUFFER_EXPECTED = 0xC0000705 +STATUS_LPC_INVALID_CONNECTION_USAGE = 0xC0000706 +STATUS_LPC_REQUESTS_NOT_ALLOWED = 0xC0000707 +STATUS_RESOURCE_IN_USE = 0xC0000708 +STATUS_HARDWARE_MEMORY_ERROR = 0xC0000709 +STATUS_THREADPOOL_HANDLE_EXCEPTION = 0xC000070A +STATUS_THREADPOOL_SET_EVENT_ON_COMPLETION_FAILED = 0xC000070B +STATUS_THREADPOOL_RELEASE_SEMAPHORE_ON_COMPLETION_FAILED = 0xC000070C +STATUS_THREADPOOL_RELEASE_MUTEX_ON_COMPLETION_FAILED = 0xC000070D +STATUS_THREADPOOL_FREE_LIBRARY_ON_COMPLETION_FAILED = 0xC000070E +STATUS_THREADPOOL_RELEASED_DURING_OPERATION = 0xC000070F +STATUS_CALLBACK_RETURNED_WHILE_IMPERSONATING = 0xC0000710 +STATUS_APC_RETURNED_WHILE_IMPERSONATING = 0xC0000711 +STATUS_PROCESS_IS_PROTECTED = 0xC0000712 +STATUS_MCA_EXCEPTION = 0xC0000713 +STATUS_CERTIFICATE_MAPPING_NOT_UNIQUE = 0xC0000714 +STATUS_SYMLINK_CLASS_DISABLED = 0xC0000715 +STATUS_INVALID_IDN_NORMALIZATION = 0xC0000716 +STATUS_NO_UNICODE_TRANSLATION = 0xC0000717 +STATUS_ALREADY_REGISTERED = 0xC0000718 +STATUS_CONTEXT_MISMATCH = 0xC0000719 +STATUS_PORT_ALREADY_HAS_COMPLETION_LIST = 0xC000071A +STATUS_CALLBACK_RETURNED_THREAD_PRIORITY = 0xC000071B +STATUS_INVALID_THREAD = 0xC000071C +STATUS_CALLBACK_RETURNED_TRANSACTION = 0xC000071D +STATUS_CALLBACK_RETURNED_LDR_LOCK = 0xC000071E +STATUS_CALLBACK_RETURNED_LANG = 0xC000071F +STATUS_CALLBACK_RETURNED_PRI_BACK = 0xC0000720 +STATUS_DISK_REPAIR_DISABLED = 0xC0000800 +STATUS_DS_DOMAIN_RENAME_IN_PROGRESS = 0xC0000801 +STATUS_DISK_QUOTA_EXCEEDED = 0xC0000802 +STATUS_CONTENT_BLOCKED = 0xC0000804 +STATUS_BAD_CLUSTERS = 0xC0000805 +STATUS_VOLUME_DIRTY = 0xC0000806 +STATUS_FILE_CHECKED_OUT = 0xC0000901 +STATUS_CHECKOUT_REQUIRED = 0xC0000902 +STATUS_BAD_FILE_TYPE = 0xC0000903 +STATUS_FILE_TOO_LARGE = 0xC0000904 +STATUS_FORMS_AUTH_REQUIRED = 0xC0000905 +STATUS_VIRUS_INFECTED = 0xC0000906 +STATUS_VIRUS_DELETED = 0xC0000907 +STATUS_BAD_MCFG_TABLE = 0xC0000908 +STATUS_CANNOT_BREAK_OPLOCK = 0xC0000909 +STATUS_WOW_ASSERTION = 0xC0009898 +STATUS_INVALID_SIGNATURE = 0xC000A000 +STATUS_HMAC_NOT_SUPPORTED = 0xC000A001 +STATUS_IPSEC_QUEUE_OVERFLOW = 0xC000A010 +STATUS_ND_QUEUE_OVERFLOW = 0xC000A011 +STATUS_HOPLIMIT_EXCEEDED = 0xC000A012 +STATUS_PROTOCOL_NOT_SUPPORTED = 0xC000A013 +STATUS_LOST_WRITEBEHIND_DATA_NETWORK_DISCONNECTED = 0xC000A080 +STATUS_LOST_WRITEBEHIND_DATA_NETWORK_SERVER_ERROR = 0xC000A081 +STATUS_LOST_WRITEBEHIND_DATA_LOCAL_DISK_ERROR = 0xC000A082 +STATUS_XML_PARSE_ERROR = 0xC000A083 +STATUS_XMLDSIG_ERROR = 0xC000A084 +STATUS_WRONG_COMPARTMENT = 0xC000A085 +STATUS_AUTHIP_FAILURE = 0xC000A086 +STATUS_DS_OID_MAPPED_GROUP_CANT_HAVE_MEMBERS = 0xC000A087 +STATUS_DS_OID_NOT_FOUND = 0xC000A088 +STATUS_HASH_NOT_SUPPORTED = 0xC000A100 +STATUS_HASH_NOT_PRESENT = 0xC000A101 +DBG_NO_STATE_CHANGE = 0xC0010001 +DBG_APP_NOT_IDLE = 0xC0010002 +RPC_NT_INVALID_STRING_BINDING = 0xC0020001 +RPC_NT_WRONG_KIND_OF_BINDING = 0xC0020002 +RPC_NT_INVALID_BINDING = 0xC0020003 +RPC_NT_PROTSEQ_NOT_SUPPORTED = 0xC0020004 +RPC_NT_INVALID_RPC_PROTSEQ = 0xC0020005 +RPC_NT_INVALID_STRING_UUID = 0xC0020006 +RPC_NT_INVALID_ENDPOINT_FORMAT = 0xC0020007 +RPC_NT_INVALID_NET_ADDR = 0xC0020008 +RPC_NT_NO_ENDPOINT_FOUND = 0xC0020009 +RPC_NT_INVALID_TIMEOUT = 0xC002000A +RPC_NT_OBJECT_NOT_FOUND = 0xC002000B +RPC_NT_ALREADY_REGISTERED = 0xC002000C +RPC_NT_TYPE_ALREADY_REGISTERED = 0xC002000D +RPC_NT_ALREADY_LISTENING = 0xC002000E +RPC_NT_NO_PROTSEQS_REGISTERED = 0xC002000F +RPC_NT_NOT_LISTENING = 0xC0020010 +RPC_NT_UNKNOWN_MGR_TYPE = 0xC0020011 +RPC_NT_UNKNOWN_IF = 0xC0020012 +RPC_NT_NO_BINDINGS = 0xC0020013 +RPC_NT_NO_PROTSEQS = 0xC0020014 +RPC_NT_CANT_CREATE_ENDPOINT = 0xC0020015 +RPC_NT_OUT_OF_RESOURCES = 0xC0020016 +RPC_NT_SERVER_UNAVAILABLE = 0xC0020017 +RPC_NT_SERVER_TOO_BUSY = 0xC0020018 +RPC_NT_INVALID_NETWORK_OPTIONS = 0xC0020019 +RPC_NT_NO_CALL_ACTIVE = 0xC002001A +RPC_NT_CALL_FAILED = 0xC002001B +RPC_NT_CALL_FAILED_DNE = 0xC002001C +RPC_NT_PROTOCOL_ERROR = 0xC002001D +RPC_NT_UNSUPPORTED_TRANS_SYN = 0xC002001F +RPC_NT_UNSUPPORTED_TYPE = 0xC0020021 +RPC_NT_INVALID_TAG = 0xC0020022 +RPC_NT_INVALID_BOUND = 0xC0020023 +RPC_NT_NO_ENTRY_NAME = 0xC0020024 +RPC_NT_INVALID_NAME_SYNTAX = 0xC0020025 +RPC_NT_UNSUPPORTED_NAME_SYNTAX = 0xC0020026 +RPC_NT_UUID_NO_ADDRESS = 0xC0020028 +RPC_NT_DUPLICATE_ENDPOINT = 0xC0020029 +RPC_NT_UNKNOWN_AUTHN_TYPE = 0xC002002A +RPC_NT_MAX_CALLS_TOO_SMALL = 0xC002002B +RPC_NT_STRING_TOO_LONG = 0xC002002C +RPC_NT_PROTSEQ_NOT_FOUND = 0xC002002D +RPC_NT_PROCNUM_OUT_OF_RANGE = 0xC002002E +RPC_NT_BINDING_HAS_NO_AUTH = 0xC002002F +RPC_NT_UNKNOWN_AUTHN_SERVICE = 0xC0020030 +RPC_NT_UNKNOWN_AUTHN_LEVEL = 0xC0020031 +RPC_NT_INVALID_AUTH_IDENTITY = 0xC0020032 +RPC_NT_UNKNOWN_AUTHZ_SERVICE = 0xC0020033 +EPT_NT_INVALID_ENTRY = 0xC0020034 +EPT_NT_CANT_PERFORM_OP = 0xC0020035 +EPT_NT_NOT_REGISTERED = 0xC0020036 +RPC_NT_NOTHING_TO_EXPORT = 0xC0020037 +RPC_NT_INCOMPLETE_NAME = 0xC0020038 +RPC_NT_INVALID_VERS_OPTION = 0xC0020039 +RPC_NT_NO_MORE_MEMBERS = 0xC002003A +RPC_NT_NOT_ALL_OBJS_UNEXPORTED = 0xC002003B +RPC_NT_INTERFACE_NOT_FOUND = 0xC002003C +RPC_NT_ENTRY_ALREADY_EXISTS = 0xC002003D +RPC_NT_ENTRY_NOT_FOUND = 0xC002003E +RPC_NT_NAME_SERVICE_UNAVAILABLE = 0xC002003F +RPC_NT_INVALID_NAF_ID = 0xC0020040 +RPC_NT_CANNOT_SUPPORT = 0xC0020041 +RPC_NT_NO_CONTEXT_AVAILABLE = 0xC0020042 +RPC_NT_INTERNAL_ERROR = 0xC0020043 +RPC_NT_ZERO_DIVIDE = 0xC0020044 +RPC_NT_ADDRESS_ERROR = 0xC0020045 +RPC_NT_FP_DIV_ZERO = 0xC0020046 +RPC_NT_FP_UNDERFLOW = 0xC0020047 +RPC_NT_FP_OVERFLOW = 0xC0020048 +RPC_NT_CALL_IN_PROGRESS = 0xC0020049 +RPC_NT_NO_MORE_BINDINGS = 0xC002004A +RPC_NT_GROUP_MEMBER_NOT_FOUND = 0xC002004B +EPT_NT_CANT_CREATE = 0xC002004C +RPC_NT_INVALID_OBJECT = 0xC002004D +RPC_NT_NO_INTERFACES = 0xC002004F +RPC_NT_CALL_CANCELLED = 0xC0020050 +RPC_NT_BINDING_INCOMPLETE = 0xC0020051 +RPC_NT_COMM_FAILURE = 0xC0020052 +RPC_NT_UNSUPPORTED_AUTHN_LEVEL = 0xC0020053 +RPC_NT_NO_PRINC_NAME = 0xC0020054 +RPC_NT_NOT_RPC_ERROR = 0xC0020055 +RPC_NT_SEC_PKG_ERROR = 0xC0020057 +RPC_NT_NOT_CANCELLED = 0xC0020058 +RPC_NT_INVALID_ASYNC_HANDLE = 0xC0020062 +RPC_NT_INVALID_ASYNC_CALL = 0xC0020063 +RPC_NT_PROXY_ACCESS_DENIED = 0xC0020064 +RPC_NT_NO_MORE_ENTRIES = 0xC0030001 +RPC_NT_SS_CHAR_TRANS_OPEN_FAIL = 0xC0030002 +RPC_NT_SS_CHAR_TRANS_SHORT_FILE = 0xC0030003 +RPC_NT_SS_IN_NULL_CONTEXT = 0xC0030004 +RPC_NT_SS_CONTEXT_MISMATCH = 0xC0030005 +RPC_NT_SS_CONTEXT_DAMAGED = 0xC0030006 +RPC_NT_SS_HANDLES_MISMATCH = 0xC0030007 +RPC_NT_SS_CANNOT_GET_CALL_HANDLE = 0xC0030008 +RPC_NT_NULL_REF_POINTER = 0xC0030009 +RPC_NT_ENUM_VALUE_OUT_OF_RANGE = 0xC003000A +RPC_NT_BYTE_COUNT_TOO_SMALL = 0xC003000B +RPC_NT_BAD_STUB_DATA = 0xC003000C +RPC_NT_INVALID_ES_ACTION = 0xC0030059 +RPC_NT_WRONG_ES_VERSION = 0xC003005A +RPC_NT_WRONG_STUB_VERSION = 0xC003005B +RPC_NT_INVALID_PIPE_OBJECT = 0xC003005C +RPC_NT_INVALID_PIPE_OPERATION = 0xC003005D +RPC_NT_WRONG_PIPE_VERSION = 0xC003005E +RPC_NT_PIPE_CLOSED = 0xC003005F +RPC_NT_PIPE_DISCIPLINE_ERROR = 0xC0030060 +RPC_NT_PIPE_EMPTY = 0xC0030061 +STATUS_PNP_BAD_MPS_TABLE = 0xC0040035 +STATUS_PNP_TRANSLATION_FAILED = 0xC0040036 +STATUS_PNP_IRQ_TRANSLATION_FAILED = 0xC0040037 +STATUS_PNP_INVALID_ID = 0xC0040038 +STATUS_IO_REISSUE_AS_CACHED = 0xC0040039 +STATUS_CTX_WINSTATION_NAME_INVALID = 0xC00A0001 +STATUS_CTX_INVALID_PD = 0xC00A0002 +STATUS_CTX_PD_NOT_FOUND = 0xC00A0003 +STATUS_CTX_CLOSE_PENDING = 0xC00A0006 +STATUS_CTX_NO_OUTBUF = 0xC00A0007 +STATUS_CTX_MODEM_INF_NOT_FOUND = 0xC00A0008 +STATUS_CTX_INVALID_MODEMNAME = 0xC00A0009 +STATUS_CTX_RESPONSE_ERROR = 0xC00A000A +STATUS_CTX_MODEM_RESPONSE_TIMEOUT = 0xC00A000B +STATUS_CTX_MODEM_RESPONSE_NO_CARRIER = 0xC00A000C +STATUS_CTX_MODEM_RESPONSE_NO_DIALTONE = 0xC00A000D +STATUS_CTX_MODEM_RESPONSE_BUSY = 0xC00A000E +STATUS_CTX_MODEM_RESPONSE_VOICE = 0xC00A000F +STATUS_CTX_TD_ERROR = 0xC00A0010 +STATUS_CTX_LICENSE_CLIENT_INVALID = 0xC00A0012 +STATUS_CTX_LICENSE_NOT_AVAILABLE = 0xC00A0013 +STATUS_CTX_LICENSE_EXPIRED = 0xC00A0014 +STATUS_CTX_WINSTATION_NOT_FOUND = 0xC00A0015 +STATUS_CTX_WINSTATION_NAME_COLLISION = 0xC00A0016 +STATUS_CTX_WINSTATION_BUSY = 0xC00A0017 +STATUS_CTX_BAD_VIDEO_MODE = 0xC00A0018 +STATUS_CTX_GRAPHICS_INVALID = 0xC00A0022 +STATUS_CTX_NOT_CONSOLE = 0xC00A0024 +STATUS_CTX_CLIENT_QUERY_TIMEOUT = 0xC00A0026 +STATUS_CTX_CONSOLE_DISCONNECT = 0xC00A0027 +STATUS_CTX_CONSOLE_CONNECT = 0xC00A0028 +STATUS_CTX_SHADOW_DENIED = 0xC00A002A +STATUS_CTX_WINSTATION_ACCESS_DENIED = 0xC00A002B +STATUS_CTX_INVALID_WD = 0xC00A002E +STATUS_CTX_WD_NOT_FOUND = 0xC00A002F +STATUS_CTX_SHADOW_INVALID = 0xC00A0030 +STATUS_CTX_SHADOW_DISABLED = 0xC00A0031 +STATUS_RDP_PROTOCOL_ERROR = 0xC00A0032 +STATUS_CTX_CLIENT_LICENSE_NOT_SET = 0xC00A0033 +STATUS_CTX_CLIENT_LICENSE_IN_USE = 0xC00A0034 +STATUS_CTX_SHADOW_ENDED_BY_MODE_CHANGE = 0xC00A0035 +STATUS_CTX_SHADOW_NOT_RUNNING = 0xC00A0036 +STATUS_CTX_LOGON_DISABLED = 0xC00A0037 +STATUS_CTX_SECURITY_LAYER_ERROR = 0xC00A0038 +STATUS_TS_INCOMPATIBLE_SESSIONS = 0xC00A0039 +STATUS_MUI_FILE_NOT_FOUND = 0xC00B0001 +STATUS_MUI_INVALID_FILE = 0xC00B0002 +STATUS_MUI_INVALID_RC_CONFIG = 0xC00B0003 +STATUS_MUI_INVALID_LOCALE_NAME = 0xC00B0004 +STATUS_MUI_INVALID_ULTIMATEFALLBACK_NAME = 0xC00B0005 +STATUS_MUI_FILE_NOT_LOADED = 0xC00B0006 +STATUS_RESOURCE_ENUM_USER_STOP = 0xC00B0007 +STATUS_CLUSTER_INVALID_NODE = 0xC0130001 +STATUS_CLUSTER_NODE_EXISTS = 0xC0130002 +STATUS_CLUSTER_JOIN_IN_PROGRESS = 0xC0130003 +STATUS_CLUSTER_NODE_NOT_FOUND = 0xC0130004 +STATUS_CLUSTER_LOCAL_NODE_NOT_FOUND = 0xC0130005 +STATUS_CLUSTER_NETWORK_EXISTS = 0xC0130006 +STATUS_CLUSTER_NETWORK_NOT_FOUND = 0xC0130007 +STATUS_CLUSTER_NETINTERFACE_EXISTS = 0xC0130008 +STATUS_CLUSTER_NETINTERFACE_NOT_FOUND = 0xC0130009 +STATUS_CLUSTER_INVALID_REQUEST = 0xC013000A +STATUS_CLUSTER_INVALID_NETWORK_PROVIDER = 0xC013000B +STATUS_CLUSTER_NODE_DOWN = 0xC013000C +STATUS_CLUSTER_NODE_UNREACHABLE = 0xC013000D +STATUS_CLUSTER_NODE_NOT_MEMBER = 0xC013000E +STATUS_CLUSTER_JOIN_NOT_IN_PROGRESS = 0xC013000F +STATUS_CLUSTER_INVALID_NETWORK = 0xC0130010 +STATUS_CLUSTER_NO_NET_ADAPTERS = 0xC0130011 +STATUS_CLUSTER_NODE_UP = 0xC0130012 +STATUS_CLUSTER_NODE_PAUSED = 0xC0130013 +STATUS_CLUSTER_NODE_NOT_PAUSED = 0xC0130014 +STATUS_CLUSTER_NO_SECURITY_CONTEXT = 0xC0130015 +STATUS_CLUSTER_NETWORK_NOT_INTERNAL = 0xC0130016 +STATUS_CLUSTER_POISONED = 0xC0130017 +STATUS_ACPI_INVALID_OPCODE = 0xC0140001 +STATUS_ACPI_STACK_OVERFLOW = 0xC0140002 +STATUS_ACPI_ASSERT_FAILED = 0xC0140003 +STATUS_ACPI_INVALID_INDEX = 0xC0140004 +STATUS_ACPI_INVALID_ARGUMENT = 0xC0140005 +STATUS_ACPI_FATAL = 0xC0140006 +STATUS_ACPI_INVALID_SUPERNAME = 0xC0140007 +STATUS_ACPI_INVALID_ARGTYPE = 0xC0140008 +STATUS_ACPI_INVALID_OBJTYPE = 0xC0140009 +STATUS_ACPI_INVALID_TARGETTYPE = 0xC014000A +STATUS_ACPI_INCORRECT_ARGUMENT_COUNT = 0xC014000B +STATUS_ACPI_ADDRESS_NOT_MAPPED = 0xC014000C +STATUS_ACPI_INVALID_EVENTTYPE = 0xC014000D +STATUS_ACPI_HANDLER_COLLISION = 0xC014000E +STATUS_ACPI_INVALID_DATA = 0xC014000F +STATUS_ACPI_INVALID_REGION = 0xC0140010 +STATUS_ACPI_INVALID_ACCESS_SIZE = 0xC0140011 +STATUS_ACPI_ACQUIRE_GLOBAL_LOCK = 0xC0140012 +STATUS_ACPI_ALREADY_INITIALIZED = 0xC0140013 +STATUS_ACPI_NOT_INITIALIZED = 0xC0140014 +STATUS_ACPI_INVALID_MUTEX_LEVEL = 0xC0140015 +STATUS_ACPI_MUTEX_NOT_OWNED = 0xC0140016 +STATUS_ACPI_MUTEX_NOT_OWNER = 0xC0140017 +STATUS_ACPI_RS_ACCESS = 0xC0140018 +STATUS_ACPI_INVALID_TABLE = 0xC0140019 +STATUS_ACPI_REG_HANDLER_FAILED = 0xC0140020 +STATUS_ACPI_POWER_REQUEST_FAILED = 0xC0140021 +STATUS_SXS_SECTION_NOT_FOUND = 0xC0150001 +STATUS_SXS_CANT_GEN_ACTCTX = 0xC0150002 +STATUS_SXS_INVALID_ACTCTXDATA_FORMAT = 0xC0150003 +STATUS_SXS_ASSEMBLY_NOT_FOUND = 0xC0150004 +STATUS_SXS_MANIFEST_FORMAT_ERROR = 0xC0150005 +STATUS_SXS_MANIFEST_PARSE_ERROR = 0xC0150006 +STATUS_SXS_ACTIVATION_CONTEXT_DISABLED = 0xC0150007 +STATUS_SXS_KEY_NOT_FOUND = 0xC0150008 +STATUS_SXS_VERSION_CONFLICT = 0xC0150009 +STATUS_SXS_WRONG_SECTION_TYPE = 0xC015000A +STATUS_SXS_THREAD_QUERIES_DISABLED = 0xC015000B +STATUS_SXS_ASSEMBLY_MISSING = 0xC015000C +STATUS_SXS_PROCESS_DEFAULT_ALREADY_SET = 0xC015000E +STATUS_SXS_EARLY_DEACTIVATION = 0xC015000F +STATUS_SXS_INVALID_DEACTIVATION = 0xC0150010 +STATUS_SXS_MULTIPLE_DEACTIVATION = 0xC0150011 +STATUS_SXS_SYSTEM_DEFAULT_ACTIVATION_CONTEXT_EMPTY = 0xC0150012 +STATUS_SXS_PROCESS_TERMINATION_REQUESTED = 0xC0150013 +STATUS_SXS_CORRUPT_ACTIVATION_STACK = 0xC0150014 +STATUS_SXS_CORRUPTION = 0xC0150015 +STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_VALUE = 0xC0150016 +STATUS_SXS_INVALID_IDENTITY_ATTRIBUTE_NAME = 0xC0150017 +STATUS_SXS_IDENTITY_DUPLICATE_ATTRIBUTE = 0xC0150018 +STATUS_SXS_IDENTITY_PARSE_ERROR = 0xC0150019 +STATUS_SXS_COMPONENT_STORE_CORRUPT = 0xC015001A +STATUS_SXS_FILE_HASH_MISMATCH = 0xC015001B +STATUS_SXS_MANIFEST_IDENTITY_SAME_BUT_CONTENTS_DIFFERENT = 0xC015001C +STATUS_SXS_IDENTITIES_DIFFERENT = 0xC015001D +STATUS_SXS_ASSEMBLY_IS_NOT_A_DEPLOYMENT = 0xC015001E +STATUS_SXS_FILE_NOT_PART_OF_ASSEMBLY = 0xC015001F +STATUS_ADVANCED_INSTALLER_FAILED = 0xC0150020 +STATUS_XML_ENCODING_MISMATCH = 0xC0150021 +STATUS_SXS_MANIFEST_TOO_BIG = 0xC0150022 +STATUS_SXS_SETTING_NOT_REGISTERED = 0xC0150023 +STATUS_SXS_TRANSACTION_CLOSURE_INCOMPLETE = 0xC0150024 +STATUS_SMI_PRIMITIVE_INSTALLER_FAILED = 0xC0150025 +STATUS_GENERIC_COMMAND_FAILED = 0xC0150026 +STATUS_SXS_FILE_HASH_MISSING = 0xC0150027 +STATUS_TRANSACTIONAL_CONFLICT = 0xC0190001 +STATUS_INVALID_TRANSACTION = 0xC0190002 +STATUS_TRANSACTION_NOT_ACTIVE = 0xC0190003 +STATUS_TM_INITIALIZATION_FAILED = 0xC0190004 +STATUS_RM_NOT_ACTIVE = 0xC0190005 +STATUS_RM_METADATA_CORRUPT = 0xC0190006 +STATUS_TRANSACTION_NOT_JOINED = 0xC0190007 +STATUS_DIRECTORY_NOT_RM = 0xC0190008 +STATUS_TRANSACTIONS_UNSUPPORTED_REMOTE = 0xC019000A +STATUS_LOG_RESIZE_INVALID_SIZE = 0xC019000B +STATUS_REMOTE_FILE_VERSION_MISMATCH = 0xC019000C +STATUS_CRM_PROTOCOL_ALREADY_EXISTS = 0xC019000F +STATUS_TRANSACTION_PROPAGATION_FAILED = 0xC0190010 +STATUS_CRM_PROTOCOL_NOT_FOUND = 0xC0190011 +STATUS_TRANSACTION_SUPERIOR_EXISTS = 0xC0190012 +STATUS_TRANSACTION_REQUEST_NOT_VALID = 0xC0190013 +STATUS_TRANSACTION_NOT_REQUESTED = 0xC0190014 +STATUS_TRANSACTION_ALREADY_ABORTED = 0xC0190015 +STATUS_TRANSACTION_ALREADY_COMMITTED = 0xC0190016 +STATUS_TRANSACTION_INVALID_MARSHALL_BUFFER = 0xC0190017 +STATUS_CURRENT_TRANSACTION_NOT_VALID = 0xC0190018 +STATUS_LOG_GROWTH_FAILED = 0xC0190019 +STATUS_OBJECT_NO_LONGER_EXISTS = 0xC0190021 +STATUS_STREAM_MINIVERSION_NOT_FOUND = 0xC0190022 +STATUS_STREAM_MINIVERSION_NOT_VALID = 0xC0190023 +STATUS_MINIVERSION_INACCESSIBLE_FROM_SPECIFIED_TRANSACTION = 0xC0190024 +STATUS_CANT_OPEN_MINIVERSION_WITH_MODIFY_INTENT = 0xC0190025 +STATUS_CANT_CREATE_MORE_STREAM_MINIVERSIONS = 0xC0190026 +STATUS_HANDLE_NO_LONGER_VALID = 0xC0190028 +STATUS_LOG_CORRUPTION_DETECTED = 0xC0190030 +STATUS_RM_DISCONNECTED = 0xC0190032 +STATUS_ENLISTMENT_NOT_SUPERIOR = 0xC0190033 +STATUS_FILE_IDENTITY_NOT_PERSISTENT = 0xC0190036 +STATUS_CANT_BREAK_TRANSACTIONAL_DEPENDENCY = 0xC0190037 +STATUS_CANT_CROSS_RM_BOUNDARY = 0xC0190038 +STATUS_TXF_DIR_NOT_EMPTY = 0xC0190039 +STATUS_INDOUBT_TRANSACTIONS_EXIST = 0xC019003A +STATUS_TM_VOLATILE = 0xC019003B +STATUS_ROLLBACK_TIMER_EXPIRED = 0xC019003C +STATUS_TXF_ATTRIBUTE_CORRUPT = 0xC019003D +STATUS_EFS_NOT_ALLOWED_IN_TRANSACTION = 0xC019003E +STATUS_TRANSACTIONAL_OPEN_NOT_ALLOWED = 0xC019003F +STATUS_TRANSACTED_MAPPING_UNSUPPORTED_REMOTE = 0xC0190040 +STATUS_TRANSACTION_REQUIRED_PROMOTION = 0xC0190043 +STATUS_CANNOT_EXECUTE_FILE_IN_TRANSACTION = 0xC0190044 +STATUS_TRANSACTIONS_NOT_FROZEN = 0xC0190045 +STATUS_TRANSACTION_FREEZE_IN_PROGRESS = 0xC0190046 +STATUS_NOT_SNAPSHOT_VOLUME = 0xC0190047 +STATUS_NO_SAVEPOINT_WITH_OPEN_FILES = 0xC0190048 +STATUS_SPARSE_NOT_ALLOWED_IN_TRANSACTION = 0xC0190049 +STATUS_TM_IDENTITY_MISMATCH = 0xC019004A +STATUS_FLOATED_SECTION = 0xC019004B +STATUS_CANNOT_ACCEPT_TRANSACTED_WORK = 0xC019004C +STATUS_CANNOT_ABORT_TRANSACTIONS = 0xC019004D +STATUS_TRANSACTION_NOT_FOUND = 0xC019004E +STATUS_RESOURCEMANAGER_NOT_FOUND = 0xC019004F +STATUS_ENLISTMENT_NOT_FOUND = 0xC0190050 +STATUS_TRANSACTIONMANAGER_NOT_FOUND = 0xC0190051 +STATUS_TRANSACTIONMANAGER_NOT_ONLINE = 0xC0190052 +STATUS_TRANSACTIONMANAGER_RECOVERY_NAME_COLLISION = 0xC0190053 +STATUS_TRANSACTION_NOT_ROOT = 0xC0190054 +STATUS_TRANSACTION_OBJECT_EXPIRED = 0xC0190055 +STATUS_COMPRESSION_NOT_ALLOWED_IN_TRANSACTION = 0xC0190056 +STATUS_TRANSACTION_RESPONSE_NOT_ENLISTED = 0xC0190057 +STATUS_TRANSACTION_RECORD_TOO_LONG = 0xC0190058 +STATUS_NO_LINK_TRACKING_IN_TRANSACTION = 0xC0190059 +STATUS_OPERATION_NOT_SUPPORTED_IN_TRANSACTION = 0xC019005A +STATUS_TRANSACTION_INTEGRITY_VIOLATED = 0xC019005B +STATUS_EXPIRED_HANDLE = 0xC0190060 +STATUS_TRANSACTION_NOT_ENLISTED = 0xC0190061 +STATUS_LOG_SECTOR_INVALID = 0xC01A0001 +STATUS_LOG_SECTOR_PARITY_INVALID = 0xC01A0002 +STATUS_LOG_SECTOR_REMAPPED = 0xC01A0003 +STATUS_LOG_BLOCK_INCOMPLETE = 0xC01A0004 +STATUS_LOG_INVALID_RANGE = 0xC01A0005 +STATUS_LOG_BLOCKS_EXHAUSTED = 0xC01A0006 +STATUS_LOG_READ_CONTEXT_INVALID = 0xC01A0007 +STATUS_LOG_RESTART_INVALID = 0xC01A0008 +STATUS_LOG_BLOCK_VERSION = 0xC01A0009 +STATUS_LOG_BLOCK_INVALID = 0xC01A000A +STATUS_LOG_READ_MODE_INVALID = 0xC01A000B +STATUS_LOG_METADATA_CORRUPT = 0xC01A000D +STATUS_LOG_METADATA_INVALID = 0xC01A000E +STATUS_LOG_METADATA_INCONSISTENT = 0xC01A000F +STATUS_LOG_RESERVATION_INVALID = 0xC01A0010 +STATUS_LOG_CANT_DELETE = 0xC01A0011 +STATUS_LOG_CONTAINER_LIMIT_EXCEEDED = 0xC01A0012 +STATUS_LOG_START_OF_LOG = 0xC01A0013 +STATUS_LOG_POLICY_ALREADY_INSTALLED = 0xC01A0014 +STATUS_LOG_POLICY_NOT_INSTALLED = 0xC01A0015 +STATUS_LOG_POLICY_INVALID = 0xC01A0016 +STATUS_LOG_POLICY_CONFLICT = 0xC01A0017 +STATUS_LOG_PINNED_ARCHIVE_TAIL = 0xC01A0018 +STATUS_LOG_RECORD_NONEXISTENT = 0xC01A0019 +STATUS_LOG_RECORDS_RESERVED_INVALID = 0xC01A001A +STATUS_LOG_SPACE_RESERVED_INVALID = 0xC01A001B +STATUS_LOG_TAIL_INVALID = 0xC01A001C +STATUS_LOG_FULL = 0xC01A001D +STATUS_LOG_MULTIPLEXED = 0xC01A001E +STATUS_LOG_DEDICATED = 0xC01A001F +STATUS_LOG_ARCHIVE_NOT_IN_PROGRESS = 0xC01A0020 +STATUS_LOG_ARCHIVE_IN_PROGRESS = 0xC01A0021 +STATUS_LOG_EPHEMERAL = 0xC01A0022 +STATUS_LOG_NOT_ENOUGH_CONTAINERS = 0xC01A0023 +STATUS_LOG_CLIENT_ALREADY_REGISTERED = 0xC01A0024 +STATUS_LOG_CLIENT_NOT_REGISTERED = 0xC01A0025 +STATUS_LOG_FULL_HANDLER_IN_PROGRESS = 0xC01A0026 +STATUS_LOG_CONTAINER_READ_FAILED = 0xC01A0027 +STATUS_LOG_CONTAINER_WRITE_FAILED = 0xC01A0028 +STATUS_LOG_CONTAINER_OPEN_FAILED = 0xC01A0029 +STATUS_LOG_CONTAINER_STATE_INVALID = 0xC01A002A +STATUS_LOG_STATE_INVALID = 0xC01A002B +STATUS_LOG_PINNED = 0xC01A002C +STATUS_LOG_METADATA_FLUSH_FAILED = 0xC01A002D +STATUS_LOG_INCONSISTENT_SECURITY = 0xC01A002E +STATUS_LOG_APPENDED_FLUSH_FAILED = 0xC01A002F +STATUS_LOG_PINNED_RESERVATION = 0xC01A0030 +STATUS_VIDEO_HUNG_DISPLAY_DRIVER_THREAD = 0xC01B00EA +STATUS_FLT_NO_HANDLER_DEFINED = 0xC01C0001 +STATUS_FLT_CONTEXT_ALREADY_DEFINED = 0xC01C0002 +STATUS_FLT_INVALID_ASYNCHRONOUS_REQUEST = 0xC01C0003 +STATUS_FLT_DISALLOW_FAST_IO = 0xC01C0004 +STATUS_FLT_INVALID_NAME_REQUEST = 0xC01C0005 +STATUS_FLT_NOT_SAFE_TO_POST_OPERATION = 0xC01C0006 +STATUS_FLT_NOT_INITIALIZED = 0xC01C0007 +STATUS_FLT_FILTER_NOT_READY = 0xC01C0008 +STATUS_FLT_POST_OPERATION_CLEANUP = 0xC01C0009 +STATUS_FLT_INTERNAL_ERROR = 0xC01C000A +STATUS_FLT_DELETING_OBJECT = 0xC01C000B +STATUS_FLT_MUST_BE_NONPAGED_POOL = 0xC01C000C +STATUS_FLT_DUPLICATE_ENTRY = 0xC01C000D +STATUS_FLT_CBDQ_DISABLED = 0xC01C000E +STATUS_FLT_DO_NOT_ATTACH = 0xC01C000F +STATUS_FLT_DO_NOT_DETACH = 0xC01C0010 +STATUS_FLT_INSTANCE_ALTITUDE_COLLISION = 0xC01C0011 +STATUS_FLT_INSTANCE_NAME_COLLISION = 0xC01C0012 +STATUS_FLT_FILTER_NOT_FOUND = 0xC01C0013 +STATUS_FLT_VOLUME_NOT_FOUND = 0xC01C0014 +STATUS_FLT_INSTANCE_NOT_FOUND = 0xC01C0015 +STATUS_FLT_CONTEXT_ALLOCATION_NOT_FOUND = 0xC01C0016 +STATUS_FLT_INVALID_CONTEXT_REGISTRATION = 0xC01C0017 +STATUS_FLT_NAME_CACHE_MISS = 0xC01C0018 +STATUS_FLT_NO_DEVICE_OBJECT = 0xC01C0019 +STATUS_FLT_VOLUME_ALREADY_MOUNTED = 0xC01C001A +STATUS_FLT_ALREADY_ENLISTED = 0xC01C001B +STATUS_FLT_CONTEXT_ALREADY_LINKED = 0xC01C001C +STATUS_FLT_NO_WAITER_FOR_REPLY = 0xC01C0020 +STATUS_MONITOR_NO_DESCRIPTOR = 0xC01D0001 +STATUS_MONITOR_UNKNOWN_DESCRIPTOR_FORMAT = 0xC01D0002 +STATUS_MONITOR_INVALID_DESCRIPTOR_CHECKSUM = 0xC01D0003 +STATUS_MONITOR_INVALID_STANDARD_TIMING_BLOCK = 0xC01D0004 +STATUS_MONITOR_WMI_DATABLOCK_REGISTRATION_FAILED = 0xC01D0005 +STATUS_MONITOR_INVALID_SERIAL_NUMBER_MONDSC_BLOCK = 0xC01D0006 +STATUS_MONITOR_INVALID_USER_FRIENDLY_MONDSC_BLOCK = 0xC01D0007 +STATUS_MONITOR_NO_MORE_DESCRIPTOR_DATA = 0xC01D0008 +STATUS_MONITOR_INVALID_DETAILED_TIMING_BLOCK = 0xC01D0009 +STATUS_MONITOR_INVALID_MANUFACTURE_DATE = 0xC01D000A +STATUS_GRAPHICS_NOT_EXCLUSIVE_MODE_OWNER = 0xC01E0000 +STATUS_GRAPHICS_INSUFFICIENT_DMA_BUFFER = 0xC01E0001 +STATUS_GRAPHICS_INVALID_DISPLAY_ADAPTER = 0xC01E0002 +STATUS_GRAPHICS_ADAPTER_WAS_RESET = 0xC01E0003 +STATUS_GRAPHICS_INVALID_DRIVER_MODEL = 0xC01E0004 +STATUS_GRAPHICS_PRESENT_MODE_CHANGED = 0xC01E0005 +STATUS_GRAPHICS_PRESENT_OCCLUDED = 0xC01E0006 +STATUS_GRAPHICS_PRESENT_DENIED = 0xC01E0007 +STATUS_GRAPHICS_CANNOTCOLORCONVERT = 0xC01E0008 +STATUS_GRAPHICS_PRESENT_REDIRECTION_DISABLED = 0xC01E000B +STATUS_GRAPHICS_PRESENT_UNOCCLUDED = 0xC01E000C +STATUS_GRAPHICS_NO_VIDEO_MEMORY = 0xC01E0100 +STATUS_GRAPHICS_CANT_LOCK_MEMORY = 0xC01E0101 +STATUS_GRAPHICS_ALLOCATION_BUSY = 0xC01E0102 +STATUS_GRAPHICS_TOO_MANY_REFERENCES = 0xC01E0103 +STATUS_GRAPHICS_TRY_AGAIN_LATER = 0xC01E0104 +STATUS_GRAPHICS_TRY_AGAIN_NOW = 0xC01E0105 +STATUS_GRAPHICS_ALLOCATION_INVALID = 0xC01E0106 +STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNAVAILABLE = 0xC01E0107 +STATUS_GRAPHICS_UNSWIZZLING_APERTURE_UNSUPPORTED = 0xC01E0108 +STATUS_GRAPHICS_CANT_EVICT_PINNED_ALLOCATION = 0xC01E0109 +STATUS_GRAPHICS_INVALID_ALLOCATION_USAGE = 0xC01E0110 +STATUS_GRAPHICS_CANT_RENDER_LOCKED_ALLOCATION = 0xC01E0111 +STATUS_GRAPHICS_ALLOCATION_CLOSED = 0xC01E0112 +STATUS_GRAPHICS_INVALID_ALLOCATION_INSTANCE = 0xC01E0113 +STATUS_GRAPHICS_INVALID_ALLOCATION_HANDLE = 0xC01E0114 +STATUS_GRAPHICS_WRONG_ALLOCATION_DEVICE = 0xC01E0115 +STATUS_GRAPHICS_ALLOCATION_CONTENT_LOST = 0xC01E0116 +STATUS_GRAPHICS_GPU_EXCEPTION_ON_DEVICE = 0xC01E0200 +STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY = 0xC01E0300 +STATUS_GRAPHICS_VIDPN_TOPOLOGY_NOT_SUPPORTED = 0xC01E0301 +STATUS_GRAPHICS_VIDPN_TOPOLOGY_CURRENTLY_NOT_SUPPORTED = 0xC01E0302 +STATUS_GRAPHICS_INVALID_VIDPN = 0xC01E0303 +STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE = 0xC01E0304 +STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET = 0xC01E0305 +STATUS_GRAPHICS_VIDPN_MODALITY_NOT_SUPPORTED = 0xC01E0306 +STATUS_GRAPHICS_INVALID_VIDPN_SOURCEMODESET = 0xC01E0308 +STATUS_GRAPHICS_INVALID_VIDPN_TARGETMODESET = 0xC01E0309 +STATUS_GRAPHICS_INVALID_FREQUENCY = 0xC01E030A +STATUS_GRAPHICS_INVALID_ACTIVE_REGION = 0xC01E030B +STATUS_GRAPHICS_INVALID_TOTAL_REGION = 0xC01E030C +STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_SOURCE_MODE = 0xC01E0310 +STATUS_GRAPHICS_INVALID_VIDEO_PRESENT_TARGET_MODE = 0xC01E0311 +STATUS_GRAPHICS_PINNED_MODE_MUST_REMAIN_IN_SET = 0xC01E0312 +STATUS_GRAPHICS_PATH_ALREADY_IN_TOPOLOGY = 0xC01E0313 +STATUS_GRAPHICS_MODE_ALREADY_IN_MODESET = 0xC01E0314 +STATUS_GRAPHICS_INVALID_VIDEOPRESENTSOURCESET = 0xC01E0315 +STATUS_GRAPHICS_INVALID_VIDEOPRESENTTARGETSET = 0xC01E0316 +STATUS_GRAPHICS_SOURCE_ALREADY_IN_SET = 0xC01E0317 +STATUS_GRAPHICS_TARGET_ALREADY_IN_SET = 0xC01E0318 +STATUS_GRAPHICS_INVALID_VIDPN_PRESENT_PATH = 0xC01E0319 +STATUS_GRAPHICS_NO_RECOMMENDED_VIDPN_TOPOLOGY = 0xC01E031A +STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGESET = 0xC01E031B +STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE = 0xC01E031C +STATUS_GRAPHICS_FREQUENCYRANGE_NOT_IN_SET = 0xC01E031D +STATUS_GRAPHICS_FREQUENCYRANGE_ALREADY_IN_SET = 0xC01E031F +STATUS_GRAPHICS_STALE_MODESET = 0xC01E0320 +STATUS_GRAPHICS_INVALID_MONITOR_SOURCEMODESET = 0xC01E0321 +STATUS_GRAPHICS_INVALID_MONITOR_SOURCE_MODE = 0xC01E0322 +STATUS_GRAPHICS_NO_RECOMMENDED_FUNCTIONAL_VIDPN = 0xC01E0323 +STATUS_GRAPHICS_MODE_ID_MUST_BE_UNIQUE = 0xC01E0324 +STATUS_GRAPHICS_EMPTY_ADAPTER_MONITOR_MODE_SUPPORT_INTERSECTION = 0xC01E0325 +STATUS_GRAPHICS_VIDEO_PRESENT_TARGETS_LESS_THAN_SOURCES = 0xC01E0326 +STATUS_GRAPHICS_PATH_NOT_IN_TOPOLOGY = 0xC01E0327 +STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_SOURCE = 0xC01E0328 +STATUS_GRAPHICS_ADAPTER_MUST_HAVE_AT_LEAST_ONE_TARGET = 0xC01E0329 +STATUS_GRAPHICS_INVALID_MONITORDESCRIPTORSET = 0xC01E032A +STATUS_GRAPHICS_INVALID_MONITORDESCRIPTOR = 0xC01E032B +STATUS_GRAPHICS_MONITORDESCRIPTOR_NOT_IN_SET = 0xC01E032C +STATUS_GRAPHICS_MONITORDESCRIPTOR_ALREADY_IN_SET = 0xC01E032D +STATUS_GRAPHICS_MONITORDESCRIPTOR_ID_MUST_BE_UNIQUE = 0xC01E032E +STATUS_GRAPHICS_INVALID_VIDPN_TARGET_SUBSET_TYPE = 0xC01E032F +STATUS_GRAPHICS_RESOURCES_NOT_RELATED = 0xC01E0330 +STATUS_GRAPHICS_SOURCE_ID_MUST_BE_UNIQUE = 0xC01E0331 +STATUS_GRAPHICS_TARGET_ID_MUST_BE_UNIQUE = 0xC01E0332 +STATUS_GRAPHICS_NO_AVAILABLE_VIDPN_TARGET = 0xC01E0333 +STATUS_GRAPHICS_MONITOR_COULD_NOT_BE_ASSOCIATED_WITH_ADAPTER = 0xC01E0334 +STATUS_GRAPHICS_NO_VIDPNMGR = 0xC01E0335 +STATUS_GRAPHICS_NO_ACTIVE_VIDPN = 0xC01E0336 +STATUS_GRAPHICS_STALE_VIDPN_TOPOLOGY = 0xC01E0337 +STATUS_GRAPHICS_MONITOR_NOT_CONNECTED = 0xC01E0338 +STATUS_GRAPHICS_SOURCE_NOT_IN_TOPOLOGY = 0xC01E0339 +STATUS_GRAPHICS_INVALID_PRIMARYSURFACE_SIZE = 0xC01E033A +STATUS_GRAPHICS_INVALID_VISIBLEREGION_SIZE = 0xC01E033B +STATUS_GRAPHICS_INVALID_STRIDE = 0xC01E033C +STATUS_GRAPHICS_INVALID_PIXELFORMAT = 0xC01E033D +STATUS_GRAPHICS_INVALID_COLORBASIS = 0xC01E033E +STATUS_GRAPHICS_INVALID_PIXELVALUEACCESSMODE = 0xC01E033F +STATUS_GRAPHICS_TARGET_NOT_IN_TOPOLOGY = 0xC01E0340 +STATUS_GRAPHICS_NO_DISPLAY_MODE_MANAGEMENT_SUPPORT = 0xC01E0341 +STATUS_GRAPHICS_VIDPN_SOURCE_IN_USE = 0xC01E0342 +STATUS_GRAPHICS_CANT_ACCESS_ACTIVE_VIDPN = 0xC01E0343 +STATUS_GRAPHICS_INVALID_PATH_IMPORTANCE_ORDINAL = 0xC01E0344 +STATUS_GRAPHICS_INVALID_PATH_CONTENT_GEOMETRY_TRANSFORMATION = 0xC01E0345 +STATUS_GRAPHICS_PATH_CONTENT_GEOMETRY_TRANSFORMATION_NOT_SUPPORTED = 0xC01E0346 +STATUS_GRAPHICS_INVALID_GAMMA_RAMP = 0xC01E0347 +STATUS_GRAPHICS_GAMMA_RAMP_NOT_SUPPORTED = 0xC01E0348 +STATUS_GRAPHICS_MULTISAMPLING_NOT_SUPPORTED = 0xC01E0349 +STATUS_GRAPHICS_MODE_NOT_IN_MODESET = 0xC01E034A +STATUS_GRAPHICS_INVALID_VIDPN_TOPOLOGY_RECOMMENDATION_REASON = 0xC01E034D +STATUS_GRAPHICS_INVALID_PATH_CONTENT_TYPE = 0xC01E034E +STATUS_GRAPHICS_INVALID_COPYPROTECTION_TYPE = 0xC01E034F +STATUS_GRAPHICS_UNASSIGNED_MODESET_ALREADY_EXISTS = 0xC01E0350 +STATUS_GRAPHICS_INVALID_SCANLINE_ORDERING = 0xC01E0352 +STATUS_GRAPHICS_TOPOLOGY_CHANGES_NOT_ALLOWED = 0xC01E0353 +STATUS_GRAPHICS_NO_AVAILABLE_IMPORTANCE_ORDINALS = 0xC01E0354 +STATUS_GRAPHICS_INCOMPATIBLE_PRIVATE_FORMAT = 0xC01E0355 +STATUS_GRAPHICS_INVALID_MODE_PRUNING_ALGORITHM = 0xC01E0356 +STATUS_GRAPHICS_INVALID_MONITOR_CAPABILITY_ORIGIN = 0xC01E0357 +STATUS_GRAPHICS_INVALID_MONITOR_FREQUENCYRANGE_CONSTRAINT = 0xC01E0358 +STATUS_GRAPHICS_MAX_NUM_PATHS_REACHED = 0xC01E0359 +STATUS_GRAPHICS_CANCEL_VIDPN_TOPOLOGY_AUGMENTATION = 0xC01E035A +STATUS_GRAPHICS_INVALID_CLIENT_TYPE = 0xC01E035B +STATUS_GRAPHICS_CLIENTVIDPN_NOT_SET = 0xC01E035C +STATUS_GRAPHICS_SPECIFIED_CHILD_ALREADY_CONNECTED = 0xC01E0400 +STATUS_GRAPHICS_CHILD_DESCRIPTOR_NOT_SUPPORTED = 0xC01E0401 +STATUS_GRAPHICS_NOT_A_LINKED_ADAPTER = 0xC01E0430 +STATUS_GRAPHICS_LEADLINK_NOT_ENUMERATED = 0xC01E0431 +STATUS_GRAPHICS_CHAINLINKS_NOT_ENUMERATED = 0xC01E0432 +STATUS_GRAPHICS_ADAPTER_CHAIN_NOT_READY = 0xC01E0433 +STATUS_GRAPHICS_CHAINLINKS_NOT_STARTED = 0xC01E0434 +STATUS_GRAPHICS_CHAINLINKS_NOT_POWERED_ON = 0xC01E0435 +STATUS_GRAPHICS_INCONSISTENT_DEVICE_LINK_STATE = 0xC01E0436 +STATUS_GRAPHICS_NOT_POST_DEVICE_DRIVER = 0xC01E0438 +STATUS_GRAPHICS_ADAPTER_ACCESS_NOT_EXCLUDED = 0xC01E043B +STATUS_GRAPHICS_OPM_NOT_SUPPORTED = 0xC01E0500 +STATUS_GRAPHICS_COPP_NOT_SUPPORTED = 0xC01E0501 +STATUS_GRAPHICS_UAB_NOT_SUPPORTED = 0xC01E0502 +STATUS_GRAPHICS_OPM_INVALID_ENCRYPTED_PARAMETERS = 0xC01E0503 +STATUS_GRAPHICS_OPM_PARAMETER_ARRAY_TOO_SMALL = 0xC01E0504 +STATUS_GRAPHICS_OPM_NO_PROTECTED_OUTPUTS_EXIST = 0xC01E0505 +STATUS_GRAPHICS_PVP_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME = 0xC01E0506 +STATUS_GRAPHICS_PVP_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP = 0xC01E0507 +STATUS_GRAPHICS_PVP_MIRRORING_DEVICES_NOT_SUPPORTED = 0xC01E0508 +STATUS_GRAPHICS_OPM_INVALID_POINTER = 0xC01E050A +STATUS_GRAPHICS_OPM_INTERNAL_ERROR = 0xC01E050B +STATUS_GRAPHICS_OPM_INVALID_HANDLE = 0xC01E050C +STATUS_GRAPHICS_PVP_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE = 0xC01E050D +STATUS_GRAPHICS_PVP_INVALID_CERTIFICATE_LENGTH = 0xC01E050E +STATUS_GRAPHICS_OPM_SPANNING_MODE_ENABLED = 0xC01E050F +STATUS_GRAPHICS_OPM_THEATER_MODE_ENABLED = 0xC01E0510 +STATUS_GRAPHICS_PVP_HFS_FAILED = 0xC01E0511 +STATUS_GRAPHICS_OPM_INVALID_SRM = 0xC01E0512 +STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_HDCP = 0xC01E0513 +STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_ACP = 0xC01E0514 +STATUS_GRAPHICS_OPM_OUTPUT_DOES_NOT_SUPPORT_CGMSA = 0xC01E0515 +STATUS_GRAPHICS_OPM_HDCP_SRM_NEVER_SET = 0xC01E0516 +STATUS_GRAPHICS_OPM_RESOLUTION_TOO_HIGH = 0xC01E0517 +STATUS_GRAPHICS_OPM_ALL_HDCP_HARDWARE_ALREADY_IN_USE = 0xC01E0518 +STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_NO_LONGER_EXISTS = 0xC01E051A +STATUS_GRAPHICS_OPM_SESSION_TYPE_CHANGE_IN_PROGRESS = 0xC01E051B +STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_COPP_SEMANTICS = 0xC01E051C +STATUS_GRAPHICS_OPM_INVALID_INFORMATION_REQUEST = 0xC01E051D +STATUS_GRAPHICS_OPM_DRIVER_INTERNAL_ERROR = 0xC01E051E +STATUS_GRAPHICS_OPM_PROTECTED_OUTPUT_DOES_NOT_HAVE_OPM_SEMANTICS = 0xC01E051F +STATUS_GRAPHICS_OPM_SIGNALING_NOT_SUPPORTED = 0xC01E0520 +STATUS_GRAPHICS_OPM_INVALID_CONFIGURATION_REQUEST = 0xC01E0521 +STATUS_GRAPHICS_I2C_NOT_SUPPORTED = 0xC01E0580 +STATUS_GRAPHICS_I2C_DEVICE_DOES_NOT_EXIST = 0xC01E0581 +STATUS_GRAPHICS_I2C_ERROR_TRANSMITTING_DATA = 0xC01E0582 +STATUS_GRAPHICS_I2C_ERROR_RECEIVING_DATA = 0xC01E0583 +STATUS_GRAPHICS_DDCCI_VCP_NOT_SUPPORTED = 0xC01E0584 +STATUS_GRAPHICS_DDCCI_INVALID_DATA = 0xC01E0585 +STATUS_GRAPHICS_DDCCI_MONITOR_RETURNED_INVALID_TIMING_STATUS_BYTE = 0xC01E0586 +STATUS_GRAPHICS_DDCCI_INVALID_CAPABILITIES_STRING = 0xC01E0587 +STATUS_GRAPHICS_MCA_INTERNAL_ERROR = 0xC01E0588 +STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_COMMAND = 0xC01E0589 +STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_LENGTH = 0xC01E058A +STATUS_GRAPHICS_DDCCI_INVALID_MESSAGE_CHECKSUM = 0xC01E058B +STATUS_GRAPHICS_INVALID_PHYSICAL_MONITOR_HANDLE = 0xC01E058C +STATUS_GRAPHICS_MONITOR_NO_LONGER_EXISTS = 0xC01E058D +STATUS_GRAPHICS_ONLY_CONSOLE_SESSION_SUPPORTED = 0xC01E05E0 +STATUS_GRAPHICS_NO_DISPLAY_DEVICE_CORRESPONDS_TO_NAME = 0xC01E05E1 +STATUS_GRAPHICS_DISPLAY_DEVICE_NOT_ATTACHED_TO_DESKTOP = 0xC01E05E2 +STATUS_GRAPHICS_MIRRORING_DEVICES_NOT_SUPPORTED = 0xC01E05E3 +STATUS_GRAPHICS_INVALID_POINTER = 0xC01E05E4 +STATUS_GRAPHICS_NO_MONITORS_CORRESPOND_TO_DISPLAY_DEVICE = 0xC01E05E5 +STATUS_GRAPHICS_PARAMETER_ARRAY_TOO_SMALL = 0xC01E05E6 +STATUS_GRAPHICS_INTERNAL_ERROR = 0xC01E05E7 +STATUS_GRAPHICS_SESSION_TYPE_CHANGE_IN_PROGRESS = 0xC01E05E8 +STATUS_FVE_LOCKED_VOLUME = 0xC0210000 +STATUS_FVE_NOT_ENCRYPTED = 0xC0210001 +STATUS_FVE_BAD_INFORMATION = 0xC0210002 +STATUS_FVE_TOO_SMALL = 0xC0210003 +STATUS_FVE_FAILED_WRONG_FS = 0xC0210004 +STATUS_FVE_FAILED_BAD_FS = 0xC0210005 +STATUS_FVE_FS_NOT_EXTENDED = 0xC0210006 +STATUS_FVE_FS_MOUNTED = 0xC0210007 +STATUS_FVE_NO_LICENSE = 0xC0210008 +STATUS_FVE_ACTION_NOT_ALLOWED = 0xC0210009 +STATUS_FVE_BAD_DATA = 0xC021000A +STATUS_FVE_VOLUME_NOT_BOUND = 0xC021000B +STATUS_FVE_NOT_DATA_VOLUME = 0xC021000C +STATUS_FVE_CONV_READ_ERROR = 0xC021000D +STATUS_FVE_CONV_WRITE_ERROR = 0xC021000E +STATUS_FVE_OVERLAPPED_UPDATE = 0xC021000F +STATUS_FVE_FAILED_SECTOR_SIZE = 0xC0210010 +STATUS_FVE_FAILED_AUTHENTICATION = 0xC0210011 +STATUS_FVE_NOT_OS_VOLUME = 0xC0210012 +STATUS_FVE_KEYFILE_NOT_FOUND = 0xC0210013 +STATUS_FVE_KEYFILE_INVALID = 0xC0210014 +STATUS_FVE_KEYFILE_NO_VMK = 0xC0210015 +STATUS_FVE_TPM_DISABLED = 0xC0210016 +STATUS_FVE_TPM_SRK_AUTH_NOT_ZERO = 0xC0210017 +STATUS_FVE_TPM_INVALID_PCR = 0xC0210018 +STATUS_FVE_TPM_NO_VMK = 0xC0210019 +STATUS_FVE_PIN_INVALID = 0xC021001A +STATUS_FVE_AUTH_INVALID_APPLICATION = 0xC021001B +STATUS_FVE_AUTH_INVALID_CONFIG = 0xC021001C +STATUS_FVE_DEBUGGER_ENABLED = 0xC021001D +STATUS_FVE_DRY_RUN_FAILED = 0xC021001E +STATUS_FVE_BAD_METADATA_POINTER = 0xC021001F +STATUS_FVE_OLD_METADATA_COPY = 0xC0210020 +STATUS_FVE_REBOOT_REQUIRED = 0xC0210021 +STATUS_FVE_RAW_ACCESS = 0xC0210022 +STATUS_FVE_RAW_BLOCKED = 0xC0210023 +STATUS_FVE_NO_FEATURE_LICENSE = 0xC0210026 +STATUS_FVE_POLICY_USER_DISABLE_RDV_NOT_ALLOWED = 0xC0210027 +STATUS_FVE_CONV_RECOVERY_FAILED = 0xC0210028 +STATUS_FVE_VIRTUALIZED_SPACE_TOO_BIG = 0xC0210029 +STATUS_FVE_VOLUME_TOO_SMALL = 0xC0210030 +STATUS_FWP_CALLOUT_NOT_FOUND = 0xC0220001 +STATUS_FWP_CONDITION_NOT_FOUND = 0xC0220002 +STATUS_FWP_FILTER_NOT_FOUND = 0xC0220003 +STATUS_FWP_LAYER_NOT_FOUND = 0xC0220004 +STATUS_FWP_PROVIDER_NOT_FOUND = 0xC0220005 +STATUS_FWP_PROVIDER_CONTEXT_NOT_FOUND = 0xC0220006 +STATUS_FWP_SUBLAYER_NOT_FOUND = 0xC0220007 +STATUS_FWP_NOT_FOUND = 0xC0220008 +STATUS_FWP_ALREADY_EXISTS = 0xC0220009 +STATUS_FWP_IN_USE = 0xC022000A +STATUS_FWP_DYNAMIC_SESSION_IN_PROGRESS = 0xC022000B +STATUS_FWP_WRONG_SESSION = 0xC022000C +STATUS_FWP_NO_TXN_IN_PROGRESS = 0xC022000D +STATUS_FWP_TXN_IN_PROGRESS = 0xC022000E +STATUS_FWP_TXN_ABORTED = 0xC022000F +STATUS_FWP_SESSION_ABORTED = 0xC0220010 +STATUS_FWP_INCOMPATIBLE_TXN = 0xC0220011 +STATUS_FWP_TIMEOUT = 0xC0220012 +STATUS_FWP_NET_EVENTS_DISABLED = 0xC0220013 +STATUS_FWP_INCOMPATIBLE_LAYER = 0xC0220014 +STATUS_FWP_KM_CLIENTS_ONLY = 0xC0220015 +STATUS_FWP_LIFETIME_MISMATCH = 0xC0220016 +STATUS_FWP_BUILTIN_OBJECT = 0xC0220017 +STATUS_FWP_TOO_MANY_BOOTTIME_FILTERS = 0xC0220018 +STATUS_FWP_TOO_MANY_CALLOUTS = 0xC0220018 +STATUS_FWP_NOTIFICATION_DROPPED = 0xC0220019 +STATUS_FWP_TRAFFIC_MISMATCH = 0xC022001A +STATUS_FWP_INCOMPATIBLE_SA_STATE = 0xC022001B +STATUS_FWP_NULL_POINTER = 0xC022001C +STATUS_FWP_INVALID_ENUMERATOR = 0xC022001D +STATUS_FWP_INVALID_FLAGS = 0xC022001E +STATUS_FWP_INVALID_NET_MASK = 0xC022001F +STATUS_FWP_INVALID_RANGE = 0xC0220020 +STATUS_FWP_INVALID_INTERVAL = 0xC0220021 +STATUS_FWP_ZERO_LENGTH_ARRAY = 0xC0220022 +STATUS_FWP_NULL_DISPLAY_NAME = 0xC0220023 +STATUS_FWP_INVALID_ACTION_TYPE = 0xC0220024 +STATUS_FWP_INVALID_WEIGHT = 0xC0220025 +STATUS_FWP_MATCH_TYPE_MISMATCH = 0xC0220026 +STATUS_FWP_TYPE_MISMATCH = 0xC0220027 +STATUS_FWP_OUT_OF_BOUNDS = 0xC0220028 +STATUS_FWP_RESERVED = 0xC0220029 +STATUS_FWP_DUPLICATE_CONDITION = 0xC022002A +STATUS_FWP_DUPLICATE_KEYMOD = 0xC022002B +STATUS_FWP_ACTION_INCOMPATIBLE_WITH_LAYER = 0xC022002C +STATUS_FWP_ACTION_INCOMPATIBLE_WITH_SUBLAYER = 0xC022002D +STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_LAYER = 0xC022002E +STATUS_FWP_CONTEXT_INCOMPATIBLE_WITH_CALLOUT = 0xC022002F +STATUS_FWP_INCOMPATIBLE_AUTH_METHOD = 0xC0220030 +STATUS_FWP_INCOMPATIBLE_DH_GROUP = 0xC0220031 +STATUS_FWP_EM_NOT_SUPPORTED = 0xC0220032 +STATUS_FWP_NEVER_MATCH = 0xC0220033 +STATUS_FWP_PROVIDER_CONTEXT_MISMATCH = 0xC0220034 +STATUS_FWP_INVALID_PARAMETER = 0xC0220035 +STATUS_FWP_TOO_MANY_SUBLAYERS = 0xC0220036 +STATUS_FWP_CALLOUT_NOTIFICATION_FAILED = 0xC0220037 +STATUS_FWP_INCOMPATIBLE_AUTH_CONFIG = 0xC0220038 +STATUS_FWP_INCOMPATIBLE_CIPHER_CONFIG = 0xC0220039 +STATUS_FWP_DUPLICATE_AUTH_METHOD = 0xC022003C +STATUS_FWP_TCPIP_NOT_READY = 0xC0220100 +STATUS_FWP_INJECT_HANDLE_CLOSING = 0xC0220101 +STATUS_FWP_INJECT_HANDLE_STALE = 0xC0220102 +STATUS_FWP_CANNOT_PEND = 0xC0220103 +STATUS_NDIS_CLOSING = 0xC0230002 +STATUS_NDIS_BAD_VERSION = 0xC0230004 +STATUS_NDIS_BAD_CHARACTERISTICS = 0xC0230005 +STATUS_NDIS_ADAPTER_NOT_FOUND = 0xC0230006 +STATUS_NDIS_OPEN_FAILED = 0xC0230007 +STATUS_NDIS_DEVICE_FAILED = 0xC0230008 +STATUS_NDIS_MULTICAST_FULL = 0xC0230009 +STATUS_NDIS_MULTICAST_EXISTS = 0xC023000A +STATUS_NDIS_MULTICAST_NOT_FOUND = 0xC023000B +STATUS_NDIS_REQUEST_ABORTED = 0xC023000C +STATUS_NDIS_RESET_IN_PROGRESS = 0xC023000D +STATUS_NDIS_INVALID_PACKET = 0xC023000F +STATUS_NDIS_INVALID_DEVICE_REQUEST = 0xC0230010 +STATUS_NDIS_ADAPTER_NOT_READY = 0xC0230011 +STATUS_NDIS_INVALID_LENGTH = 0xC0230014 +STATUS_NDIS_INVALID_DATA = 0xC0230015 +STATUS_NDIS_BUFFER_TOO_SHORT = 0xC0230016 +STATUS_NDIS_INVALID_OID = 0xC0230017 +STATUS_NDIS_ADAPTER_REMOVED = 0xC0230018 +STATUS_NDIS_UNSUPPORTED_MEDIA = 0xC0230019 +STATUS_NDIS_GROUP_ADDRESS_IN_USE = 0xC023001A +STATUS_NDIS_FILE_NOT_FOUND = 0xC023001B +STATUS_NDIS_ERROR_READING_FILE = 0xC023001C +STATUS_NDIS_ALREADY_MAPPED = 0xC023001D +STATUS_NDIS_RESOURCE_CONFLICT = 0xC023001E +STATUS_NDIS_MEDIA_DISCONNECTED = 0xC023001F +STATUS_NDIS_INVALID_ADDRESS = 0xC0230022 +STATUS_NDIS_PAUSED = 0xC023002A +STATUS_NDIS_INTERFACE_NOT_FOUND = 0xC023002B +STATUS_NDIS_UNSUPPORTED_REVISION = 0xC023002C +STATUS_NDIS_INVALID_PORT = 0xC023002D +STATUS_NDIS_INVALID_PORT_STATE = 0xC023002E +STATUS_NDIS_LOW_POWER_STATE = 0xC023002F +STATUS_NDIS_NOT_SUPPORTED = 0xC02300BB +STATUS_NDIS_OFFLOAD_POLICY = 0xC023100F +STATUS_NDIS_OFFLOAD_CONNECTION_REJECTED = 0xC0231012 +STATUS_NDIS_OFFLOAD_PATH_REJECTED = 0xC0231013 +STATUS_NDIS_DOT11_AUTO_CONFIG_ENABLED = 0xC0232000 +STATUS_NDIS_DOT11_MEDIA_IN_USE = 0xC0232001 +STATUS_NDIS_DOT11_POWER_STATE_INVALID = 0xC0232002 +STATUS_NDIS_PM_WOL_PATTERN_LIST_FULL = 0xC0232003 +STATUS_NDIS_PM_PROTOCOL_OFFLOAD_LIST_FULL = 0xC0232004 +STATUS_IPSEC_BAD_SPI = 0xC0360001 +STATUS_IPSEC_SA_LIFETIME_EXPIRED = 0xC0360002 +STATUS_IPSEC_WRONG_SA = 0xC0360003 +STATUS_IPSEC_REPLAY_CHECK_FAILED = 0xC0360004 +STATUS_IPSEC_INVALID_PACKET = 0xC0360005 +STATUS_IPSEC_INTEGRITY_CHECK_FAILED = 0xC0360006 +STATUS_IPSEC_CLEAR_TEXT_DROP = 0xC0360007 +STATUS_IPSEC_AUTH_FIREWALL_DROP = 0xC0360008 +STATUS_IPSEC_THROTTLE_DROP = 0xC0360009 +STATUS_IPSEC_DOSP_BLOCK = 0xC0368000 +STATUS_IPSEC_DOSP_RECEIVED_MULTICAST = 0xC0368001 +STATUS_IPSEC_DOSP_INVALID_PACKET = 0xC0368002 +STATUS_IPSEC_DOSP_STATE_LOOKUP_FAILED = 0xC0368003 +STATUS_IPSEC_DOSP_MAX_ENTRIES = 0xC0368004 +STATUS_IPSEC_DOSP_KEYMOD_NOT_ALLOWED = 0xC0368005 +STATUS_IPSEC_DOSP_MAX_PER_IP_RATELIMIT_QUEUES = 0xC0368006 +STATUS_VOLMGR_MIRROR_NOT_SUPPORTED = 0xC038005B +STATUS_VOLMGR_RAID5_NOT_SUPPORTED = 0xC038005C +STATUS_VIRTDISK_PROVIDER_NOT_FOUND = 0xC03A0014 +STATUS_VIRTDISK_NOT_VIRTUAL_DISK = 0xC03A0015 +STATUS_VHD_PARENT_VHD_ACCESS_DENIED = 0xC03A0016 +STATUS_VHD_CHILD_PARENT_SIZE_MISMATCH = 0xC03A0017 +STATUS_VHD_DIFFERENCING_CHAIN_CYCLE_DETECTED = 0xC03A0018 +STATUS_VHD_DIFFERENCING_CHAIN_ERROR_IN_PARENT = 0xC03A0019 diff --git a/tests/python_dependencies/impacket/ntlm.py b/tests/python_dependencies/impacket/ntlm.py new file mode 100644 index 000000000..8376644bd --- /dev/null +++ b/tests/python_dependencies/impacket/ntlm.py @@ -0,0 +1,971 @@ +# Copyright (c) 2003-2016 CORE Security Technologies: +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +import base64 +import struct +import calendar +import time +import hashlib +import random +import string +import binascii + +from impacket.structure import Structure +from impacket import LOG + + +# This is important. NTLMv2 is not negotiated by the client or server. +# It is used if set locally on both sides. Change this item if you don't want to use +# NTLMv2 by default and fall back to NTLMv1 (with EXTENDED_SESSION_SECURITY or not) +# Check the following links: +# http://davenport.sourceforge.net/ntlm.html +# http://blogs.msdn.com/b/openspecification/archive/2010/04/20/ntlm-keys-and-sundry-stuff.aspx +# http://social.msdn.microsoft.com/Forums/en-US/os_interopscenarios/thread/c8f488ed-1b96-4e06-bd65-390aa41138d1/ +# So I'm setting a global variable to control this, this can also be set programmatically + +USE_NTLMv2 = True # if false will fall back to NTLMv1 (or NTLMv1 with ESS a.k.a NTLM2) + + +def computeResponse(flags, serverChallenge, clientChallenge, serverName, domain, user, password, lmhash='', nthash='', + use_ntlmv2=USE_NTLMv2): + if use_ntlmv2: + return computeResponseNTLMv2(flags, serverChallenge, clientChallenge, serverName, domain, user, password, + lmhash, nthash, use_ntlmv2=use_ntlmv2) + else: + return computeResponseNTLMv1(flags, serverChallenge, clientChallenge, serverName, domain, user, password, + lmhash, nthash, use_ntlmv2=use_ntlmv2) +try: + POW = None + from Crypto.Cipher import ARC4 + from Crypto.Cipher import DES + from Crypto.Hash import MD4 +except Exception: + try: + import POW + except Exception: + LOG.critical("Warning: You don't have any crypto installed. You need PyCrypto") + LOG.critical("See http://www.pycrypto.org/") + +NTLM_AUTH_NONE = 1 +NTLM_AUTH_CONNECT = 2 +NTLM_AUTH_CALL = 3 +NTLM_AUTH_PKT = 4 +NTLM_AUTH_PKT_INTEGRITY = 5 +NTLM_AUTH_PKT_PRIVACY = 6 + +# If set, requests 56-bit encryption. If the client sends NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN +# with NTLMSSP_NEGOTIATE_56 to the server in the NEGOTIATE_MESSAGE, the server MUST return NTLMSSP_NEGOTIATE_56 to +# the client in the CHALLENGE_MESSAGE. Otherwise it is ignored. If both NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 +# are requested and supported by the client and server, NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 will both be +# returned to the client. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL SHOULD set NTLMSSP_NEGOTIATE_56 if it is +# supported. An alternate name for this field is NTLMSSP_NEGOTIATE_56. +NTLMSSP_NEGOTIATE_56 = 0x80000000 + +# If set, requests an explicit key exchange. This capability SHOULD be used because it improves security for message +# integrity or confidentiality. See sections 3.2.5.1.2, 3.2.5.2.1, and 3.2.5.2.2 for details. An alternate name for +# this field is NTLMSSP_NEGOTIATE_KEY_EXCH. +NTLMSSP_NEGOTIATE_KEY_EXCH = 0x40000000 + +# If set, requests 128-bit session key negotiation. An alternate name for this field is NTLMSSP_NEGOTIATE_128. +# If the client sends NTLMSSP_NEGOTIATE_128 to the server in the NEGOTIATE_MESSAGE, the server MUST return +# NTLMSSP_NEGOTIATE_128 to the client in the CHALLENGE_MESSAGE only if the client sets NTLMSSP_NEGOTIATE_SEAL or +# NTLMSSP_NEGOTIATE_SIGN. Otherwise it is ignored. If both NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 are +# requested and supported by the client and server, NTLMSSP_NEGOTIATE_56 and NTLMSSP_NEGOTIATE_128 will both be +# returned to the client. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL SHOULD set NTLMSSP_NEGOTIATE_128 if it +# is supported. An alternate name for this field is NTLMSSP_NEGOTIATE_128 +NTLMSSP_NEGOTIATE_128 = 0x20000000 + +NTLMSSP_RESERVED_1 = 0x10000000 +NTLMSSP_RESERVED_2 = 0x08000000 +NTLMSSP_RESERVED_3 = 0x04000000 + +# If set, requests the protocol version number. The data corresponding to this flag is provided in the Version field +# of the NEGOTIATE_MESSAGE, the CHALLENGE_MESSAGE, and the AUTHENTICATE_MESSAGE.<22> An alternate name for this field +# is NTLMSSP_NEGOTIATE_VERSION +NTLMSSP_NEGOTIATE_VERSION = 0x02000000 +NTLMSSP_RESERVED_4 = 0x01000000 + +# If set, indicates that the TargetInfo fields in the CHALLENGE_MESSAGE (section 2.2.1.2) are populated. +# An alternate name for this field is NTLMSSP_NEGOTIATE_TARGET_INFO. +NTLMSSP_NEGOTIATE_TARGET_INFO = 0x00800000 + +# If set, requests the usage of the LMOWF (section 3.3). An alternate name for this field is +# NTLMSSP_REQUEST_NON_NT_SESSION_KEY. +NTLMSSP_REQUEST_NON_NT_SESSION_KEY = 0x00400000 +NTLMSSP_RESERVED_5 = 0x00200000 + +# If set, requests an identify level token. An alternate name for this field is NTLMSSP_NEGOTIATE_IDENTIFY +NTLMSSP_NEGOTIATE_IDENTIFY = 0x00100000 + +# If set, requests usage of the NTLM v2 session security. NTLM v2 session security is a misnomer because it is not +# NTLM v2. It is NTLM v1 using the extended session security that is also in NTLM v2. NTLMSSP_NEGOTIATE_LM_KEY and +# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY +# and NTLMSSP_NEGOTIATE_LM_KEY are requested, NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be returned to the +# client. NTLM v2 authentication session key generation MUST be supported by both the client and the DC in order to be +# used, and extended session security signing and sealing requires support from the client and the server in order to +# be used.<23> An alternate name for this field is NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY +NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY = 0x00080000 +NTLMSSP_NEGOTIATE_NTLM2 = 0x00080000 +NTLMSSP_TARGET_TYPE_SHARE = 0x00040000 + +# If set, TargetName MUST be a server name. The data corresponding to this flag is provided by the server in the +# TargetName field of the CHALLENGE_MESSAGE. If this bit is set, then NTLMSSP_TARGET_TYPE_DOMAIN MUST NOT be set. +# This flag MUST be ignored in the NEGOTIATE_MESSAGE and the AUTHENTICATE_MESSAGE. An alternate name for this field +# is NTLMSSP_TARGET_TYPE_SERVER +NTLMSSP_TARGET_TYPE_SERVER = 0x00020000 + +# If set, TargetName MUST be a domain name. The data corresponding to this flag is provided by the server in the +# TargetName field of the CHALLENGE_MESSAGE. If set, then NTLMSSP_TARGET_TYPE_SERVER MUST NOT be set. This flag MUST +# be ignored in the NEGOTIATE_MESSAGE and the AUTHENTICATE_MESSAGE. An alternate name for this field is +# NTLMSSP_TARGET_TYPE_DOMAIN. +NTLMSSP_TARGET_TYPE_DOMAIN = 0x00010000 + +# If set, requests the presence of a signature block on all messages. NTLMSSP_NEGOTIATE_ALWAYS_SIGN MUST be set in the +# NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the client. NTLMSSP_NEGOTIATE_ALWAYS_SIGN is overridden +# by NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL, if they are supported. An alternate name for this field is +# NTLMSSP_NEGOTIATE_ALWAYS_SIGN. +NTLMSSP_NEGOTIATE_ALWAYS_SIGN = 0x00008000 # forces the other end to sign packets +NTLMSSP_RESERVED_6 = 0x00004000 + +# This flag indicates whether the Workstation field is present. If this flag is not set, the Workstation field MUST be +# ignored. If this flag is set, the length field of the Workstation field specifies whether the workstation name is +# nonempty or not.<24> An alternate name for this field is NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED. +NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED = 0x00002000 + +# If set, the domain name is provided (section 2.2.1.1).<25> An alternate name for this field is +# NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED +NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED = 0x00001000 +NTLMSSP_RESERVED_7 = 0x00000800 + + +# If set, LM authentication is not allowed and only NT authentication is used. +NTLMSSP_NEGOTIATE_NT_ONLY = 0x00000400 + +# If set, requests usage of the NTLM v1 session security protocol. NTLMSSP_NEGOTIATE_NTLM MUST be set in the +# NEGOTIATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the client. An alternate name for this field is +# NTLMSSP_NEGOTIATE_NTLM +NTLMSSP_NEGOTIATE_NTLM = 0x00000200 +NTLMSSP_RESERVED_8 = 0x00000100 + +# If set, requests LAN Manager (LM) session key computation. NTLMSSP_NEGOTIATE_LM_KEY and +# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are mutually exclusive. If both NTLMSSP_NEGOTIATE_LM_KEY and +# NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY are requested, NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY alone MUST be +# returned to the client. NTLM v2 authentication session key generation MUST be supported by both the client and the +# DC in order to be used, and extended session security signing and sealing requires support from the client and the +# server to be used. An alternate name for this field is NTLMSSP_NEGOTIATE_LM_KEY. +NTLMSSP_NEGOTIATE_LM_KEY = 0x00000080 + +# If set, requests connectionless authentication. If NTLMSSP_NEGOTIATE_DATAGRAM is set, then NTLMSSP_NEGOTIATE_KEY_EXCH +# MUST always be set in the AUTHENTICATE_MESSAGE to the server and the CHALLENGE_MESSAGE to the client. An alternate +# name for this field is NTLMSSP_NEGOTIATE_DATAGRAM. +NTLMSSP_NEGOTIATE_DATAGRAM = 0x00000040 + +# If set, requests session key negotiation for message confidentiality. If the client sends NTLMSSP_NEGOTIATE_SEAL to +# the server in the NEGOTIATE_MESSAGE, the server MUST return NTLMSSP_NEGOTIATE_SEAL to the client in the +# CHALLENGE_MESSAGE. Clients and servers that set NTLMSSP_NEGOTIATE_SEAL SHOULD always set NTLMSSP_NEGOTIATE_56 and +# NTLMSSP_NEGOTIATE_128, if they are supported. An alternate name for this field is NTLMSSP_NEGOTIATE_SEAL. +NTLMSSP_NEGOTIATE_SEAL = 0x00000020 + +# If set, requests session key negotiation for message signatures. If the client sends NTLMSSP_NEGOTIATE_SIGN to the +# server in the NEGOTIATE_MESSAGE, the server MUST return NTLMSSP_NEGOTIATE_SIGN to the client in the CHALLENGE_MESSAGE. +# An alternate name for this field is NTLMSSP_NEGOTIATE_SIGN. +NTLMSSP_NEGOTIATE_SIGN = 0x00000010 # means packet is signed, if verifier is wrong it fails +NTLMSSP_RESERVED_9 = 0x00000008 + +# If set, a TargetName field of the CHALLENGE_MESSAGE (section 2.2.1.2) MUST be supplied. An alternate name for this +# field is NTLMSSP_REQUEST_TARGET. +NTLMSSP_REQUEST_TARGET = 0x00000004 + +# If set, requests OEM character set encoding. An alternate name for this field is NTLM_NEGOTIATE_OEM. See bit A for +# details. +NTLM_NEGOTIATE_OEM = 0x00000002 + +# If set, requests Unicode character set encoding. An alternate name for this field is NTLMSSP_NEGOTIATE_UNICODE. +NTLMSSP_NEGOTIATE_UNICODE = 0x00000001 + +# AV_PAIR constants +NTLMSSP_AV_EOL = 0x00 +NTLMSSP_AV_HOSTNAME = 0x01 +NTLMSSP_AV_DOMAINNAME = 0x02 +NTLMSSP_AV_DNS_HOSTNAME = 0x03 +NTLMSSP_AV_DNS_DOMAINNAME = 0x04 +NTLMSSP_AV_DNS_TREENAME = 0x05 +NTLMSSP_AV_FLAGS = 0x06 +NTLMSSP_AV_TIME = 0x07 +NTLMSSP_AV_RESTRICTIONS = 0x08 +NTLMSSP_AV_TARGET_NAME = 0x09 +NTLMSSP_AV_CHANNEL_BINDINGS = 0x0a + +class AV_PAIRS(): + def __init__(self, data = None): + self.fields = {} + if data is not None: + self.fromString(data) + + def __setitem__(self,key,value): + self.fields[key] = (len(value),value) + + def __getitem__(self, key): + if self.fields.has_key(key): + return self.fields[key] + return None + + def __delitem__(self, key): + del self.fields[key] + + def __len__(self): + return len(self.getData()) + + def __str__(self): + return len(self.getData()) + + def fromString(self, data): + tInfo = data + fType = 0xff + while fType is not NTLMSSP_AV_EOL: + fType = struct.unpack('<H',tInfo[:struct.calcsize('<H')])[0] + tInfo = tInfo[struct.calcsize('<H'):] + length = struct.unpack('<H',tInfo[:struct.calcsize('<H')])[0] + tInfo = tInfo[struct.calcsize('<H'):] + content = tInfo[:length] + self.fields[fType]=(length,content) + tInfo = tInfo[length:] + + def dump(self): + for i in self.fields.keys(): + print "%s: {%r}" % (i,self[i]) + + def getData(self): + if self.fields.has_key(NTLMSSP_AV_EOL): + del self.fields[NTLMSSP_AV_EOL] + ans = '' + for i in self.fields.keys(): + ans+= struct.pack('<HH', i, self[i][0]) + ans+= self[i][1] + + # end with a NTLMSSP_AV_EOL + ans += struct.pack('<HH', NTLMSSP_AV_EOL, 0) + + return ans + +class NTLMAuthMixin: + def get_os_version(self): + if self['os_version'] == '': + return None + else: + mayor_v = struct.unpack('B',self['os_version'][0])[0] + minor_v = struct.unpack('B',self['os_version'][1])[0] + build_v = struct.unpack('H',self['os_version'][2:4]) + return (mayor_v,minor_v,build_v) + +class NTLMAuthNegotiate(Structure, NTLMAuthMixin): + + structure = ( + ('','"NTLMSSP\x00'), + ('message_type','<L=1'), + ('flags','<L'), + ('domain_len','<H-domain_name'), + ('domain_max_len','<H-domain_name'), + ('domain_offset','<L=0'), + ('host_len','<H-host_name'), + ('host_maxlen','<H-host_name'), + ('host_offset','<L=0'), + ('os_version',':'), + ('host_name',':'), + ('domain_name',':')) + + def __init__(self): + Structure.__init__(self) + self['flags']= ( + NTLMSSP_NEGOTIATE_128 | + NTLMSSP_NEGOTIATE_KEY_EXCH| + # NTLMSSP_LM_KEY | + NTLMSSP_NEGOTIATE_NTLM | + NTLMSSP_NEGOTIATE_UNICODE | + # NTLMSSP_ALWAYS_SIGN | + NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL | + # NTLMSSP_TARGET | + 0) + self['host_name']='' + self['domain_name']='' + self['os_version']='' + + def getData(self): + if len(self.fields['host_name']) > 0: + self['flags'] |= NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED + if len(self.fields['domain_name']) > 0: + self['flags'] |= NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED + if len(self.fields['os_version']) > 0: + self['flags'] |= NTLMSSP_NEGOTIATE_VERSION + if (self['flags'] & NTLMSSP_NEGOTIATE_VERSION) == NTLMSSP_NEGOTIATE_VERSION: + version_len = 8 + else: + version_len = 0 + if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED) == NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED: + self['host_offset']=32 + version_len + if (self['flags'] & NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED) == NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED: + self['domain_offset']=32+len(self['host_name']) + version_len + return Structure.getData(self) + + def fromString(self,data): + Structure.fromString(self,data) + + domain_offset = self['domain_offset'] + domain_end = self['domain_len'] + domain_offset + self['domain_name'] = data[ domain_offset : domain_end ] + + host_offset = self['host_offset'] + host_end = self['host_len'] + host_offset + self['host_name'] = data[ host_offset : host_end ] + + hasOsInfo = self['flags'] & NTLMSSP_NEGOTIATE_VERSION + if len(data) >= 36 and hasOsInfo: + self['os_version'] = data[32:40] + else: + self['os_version'] = '' + +class NTLMAuthChallenge(Structure): + + structure = ( + ('','"NTLMSSP\x00'), + ('message_type','<L=2'), + ('domain_len','<H-domain_name'), + ('domain_max_len','<H-domain_name'), + ('domain_offset','<L=40'), + ('flags','<L=0'), + ('challenge','8s'), + ('reserved','8s=""'), + ('TargetInfoFields_len','<H-TargetInfoFields'), + ('TargetInfoFields_max_len','<H-TargetInfoFields'), + ('TargetInfoFields_offset','<L'), + ('VersionLen','_-Version','self.checkVersion(self["flags"])'), + ('Version',':'), + ('domain_name',':'), + ('TargetInfoFields',':')) + + def checkVersion(self, flags): + if flags is not None: + if flags & NTLMSSP_NEGOTIATE_VERSION == 0: + return 0 + return 8 + + def getData(self): + if self['TargetInfoFields'] is not None and type(self['TargetInfoFields']) is not str: + raw_av_fields = self['TargetInfoFields'].getData() + self['TargetInfoFields'] = raw_av_fields + return Structure.getData(self) + + def fromString(self,data): + Structure.fromString(self,data) + # Just in case there's more data after the TargetInfoFields + self['TargetInfoFields'] = self['TargetInfoFields'][:self['TargetInfoFields_len']] + # We gotta process the TargetInfoFields + #if self['TargetInfoFields_len'] > 0: + # av_pairs = AV_PAIRS(self['TargetInfoFields'][:self['TargetInfoFields_len']]) + # self['TargetInfoFields'] = av_pairs + + return self + +class NTLMAuthChallengeResponse(Structure, NTLMAuthMixin): + + structure = ( + ('','"NTLMSSP\x00'), + ('message_type','<L=3'), + ('lanman_len','<H-lanman'), + ('lanman_max_len','<H-lanman'), + ('lanman_offset','<L'), + ('ntlm_len','<H-ntlm'), + ('ntlm_max_len','<H-ntlm'), + ('ntlm_offset','<L'), + ('domain_len','<H-domain_name'), + ('domain_max_len','<H-domain_name'), + ('domain_offset','<L'), + ('user_len','<H-user_name'), + ('user_max_len','<H-user_name'), + ('user_offset','<L'), + ('host_len','<H-host_name'), + ('host_max_len','<H-host_name'), + ('host_offset','<L'), + ('session_key_len','<H-session_key'), + ('session_key_max_len','<H-session_key'), + ('session_key_offset','<L'), + ('flags','<L'), + ('VersionLen','_-Version','self.checkVersion(self["flags"])'), + ('Version',':=""'), + ('MICLen','_-MIC','self.checkMIC(self["flags"])'), + ('MIC',':=""'), + ('domain_name',':'), + ('user_name',':'), + ('host_name',':'), + ('lanman',':'), + ('ntlm',':'), + ('session_key',':')) + + def __init__(self, username = '', password = '', challenge = '', lmhash = '', nthash = '', flags = 0): + Structure.__init__(self) + self['session_key']='' + self['user_name']=username.encode('utf-16le') + self['domain_name']='' #"CLON".encode('utf-16le') + self['host_name']='' #"BETS".encode('utf-16le') + self['flags'] = ( #authResp['flags'] + # we think (beto & gera) that his flags force a memory conten leakage when a windows 2000 answers using uninitializaed verifiers + NTLMSSP_NEGOTIATE_128 | + NTLMSSP_NEGOTIATE_KEY_EXCH| + # NTLMSSP_LM_KEY | + NTLMSSP_NEGOTIATE_NTLM | + NTLMSSP_NEGOTIATE_UNICODE | + # NTLMSSP_ALWAYS_SIGN | + NTLMSSP_NEGOTIATE_SIGN | + NTLMSSP_NEGOTIATE_SEAL | + # NTLMSSP_TARGET | + 0) + # Here we do the stuff + if username and ( lmhash != '' or nthash != ''): + self['lanman'] = get_ntlmv1_response(lmhash, challenge) + self['ntlm'] = get_ntlmv1_response(nthash, challenge) + elif (username and password): + lmhash = compute_lmhash(password) + nthash = compute_nthash(password) + self['lanman']=get_ntlmv1_response(lmhash, challenge) + self['ntlm']=get_ntlmv1_response(nthash, challenge) # This is not used for LM_KEY nor NTLM_KEY + else: + self['lanman'] = '' + self['ntlm'] = '' + if not self['host_name']: + self['host_name'] = 'NULL'.encode('utf-16le') # for NULL session there must be a hostname + + def checkVersion(self, flags): + if flags is not None: + if flags & NTLMSSP_NEGOTIATE_VERSION == 0: + return 0 + return 8 + + def checkMIC(self, flags): + # TODO: Find a proper way to check the MIC is in there + if flags is not None: + if flags & NTLMSSP_NEGOTIATE_VERSION == 0: + return 0 + return 16 + + def getData(self): + self['domain_offset']=64+self.checkMIC(self["flags"])+self.checkVersion(self["flags"]) + self['user_offset']=64+self.checkMIC(self["flags"])+self.checkVersion(self["flags"])+len(self['domain_name']) + self['host_offset']=self['user_offset']+len(self['user_name']) + self['lanman_offset']=self['host_offset']+len(self['host_name']) + self['ntlm_offset']=self['lanman_offset']+len(self['lanman']) + self['session_key_offset']=self['ntlm_offset']+len(self['ntlm']) + return Structure.getData(self) + + def fromString(self,data): + Structure.fromString(self,data) + # [MS-NLMP] page 27 + # Payload data can be present in any order within the Payload field, + # with variable-length padding before or after the data + + domain_offset = self['domain_offset'] + domain_end = self['domain_len'] + domain_offset + self['domain_name'] = data[ domain_offset : domain_end ] + + host_offset = self['host_offset'] + host_end = self['host_len'] + host_offset + self['host_name'] = data[ host_offset: host_end ] + + user_offset = self['user_offset'] + user_end = self['user_len'] + user_offset + self['user_name'] = data[ user_offset: user_end ] + + ntlm_offset = self['ntlm_offset'] + ntlm_end = self['ntlm_len'] + ntlm_offset + self['ntlm'] = data[ ntlm_offset : ntlm_end ] + + lanman_offset = self['lanman_offset'] + lanman_end = self['lanman_len'] + lanman_offset + self['lanman'] = data[ lanman_offset : lanman_end] + + #if len(data) >= 36: + # self['os_version'] = data[32:36] + #else: + # self['os_version'] = '' + +class ImpacketStructure(Structure): + def set_parent(self, other): + self.parent = other + + def get_packet(self): + return str(self) + + def get_size(self): + return len(self) + +class ExtendedOrNotMessageSignature(Structure): + def __init__(self, flags = 0, **kargs): + if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + self.structure = self.extendedMessageSignature + else: + self.structure = self.MessageSignature + return Structure.__init__(self, **kargs) + +class NTLMMessageSignature(ExtendedOrNotMessageSignature): + extendedMessageSignature = ( + ('Version','<L=1'), + ('Checksum','<q'), + ('SeqNum','<i'), + ) + + MessageSignature = ( + ('Version','<L=1'), + ('RandomPad','<i=0'), + ('Checksum','<i'), + ('SeqNum','<i'), + ) + +KNOWN_DES_INPUT = "KGS!@#$%" + +def __expand_DES_key( key): + # Expand the key from a 7-byte password key into a 8-byte DES key + key = key[:7] + key += '\x00'*(7-len(key)) + s = chr(((ord(key[0]) >> 1) & 0x7f) << 1) + s = s + chr(((ord(key[0]) & 0x01) << 6 | ((ord(key[1]) >> 2) & 0x3f)) << 1) + s = s + chr(((ord(key[1]) & 0x03) << 5 | ((ord(key[2]) >> 3) & 0x1f)) << 1) + s = s + chr(((ord(key[2]) & 0x07) << 4 | ((ord(key[3]) >> 4) & 0x0f)) << 1) + s = s + chr(((ord(key[3]) & 0x0f) << 3 | ((ord(key[4]) >> 5) & 0x07)) << 1) + s = s + chr(((ord(key[4]) & 0x1f) << 2 | ((ord(key[5]) >> 6) & 0x03)) << 1) + s = s + chr(((ord(key[5]) & 0x3f) << 1 | ((ord(key[6]) >> 7) & 0x01)) << 1) + s = s + chr((ord(key[6]) & 0x7f) << 1) + return s + +def __DES_block(key, msg): + if POW: + cipher = POW.Symmetric(POW.DES_ECB) + cipher.encryptInit(__expand_DES_key(key)) + return cipher.update(msg) + else: + cipher = DES.new(__expand_DES_key(key),DES.MODE_ECB) + return cipher.encrypt(msg) + +def ntlmssp_DES_encrypt(key, challenge): + answer = __DES_block(key[:7], challenge) + answer += __DES_block(key[7:14], challenge) + answer += __DES_block(key[14:], challenge) + return answer + +# High level functions to use NTLMSSP + +def getNTLMSSPType1(workstation='', domain='', signingRequired = False, use_ntlmv2 = USE_NTLMv2): + # Let's do some encoding checks before moving on. Kind of dirty, but found effective when dealing with + # international characters. + import sys + encoding = sys.getfilesystemencoding() + if encoding is not None: + try: + workstation.encode('utf-16le') + except: + workstation = workstation.decode(encoding) + try: + domain.encode('utf-16le') + except: + domain = domain.decode(encoding) + + # Let's prepare a Type 1 NTLMSSP Message + auth = NTLMAuthNegotiate() + auth['flags']=0 + if signingRequired: + auth['flags'] = NTLMSSP_NEGOTIATE_KEY_EXCH | NTLMSSP_NEGOTIATE_SIGN | NTLMSSP_NEGOTIATE_ALWAYS_SIGN | NTLMSSP_NEGOTIATE_SEAL + if use_ntlmv2: + auth['flags'] |= NTLMSSP_NEGOTIATE_TARGET_INFO + auth['flags'] |= NTLMSSP_NEGOTIATE_NTLM | NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY | NTLMSSP_NEGOTIATE_UNICODE | NTLMSSP_REQUEST_TARGET | NTLMSSP_NEGOTIATE_128 | NTLMSSP_NEGOTIATE_56 + auth['domain_name'] = domain.encode('utf-16le') + return auth + +def getNTLMSSPType3(type1, type2, user, password, domain, lmhash = '', nthash = '', use_ntlmv2 = USE_NTLMv2): + + # Let's do some encoding checks before moving on. Kind of dirty, but found effective when dealing with + # international characters. + import sys + encoding = sys.getfilesystemencoding() + if encoding is not None: + try: + user.encode('utf-16le') + except: + user = user.decode(encoding) + try: + password.encode('utf-16le') + except: + password = password.decode(encoding) + try: + domain.encode('utf-16le') + except: + domain = user.decode(encoding) + + ntlmChallenge = NTLMAuthChallenge(type2) + + # Let's start with the original flags sent in the type1 message + responseFlags = type1['flags'] + + # Token received and parsed. Depending on the authentication + # method we will create a valid ChallengeResponse + ntlmChallengeResponse = NTLMAuthChallengeResponse(user, password, ntlmChallenge['challenge']) + + clientChallenge = "".join([random.choice(string.digits+string.letters) for i in xrange(8)]) + + serverName = ntlmChallenge['TargetInfoFields'] + + ntResponse, lmResponse, sessionBaseKey = computeResponse(ntlmChallenge['flags'], ntlmChallenge['challenge'], clientChallenge, serverName, domain, user, password, lmhash, nthash, use_ntlmv2 ) + + # Let's check the return flags + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY) == 0: + # No extended session security, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_128 ) == 0: + # No support for 128 key len, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_128 + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_KEY_EXCH) == 0: + # No key exchange supported, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_KEY_EXCH + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_SEAL) == 0: + # No sign available, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_SEAL + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_SIGN) == 0: + # No sign available, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_SIGN + if (ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_ALWAYS_SIGN) == 0: + # No sign available, taking it out + responseFlags &= 0xffffffff ^ NTLMSSP_NEGOTIATE_ALWAYS_SIGN + + keyExchangeKey = KXKEY(ntlmChallenge['flags'],sessionBaseKey, lmResponse, ntlmChallenge['challenge'], password, lmhash, nthash,use_ntlmv2) + + # Special case for anonymous login + if user == '' and password == '' and lmhash == '' and nthash == '': + keyExchangeKey = '\x00'*16 + + # If we set up key exchange, let's fill the right variables + if ntlmChallenge['flags'] & NTLMSSP_NEGOTIATE_KEY_EXCH: + # not exactly what I call random tho :\ + # exportedSessionKey = this is the key we should use to sign + exportedSessionKey = "".join([random.choice(string.digits+string.letters) for i in xrange(16)]) + #exportedSessionKey = "A"*16 + #print "keyExchangeKey %r" % keyExchangeKey + # Let's generate the right session key based on the challenge flags + #if responseFlags & NTLMSSP_NTLM2_KEY: + # Extended session security enabled + # if responseFlags & NTLMSSP_KEY_128: + # Full key + # exportedSessionKey = exportedSessionKey + # elif responseFlags & NTLMSSP_KEY_56: + # Only 56-bit key + # exportedSessionKey = exportedSessionKey[:7] + # else: + # exportedSessionKey = exportedSessionKey[:5] + #elif responseFlags & NTLMSSP_KEY_56: + # No extended session security, just 56 bits key + # exportedSessionKey = exportedSessionKey[:7] + '\xa0' + #else: + # exportedSessionKey = exportedSessionKey[:5] + '\xe5\x38\xb0' + + encryptedRandomSessionKey = generateEncryptedSessionKey(keyExchangeKey, exportedSessionKey) + else: + encryptedRandomSessionKey = None + # [MS-NLMP] page 46 + exportedSessionKey = keyExchangeKey + + ntlmChallengeResponse['flags'] = responseFlags + ntlmChallengeResponse['domain_name'] = domain.encode('utf-16le') + ntlmChallengeResponse['lanman'] = lmResponse + ntlmChallengeResponse['ntlm'] = ntResponse + if encryptedRandomSessionKey is not None: + ntlmChallengeResponse['session_key'] = encryptedRandomSessionKey + + return ntlmChallengeResponse, exportedSessionKey + + +# NTLMv1 Algorithm + +def generateSessionKeyV1(password, lmhash, nthash): + if POW: + hash = POW.Digest(POW.MD4_DIGEST) + else: + hash = MD4.new() + hash.update(NTOWFv1(password, lmhash, nthash)) + return hash.digest() + +def computeResponseNTLMv1(flags, serverChallenge, clientChallenge, serverName, domain, user, password, lmhash='', nthash='', use_ntlmv2 = USE_NTLMv2): + if (user == '' and password == ''): + # Special case for anonymous authentication + lmResponse = '' + ntResponse = '' + else: + lmhash = LMOWFv1(password, lmhash, nthash) + nthash = NTOWFv1(password, lmhash, nthash) + if flags & NTLMSSP_NEGOTIATE_LM_KEY: + ntResponse = '' + lmResponse = get_ntlmv1_response(lmhash, serverChallenge) + elif flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + md5 = hashlib.new('md5') + chall = (serverChallenge + clientChallenge) + md5.update(chall) + ntResponse = ntlmssp_DES_encrypt(nthash, md5.digest()[:8]) + lmResponse = clientChallenge + '\x00'*16 + else: + ntResponse = get_ntlmv1_response(nthash,serverChallenge) + lmResponse = get_ntlmv1_response(lmhash, serverChallenge) + + sessionBaseKey = generateSessionKeyV1(password, lmhash, nthash) + return ntResponse, lmResponse, sessionBaseKey + +def compute_lmhash(password): + # This is done according to Samba's encryption specification (docs/html/ENCRYPTION.html) + password = password.upper() + lmhash = __DES_block(password[:7], KNOWN_DES_INPUT) + lmhash += __DES_block(password[7:14], KNOWN_DES_INPUT) + return lmhash + +def NTOWFv1(password, lmhash = '', nthash=''): + if nthash != '': + return nthash + return compute_nthash(password) + +def LMOWFv1(password, lmhash = '', nthash=''): + if lmhash != '': + return lmhash + return compute_lmhash(password) + +def compute_nthash(password): + # This is done according to Samba's encryption specification (docs/html/ENCRYPTION.html) + try: + password = unicode(password).encode('utf_16le') + except UnicodeDecodeError: + import sys + password = password.decode(sys.getfilesystemencoding()).encode('utf_16le') + + if POW: + hash = POW.Digest(POW.MD4_DIGEST) + else: + hash = MD4.new() + hash.update(password) + return hash.digest() + +def get_ntlmv1_response(key, challenge): + return ntlmssp_DES_encrypt(key, challenge) + +# NTLMv2 Algorithm - as described in MS-NLMP Section 3.3.2 + +# Crypto Stuff + +def MAC(flags, handle, signingKey, seqNum, message): + # [MS-NLMP] Section 3.4.4 + # Returns the right messageSignature depending on the flags + messageSignature = NTLMMessageSignature(flags) + if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + if flags & NTLMSSP_NEGOTIATE_KEY_EXCH: + messageSignature['Version'] = 1 + messageSignature['Checksum'] = struct.unpack('<q',handle(hmac_md5(signingKey, struct.pack('<i',seqNum)+message)[:8]))[0] + messageSignature['SeqNum'] = seqNum + seqNum += 1 + else: + messageSignature['Version'] = 1 + messageSignature['Checksum'] = struct.unpack('<q',hmac_md5(signingKey, struct.pack('<i',seqNum)+message)[:8])[0] + messageSignature['SeqNum'] = seqNum + seqNum += 1 + else: + messageSignature['Version'] = 1 + messageSignature['Checksum'] = struct.pack('<i',binascii.crc32(message)) + messageSignature['RandomPad'] = 0 + messageSignature['RandomPad'] = handle(struct.pack('<i',messageSignature['RandomPad'])) + messageSignature['Checksum'] = struct.unpack('<i',handle(messageSignature['Checksum']))[0] + messageSignature['SeqNum'] = handle('\x00\x00\x00\x00') + messageSignature['SeqNum'] = struct.unpack('<i',messageSignature['SeqNum'])[0] ^ seqNum + messageSignature['RandomPad'] = 0 + + return messageSignature + +def SEAL(flags, signingKey, sealingKey, messageToSign, messageToEncrypt, seqNum, handle): + sealedMessage = handle(messageToEncrypt) + signature = MAC(flags, handle, signingKey, seqNum, messageToSign) + return sealedMessage, signature + +def SIGN(flags, signingKey, message, seqNum, handle): + return MAC(flags, handle, signingKey, seqNum, message) + +def SIGNKEY(flags, randomSessionKey, mode = 'Client'): + if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + if mode == 'Client': + md5 = hashlib.new('md5') + md5.update(randomSessionKey + "session key to client-to-server signing key magic constant\x00") + signKey = md5.digest() + else: + md5 = hashlib.new('md5') + md5.update(randomSessionKey + "session key to server-to-client signing key magic constant\x00") + signKey = md5.digest() + else: + signKey = None + return signKey + +def SEALKEY(flags, randomSessionKey, mode = 'Client'): + if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + if flags & NTLMSSP_NEGOTIATE_128: + sealKey = randomSessionKey + elif flags & NTLMSSP_NEGOTIATE_56: + sealKey = randomSessionKey[:7] + else: + sealKey = randomSessionKey[:5] + + if mode == 'Client': + md5 = hashlib.new('md5') + md5.update(sealKey + 'session key to client-to-server sealing key magic constant\x00') + sealKey = md5.digest() + else: + md5 = hashlib.new('md5') + md5.update(sealKey + 'session key to server-to-client sealing key magic constant\x00') + sealKey = md5.digest() + + elif flags & NTLMSSP_NEGOTIATE_56: + sealKey = randomSessionKey[:7] + '\xa0' + else: + sealKey = randomSessionKey[:5] + '\xe5\x38\xb0' + + return sealKey + + +def generateEncryptedSessionKey(keyExchangeKey, exportedSessionKey): + if POW: + cipher = POW.Symmetric(POW.RC4) + cipher.encryptInit(keyExchangeKey) + cipher_encrypt = cipher.update + else: + cipher = ARC4.new(keyExchangeKey) + cipher_encrypt = cipher.encrypt + + sessionKey = cipher_encrypt(exportedSessionKey) + return sessionKey + +def KXKEY(flags, sessionBaseKey, lmChallengeResponse, serverChallenge, password, lmhash, nthash, use_ntlmv2 = USE_NTLMv2): + if use_ntlmv2: + return sessionBaseKey + + if flags & NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + if flags & NTLMSSP_NEGOTIATE_NTLM: + keyExchangeKey = hmac_md5(sessionBaseKey, serverChallenge + lmChallengeResponse[:8]) + else: + keyExchangeKey = sessionBaseKey + elif flags & NTLMSSP_NEGOTIATE_NTLM: + if flags & NTLMSSP_NEGOTIATE_LM_KEY: + keyExchangeKey = __DES_block(LMOWFv1(password,lmhash)[:7], lmChallengeResponse[:8]) + __DES_block(LMOWFv1(password,lmhash)[7] + '\xBD\xBD\xBD\xBD\xBD\xBD', lmChallengeResponse[:8]) + elif flags & NTLMSSP_REQUEST_NON_NT_SESSION_KEY: + keyExchangeKey = LMOWFv1(password,lmhash)[:8] + '\x00'*8 + else: + keyExchangeKey = sessionBaseKey + else: + raise "Can't create a valid KXKEY!" + + return keyExchangeKey + +def hmac_md5(key, data): + if POW: + h = POW.Hmac(POW.MD5_DIGEST, key) + h.update(data) + result = h.mac() + else: + import hmac + h = hmac.new(key) + h.update(data) + result = h.digest() + return result + +def NTOWFv2( user, password, domain, hash = ''): + if hash != '': + theHash = hash + else: + theHash = compute_nthash(password) + return hmac_md5(theHash, user.upper().encode('utf-16le') + domain.encode('utf-16le')) + +def LMOWFv2( user, password, domain, lmhash = ''): + return NTOWFv2( user, password, domain, lmhash) + + +def computeResponseNTLMv2(flags, serverChallenge, clientChallenge, serverName, domain, user, password, lmhash = '', nthash = '', use_ntlmv2 = USE_NTLMv2): + + responseServerVersion = '\x01' + hiResponseServerVersion = '\x01' + responseKeyNT = NTOWFv2(user, password, domain, nthash) + responseKeyLM = LMOWFv2(user, password, domain, lmhash) + + # If you're running test-ntlm, comment the following lines and uncoment the ones that are commented. Don't forget to turn it back after the tests! + ###################### + av_pairs = AV_PAIRS(serverName) + # In order to support SPN target name validation, we have to add this to the serverName av_pairs. Otherwise we will get access denied + # This is set at Local Security Policy -> Local Policies -> Security Options -> Server SPN target name validation level + av_pairs[NTLMSSP_AV_TARGET_NAME] = 'cifs/'.encode('utf-16le') + av_pairs[NTLMSSP_AV_HOSTNAME][1] + if av_pairs[NTLMSSP_AV_TIME] is not None: + aTime = av_pairs[NTLMSSP_AV_TIME][1] + else: + aTime = struct.pack('<q', (116444736000000000 + calendar.timegm(time.gmtime()) * 10000000) ) + #aTime = '\x00'*8 + av_pairs[NTLMSSP_AV_TIME] = aTime + serverName = av_pairs.getData() + + ###################### + #aTime = '\x00'*8 + ###################### + temp = responseServerVersion + hiResponseServerVersion + '\x00' * 6 + aTime + clientChallenge + '\x00' * 4 + serverName + '\x00' * 4 + + ntProofStr = hmac_md5(responseKeyNT, serverChallenge + temp) + + ntChallengeResponse = ntProofStr + temp + lmChallengeResponse = hmac_md5(responseKeyNT, serverChallenge + clientChallenge) + clientChallenge + sessionBaseKey = hmac_md5(responseKeyNT, ntProofStr) + + if (user == '' and password == ''): + # Special case for anonymous authentication + ntChallengeResponse = '' + lmChallengeResponse = '' + + return ntChallengeResponse, lmChallengeResponse, sessionBaseKey + +class NTLM_HTTP(object): + '''Parent class for NTLM HTTP classes.''' + MSG_TYPE = None + + @classmethod + def get_instace(cls,msg_64): + msg = None + msg_type = 0 + if msg_64 != '': + msg = base64.b64decode(msg_64[5:]) # Remove the 'NTLM ' + msg_type = ord(msg[8]) + + for _cls in NTLM_HTTP.__subclasses__(): + if msg_type == _cls.MSG_TYPE: + instance = _cls() + instance.fromString(msg) + return instance + + +class NTLM_HTTP_AuthRequired(NTLM_HTTP): + commonHdr = () + # Message 0 means the first HTTP request e.g. 'GET /bla.png' + MSG_TYPE = 0 + + def fromString(self,data): + pass + + +class NTLM_HTTP_AuthNegotiate(NTLM_HTTP, NTLMAuthNegotiate): + commonHdr = () + MSG_TYPE = 1 + + def __init__(self): + NTLMAuthNegotiate.__init__(self) + + +class NTLM_HTTP_AuthChallengeResponse(NTLM_HTTP, NTLMAuthChallengeResponse): + commonHdr = () + MSG_TYPE = 3 + + def __init__(self): + NTLMAuthChallengeResponse.__init__(self) + diff --git a/tests/python_dependencies/impacket/smb.py b/tests/python_dependencies/impacket/smb.py new file mode 100644 index 000000000..95efb2c63 --- /dev/null +++ b/tests/python_dependencies/impacket/smb.py @@ -0,0 +1,4099 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Copyright (C) 2001 Michael Teo <michaelteo@bigfoot.com> +# smb.py - SMB/CIFS library +# +# This software is provided 'as-is', without any express or implied warranty. +# In no event will the author be held liable for any damages arising from the +# use of this software. +# +# Permission is granted to anyone to use this software for any purpose, +# including commercial applications, and to alter it and redistribute it +# freely, subject to the following restrictions: +# +# 1. The origin of this software must not be misrepresented; you must not +# claim that you wrote the original software. If you use this software +# in a product, an acknowledgment in the product documentation would be +# appreciated but is not required. +# +# 2. Altered source versions must be plainly marked as such, and must not be +# misrepresented as being the original software. +# +# 3. This notice cannot be removed or altered from any source distribution. +# +# Altered source done by Alberto Solino (@agsolino) + +# Todo: +# [ ] Try [SMB]transport fragmentation using Transact requests +# [ ] Try other methods of doing write (write_raw, transact2, write, write_and_unlock, write_and_close, write_mpx) +# [-] Try replacements for SMB_COM_NT_CREATE_ANDX (CREATE, T_TRANSACT_CREATE, OPEN_ANDX works +# [x] Fix forceWriteAndx, which needs to send a RecvRequest, because recv() will not send it +# [x] Fix Recv() when using RecvAndx and the answer comes splet in several packets +# [ ] Try [SMB]transport fragmentation with overlaping segments +# [ ] Try [SMB]transport fragmentation with out of order segments +# [x] Do chained AndX requests +# [ ] Transform the rest of the calls to structure +# [X] Implement TRANS/TRANS2 reassembly for list_path + +import os +import socket +import string +from binascii import a2b_hex +import datetime +from struct import pack, unpack +from contextlib import contextmanager + +from impacket import nmb, ntlm, nt_errors, LOG +from impacket.structure import Structure +from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, SPNEGO_NegTokenResp + +# For signing +import hashlib + +unicode_support = 0 +unicode_convert = 1 + +try: + from cStringIO import StringIO +except ImportError: + from StringIO import StringIO + +# Dialect for SMB1 +SMB_DIALECT = 'NT LM 0.12' + +# Shared Device Type +SHARED_DISK = 0x00 +SHARED_DISK_HIDDEN = 0x80000000 +SHARED_PRINT_QUEUE = 0x01 +SHARED_DEVICE = 0x02 +SHARED_IPC = 0x03 + +# Extended attributes mask +ATTR_ARCHIVE = 0x020 +ATTR_COMPRESSED = 0x800 +ATTR_NORMAL = 0x080 +ATTR_HIDDEN = 0x002 +ATTR_READONLY = 0x001 +ATTR_TEMPORARY = 0x100 +ATTR_DIRECTORY = 0x010 +ATTR_SYSTEM = 0x004 + +# Service Type +SERVICE_DISK = 'A:' +SERVICE_PRINTER = 'LPT1:' +SERVICE_IPC = 'IPC' +SERVICE_COMM = 'COMM' +SERVICE_ANY = '?????' + +# Server Type (Can be used to mask with SMBMachine.get_type() or SMBDomain.get_type()) +SV_TYPE_WORKSTATION = 0x00000001 +SV_TYPE_SERVER = 0x00000002 +SV_TYPE_SQLSERVER = 0x00000004 +SV_TYPE_DOMAIN_CTRL = 0x00000008 +SV_TYPE_DOMAIN_BAKCTRL = 0x00000010 +SV_TYPE_TIME_SOURCE = 0x00000020 +SV_TYPE_AFP = 0x00000040 +SV_TYPE_NOVELL = 0x00000080 +SV_TYPE_DOMAIN_MEMBER = 0x00000100 +SV_TYPE_PRINTQ_SERVER = 0x00000200 +SV_TYPE_DIALIN_SERVER = 0x00000400 +SV_TYPE_XENIX_SERVER = 0x00000800 +SV_TYPE_NT = 0x00001000 +SV_TYPE_WFW = 0x00002000 +SV_TYPE_SERVER_NT = 0x00004000 +SV_TYPE_POTENTIAL_BROWSER = 0x00010000 +SV_TYPE_BACKUP_BROWSER = 0x00020000 +SV_TYPE_MASTER_BROWSER = 0x00040000 +SV_TYPE_DOMAIN_MASTER = 0x00080000 +SV_TYPE_LOCAL_LIST_ONLY = 0x40000000 +SV_TYPE_DOMAIN_ENUM = 0x80000000 + +# Options values for SMB.stor_file and SMB.retr_file +SMB_O_CREAT = 0x10 # Create the file if file does not exists. Otherwise, operation fails. +SMB_O_EXCL = 0x00 # When used with SMB_O_CREAT, operation fails if file exists. Cannot be used with SMB_O_OPEN. +SMB_O_OPEN = 0x01 # Open the file if the file exists +SMB_O_TRUNC = 0x02 # Truncate the file if the file exists + +# Share Access Mode +SMB_SHARE_COMPAT = 0x00 +SMB_SHARE_DENY_EXCL = 0x10 +SMB_SHARE_DENY_WRITE = 0x20 +SMB_SHARE_DENY_READEXEC = 0x30 +SMB_SHARE_DENY_NONE = 0x40 +SMB_ACCESS_READ = 0x00 +SMB_ACCESS_WRITE = 0x01 +SMB_ACCESS_READWRITE = 0x02 +SMB_ACCESS_EXEC = 0x03 + +TRANS_DISCONNECT_TID = 1 +TRANS_NO_RESPONSE = 2 + +STATUS_SUCCESS = 0x00000000 +STATUS_LOGON_FAILURE = 0xC000006D +STATUS_LOGON_TYPE_NOT_GRANTED = 0xC000015B +MAX_TFRAG_SIZE = 5840 +EVASION_NONE = 0 +EVASION_LOW = 1 +EVASION_HIGH = 2 +EVASION_MAX = 3 +RPC_X_BAD_STUB_DATA = 0x6F7 + +# SMB_FILE_ATTRIBUTES + +SMB_FILE_ATTRIBUTE_NORMAL = 0x0000 +SMB_FILE_ATTRIBUTE_READONLY = 0x0001 +SMB_FILE_ATTRIBUTE_HIDDEN = 0x0002 +SMB_FILE_ATTRIBUTE_SYSTEM = 0x0004 +SMB_FILE_ATTRIBUTE_VOLUME = 0x0008 +SMB_FILE_ATTRIBUTE_DIRECTORY = 0x0010 +SMB_FILE_ATTRIBUTE_ARCHIVE = 0x0020 +SMB_SEARCH_ATTRIBUTE_READONLY = 0x0100 +SMB_SEARCH_ATTRIBUTE_HIDDEN = 0x0200 +SMB_SEARCH_ATTRIBUTE_SYSTEM = 0x0400 +SMB_SEARCH_ATTRIBUTE_DIRECTORY = 0x1000 +SMB_SEARCH_ATTRIBUTE_ARCHIVE = 0x2000 + +# Session SetupAndX Action flags +SMB_SETUP_GUEST = 0x01 +SMB_SETUP_USE_LANMAN_KEY = 0x02 + +# QUERY_INFORMATION levels +SMB_INFO_ALLOCATION = 0x0001 +SMB_INFO_VOLUME = 0x0002 +FILE_FS_SIZE_INFORMATION = 0x0003 +SMB_QUERY_FS_VOLUME_INFO = 0x0102 +SMB_QUERY_FS_SIZE_INFO = 0x0103 +SMB_QUERY_FILE_EA_INFO = 0x0103 +SMB_QUERY_FS_DEVICE_INFO = 0x0104 +SMB_QUERY_FS_ATTRIBUTE_INFO = 0x0105 +SMB_QUERY_FILE_BASIC_INFO = 0x0101 +SMB_QUERY_FILE_STANDARD_INFO = 0x0102 +SMB_QUERY_FILE_ALL_INFO = 0x0107 +FILE_FS_FULL_SIZE_INFORMATION = 0x03EF + +# SET_INFORMATION levels +SMB_SET_FILE_DISPOSITION_INFO = 0x0102 +SMB_SET_FILE_BASIC_INFO = 0x0101 +SMB_SET_FILE_END_OF_FILE_INFO = 0x0104 + + +# File System Attributes +FILE_CASE_SENSITIVE_SEARCH = 0x00000001 +FILE_CASE_PRESERVED_NAMES = 0x00000002 +FILE_UNICODE_ON_DISK = 0x00000004 +FILE_PERSISTENT_ACLS = 0x00000008 +FILE_FILE_COMPRESSION = 0x00000010 +FILE_VOLUME_IS_COMPRESSED = 0x00008000 + +# FIND_FIRST2 flags and levels +SMB_FIND_CLOSE_AFTER_REQUEST = 0x0001 +SMB_FIND_CLOSE_AT_EOS = 0x0002 +SMB_FIND_RETURN_RESUME_KEYS = 0x0004 +SMB_FIND_CONTINUE_FROM_LAST = 0x0008 +SMB_FIND_WITH_BACKUP_INTENT = 0x0010 + +FILE_DIRECTORY_FILE = 0x00000001 +FILE_DELETE_ON_CLOSE = 0x00001000 +FILE_NON_DIRECTORY_FILE = 0x00000040 + +SMB_FIND_INFO_STANDARD = 0x0001 +SMB_FIND_FILE_DIRECTORY_INFO = 0x0101 +SMB_FIND_FILE_FULL_DIRECTORY_INFO= 0x0102 +SMB_FIND_FILE_NAMES_INFO = 0x0103 +SMB_FIND_FILE_BOTH_DIRECTORY_INFO= 0x0104 +SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO = 0x105 +SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO = 0x106 + + +# DesiredAccess flags +FILE_READ_DATA = 0x00000001 +FILE_WRITE_DATA = 0x00000002 +FILE_APPEND_DATA = 0x00000004 +FILE_EXECUTE = 0x00000020 +MAXIMUM_ALLOWED = 0x02000000 +GENERIC_ALL = 0x10000000 +GENERIC_EXECUTE = 0x20000000 +GENERIC_WRITE = 0x40000000 +GENERIC_READ = 0x80000000 + +# ShareAccess flags +FILE_SHARE_NONE = 0x00000000 +FILE_SHARE_READ = 0x00000001 +FILE_SHARE_WRITE = 0x00000002 +FILE_SHARE_DELETE = 0x00000004 + +# CreateDisposition flags +FILE_SUPERSEDE = 0x00000000 +FILE_OPEN = 0x00000001 +FILE_CREATE = 0x00000002 +FILE_OPEN_IF = 0x00000003 +FILE_OVERWRITE = 0x00000004 +FILE_OVERWRITE_IF = 0x00000005 + +def strerror(errclass, errcode): + if errclass == 0x01: + return 'OS error', ERRDOS.get(errcode, 'Unknown error') + elif errclass == 0x02: + return 'Server error', ERRSRV.get(errcode, 'Unknown error') + elif errclass == 0x03: + return 'Hardware error', ERRHRD.get(errcode, 'Unknown error') + # This is not a standard error class for SMB + #elif errclass == 0x80: + # return 'Browse error', ERRBROWSE.get(errcode, 'Unknown error') + elif errclass == 0xff: + return 'Bad command', 'Bad command. Please file bug report' + else: + return 'Unknown error', 'Unknown error' + +# Raised when an error has occured during a session +class SessionError(Exception): + # SMB X/Open error codes for the ERRDOS error class + ERRsuccess = 0 + ERRbadfunc = 1 + ERRbadfile = 2 + ERRbadpath = 3 + ERRnofids = 4 + ERRnoaccess = 5 + ERRbadfid = 6 + ERRbadmcb = 7 + ERRnomem = 8 + ERRbadmem = 9 + ERRbadenv = 10 + ERRbadaccess = 12 + ERRbaddata = 13 + ERRres = 14 + ERRbaddrive = 15 + ERRremcd = 16 + ERRdiffdevice = 17 + ERRnofiles = 18 + ERRgeneral = 31 + ERRbadshare = 32 + ERRlock = 33 + ERRunsup = 50 + ERRnetnamedel = 64 + ERRnosuchshare = 67 + ERRfilexists = 80 + ERRinvalidparam = 87 + ERRcannotopen = 110 + ERRinsufficientbuffer = 122 + ERRinvalidname = 123 + ERRunknownlevel = 124 + ERRnotlocked = 158 + ERRrename = 183 + ERRbadpipe = 230 + ERRpipebusy = 231 + ERRpipeclosing = 232 + ERRnotconnected = 233 + ERRmoredata = 234 + ERRnomoreitems = 259 + ERRbaddirectory = 267 + ERReasnotsupported = 282 + ERRlogonfailure = 1326 + ERRbuftoosmall = 2123 + ERRunknownipc = 2142 + ERRnosuchprintjob = 2151 + ERRinvgroup = 2455 + + # here's a special one from observing NT + ERRnoipc = 66 + + # These errors seem to be only returned by the NT printer driver system + ERRdriveralreadyinstalled = 1795 + ERRunknownprinterport = 1796 + ERRunknownprinterdriver = 1797 + ERRunknownprintprocessor = 1798 + ERRinvalidseparatorfile = 1799 + ERRinvalidjobpriority = 1800 + ERRinvalidprintername = 1801 + ERRprinteralreadyexists = 1802 + ERRinvalidprintercommand = 1803 + ERRinvaliddatatype = 1804 + ERRinvalidenvironment = 1805 + + ERRunknownprintmonitor = 3000 + ERRprinterdriverinuse = 3001 + ERRspoolfilenotfound = 3002 + ERRnostartdoc = 3003 + ERRnoaddjob = 3004 + ERRprintprocessoralreadyinstalled = 3005 + ERRprintmonitoralreadyinstalled = 3006 + ERRinvalidprintmonitor = 3007 + ERRprintmonitorinuse = 3008 + ERRprinterhasjobsqueued = 3009 + + # Error codes for the ERRSRV class + + ERRerror = 1 + ERRbadpw = 2 + ERRbadtype = 3 + ERRaccess = 4 + ERRinvnid = 5 + ERRinvnetname = 6 + ERRinvdevice = 7 + ERRqfull = 49 + ERRqtoobig = 50 + ERRinvpfid = 52 + ERRsmbcmd = 64 + ERRsrverror = 65 + ERRfilespecs = 67 + ERRbadlink = 68 + ERRbadpermits = 69 + ERRbadpid = 70 + ERRsetattrmode = 71 + ERRpaused = 81 + ERRmsgoff = 82 + ERRnoroom = 83 + ERRrmuns = 87 + ERRtimeout = 88 + ERRnoresource = 89 + ERRtoomanyuids = 90 + ERRbaduid = 91 + ERRuseMPX = 250 + ERRuseSTD = 251 + ERRcontMPX = 252 + ERRbadPW = None + ERRnosupport = 0 + ERRunknownsmb = 22 + + # Error codes for the ERRHRD class + + ERRnowrite = 19 + ERRbadunit = 20 + ERRnotready = 21 + ERRbadcmd = 22 + ERRdata = 23 + ERRbadreq = 24 + ERRseek = 25 + ERRbadmedia = 26 + ERRbadsector = 27 + ERRnopaper = 28 + ERRwrite = 29 + ERRread = 30 + ERRwrongdisk = 34 + ERRFCBunavail = 35 + ERRsharebufexc = 36 + ERRdiskfull = 39 + + + hard_msgs = { + 19: ("ERRnowrite", "Attempt to write on write-protected diskette."), + 20: ("ERRbadunit", "Unknown unit."), + 21: ("ERRnotready", "Drive not ready."), + 22: ("ERRbadcmd", "Unknown command."), + 23: ("ERRdata", "Data error (CRC)."), + 24: ("ERRbadreq", "Bad request structure length."), + 25: ("ERRseek", "Seek error."), + 26: ("ERRbadmedia", "Unknown media type."), + 27: ("ERRbadsector", "Sector not found."), + 28: ("ERRnopaper", "Printer out of paper."), + 29: ("ERRwrite", "Write fault."), + 30: ("ERRread", "Read fault."), + 31: ("ERRgeneral", "General failure."), + 32: ("ERRbadshare", "An open conflicts with an existing open."), + 33: ("ERRlock", "A Lock request conflicted with an existing lock or specified an invalid mode, or an Unlock requested attempted to remove a lock held by another process."), + 34: ("ERRwrongdisk", "The wrong disk was found in a drive."), + 35: ("ERRFCBUnavail", "No FCBs are available to process request."), + 36: ("ERRsharebufexc", "A sharing buffer has been exceeded.") + } + + dos_msgs = { + ERRbadfunc: ("ERRbadfunc", "Invalid function."), + ERRbadfile: ("ERRbadfile", "File not found."), + ERRbadpath: ("ERRbadpath", "Directory invalid."), + ERRnofids: ("ERRnofids", "No file descriptors available"), + ERRnoaccess: ("ERRnoaccess", "Access denied."), + ERRbadfid: ("ERRbadfid", "Invalid file handle."), + ERRbadmcb: ("ERRbadmcb", "Memory control blocks destroyed."), + ERRnomem: ("ERRnomem", "Insufficient server memory to perform the requested function."), + ERRbadmem: ("ERRbadmem", "Invalid memory block address."), + ERRbadenv: ("ERRbadenv", "Invalid environment."), + 11: ("ERRbadformat", "Invalid format."), + ERRbadaccess: ("ERRbadaccess", "Invalid open mode."), + ERRbaddata: ("ERRbaddata", "Invalid data."), + ERRres: ("ERRres", "reserved."), + ERRbaddrive: ("ERRbaddrive", "Invalid drive specified."), + ERRremcd: ("ERRremcd", "A Delete Directory request attempted to remove the server's current directory."), + ERRdiffdevice: ("ERRdiffdevice", "Not same device."), + ERRnofiles: ("ERRnofiles", "A File Search command can find no more files matching the specified criteria."), + ERRbadshare: ("ERRbadshare", "The sharing mode specified for an Open conflicts with existing FIDs on the file."), + ERRlock: ("ERRlock", "A Lock request conflicted with an existing lock or specified an invalid mode, or an Unlock requested attempted to remove a lock held by another process."), + ERRunsup: ("ERRunsup", "The operation is unsupported"), + ERRnosuchshare: ("ERRnosuchshare", "You specified an invalid share name"), + ERRfilexists: ("ERRfilexists", "The file named in a Create Directory, Make New File or Link request already exists."), + ERRinvalidname: ("ERRinvalidname", "Invalid name"), + ERRbadpipe: ("ERRbadpipe", "Pipe invalid."), + ERRpipebusy: ("ERRpipebusy", "All instances of the requested pipe are busy."), + ERRpipeclosing: ("ERRpipeclosing", "Pipe close in progress."), + ERRnotconnected: ("ERRnotconnected", "No process on other end of pipe."), + ERRmoredata: ("ERRmoredata", "There is more data to be returned."), + ERRinvgroup: ("ERRinvgroup", "Invalid workgroup (try the -W option)"), + ERRlogonfailure: ("ERRlogonfailure", "Logon failure"), + ERRdiskfull: ("ERRdiskfull", "Disk full"), + ERRgeneral: ("ERRgeneral", "General failure"), + ERRunknownlevel: ("ERRunknownlevel", "Unknown info level") + } + + server_msgs = { + 1: ("ERRerror", "Non-specific error code."), + 2: ("ERRbadpw", "Bad password - name/password pair in a Tree Connect or Session Setup are invalid."), + 3: ("ERRbadtype", "reserved."), + 4: ("ERRaccess", "The requester does not have the necessary access rights within the specified context for the requested function. The context is defined by the TID or the UID."), + 5: ("ERRinvnid", "The tree ID (TID) specified in a command was invalid."), + 6: ("ERRinvnetname", "Invalid network name in tree connect."), + 7: ("ERRinvdevice", "Invalid device - printer request made to non-printer connection or non-printer request made to printer connection."), + 49: ("ERRqfull", "Print queue full (files) -- returned by open print file."), + 50: ("ERRqtoobig", "Print queue full -- no space."), + 51: ("ERRqeof", "EOF on print queue dump."), + 52: ("ERRinvpfid", "Invalid print file FID."), + 64: ("ERRsmbcmd", "The server did not recognize the command received."), + 65: ("ERRsrverror","The server encountered an internal error, e.g., system file unavailable."), + 67: ("ERRfilespecs", "The file handle (FID) and pathname parameters contained an invalid combination of values."), + 68: ("ERRreserved", "reserved."), + 69: ("ERRbadpermits", "The access permissions specified for a file or directory are not a valid combination. The server cannot set the requested attribute."), + 70: ("ERRreserved", "reserved."), + 71: ("ERRsetattrmode", "The attribute mode in the Set File Attribute request is invalid."), + 81: ("ERRpaused", "Server is paused."), + 82: ("ERRmsgoff", "Not receiving messages."), + 83: ("ERRnoroom", "No room to buffer message."), + 87: ("ERRrmuns", "Too many remote user names."), + 88: ("ERRtimeout", "Operation timed out."), + 89: ("ERRnoresource", "No resources currently available for request."), + 90: ("ERRtoomanyuids", "Too many UIDs active on this session."), + 91: ("ERRbaduid", "The UID is not known as a valid ID on this session."), + 250: ("ERRusempx","Temp unable to support Raw, use MPX mode."), + 251: ("ERRusestd","Temp unable to support Raw, use standard read/write."), + 252: ("ERRcontmpx", "Continue in MPX mode."), + 253: ("ERRreserved", "reserved."), + 254: ("ERRreserved", "reserved."), + 0xFFFF: ("ERRnosupport", "Function not supported.") + } + # Error clases + + ERRDOS = 0x1 + error_classes = { 0: ("SUCCESS", {}), + ERRDOS: ("ERRDOS", dos_msgs), + 0x02: ("ERRSRV",server_msgs), + 0x03: ("ERRHRD",hard_msgs), + 0x04: ("ERRXOS", {} ), + 0xE1: ("ERRRMX1", {} ), + 0xE2: ("ERRRMX2", {} ), + 0xE3: ("ERRRMX3", {} ), + 0xFF: ("ERRCMD", {} ) } + + + + def __init__( self, error_string, error_class, error_code, nt_status = 0): + Exception.__init__(self, error_string) + self.nt_status = nt_status + self._args = error_string + if nt_status: + self.error_class = 0 + self.error_code = (error_code << 16) + error_class + else: + self.error_class = error_class + self.error_code = error_code + + + def get_error_class( self ): + return self.error_class + + def get_error_code( self ): + return self.error_code + + def __str__( self ): + error_class = SessionError.error_classes.get( self.error_class, None ) + if not error_class: + error_code_str = self.error_code + error_class_str = self.error_class + else: + error_class_str = error_class[0] + error_code = error_class[1].get( self.error_code, None ) + if not error_code: + error_code_str = self.error_code + else: + error_code_str = '%s(%s)' % error_code + + if self.nt_status: + return 'SMB SessionError: %s(%s)' % nt_errors.ERROR_MESSAGES[self.error_code] + else: + # Fall back to the old format + return 'SMB SessionError: class: %s, code: %s' % (error_class_str, error_code_str) + + +# Raised when an supported feature is present/required in the protocol but is not +# currently supported by pysmb +class UnsupportedFeature(Exception): pass + +# Contains information about a SMB shared device/service +class SharedDevice: + def __init__(self, name, share_type, comment): + self.__name = name + self.__type = share_type + self.__comment = comment + + def get_name(self): + return self.__name + + def get_type(self): + return self.__type + + def get_comment(self): + return self.__comment + + def __repr__(self): + return '<SharedDevice instance: name=' + self.__name + ', type=' + str(self.__type) + ', comment="' + self.__comment + '">' + + +# Contains information about the shared file/directory +class SharedFile: + def __init__(self, ctime, atime, mtime, filesize, allocsize, attribs, shortname, longname): + self.__ctime = ctime + self.__atime = atime + self.__mtime = mtime + self.__filesize = filesize + self.__allocsize = allocsize + self.__attribs = attribs + try: + self.__shortname = shortname[:string.index(shortname, '\0')] + except ValueError: + self.__shortname = shortname + try: + self.__longname = longname[:string.index(longname, '\0')] + except ValueError: + self.__longname = longname + + def get_ctime(self): + return self.__ctime + + def get_ctime_epoch(self): + return self.__convert_smbtime(self.__ctime) + + def get_mtime(self): + return self.__mtime + + def get_mtime_epoch(self): + return self.__convert_smbtime(self.__mtime) + + def get_atime(self): + return self.__atime + + def get_atime_epoch(self): + return self.__convert_smbtime(self.__atime) + + def get_filesize(self): + return self.__filesize + + def get_allocsize(self): + return self.__allocsize + + def get_attributes(self): + return self.__attribs + + def is_archive(self): + return self.__attribs & ATTR_ARCHIVE + + def is_compressed(self): + return self.__attribs & ATTR_COMPRESSED + + def is_normal(self): + return self.__attribs & ATTR_NORMAL + + def is_hidden(self): + return self.__attribs & ATTR_HIDDEN + + def is_readonly(self): + return self.__attribs & ATTR_READONLY + + def is_temporary(self): + return self.__attribs & ATTR_TEMPORARY + + def is_directory(self): + return self.__attribs & ATTR_DIRECTORY + + def is_system(self): + return self.__attribs & ATTR_SYSTEM + + def get_shortname(self): + return self.__shortname + + def get_longname(self): + return self.__longname + + def __repr__(self): + return '<SharedFile instance: shortname="' + self.__shortname + '", longname="' + self.__longname + '", filesize=' + str(self.__filesize) + '>' + + @staticmethod + def __convert_smbtime(t): + x = t >> 32 + y = t & 0xffffffffL + geo_cal_offset = 11644473600.0 # = 369.0 * 365.25 * 24 * 60 * 60 - (3.0 * 24 * 60 * 60 + 6.0 * 60 * 60) + return (x * 4.0 * (1 << 30) + (y & 0xfff00000L)) * 1.0e-7 - geo_cal_offset + + +# Contain information about a SMB machine +class SMBMachine: + def __init__(self, nbname, nbt_type, comment): + self.__nbname = nbname + self.__type = nbt_type + self.__comment = comment + + def __repr__(self): + return '<SMBMachine instance: nbname="' + self.__nbname + '", type=' + hex(self.__type) + ', comment="' + self.__comment + '">' + +class SMBDomain: + def __init__(self, nbgroup, domain_type, master_browser): + self.__nbgroup = nbgroup + self.__type = domain_type + self.__master_browser = master_browser + + def __repr__(self): + return '<SMBDomain instance: nbgroup="' + self.__nbgroup + '", type=' + hex(self.__type) + ', master browser="' + self.__master_browser + '">' + +# Represents a SMB Packet +class NewSMBPacket(Structure): + structure = ( + ('Signature', '"\xffSMB'), + ('Command','B=0'), + ('ErrorClass','B=0'), + ('_reserved','B=0'), + ('ErrorCode','<H=0'), + ('Flags1','B=0'), + ('Flags2','<H=0'), + ('PIDHigh','<H=0'), + ('SecurityFeatures','8s=""'), + ('Reserved','<H=0'), + ('Tid','<H=0xffff'), + ('Pid','<H=0'), + ('Uid','<H=0'), + ('Mid','<H=0'), + ('Data','*:'), + ) + + def __init__(self, **kargs): + Structure.__init__(self, **kargs) + + if self.fields.has_key('Flags2') is False: + self['Flags2'] = 0 + if self.fields.has_key('Flags1') is False: + self['Flags1'] = 0 + + if not kargs.has_key('data'): + self['Data'] = [] + + def addCommand(self, command): + if len(self['Data']) == 0: + self['Command'] = command.command + else: + self['Data'][-1]['Parameters']['AndXCommand'] = command.command + self['Data'][-1]['Parameters']['AndXOffset'] = len(self) + self['Data'].append(command) + + def isMoreData(self): + return (self['Command'] in [SMB.SMB_COM_TRANSACTION, SMB.SMB_COM_READ_ANDX, SMB.SMB_COM_READ_RAW] and + self['ErrorClass'] == 1 and self['ErrorCode'] == SessionError.ERRmoredata) + + def isMoreProcessingRequired(self): + return self['ErrorClass'] == 0x16 and self['ErrorCode'] == 0xc000 + + def isValidAnswer(self, cmd): + # this was inside a loop reading more from the net (with recv_packet(None)) + if self['Command'] == cmd: + if (self['ErrorClass'] == 0x00 and + self['ErrorCode'] == 0x00): + return 1 + elif self.isMoreData(): + return 1 + elif self.isMoreProcessingRequired(): + return 1 + raise SessionError, ("SMB Library Error", self['ErrorClass'] + (self['_reserved'] << 8), self['ErrorCode'], self['Flags2'] & SMB.FLAGS2_NT_STATUS) + else: + raise UnsupportedFeature, ("Unexpected answer from server: Got %d, Expected %d" % (self['Command'], cmd)) + + +class SMBCommand(Structure): + structure = ( + ('WordCount', 'B=len(Parameters)/2'), + ('_ParametersLength','_-Parameters','WordCount*2'), + ('Parameters',':'), # default set by constructor + ('ByteCount','<H-Data'), + ('Data',':'), # default set by constructor + ) + + def __init__(self, commandOrData = None, data = None, **kargs): + if type(commandOrData) == type(0): + self.command = commandOrData + else: + data = data or commandOrData + + Structure.__init__(self, data = data, **kargs) + + if data is None: + self['Parameters'] = '' + self['Data'] = '' + +class AsciiOrUnicodeStructure(Structure): + UnicodeStructure = () + AsciiStructure = () + def __init__(self, flags = 0, **kargs): + if flags & SMB.FLAGS2_UNICODE: + self.structure = self.UnicodeStructure + else: + self.structure = self.AsciiStructure + Structure.__init__(self, **kargs) + +class SMBCommand_Parameters(Structure): + pass + +class SMBAndXCommand_Parameters(Structure): + commonHdr = ( + ('AndXCommand','B=0xff'), + ('_reserved','B=0'), + ('AndXOffset','<H=0'), + ) + structure = ( # default structure, overriden by subclasses + ('Data',':=""'), + ) + +############# TRANSACTIONS RELATED +# TRANS2_QUERY_FS_INFORMATION +# QUERY_FS Information Levels +# SMB_QUERY_FS_ATTRIBUTE_INFO +class SMBQueryFsAttributeInfo(Structure): + structure = ( + ('FileSystemAttributes','<L'), + ('MaxFilenNameLengthInBytes','<L'), + ('LengthOfFileSystemName','<L-FileSystemName'), + ('FileSystemName',':'), + ) + +class SMBQueryFsInfoVolume(AsciiOrUnicodeStructure): + commonHdr = ( + ('ulVolSerialNbr','<L=0xABCDEFAA'), + ('cCharCount','<B-VolumeLabel'), + ) + AsciiStructure = ( + ('VolumeLabel','z'), + ) + UnicodeStructure = ( + ('VolumeLabel','u'), + ) + +# FILE_FS_SIZE_INFORMATION +class FileFsSizeInformation(Structure): + structure = ( + ('TotalAllocationUnits','<q=148529400'), + ('AvailableAllocationUnits','<q=14851044'), + ('SectorsPerAllocationUnit','<L=2'), + ('BytesPerSector','<L=512'), + ) + +# SMB_QUERY_FS_SIZE_INFO +class SMBQueryFsSizeInfo(Structure): + structure = ( + ('TotalAllocationUnits','<q=148529400'), + ('TotalFreeAllocationUnits','<q=14851044'), + ('SectorsPerAllocationUnit','<L=2'), + ('BytesPerSector','<L=512'), + ) +# FILE_FS_FULL_SIZE_INFORMATION +class SMBFileFsFullSizeInformation(Structure): + structure = ( + ('TotalAllocationUnits','<q=148529400'), + ('CallerAvailableAllocationUnits','<q=148529400'), + ('ActualAvailableAllocationUnits','<q=148529400'), + ('SectorsPerAllocationUnit','<L=15'), + ('BytesPerSector','<L=512') + ) +# SMB_QUERY_FS_VOLUME_INFO +class SMBQueryFsVolumeInfo(Structure): + structure = ( + ('VolumeCreationTime','<q'), + ('SerialNumber','<L=0xABCDEFAA'), + ('VolumeLabelSize','<L=len(VolumeLabel)'), + ('Reserved','<H=0x10'), + ('VolumeLabel',':') + ) +# SMB_FIND_FILE_BOTH_DIRECTORY_INFO level +class SMBFindFileBothDirectoryInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('EndOfFile','<q=0'), + ('AllocationSize','<q=0'), + ('ExtFileAttributes','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('EaSize','<L=0'), + ('ShortNameLength','<B=0'), + ('Reserved','<B=0'), + ('ShortName','24s'), + ('FileName',':'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('EaSize','<L=0'), + ('ShortNameLength','<B=0'), + ('Reserved','<B=0'), + ('ShortName','24s'), + ('FileName',':'), + ) + +# SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO level +class SMBFindFileIdFullDirectoryInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('EndOfFile','<q=0'), + ('AllocationSize','<q=0'), + ('ExtFileAttributes','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('EaSize','<L=0'), + ('FileID','<q=0'), + ('FileName',':'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('EaSize','<L=0'), + ('FileID','<q=0'), + ('FileName',':'), + ) + +# SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO level +class SMBFindFileIdBothDirectoryInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('EndOfFile','<q=0'), + ('AllocationSize','<q=0'), + ('ExtFileAttributes','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('EaSize','<L=0'), + ('ShortNameLength','<B=0'), + ('Reserved','<B=0'), + ('ShortName','24s'), + ('Reserved','<H=0'), + ('FileID','<q=0'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('EaSize','<L=0'), + ('ShortNameLength','<B=0'), + ('Reserved','<B=0'), + ('ShortName','24s'), + ('Reserved','<H=0'), + ('FileID','<q=0'), + ('FileName',':'), + ) + +# SMB_FIND_FILE_DIRECTORY_INFO level +class SMBFindFileDirectoryInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('EndOfFile','<q=0'), + ('AllocationSize','<q=1'), + ('ExtFileAttributes','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('FileName',':'), + ) + +# SMB_FIND_FILE_NAMES_INFO level +class SMBFindFileNamesInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('FileName',':'), + ) + +# SMB_FIND_FILE_FULL_DIRECTORY_INFO level +class SMBFindFileFullDirectoryInfo(AsciiOrUnicodeStructure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('FileIndex','<L=0'), + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('EndOfFile','<q=0'), + ('AllocationSize','<q=1'), + ('ExtFileAttributes','<L=0'), + ) + AsciiStructure = ( + ('FileNameLength','<L-FileName','len(FileName)'), + ('EaSize','<L'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameLength','<L-FileName','len(FileName)*2'), + ('EaSize','<L'), + ('FileName',':'), + ) + +# SMB_FIND_INFO_STANDARD level +class SMBFindInfoStandard(AsciiOrUnicodeStructure): + commonHdr = ( + ('ResumeKey','<L=0xff'), + ('CreationDate','<H=0'), + ('CreationTime','<H=0'), + ('LastAccessDate','<H=0'), + ('LastAccessTime','<H=0'), + ('LastWriteDate','<H=0'), + ('LastWriteTime','<H=0'), + ('EaSize','<L'), + ('AllocationSize','<L=1'), + ('ExtFileAttributes','<H=0'), + ) + AsciiStructure = ( + ('FileNameLength','<B-FileName','len(FileName)'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameLength','<B-FileName','len(FileName)*2'), + ('FileName',':'), + ) + +# SET_FILE_INFORMATION structures +# SMB_SET_FILE_DISPOSITION_INFO +class SMBSetFileDispositionInfo(Structure): + structure = ( + ('DeletePending','<B'), + ) + +# SMB_SET_FILE_BASIC_INFO +class SMBSetFileBasicInfo(Structure): + structure = ( + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('ChangeTime','<q'), + ('ExtFileAttributes','<H'), + ('Reserved','<L'), + ) + +# FILE_STREAM_INFORMATION +class SMBFileStreamInformation(Structure): + commonHdr = ( + ('NextEntryOffset','<L=0'), + ('StreamNameLength','<L=0'), + ('StreamSize','<q=0'), + ('StreamAllocationSize','<q=0'), + ('StreamName',':=""'), + ) + +# FILE_NETWORK_OPEN_INFORMATION +class SMBFileNetworkOpenInfo(Structure): + structure = ( + ('CreationTime','<q=0'), + ('LastAccessTime','<q=0'), + ('LastWriteTime','<q=0'), + ('ChangeTime','<q=0'), + ('AllocationSize','<q=0'), + ('EndOfFile','<q=0'), + ('FileAttributes','<L=0'), + ('Reserved','<L=0'), + ) + +# SMB_SET_FILE_END_OF_FILE_INFO +class SMBSetFileEndOfFileInfo(Structure): + structure = ( + ('EndOfFile','<q'), + ) + +# TRANS2_FIND_NEXT2 +class SMBFindNext2_Parameters(AsciiOrUnicodeStructure): + commonHdr = ( + ('SID','<H'), + ('SearchCount','<H'), + ('InformationLevel','<H'), + ('ResumeKey','<L'), + ('Flags','<H'), + ) + AsciiStructure = ( + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileName','u'), + ) + +class SMBFindNext2Response_Parameters(Structure): + structure = ( + ('SearchCount','<H'), + ('EndOfSearch','<H=1'), + ('EaErrorOffset','<H=0'), + ('LastNameOffset','<H=0'), + ) + +class SMBFindNext2_Data(Structure): + structure = ( + ('GetExtendedAttributesListLength','_-GetExtendedAttributesList', 'self["GetExtendedAttributesListLength"]'), + ('GetExtendedAttributesList',':'), + ) + + +# TRANS2_FIND_FIRST2 +class SMBFindFirst2Response_Parameters(Structure): + structure = ( + ('SID','<H'), + ('SearchCount','<H'), + ('EndOfSearch','<H=1'), + ('EaErrorOffset','<H=0'), + ('LastNameOffset','<H=0'), + ) + +class SMBFindFirst2_Parameters(AsciiOrUnicodeStructure): + commonHdr = ( + ('SearchAttributes','<H'), + ('SearchCount','<H'), + ('Flags','<H'), + ('InformationLevel','<H'), + ('SearchStorageType','<L'), + ) + AsciiStructure = ( + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileName','u'), + ) + +class SMBFindFirst2_Data(Structure): + structure = ( + ('GetExtendedAttributesListLength','_-GetExtendedAttributesList', 'self["GetExtendedAttributesListLength"]'), + ('GetExtendedAttributesList',':'), + ) + +# TRANS2_SET_PATH_INFORMATION +class SMBSetPathInformation_Parameters(AsciiOrUnicodeStructure): + commonHdr = ( + ('InformationLevel','<H'), + ('Reserved','<L'), + ) + AsciiStructure = ( + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileName','u'), + ) + +class SMBSetPathInformationResponse_Parameters(Structure): + structure = ( + ('EaErrorOffset','<H=0'), + ) + +# TRANS2_SET_FILE_INFORMATION +class SMBSetFileInformation_Parameters(Structure): + structure = ( + ('FID','<H'), + ('InformationLevel','<H'), + ('Reserved','<H'), + ) + +class SMBSetFileInformationResponse_Parameters(Structure): + structure = ( + ('EaErrorOffset','<H=0'), + ) + +# TRANS2_QUERY_FILE_INFORMATION +class SMBQueryFileInformation_Parameters(Structure): + structure = ( + ('FID','<H'), + ('InformationLevel','<H'), + ) + +class SMBQueryFileInformationResponse_Parameters(Structure): + structure = ( + ('EaErrorOffset','<H=0'), + ) + +class SMBQueryFileInformation_Data(Structure): + structure = ( + ('GetExtendedAttributeList',':'), + ) + +# TRANS2_QUERY_PATH_INFORMATION +class SMBQueryPathInformationResponse_Parameters(Structure): + structure = ( + ('EaErrorOffset','<H=0'), + ) + +class SMBQueryPathInformation_Parameters(AsciiOrUnicodeStructure): + commonHdr = ( + ('InformationLevel','<H'), + ('Reserved','<L=0'), + ) + AsciiStructure = ( + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileName','u'), + ) + +class SMBQueryPathInformation_Data(Structure): + structure = ( + ('GetExtendedAttributeList',':'), + ) + + +# SMB_QUERY_FILE_EA_INFO +class SMBQueryFileEaInfo(Structure): + structure = ( + ('EaSize','<L=0'), + ) + +# SMB_QUERY_FILE_BASIC_INFO +class SMBQueryFileBasicInfo(Structure): + structure = ( + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('ExtFileAttributes','<L'), + #('Reserved','<L=0'), + ) + +# SMB_QUERY_FILE_STANDARD_INFO +class SMBQueryFileStandardInfo(Structure): + structure = ( + ('AllocationSize','<q'), + ('EndOfFile','<q'), + ('NumberOfLinks','<L=0'), + ('DeletePending','<B=0'), + ('Directory','<B'), + ) + +# SMB_QUERY_FILE_ALL_INFO +class SMBQueryFileAllInfo(Structure): + structure = ( + ('CreationTime','<q'), + ('LastAccessTime','<q'), + ('LastWriteTime','<q'), + ('LastChangeTime','<q'), + ('ExtFileAttributes','<L'), + ('Reserved','<L=0'), + ('AllocationSize','<q'), + ('EndOfFile','<q'), + ('NumberOfLinks','<L=0'), + ('DeletePending','<B=0'), + ('Directory','<B'), + ('Reserved','<H=0'), + ('EaSize','<L=0'), + ('FileNameLength','<L-FileName','len(FileName)'), + ('FileName',':'), + ) + +# \PIPE\LANMAN NetShareEnum +class SMBNetShareEnum(Structure): + structure = ( + ('RAPOpcode','<H=0'), + ('ParamDesc','z'), + ('DataDesc','z'), + ('InfoLevel','<H'), + ('ReceiveBufferSize','<H'), + ) + +class SMBNetShareEnumResponse(Structure): + structure = ( + ('Status','<H=0'), + ('Convert','<H=0'), + ('EntriesReturned','<H'), + ('EntriesAvailable','<H'), + ) + +class NetShareInfo1(Structure): + structure = ( + ('NetworkName','13s'), + ('Pad','<B=0'), + ('Type','<H=0'), + ('RemarkOffsetLow','<H=0'), + ('RemarkOffsetHigh','<H=0'), + ) + +# \PIPE\LANMAN NetServerGetInfo +class SMBNetServerGetInfoResponse(Structure): + structure = ( + ('Status','<H=0'), + ('Convert','<H=0'), + ('TotalBytesAvailable','<H'), + ) + +class SMBNetServerInfo1(Structure): + # Level 1 Response + structure = ( + ('ServerName','16s'), + ('MajorVersion','B=5'), + ('MinorVersion','B=0'), + ('ServerType','<L=3'), + ('ServerCommentLow','<H=0'), + ('ServerCommentHigh','<H=0'), + ) + +# \PIPE\LANMAN NetShareGetInfo +class SMBNetShareGetInfo(Structure): + structure = ( + ('RAPOpcode','<H=0'), + ('ParamDesc','z'), + ('DataDesc','z'), + ('ShareName','z'), + ('InfoLevel','<H'), + ('ReceiveBufferSize','<H'), + ) + +class SMBNetShareGetInfoResponse(Structure): + structure = ( + ('Status','<H=0'), + ('Convert','<H=0'), + ('TotalBytesAvailable','<H'), + ) + +############# Security Features +class SecurityFeatures(Structure): + structure = ( + ('Key','<L=0'), + ('CID','<H=0'), + ('SequenceNumber','<H=0'), + ) + +############# SMB_COM_QUERY_INFORMATION2 (0x23) +class SMBQueryInformation2_Parameters(Structure): + structure = ( + ('Fid','<H'), + ) + +class SMBQueryInformation2Response_Parameters(Structure): + structure = ( + ('CreateDate','<H'), + ('CreationTime','<H'), + ('LastAccessDate','<H'), + ('LastAccessTime','<H'), + ('LastWriteDate','<H'), + ('LastWriteTime','<H'), + ('FileDataSize','<L'), + ('FileAllocationSize','<L'), + ('FileAttributes','<L'), + ) + + + +############# SMB_COM_SESSION_SETUP_ANDX (0x73) +class SMBSessionSetupAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('MaxBuffer','<H'), + ('MaxMpxCount','<H'), + ('VCNumber','<H'), + ('SessionKey','<L'), + ('AnsiPwdLength','<H'), + ('UnicodePwdLength','<H'), + ('_reserved','<L=0'), + ('Capabilities','<L'), + ) + +class SMBSessionSetupAndX_Extended_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('MaxBufferSize','<H'), + ('MaxMpxCount','<H'), + ('VcNumber','<H'), + ('SessionKey','<L'), + ('SecurityBlobLength','<H'), + ('Reserved','<L=0'), + ('Capabilities','<L'), + ) + +class SMBSessionSetupAndX_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('AnsiPwdLength','_-AnsiPwd','self["AnsiPwdLength"]'), + ('UnicodePwdLength','_-UnicodePwd','self["UnicodePwdLength"]'), + ('AnsiPwd',':=""'), + ('UnicodePwd',':=""'), + ('Account','z=""'), + ('PrimaryDomain','z=""'), + ('NativeOS','z=""'), + ('NativeLanMan','z=""'), + ) + + UnicodeStructure = ( + ('AnsiPwdLength','_-AnsiPwd','self["AnsiPwdLength"]'), + ('UnicodePwdLength','_-UnicodePwd','self["UnicodePwdLength"]'), + ('AnsiPwd',':=""'), + ('UnicodePwd',':=""'), + ('Account','u=""'), + ('PrimaryDomain','u=""'), + ('NativeOS','u=""'), + ('NativeLanMan','u=""'), + ) + +class SMBSessionSetupAndX_Extended_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'), + ('SecurityBlob',':'), + ('NativeOS','z=""'), + ('NativeLanMan','z=""'), + ) + + UnicodeStructure = ( + ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'), + ('SecurityBlob',':'), + ('NativeOS','u=""'), + ('NativeLanMan','u=""'), + ) + +class SMBSessionSetupAndXResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Action','<H'), + ) + +class SMBSessionSetupAndX_Extended_Response_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Action','<H=0'), + ('SecurityBlobLength','<H'), + ) + +class SMBSessionSetupAndXResponse_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('NativeOS','z=""'), + ('NativeLanMan','z=""'), + ('PrimaryDomain','z=""'), + ) + + UnicodeStructure = ( + ('NativeOS','u=""'), + ('NativeLanMan','u=""'), + ('PrimaryDomain','u=""'), + ) + +class SMBSessionSetupAndX_Extended_Response_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'), + ('SecurityBlob',':'), + ('NativeOS','z=""'), + ('NativeLanMan','z=""'), + ) + + UnicodeStructure = ( + ('SecurityBlobLength','_-SecurityBlob','self["SecurityBlobLength"]'), + ('SecurityBlob',':'), + ('NativeOS','u=""'), + ('NativeLanMan','u=""'), + ) + +############# SMB_COM_TREE_CONNECT (0x70) +class SMBTreeConnect_Parameters(SMBCommand_Parameters): + structure = ( + ) + +class SMBTreeConnect_Data(SMBCommand_Parameters): + structure = ( + ('PathFormat','"\x04'), + ('Path','z'), + ('PasswordFormat','"\x04'), + ('Password','z'), + ('ServiceFormat','"\x04'), + ('Service','z'), + ) + +############# SMB_COM_TREE_CONNECT_ANDX (0x75) +class SMBTreeConnectAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Flags','<H=0'), + ('PasswordLength','<H'), + ) + +class SMBTreeConnectAndXResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('OptionalSupport','<H=0'), + ) + +class SMBTreeConnectAndXExtendedResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('OptionalSupport','<H=1'), + ('MaximalShareAccessRights','<L=0x1fffff'), + ('GuestMaximalShareAccessRights','<L=0x1fffff'), + ) + +class SMBTreeConnectAndX_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('_PasswordLength','_-Password','self["_PasswordLength"]'), + ('Password',':'), + ('Path','z'), + ('Service','z'), + ) + + UnicodeStructure = ( + ('_PasswordLength','_-Password','self["_PasswordLength"] if self["_PasswordLength"] > 0 else 1'), + ('Password',':'), + ('Path','u'), + ('Service','z'), + ) + +class SMBTreeConnectAndXResponse_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('Service','z'), + ('PadLen','_-Pad','self["PadLen"]'), + ('Pad',':=""'), + ('NativeFileSystem','z'), + ) + UnicodeStructure = ( + ('Service','z'), + ('PadLen','_-Pad','self["PadLen"]'), + ('Pad',':=""'), + ('NativeFileSystem','u'), + ) + +############# SMB_COM_NT_CREATE_ANDX (0xA2) +class SMBNtCreateAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('_reserved', 'B=0'), + ('FileNameLength','<H'), # NameLength + ('CreateFlags','<L'), # Flags + ('RootFid','<L=0'), # RootDirectoryFID + ('AccessMask','<L'), # DesiredAccess + ('AllocationSizeLo','<L=0'), # AllocationSize + ('AllocationSizeHi','<L=0'), + ('FileAttributes','<L=0'), # ExtFileAttributes + ('ShareAccess','<L=3'), # + ('Disposition','<L=1'), # CreateDisposition + ('CreateOptions','<L'), # CreateOptions + ('Impersonation','<L=2'), + ('SecurityFlags','B=3'), + ) + +class SMBNtCreateAndXResponse_Parameters(SMBAndXCommand_Parameters): + # XXX Is there a memory leak in the response for NTCreate (where the Data section would be) in Win 2000, Win XP, and Win 2003? + structure = ( + ('OplockLevel', 'B=0'), + ('Fid','<H'), + ('CreateAction','<L'), + ('CreateTime','<q=0'), + ('LastAccessTime','<q=0'), + ('LastWriteTime','<q=0'), + ('LastChangeTime','<q=0'), + ('FileAttributes','<L=0x80'), + ('AllocationSize','<q=0'), + ('EndOfFile','<q=0'), + ('FileType','<H=0'), + ('IPCState','<H=0'), + ('IsDirectory','B'), + ) + +class SMBNtCreateAndXExtendedResponse_Parameters(SMBAndXCommand_Parameters): + # [MS-SMB] Extended response description + structure = ( + ('OplockLevel', 'B=0'), + ('Fid','<H'), + ('CreateAction','<L'), + ('CreateTime','<q=0'), + ('LastAccessTime','<q=0'), + ('LastWriteTime','<q=0'), + ('LastChangeTime','<q=0'), + ('FileAttributes','<L=0x80'), + ('AllocationSize','<q=0'), + ('EndOfFile','<q=0'), + ('FileType','<H=0'), + ('IPCState','<H=0'), + ('IsDirectory','B'), + ('VolumeGUID','16s'), + ('FileIdLow','<L=0'), + ('FileIdHigh','<L=0'), + ('MaximalAccessRights','<L=0x12019b'), + ('GuestMaximalAccessRights','<L=0x120089'), + ) + +class SMBNtCreateAndX_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('FileName','z'), + ) + UnicodeStructure = ( + ('Pad','B'), + ('FileName','u'), + ) + +############# SMB_COM_OPEN_ANDX (0xD2) +class SMBOpenAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Flags','<H=0'), + ('DesiredAccess','<H=0'), + ('SearchAttributes','<H=0'), + ('FileAttributes','<H=0'), + ('CreationTime','<L=0'), + ('OpenMode','<H=1'), # SMB_O_OPEN = 1 + ('AllocationSize','<L=0'), + ('Reserved','8s=""'), + ) + +class SMBOpenAndX_Data(SMBNtCreateAndX_Data): + pass + +class SMBOpenAndXResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Fid','<H=0'), + ('FileAttributes','<H=0'), + ('LastWriten','<L=0'), + ('FileSize','<L=0'), + ('GrantedAccess','<H=0'), + ('FileType','<H=0'), + ('IPCState','<H=0'), + ('Action','<H=0'), + ('ServerFid','<L=0'), + ('_reserved','<H=0'), + ) + +############# SMB_COM_WRITE (0x0B) +class SMBWrite_Parameters(SMBCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Count','<H'), + ('Offset','<L'), + ('Remaining','<H'), + ) + +class SMBWriteResponse_Parameters(SMBCommand_Parameters): + structure = ( + ('Count','<H'), + ) + +class SMBWrite_Data(Structure): + structure = ( + ('BufferFormat','<B=1'), + ('DataLength','<H-Data'), + ('Data',':'), + ) + + +############# SMB_COM_WRITE_ANDX (0x2F) +class SMBWriteAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Fid','<H=0'), + ('Offset','<L=0'), + ('_reserved','<L=0xff'), + ('WriteMode','<H=8'), + ('Remaining','<H=0'), + ('DataLength_Hi','<H=0'), + ('DataLength','<H=0'), + ('DataOffset','<H=0'), + ('HighOffset','<L=0'), + ) + +class SMBWriteAndX_Data_Short(Structure): + structure = ( + ('_PadLen','_-Pad','self["DataOffset"] - 59'), + ('Pad',':'), + #('Pad','<B=0'), + ('DataLength','_-Data','self["DataLength"]'), + ('Data',':'), + ) + +class SMBWriteAndX_Data(Structure): + structure = ( + ('_PadLen','_-Pad','self["DataOffset"] - 63'), + ('Pad',':'), + #('Pad','<B=0'), + ('DataLength','_-Data','self["DataLength"]'), + ('Data',':'), + ) + + +class SMBWriteAndX_Parameters_Short(SMBAndXCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Offset','<L'), + ('_reserved','<L=0xff'), + ('WriteMode','<H=8'), + ('Remaining','<H'), + ('DataLength_Hi','<H=0'), + ('DataLength','<H'), + ('DataOffset','<H=0'), + ) + +class SMBWriteAndXResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Count','<H'), + ('Available','<H'), + ('Reserved','<L=0'), + ) + +############# SMB_COM_WRITE_RAW (0x1D) +class SMBWriteRaw_Parameters(SMBCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Count','<H'), + ('_reserved','<H=0'), + ('Offset','<L'), + ('Timeout','<L=0'), + ('WriteMode','<H=0'), + ('_reserved2','<L=0'), + ('DataLength','<H'), + ('DataOffset','<H=0'), + ) + +############# SMB_COM_READ (0x0A) +class SMBRead_Parameters(SMBCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Count','<H'), + ('Offset','<L'), + ('Remaining','<H=Count'), + ) + +class SMBReadResponse_Parameters(Structure): + structure = ( + ('Count','<H=0'), + ('_reserved','8s=""'), + ) + +class SMBReadResponse_Data(Structure): + structure = ( + ('BufferFormat','<B=0x1'), + ('DataLength','<H-Data'), + ('Data',':'), + ) + +############# SMB_COM_READ_RAW (0x1A) +class SMBReadRaw_Parameters(SMBCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Offset','<L'), + ('MaxCount','<H'), + ('MinCount','<H=MaxCount'), + ('Timeout','<L=0'), + ('_reserved','<H=0'), + ) + +############# SMB_COM_NT_TRANSACT (0xA0) +class SMBNTTransaction_Parameters(SMBCommand_Parameters): + structure = ( + ('MaxSetupCount','<B=0'), + ('Reserved1','<H=0'), + ('TotalParameterCount','<L'), + ('TotalDataCount','<L'), + ('MaxParameterCount','<L=1024'), + ('MaxDataCount','<L=65504'), + ('ParameterCount','<L'), + ('ParameterOffset','<L'), + ('DataCount','<L'), + ('DataOffset','<L'), + ('SetupCount','<B=len(Setup)/2'), + ('Function','<H=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +class SMBNTTransactionResponse_Parameters(SMBCommand_Parameters): + structure = ( + ('Reserved1','3s=""'), + ('TotalParameterCount','<L'), + ('TotalDataCount','<L'), + ('ParameterCount','<L'), + ('ParameterOffset','<L'), + ('ParameterDisplacement','<L=0'), + ('DataCount','<L'), + ('DataOffset','<L'), + ('DataDisplacement','<L=0'), + ('SetupCount','<B=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +class SMBNTTransaction_Data(Structure): + structure = ( + ('Pad1Length','_-Pad1','self["Pad1Length"]'), + ('Pad1',':'), + ('NT_Trans_ParametersLength','_-NT_Trans_Parameters','self["NT_Trans_ParametersLength"]'), + ('NT_Trans_Parameters',':'), + ('Pad2Length','_-Pad2','self["Pad2Length"]'), + ('Pad2',':'), + ('NT_Trans_DataLength','_-NT_Trans_Data','self["NT_Trans_DataLength"]'), + ('NT_Trans_Data',':'), + ) + +class SMBNTTransactionResponse_Data(Structure): + structure = ( + ('Pad1Length','_-Pad1','self["Pad1Length"]'), + ('Pad1',':'), + ('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'), + ('Trans_Parameters',':'), + ('Pad2Length','_-Pad2','self["Pad2Length"]'), + ('Pad2',':'), + ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'), + ('Trans_Data',':'), + ) + + +############# SMB_COM_TRANSACTION2_SECONDARY (0x33) +class SMBTransaction2Secondary_Parameters(SMBCommand_Parameters): + structure = ( + ('TotalParameterCount','<H'), + ('TotalDataCount','<H'), + ('ParameterCount','<H'), + ('ParameterOffset','<H'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('DataDisplacement','<H=0'), + ('FID','<H'), + ) + +class SMBTransaction2Secondary_Data(Structure): + structure = ( + ('Pad1Length','_-Pad1','self["Pad1Length"]'), + ('Pad1',':'), + ('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'), + ('Trans_Parameters',':'), + ('Pad2Length','_-Pad2','self["Pad2Length"]'), + ('Pad2',':'), + ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'), + ('Trans_Data',':'), + ) + + +############# SMB_COM_TRANSACTION2 (0x32) + +class SMBTransaction2_Parameters(SMBCommand_Parameters): + structure = ( + ('TotalParameterCount','<H'), + ('TotalDataCount','<H'), + ('MaxParameterCount','<H=1024'), + ('MaxDataCount','<H=65504'), + ('MaxSetupCount','<B=0'), + ('Reserved1','<B=0'), + ('Flags','<H=0'), + ('Timeout','<L=0'), + ('Reserved2','<H=0'), + ('ParameterCount','<H'), + ('ParameterOffset','<H'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('SetupCount','<B=len(Setup)/2'), + ('Reserved3','<B=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +class SMBTransaction2Response_Parameters(SMBCommand_Parameters): + structure = ( + ('TotalParameterCount','<H'), + ('TotalDataCount','<H'), + ('Reserved1','<H=0'), + ('ParameterCount','<H'), + ('ParameterOffset','<H'), + ('ParameterDisplacement','<H=0'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('DataDisplacement','<H=0'), + ('SetupCount','<B=0'), + ('Reserved2','<B=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +class SMBTransaction2_Data(Structure): + structure = ( +# ('NameLength','_-Name','1'), +# ('Name',':'), + ('Pad1Length','_-Pad1','self["Pad1Length"]'), + ('Pad1',':'), + ('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'), + ('Trans_Parameters',':'), + ('Pad2Length','_-Pad2','self["Pad2Length"]'), + ('Pad2',':'), + ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'), + ('Trans_Data',':'), + ) + +class SMBTransaction2Response_Data(Structure): + structure = ( + ('Pad1Length','_-Pad1','self["Pad1Length"]'), + ('Pad1',':'), + ('Trans_ParametersLength','_-Trans_Parameters','self["Trans_ParametersLength"]'), + ('Trans_Parameters',':'), + ('Pad2Length','_-Pad2','self["Pad2Length"]'), + ('Pad2',':'), + ('Trans_DataLength','_-Trans_Data','self["Trans_DataLength"]'), + ('Trans_Data',':'), + ) + +############# SMB_COM_QUERY_INFORMATION (0x08) + +class SMBQueryInformation_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat','B=4'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('BufferFormat','B=4'), + ('FileName','u'), + ) + + +class SMBQueryInformationResponse_Parameters(Structure): + structure = ( + ('FileAttributes','<H'), + ('LastWriteTime','<L'), + ('FileSize','<L'), + ('Reserved','"0123456789'), + ) + +############# SMB_COM_TRANSACTION (0x25) +class SMBTransaction_Parameters(SMBCommand_Parameters): + structure = ( + ('TotalParameterCount','<H'), + ('TotalDataCount','<H'), + ('MaxParameterCount','<H=1024'), + ('MaxDataCount','<H=65504'), + ('MaxSetupCount','<B=0'), + ('Reserved1','<B=0'), + ('Flags','<H=0'), + ('Timeout','<L=0'), + ('Reserved2','<H=0'), + ('ParameterCount','<H'), + ('ParameterOffset','<H'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('SetupCount','<B=len(Setup)/2'), + ('Reserved3','<B=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +class SMBTransactionResponse_Parameters(SMBCommand_Parameters): + structure = ( + ('TotalParameterCount','<H'), + ('TotalDataCount','<H'), + ('Reserved1','<H=0'), + ('ParameterCount','<H'), + ('ParameterOffset','<H'), + ('ParameterDisplacement','<H=0'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('DataDisplacement','<H=0'), + ('SetupCount','<B'), + ('Reserved2','<B=0'), + ('SetupLength','_-Setup','SetupCount*2'), + ('Setup',':'), + ) + +# TODO: We should merge these both. But this will require fixing +# the instances where this structure is used on the client side +class SMBTransaction_SData(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('Name','z'), + ('Trans_ParametersLength','_-Trans_Parameters'), + ('Trans_Parameters',':'), + ('Trans_DataLength','_-Trans_Data'), + ('Trans_Data',':'), + ) + UnicodeStructure = ( + ('Pad','B'), + ('Name','u'), + ('Trans_ParametersLength','_-Trans_Parameters'), + ('Trans_Parameters',':'), + ('Trans_DataLength','_-Trans_Data'), + ('Trans_Data',':'), + ) + +class SMBTransaction_Data(Structure): + structure = ( + ('NameLength','_-Name'), + ('Name',':'), + ('Trans_ParametersLength','_-Trans_Parameters'), + ('Trans_Parameters',':'), + ('Trans_DataLength','_-Trans_Data'), + ('Trans_Data',':'), + ) + +class SMBTransactionResponse_Data(Structure): + structure = ( + ('Trans_ParametersLength','_-Trans_Parameters'), + ('Trans_Parameters',':'), + ('Trans_DataLength','_-Trans_Data'), + ('Trans_Data',':'), + ) + +############# SMB_COM_READ_ANDX (0x2E) +class SMBReadAndX_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Offset','<L'), + ('MaxCount','<H'), + ('MinCount','<H=MaxCount'), + ('_reserved','<L=0x0'), + ('Remaining','<H=MaxCount'), + ('HighOffset','<L=0'), + ) + +class SMBReadAndX_Parameters2(SMBAndXCommand_Parameters): + structure = ( + ('Fid','<H'), + ('Offset','<L'), + ('MaxCount','<H'), + ('MinCount','<H=MaxCount'), + ('_reserved','<L=0xffffffff'), + ('Remaining','<H=MaxCount'), + ) + +class SMBReadAndXResponse_Parameters(SMBAndXCommand_Parameters): + structure = ( + ('Remaining','<H=0'), + ('DataMode','<H=0'), + ('_reserved','<H=0'), + ('DataCount','<H'), + ('DataOffset','<H'), + ('DataCount_Hi','<L'), + ('_reserved2','6s=""'), + ) + +############# SMB_COM_ECHO (0x2B) +class SMBEcho_Data(Structure): + structure = ( + ('Data',':'), + ) + +class SMBEcho_Parameters(Structure): + structure = ( + ('EchoCount','<H'), + ) + +class SMBEchoResponse_Data(Structure): + structure = ( + ('Data',':'), + ) + +class SMBEchoResponse_Parameters(Structure): + structure = ( + ('SequenceNumber','<H=1'), + ) + +############# SMB_COM_QUERY_INFORMATION_DISK (0x80) +class SMBQueryInformationDiskResponse_Parameters(Structure): + structure = ( + ('TotalUnits','<H'), + ('BlocksPerUnit','<H'), + ('BlockSize','<H'), + ('FreeUnits','<H'), + ('Reserved','<H=0'), + ) + + +############# SMB_COM_LOGOFF_ANDX (0x74) +class SMBLogOffAndX(SMBAndXCommand_Parameters): + strucure = () + +############# SMB_COM_CLOSE (0x04) +class SMBClose_Parameters(SMBCommand_Parameters): + structure = ( + ('FID','<H'), + ('Time','<L=0'), + ) + +############# SMB_COM_FLUSH (0x05) +class SMBFlush_Parameters(SMBCommand_Parameters): + structure = ( + ('FID','<H'), + ) + +############# SMB_COM_CREATE_DIRECTORY (0x00) +class SMBCreateDirectory_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','z'), + ) + UnicodeStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','u'), + ) + +############# SMB_COM_DELETE (0x06) +class SMBDelete_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat','<B=4'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('BufferFormat','<B=4'), + ('FileName','u'), + ) + +class SMBDelete_Parameters(Structure): + structure = ( + ('SearchAttributes','<H'), + ) + +############# SMB_COM_DELETE_DIRECTORY (0x01) +class SMBDeleteDirectory_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','z'), + ) + UnicodeStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','u'), + ) + +############# SMB_COM_CHECK_DIRECTORY (0x10) +class SMBCheckDirectory_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','z'), + ) + UnicodeStructure = ( + ('BufferFormat','<B=4'), + ('DirectoryName','u'), + ) + +############# SMB_COM_RENAME (0x07) +class SMBRename_Parameters(SMBCommand_Parameters): + structure = ( + ('SearchAttributes','<H'), + ) + +class SMBRename_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('BufferFormat1','<B=4'), + ('OldFileName','z'), + ('BufferFormat2','<B=4'), + ('NewFileName','z'), + ) + UnicodeStructure = ( + ('BufferFormat1','<B=4'), + ('OldFileName','u'), + ('BufferFormat2','<B=4'), + ('Pad','B=0'), + ('NewFileName','u'), + ) + + +############# SMB_COM_OPEN (0x02) +class SMBOpen_Parameters(SMBCommand_Parameters): + structure = ( + ('DesiredAccess','<H=0'), + ('SearchAttributes','<H=0'), + ) + +class SMBOpen_Data(AsciiOrUnicodeStructure): + AsciiStructure = ( + ('FileNameFormat','"\x04'), + ('FileName','z'), + ) + UnicodeStructure = ( + ('FileNameFormat','"\x04'), + ('FileName','z'), + ) + +class SMBOpenResponse_Parameters(SMBCommand_Parameters): + structure = ( + ('Fid','<H=0'), + ('FileAttributes','<H=0'), + ('LastWriten','<L=0'), + ('FileSize','<L=0'), + ('GrantedAccess','<H=0'), + ) + +############# EXTENDED SECURITY CLASSES +class SMBExtended_Security_Parameters(Structure): + structure = ( + ('DialectIndex','<H'), + ('SecurityMode','<B'), + ('MaxMpxCount','<H'), + ('MaxNumberVcs','<H'), + ('MaxBufferSize','<L'), + ('MaxRawSize','<L'), + ('SessionKey','<L'), + ('Capabilities','<L'), + ('LowDateTime','<L'), + ('HighDateTime','<L'), + ('ServerTimeZone','<H'), + ('ChallengeLength','<B'), + ) + +class SMBExtended_Security_Data(Structure): + structure = ( + ('ServerGUID','16s'), + ('SecurityBlob',':'), + ) + +class SMBNTLMDialect_Parameters(Structure): + structure = ( + ('DialectIndex','<H'), + ('SecurityMode','<B'), + ('MaxMpxCount','<H'), + ('MaxNumberVcs','<H'), + ('MaxBufferSize','<L'), + ('MaxRawSize','<L'), + ('SessionKey','<L'), + ('Capabilities','<L'), + ('LowDateTime','<L'), + ('HighDateTime','<L'), + ('ServerTimeZone','<H'), + ('ChallengeLength','<B'), + ) + +class SMBNTLMDialect_Data(Structure): + structure = ( + ('ChallengeLength','_-Challenge','self["ChallengeLength"]'), + ('Challenge',':'), + ('Payload',':'), +# For some reason on an old Linux this field is not present, we have to check this out. There must be a flag stating this. + ('DomainName','_'), + ('ServerName','_'), + ) + def __init__(self,data = None, alignment = 0): + Structure.__init__(self,data,alignment) + #self['ChallengeLength']=8 + + def fromString(self,data): + Structure.fromString(self,data) + self['DomainName'] = '' + self['ServerName'] = '' + +class SMB: + # SMB Command Codes + SMB_COM_CREATE_DIRECTORY = 0x00 + SMB_COM_DELETE_DIRECTORY = 0x01 + SMB_COM_OPEN = 0x02 + SMB_COM_CREATE = 0x03 + SMB_COM_CLOSE = 0x04 + SMB_COM_FLUSH = 0x05 + SMB_COM_DELETE = 0x06 + SMB_COM_RENAME = 0x07 + SMB_COM_QUERY_INFORMATION = 0x08 + SMB_COM_SET_INFORMATION = 0x09 + SMB_COM_READ = 0x0A + SMB_COM_WRITE = 0x0B + SMB_COM_LOCK_BYTE_RANGE = 0x0C + SMB_COM_UNLOCK_BYTE_RANGE = 0x0D + SMB_COM_CREATE_TEMPORARY = 0x0E + SMB_COM_CREATE_NEW = 0x0F + SMB_COM_CHECK_DIRECTORY = 0x10 + SMB_COM_PROCESS_EXIT = 0x11 + SMB_COM_SEEK = 0x12 + SMB_COM_LOCK_AND_READ = 0x13 + SMB_COM_WRITE_AND_UNLOCK = 0x14 + SMB_COM_READ_RAW = 0x1A + SMB_COM_READ_MPX = 0x1B + SMB_COM_READ_MPX_SECONDARY = 0x1C + SMB_COM_WRITE_RAW = 0x1D + SMB_COM_WRITE_MPX = 0x1E + SMB_COM_WRITE_MPX_SECONDARY = 0x1F + SMB_COM_WRITE_COMPLETE = 0x20 + SMB_COM_QUERY_SERVER = 0x21 + SMB_COM_SET_INFORMATION2 = 0x22 + SMB_COM_QUERY_INFORMATION2 = 0x23 + SMB_COM_LOCKING_ANDX = 0x24 + SMB_COM_TRANSACTION = 0x25 + SMB_COM_TRANSACTION_SECONDARY = 0x26 + SMB_COM_IOCTL = 0x27 + SMB_COM_IOCTL_SECONDARY = 0x28 + SMB_COM_COPY = 0x29 + SMB_COM_MOVE = 0x2A + SMB_COM_ECHO = 0x2B + SMB_COM_WRITE_AND_CLOSE = 0x2C + SMB_COM_OPEN_ANDX = 0x2D + SMB_COM_READ_ANDX = 0x2E + SMB_COM_WRITE_ANDX = 0x2F + SMB_COM_NEW_FILE_SIZE = 0x30 + SMB_COM_CLOSE_AND_TREE_DISC = 0x31 + SMB_COM_TRANSACTION2 = 0x32 + SMB_COM_TRANSACTION2_SECONDARY = 0x33 + SMB_COM_FIND_CLOSE2 = 0x34 + SMB_COM_FIND_NOTIFY_CLOSE = 0x35 + # Used by Xenix/Unix 0x60 - 0x6E + SMB_COM_TREE_CONNECT = 0x70 + SMB_COM_TREE_DISCONNECT = 0x71 + SMB_COM_NEGOTIATE = 0x72 + SMB_COM_SESSION_SETUP_ANDX = 0x73 + SMB_COM_LOGOFF_ANDX = 0x74 + SMB_COM_TREE_CONNECT_ANDX = 0x75 + SMB_COM_QUERY_INFORMATION_DISK = 0x80 + SMB_COM_SEARCH = 0x81 + SMB_COM_FIND = 0x82 + SMB_COM_FIND_UNIQUE = 0x83 + SMB_COM_FIND_CLOSE = 0x84 + SMB_COM_NT_TRANSACT = 0xA0 + SMB_COM_NT_TRANSACT_SECONDARY = 0xA1 + SMB_COM_NT_CREATE_ANDX = 0xA2 + SMB_COM_NT_CANCEL = 0xA4 + SMB_COM_NT_RENAME = 0xA5 + SMB_COM_OPEN_PRINT_FILE = 0xC0 + SMB_COM_WRITE_PRINT_FILE = 0xC1 + SMB_COM_CLOSE_PRINT_FILE = 0xC2 + SMB_COM_GET_PRINT_QUEUE = 0xC3 + SMB_COM_READ_BULK = 0xD8 + SMB_COM_WRITE_BULK = 0xD9 + SMB_COM_WRITE_BULK_DATA = 0xDA + + # TRANSACT codes + TRANS_TRANSACT_NMPIPE = 0x26 + + # TRANSACT2 codes + TRANS2_FIND_FIRST2 = 0x0001 + TRANS2_FIND_NEXT2 = 0x0002 + TRANS2_QUERY_FS_INFORMATION = 0x0003 + TRANS2_QUERY_PATH_INFORMATION = 0x0005 + TRANS2_QUERY_FILE_INFORMATION = 0x0007 + TRANS2_SET_FILE_INFORMATION = 0x0008 + TRANS2_SET_PATH_INFORMATION = 0x0006 + + # Security Share Mode (Used internally by SMB class) + SECURITY_SHARE_MASK = 0x01 + SECURITY_SHARE_SHARE = 0x00 + SECURITY_SHARE_USER = 0x01 + SECURITY_SIGNATURES_ENABLED = 0X04 + SECURITY_SIGNATURES_REQUIRED = 0X08 + + # Security Auth Mode (Used internally by SMB class) + SECURITY_AUTH_MASK = 0x02 + SECURITY_AUTH_ENCRYPTED = 0x02 + SECURITY_AUTH_PLAINTEXT = 0x00 + + # Raw Mode Mask (Used internally by SMB class. Good for dialect up to and including LANMAN2.1) + RAW_READ_MASK = 0x01 + RAW_WRITE_MASK = 0x02 + + # Capabilities Mask (Used internally by SMB class. Good for dialect NT LM 0.12) + CAP_RAW_MODE = 0x00000001 + CAP_MPX_MODE = 0x0002 + CAP_UNICODE = 0x0004 + CAP_LARGE_FILES = 0x0008 + CAP_EXTENDED_SECURITY = 0x80000000 + CAP_USE_NT_ERRORS = 0x40 + CAP_NT_SMBS = 0x10 + CAP_LARGE_READX = 0x00004000 + CAP_LARGE_WRITEX = 0x00008000 + CAP_RPC_REMOTE_APIS = 0x20 + + # Flags1 Mask + FLAGS1_LOCK_AND_READ_OK = 0x01 + FLAGS1_PATHCASELESS = 0x08 + FLAGS1_CANONICALIZED_PATHS = 0x10 + FLAGS1_REPLY = 0x80 + + # Flags2 Mask + FLAGS2_LONG_NAMES = 0x0001 + FLAGS2_EAS = 0x0002 + FLAGS2_SMB_SECURITY_SIGNATURE = 0x0004 + FLAGS2_IS_LONG_NAME = 0x0040 + FLAGS2_DFS = 0x1000 + FLAGS2_PAGING_IO = 0x2000 + FLAGS2_NT_STATUS = 0x4000 + FLAGS2_UNICODE = 0x8000 + FLAGS2_COMPRESSED = 0x0008 + FLAGS2_SMB_SECURITY_SIGNATURE_REQUIRED = 0x0010 + FLAGS2_EXTENDED_SECURITY = 0x0800 + + # Dialect's Security Mode flags + NEGOTIATE_USER_SECURITY = 0x01 + NEGOTIATE_ENCRYPT_PASSWORDS = 0x02 + NEGOTIATE_SECURITY_SIGNATURE_ENABLE = 0x04 + NEGOTIATE_SECURITY_SIGNATURE_REQUIRED = 0x08 + + # Tree Connect AndX Response optionalSuppor flags + SMB_SUPPORT_SEARCH_BITS = 0x01 + SMB_SHARE_IS_IN_DFS = 0x02 + + def __init__(self, remote_name, remote_host, my_name = None, host_type = nmb.TYPE_SERVER, sess_port = 445, timeout=None, UDP = 0, session = None, negPacket = None): + # The uid attribute will be set when the client calls the login() method + self._uid = 0 + self.__server_name = '' + self.__server_os = '' + self.__server_os_major = None + self.__server_os_minor = None + self.__server_os_build = None + self.__server_lanman = '' + self.__server_domain = '' + self.__server_dns_domain_name = '' + self.__remote_name = string.upper(remote_name) + self.__remote_host = remote_host + self.__isNTLMv2 = True + self._dialects_parameters = None + self._dialects_data = None + # Credentials + self.__userName = '' + self.__password = '' + self.__domain = '' + self.__lmhash = '' + self.__nthash = '' + self.__aesKey = '' + self.__kdc = '' + self.__TGT = None + self.__TGS = None + + # Negotiate Protocol Result, used everywhere + # Could be extended or not, flags should be checked before + self._dialect_data = 0 + self._dialect_parameters = 0 + self._action = 0 + self._sess = None + self.encrypt_passwords = True + self.tid = 0 + self.fid = 0 + + # Signing stuff + self._SignSequenceNumber = 0 + self._SigningSessionKey = '' + self._SigningChallengeResponse = '' + self._SignatureEnabled = False + self._SignatureVerificationEnabled = False + self._SignatureRequired = False + + # Base flags (default flags, can be overriden using set_flags()) + self.__flags1 = SMB.FLAGS1_PATHCASELESS | SMB.FLAGS1_CANONICALIZED_PATHS + self.__flags2 = SMB.FLAGS2_EXTENDED_SECURITY | SMB.FLAGS2_NT_STATUS | SMB.FLAGS2_LONG_NAMES + + if timeout is None: + self.__timeout = 60 + else: + self.__timeout = timeout + + # If port 445 and the name sent is *SMBSERVER we're setting the name to the IP. + # This is to help some old applications still believing + # *SMSBSERVER will work against modern OSes. If port is NETBIOS_SESSION_PORT the user better + # know about *SMBSERVER's limitations + if sess_port == 445 and remote_name == '*SMBSERVER': + self.__remote_name = remote_host + + if session is None: + if not my_name: + my_name = socket.gethostname() + i = string.find(my_name, '.') + if i > -1: + my_name = my_name[:i] + + if UDP: + self._sess = nmb.NetBIOSUDPSession(my_name, remote_name, remote_host, host_type, sess_port, self.__timeout) + else: + self._sess = nmb.NetBIOSTCPSession(my_name, remote_name, remote_host, host_type, sess_port, self.__timeout) + + # Initialize session values (_dialect_data and _dialect_parameters) + self.neg_session() + + # Call login() without any authentication information to + # setup a session if the remote server + # is in share mode. + if (self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_SHARE: + self.login('', '') + else: + self._sess = session + self.neg_session(negPacket = negPacket) + # Call login() without any authentication information to + # setup a session if the remote server + # is in share mode. + if (self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_SHARE: + self.login('', '') + + @staticmethod + def ntlm_supported(): + return False + + def get_remote_name(self): + return self.__remote_name + + def get_remote_host(self): + return self.__remote_host + + def get_flags(self): + return self.__flags1, self.__flags2 + + def set_flags(self, flags1=None, flags2=None): + if flags1 is not None: + self.__flags1 = flags1 + if flags2 is not None: + self.__flags2 = flags2 + + def set_timeout(self, timeout): + prev_timeout = self.__timeout + self.__timeout = timeout + return prev_timeout + + def get_timeout(self): + return self.__timeout + + @contextmanager + def use_timeout(self, timeout): + prev_timeout = self.set_timeout(timeout) + try: + yield + finally: + self.set_timeout(prev_timeout) + + def get_session(self): + return self._sess + + def get_tid(self): + return self.tid + + def get_fid(self): + return self.fid + + def isGuestSession(self): + return self._action & SMB_SETUP_GUEST + + def doesSupportNTLMv2(self): + return self.__isNTLMv2 + + def __del__(self): + if self._sess: + self._sess.close() + + def recvSMB(self): + r = self._sess.recv_packet(self.__timeout) + return NewSMBPacket(data = r.get_trailer()) + + @staticmethod + def __decode_trans(params, data): + totparamcnt, totdatacnt, _, paramcnt, paramoffset, paramds, datacnt, dataoffset, datads, setupcnt = unpack('<HHHHHHHHHB', params[:19]) + if paramcnt + paramds < totparamcnt or datacnt + datads < totdatacnt: + has_more = 1 + else: + has_more = 0 + paramoffset = paramoffset - 55 - setupcnt * 2 + dataoffset = dataoffset - 55 - setupcnt * 2 + return has_more, params[20:20 + setupcnt * 2], data[paramoffset:paramoffset + paramcnt], data[dataoffset:dataoffset + datacnt] + + # TODO: Move this to NewSMBPacket, it belongs there + def signSMB(self, packet, signingSessionKey, signingChallengeResponse): + # This logic MUST be applied for messages sent in response to any of the higher-layer actions and in + # compliance with the message sequencing rules. + # * The client or server that sends the message MUST provide the 32-bit sequence number for this + # message, as specified in sections 3.2.4.1 and 3.3.4.1. + # * The SMB_FLAGS2_SMB_SECURITY_SIGNATURE flag in the header MUST be set. + # * To generate the signature, a 32-bit sequence number is copied into the + # least significant 32 bits of the SecuritySignature field and the remaining + # 4 bytes are set to 0x00. + # * The MD5 algorithm, as specified in [RFC1321], MUST be used to generate a hash of the SMB + # message from the start of the SMB Header, which is defined as follows. + # CALL MD5Init( md5context ) + # CALL MD5Update( md5context, Connection.SigningSessionKey ) + # CALL MD5Update( md5context, Connection.SigningChallengeResponse ) + # CALL MD5Update( md5context, SMB message ) + # CALL MD5Final( digest, md5context ) + # SET signature TO the first 8 bytes of the digest + # The resulting 8-byte signature MUST be copied into the SecuritySignature field of the SMB Header, + # after which the message can be transmitted. + + #print "seq(%d) signingSessionKey %r, signingChallengeResponse %r" % (self._SignSequenceNumber, signingSessionKey, signingChallengeResponse) + packet['SecurityFeatures'] = pack('<q',self._SignSequenceNumber) + # Sign with the sequence + m = hashlib.md5() + m.update( signingSessionKey ) + m.update( signingChallengeResponse ) + m.update( str(packet) ) + # Replace sequence with acual hash + packet['SecurityFeatures'] = m.digest()[:8] + if self._SignatureVerificationEnabled: + self._SignSequenceNumber +=1 + else: + self._SignSequenceNumber +=2 + + def checkSignSMB(self, packet, signingSessionKey, signingChallengeResponse): + # Let's check + signature = packet['SecurityFeatures'] + #print "Signature received: %r " % signature + self.signSMB(packet, signingSessionKey, signingChallengeResponse) + #print "Signature calculated: %r" % packet['SecurityFeatures'] + if self._SignatureVerificationEnabled is not True: + self._SignSequenceNumber -= 1 + return packet['SecurityFeatures'] == signature + + def sendSMB(self,smb): + smb['Uid'] = self._uid + #At least on AIX, PIDs can exceed 16 bits, so we mask them out + smb['Pid'] = (os.getpid() & 0xFFFF) + # set flags + smb['Flags1'] |= self.__flags1 + smb['Flags2'] |= self.__flags2 + if self._SignatureEnabled: + smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE + self.signSMB(smb, self._SigningSessionKey, self._SigningChallengeResponse) + + self._sess.send_packet(str(smb)) + + @staticmethod + def isValidAnswer(s, cmd): + while 1: + if s.rawData(): + if s.get_command() == cmd: + if s.get_error_class() == 0x00 and s.get_error_code() == 0x00: + return 1 + else: + raise SessionError, ( "SMB Library Error", s.get_error_class()+ (s.get_reserved() << 8), s.get_error_code() , s.get_flags2() & SMB.FLAGS2_NT_STATUS ) + else: + break + return 0 + + def neg_session(self, extended_security = True, negPacket = None): + def parsePacket(smb): + if smb.isValidAnswer(SMB.SMB_COM_NEGOTIATE): + sessionResponse = SMBCommand(smb['Data'][0]) + self._dialects_parameters = SMBNTLMDialect_Parameters(sessionResponse['Parameters']) + self._dialects_data = SMBNTLMDialect_Data() + self._dialects_data['ChallengeLength'] = self._dialects_parameters['ChallengeLength'] + self._dialects_data.fromString(sessionResponse['Data']) + if self._dialects_parameters['Capabilities'] & SMB.CAP_EXTENDED_SECURITY: + # Whether we choose it or it is enforced by the server, we go for extended security + self._dialects_parameters = SMBExtended_Security_Parameters(sessionResponse['Parameters']) + self._dialects_data = SMBExtended_Security_Data(sessionResponse['Data']) + # Let's setup some variable for later use + if self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SIGNATURES_REQUIRED: + self._SignatureRequired = True + + # Interestingly, the security Blob might be missing sometimes. + #spnego = SPNEGO_NegTokenInit(self._dialects_data['SecurityBlob']) + #for i in spnego['MechTypes']: + # print "Mech Found: %s" % MechTypes[i] + return 1 + + # If not, let's try the old way + else: + if self._dialects_data['ServerName'] is not None: + self.__server_name = self._dialects_data['ServerName'] + + if self._dialects_parameters['DialectIndex'] == 0xffff: + raise UnsupportedFeature,"Remote server does not know NT LM 0.12" + return 1 + else: + return 0 + + if negPacket is None: + smb = NewSMBPacket() + negSession = SMBCommand(SMB.SMB_COM_NEGOTIATE) + flags2 = self.get_flags()[1] + if extended_security is True: + self.set_flags(flags2=flags2|SMB.FLAGS2_EXTENDED_SECURITY) + else: + self.set_flags(flags2=flags2 & (~SMB.FLAGS2_EXTENDED_SECURITY)) + + negSession['Data'] = '\x02NT LM 0.12\x00' + smb.addCommand(negSession) + self.sendSMB(smb) + + while 1: + smb = self.recvSMB() + return parsePacket(smb) + else: + + return parsePacket( NewSMBPacket( data = negPacket)) + + def tree_connect(self, path, password = '', service = SERVICE_ANY): + LOG.warning("[MS-CIFS] This is an original Core Protocol command.This command has been deprecated.Client Implementations SHOULD use SMB_COM_TREE_CONNECT_ANDX") + + # return 0x800 + if password: + # Password is only encrypted if the server passed us an "encryption" during protocol dialect + if self._dialects_parameters['ChallengeLength'] > 0: + # this code is untested + password = self.get_ntlmv1_response(ntlm.compute_lmhash(password)) + + if not unicode_support: + if unicode_convert: + path = str(path) + else: + raise Exception('SMB: Can\t conver path from unicode!') + + smb = NewSMBPacket() + treeConnect = SMBCommand(SMB.SMB_COM_TREE_CONNECT) + treeConnect['Parameters'] = SMBTreeConnect_Parameters() + treeConnect['Data'] = SMBTreeConnect_Data() + treeConnect['Data']['Path'] = path.upper() + treeConnect['Data']['Password'] = password + treeConnect['Data']['Service'] = service + smb.addCommand(treeConnect) + self.sendSMB(smb) + + while 1: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_TREE_CONNECT): + # XXX Here we are ignoring the rest of the response + return smb['Tid'] + return smb['Tid'] + + def get_uid(self): + return self._uid + + def set_uid(self, uid): + self._uid = uid + + def tree_connect_andx(self, path, password = None, service = SERVICE_ANY, smb_packet=None): + if password: + # Password is only encrypted if the server passed us an "encryption" during protocol dialect + if self._dialects_parameters['ChallengeLength'] > 0: + # this code is untested + password = self.get_ntlmv1_response(ntlm.compute_lmhash(password)) + else: + password = '\x00' + + if not unicode_support: + if unicode_convert: + path = str(path) + else: + raise Exception('SMB: Can\t convert path from unicode!') + + if smb_packet is None: + smb = NewSMBPacket() + else: + smb = smb_packet + + # Just in case this came with the full path ,let's just leave + # the sharename, we'll take care of the rest + + share = path.split('\\')[-1] + try: + _, _, _, _, sockaddr = socket.getaddrinfo(self.get_remote_host(), 80, 0, 0, socket.IPPROTO_TCP)[0] + remote_host = sockaddr[0] + except Exception: + remote_host = self.get_remote_host() + + path = '\\\\' + remote_host + '\\' +share + path = path.upper().encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else path + + treeConnect = SMBCommand(SMB.SMB_COM_TREE_CONNECT_ANDX) + treeConnect['Parameters'] = SMBTreeConnectAndX_Parameters() + treeConnect['Data'] = SMBTreeConnectAndX_Data(flags=self.__flags2) + treeConnect['Parameters']['PasswordLength'] = len(password) + treeConnect['Data']['Password'] = password + treeConnect['Data']['Path'] = path + treeConnect['Data']['Service'] = service + + if self.__flags2 & SMB.FLAGS2_UNICODE: + treeConnect['Data']['Pad'] = 0x0 + + smb.addCommand(treeConnect) + + # filename = "\PIPE\epmapper" + + # ntCreate = SMBCommand(SMB.SMB_COM_NT_CREATE_ANDX) + # ntCreate['Parameters'] = SMBNtCreateAndX_Parameters() + # ntCreate['Data'] = SMBNtCreateAndX_Data() + # ntCreate['Parameters']['FileNameLength'] = len(filename) + # ntCreate['Parameters']['CreateFlags'] = 0 + # ntCreate['Parameters']['AccessMask'] = 0x3 + # ntCreate['Parameters']['CreateOptions'] = 0x0 + # ntCreate['Data']['FileName'] = filename + + # smb.addCommand(ntCreate) + self.sendSMB(smb) + + while 1: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_TREE_CONNECT_ANDX): + # XXX Here we are ignoring the rest of the response + self.tid = smb['Tid'] + return self.tid + self.tid = smb['Tid'] + return self.tid + + # backwars compatibility + connect_tree = tree_connect_andx + + @staticmethod + def getDialect(): + return SMB_DIALECT + + def get_server_name(self): + #return self._dialects_data['ServerName'] + return self.__server_name + + def get_session_key(self): + return self._SigningSessionKey + + def set_session_key(self, key): + self._SigningSessionKey = key + + def get_encryption_key(self): + if self._dialects_data.fields.has_key('Challenge'): + return self._dialects_data['Challenge'] + else: + return None + + def get_server_time(self): + timestamp = self._dialects_parameters['HighDateTime'] + timestamp <<= 32 + timestamp |= self._dialects_parameters['LowDateTime'] + timestamp -= 116444736000000000 + timestamp /= 10000000 + d = datetime.datetime.utcfromtimestamp(timestamp) + return d.strftime("%a, %d %b %Y %H:%M:%S GMT") + + def disconnect_tree(self, tid): + smb = NewSMBPacket() + smb['Tid'] = tid + + smb.addCommand(SMBCommand(SMB.SMB_COM_TREE_DISCONNECT)) + + self.sendSMB(smb) + self.recvSMB() + + def open(self, tid, filename, open_mode, desired_access): + filename = string.replace(filename,'/', '\\') + filename = filename.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else filename + + smb = NewSMBPacket() + smb['Tid'] = tid + + openFile = SMBCommand(SMB.SMB_COM_OPEN) + openFile['Parameters'] = SMBOpen_Parameters() + openFile['Parameters']['DesiredAccess'] = desired_access + openFile['Parameters']['OpenMode'] = open_mode + openFile['Parameters']['SearchAttributes'] = ATTR_READONLY | ATTR_HIDDEN | ATTR_ARCHIVE + openFile['Data'] = SMBOpen_Data(flags=self.__flags2) + openFile['Data']['FileName'] = filename + + if self.__flags2 & SMB.FLAGS2_UNICODE: + openFile['Data']['Pad'] = 0x0 + + smb.addCommand(openFile) + + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_OPEN): + # XXX Here we are ignoring the rest of the response + openFileResponse = SMBCommand(smb['Data'][0]) + openFileParameters = SMBOpenResponse_Parameters(openFileResponse['Parameters']) + + return ( + openFileParameters['Fid'], + openFileParameters['FileAttributes'], + openFileParameters['LastWriten'], + openFileParameters['FileSize'], + openFileParameters['GrantedAccess'], + ) + + def open_andx(self, tid, filename, open_mode, desired_access): + filename = string.replace(filename,'/', '\\') + filename = filename.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else filename + + smb = NewSMBPacket() + smb['Tid'] = tid + + openFile = SMBCommand(SMB.SMB_COM_OPEN_ANDX) + openFile['Parameters'] = SMBOpenAndX_Parameters() + openFile['Parameters']['DesiredAccess'] = desired_access + openFile['Parameters']['OpenMode'] = open_mode + openFile['Parameters']['SearchAttributes'] = ATTR_READONLY | ATTR_HIDDEN | ATTR_ARCHIVE + openFile['Data'] = SMBOpenAndX_Data(flags=self.__flags2) + openFile['Data']['FileName'] = filename + + if self.__flags2 & SMB.FLAGS2_UNICODE: + openFile['Data']['Pad'] = 0x0 + + smb.addCommand(openFile) + + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_OPEN_ANDX): + # XXX Here we are ignoring the rest of the response + openFileResponse = SMBCommand(smb['Data'][0]) + openFileParameters = SMBOpenAndXResponse_Parameters(openFileResponse['Parameters']) + + return ( + openFileParameters['Fid'], + openFileParameters['FileAttributes'], + openFileParameters['LastWriten'], + openFileParameters['FileSize'], + openFileParameters['GrantedAccess'], + openFileParameters['FileType'], + openFileParameters['IPCState'], + openFileParameters['Action'], + openFileParameters['ServerFid'], + ) + + def close(self, tid, fid): + smb = NewSMBPacket() + smb['Tid'] = tid + + closeFile = SMBCommand(SMB.SMB_COM_CLOSE) + closeFile['Parameters'] = SMBClose_Parameters() + closeFile['Parameters']['FID'] = fid + smb.addCommand(closeFile) + + self.sendSMB(smb) + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_CLOSE): + return 1 + return 0 + + def send_trans(self, tid, setup, name, param, data, noAnswer = 0): + smb = NewSMBPacket() + smb['Tid'] = tid + + transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION) + transCommand['Parameters'] = SMBTransaction_Parameters() + transCommand['Data'] = SMBTransaction_Data() + + transCommand['Parameters']['Setup'] = setup + transCommand['Parameters']['TotalParameterCount'] = len(param) + transCommand['Parameters']['TotalDataCount'] = len(data) + + transCommand['Parameters']['ParameterCount'] = len(param) + transCommand['Parameters']['ParameterOffset'] = 32+3+28+len(setup)+len(name) + + transCommand['Parameters']['DataCount'] = len(data) + transCommand['Parameters']['DataOffset'] = transCommand['Parameters']['ParameterOffset'] + len(param) + + transCommand['Data']['Name'] = name + transCommand['Data']['Trans_Parameters'] = param + transCommand['Data']['Trans_Data'] = data + + if noAnswer: + transCommand['Parameters']['Flags'] = TRANS_NO_RESPONSE + + smb.addCommand(transCommand) + + self.sendSMB(smb) + + def send_trans2(self, tid, setup, name, param, data): + smb = NewSMBPacket() + smb['Tid'] = tid + + command = pack('<H', setup) + + transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION2) + transCommand['Parameters'] = SMBTransaction2_Parameters() + transCommand['Parameters']['MaxDataCount'] = self._dialects_parameters['MaxBufferSize'] + transCommand['Data'] = SMBTransaction2_Data() + + transCommand['Parameters']['Setup'] = command + transCommand['Parameters']['TotalParameterCount'] = len(param) + transCommand['Parameters']['TotalDataCount'] = len(data) + + if len(param) > 0: + padLen = (4 - (32+2+28 + len(command)) % 4 ) % 4 + padBytes = '\xFF' * padLen + transCommand['Data']['Pad1'] = padBytes + else: + transCommand['Data']['Pad1'] = '' + padLen = 0 + + transCommand['Parameters']['ParameterCount'] = len(param) + transCommand['Parameters']['ParameterOffset'] = 32+2+28+len(command)+len(name) + padLen + + if len(data) > 0: + pad2Len = (4 - (32+2+28 + len(command) + padLen + len(param)) % 4) % 4 + transCommand['Data']['Pad2'] = '\xFF' * pad2Len + else: + transCommand['Data']['Pad2'] = '' + pad2Len = 0 + + transCommand['Parameters']['DataCount'] = len(data) + transCommand['Parameters']['DataOffset'] = transCommand['Parameters']['ParameterOffset'] + len(param) + pad2Len + + transCommand['Data']['Name'] = name + transCommand['Data']['Trans_Parameters'] = param + transCommand['Data']['Trans_Data'] = data + smb.addCommand(transCommand) + + self.sendSMB(smb) + + def query_file_info(self, tid, fid, fileInfoClass = SMB_QUERY_FILE_STANDARD_INFO): + self.send_trans2(tid, SMB.TRANS2_QUERY_FILE_INFORMATION, '\x00', pack('<HH', fid, fileInfoClass), '') + + resp = self.recvSMB() + if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2): + trans2Response = SMBCommand(resp['Data'][0]) + trans2Parameters = SMBTransaction2Response_Parameters(trans2Response['Parameters']) + # Remove Potential Prefix Padding + return trans2Response['Data'][-trans2Parameters['TotalDataCount']:] + + def __nonraw_retr_file(self, tid, fid, offset, datasize, callback): + if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_READX) and self._SignatureEnabled is False: + max_buf_size = 65000 + else: + max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff # Read in multiple KB blocks + + read_offset = offset + while read_offset < datasize: + data = self.read_andx(tid, fid, read_offset, max_buf_size) + + callback(data) + read_offset += len(data) + + def __nonraw_stor_file(self, tid, fid, offset, datasize, callback): + if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_WRITEX) and self._SignatureEnabled is False: + max_buf_size = 65000 + else: + max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff # Write in multiple KB blocks + + write_offset = offset + while 1: + data = callback(max_buf_size) + if not data: + break + + smb = self.write_andx(tid,fid,data, write_offset) + writeResponse = SMBCommand(smb['Data'][0]) + writeResponseParameters = SMBWriteAndXResponse_Parameters(writeResponse['Parameters']) + write_offset += writeResponseParameters['Count'] + + def get_server_domain(self): + return self.__server_domain + + def get_server_dns_domain_name(self): + return self.__server_dns_domain_name + + def get_server_os(self): + return self.__server_os + + def get_server_os_major(self): + return self.__server_os_major + + def get_server_os_minor(self): + return self.__server_os_minor + + def get_server_os_build(self): + return self.__server_os_build + + def set_server_os(self, os): + self.__server_os = os + + def get_server_lanman(self): + return self.__server_lanman + + def is_login_required(self): + # Login is required if share mode is user. + # Otherwise only public services or services in share mode + # are allowed. + return (self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SHARE_MASK) == SMB.SECURITY_SHARE_USER + + def is_signing_required(self): + return self._SignatureRequired + + def get_ntlmv1_response(self, key): + challenge = self._dialects_data['Challenge'] + return ntlm.get_ntlmv1_response(key, challenge) + + def kerberos_login(self, user, password, domain = '', lmhash = '', nthash = '', aesKey = '', kdcHost = '', TGT=None, TGS=None): + # Importing down here so pyasn1 is not required if kerberos is not used. + from impacket.krb5.asn1 import AP_REQ, Authenticator, TGS_REP, seq_set + from impacket.krb5.kerberosv5 import getKerberosTGT, getKerberosTGS + from impacket.krb5 import constants + from impacket.krb5.types import Principal, KerberosTime, Ticket + from pyasn1.codec.der import decoder, encoder + import datetime + + # login feature does not support unicode + # disable it if enabled + flags2 = self.__flags2 + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE) + + # If TGT or TGS are specified, they are in the form of: + # TGS['KDC_REP'] = the response from the server + # TGS['cipher'] = the cipher used + # TGS['sessionKey'] = the sessionKey + # If we have hashes, normalize them + if lmhash != '' or nthash != '': + if len(lmhash) % 2: lmhash = '0%s' % lmhash + if len(nthash) % 2: nthash = '0%s' % nthash + try: # just in case they were converted already + lmhash = a2b_hex(lmhash) + nthash = a2b_hex(nthash) + except: + pass + + self.__userName = user + self.__password = password + self.__domain = domain + self.__lmhash = lmhash + self.__nthash = nthash + self.__aesKey = aesKey + self.__kdc = kdcHost + self.__TGT = TGT + self.__TGS = TGS + + # First of all, we need to get a TGT for the user + userName = Principal(user, type=constants.PrincipalNameType.NT_PRINCIPAL.value) + if TGT is None: + if TGS is None: + tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost) + else: + tgt = TGT['KDC_REP'] + cipher = TGT['cipher'] + sessionKey = TGT['sessionKey'] + + # Now that we have the TGT, we should ask for a TGS for cifs + + if TGS is None: + serverName = Principal('cifs/%s' % self.__remote_name, type=constants.PrincipalNameType.NT_SRV_INST.value) + tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey) + else: + tgs = TGS['KDC_REP'] + cipher = TGS['cipher'] + sessionKey = TGS['sessionKey'] + + smb = NewSMBPacket() + + # Are we required to sign SMB? If so we do it, if not we skip it + if self._SignatureRequired: + smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE + + + sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) + sessionSetup['Parameters'] = SMBSessionSetupAndX_Extended_Parameters() + sessionSetup['Data'] = SMBSessionSetupAndX_Extended_Data() + + sessionSetup['Parameters']['MaxBufferSize'] = 61440 + sessionSetup['Parameters']['MaxMpxCount'] = 2 + sessionSetup['Parameters']['VcNumber'] = 1 + sessionSetup['Parameters']['SessionKey'] = 0 + sessionSetup['Parameters']['Capabilities'] = SMB.CAP_EXTENDED_SECURITY | SMB.CAP_USE_NT_ERRORS | SMB.CAP_UNICODE | SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX + + + # Let's build a NegTokenInit with the NTLMSSP + # TODO: In the future we should be able to choose different providers + + blob = SPNEGO_NegTokenInit() + + # Kerberos v5 mech + blob['MechTypes'] = [TypesMech['MS KRB5 - Microsoft Kerberos 5']] + + # Let's extract the ticket from the TGS + tgs = decoder.decode(tgs, asn1Spec = TGS_REP())[0] + ticket = Ticket() + ticket.from_asn1(tgs['ticket']) + + # Now let's build the AP_REQ + apReq = AP_REQ() + apReq['pvno'] = 5 + apReq['msg-type'] = int(constants.ApplicationTagNumbers.AP_REQ.value) + + opts = list() + apReq['ap-options'] = constants.encodeFlags(opts) + seq_set(apReq,'ticket', ticket.to_asn1) + + authenticator = Authenticator() + authenticator['authenticator-vno'] = 5 + authenticator['crealm'] = domain + seq_set(authenticator, 'cname', userName.components_to_asn1) + now = datetime.datetime.utcnow() + + authenticator['cusec'] = now.microsecond + authenticator['ctime'] = KerberosTime.to_asn1(now) + + encodedAuthenticator = encoder.encode(authenticator) + + # Key Usage 11 + # AP-REQ Authenticator (includes application authenticator + # subkey), encrypted with the application session key + # (Section 5.5.1) + encryptedEncodedAuthenticator = cipher.encrypt(sessionKey, 11, encodedAuthenticator, None) + + apReq['authenticator'] = None + apReq['authenticator']['etype'] = cipher.enctype + apReq['authenticator']['cipher'] = encryptedEncodedAuthenticator + + blob['MechToken'] = encoder.encode(apReq) + + sessionSetup['Parameters']['SecurityBlobLength'] = len(blob) + sessionSetup['Parameters'].getData() + sessionSetup['Data']['SecurityBlob'] = blob.getData() + + # Fake Data here, don't want to get us fingerprinted + sessionSetup['Data']['NativeOS'] = 'Unix' + sessionSetup['Data']['NativeLanMan'] = 'Samba' + + smb.addCommand(sessionSetup) + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX): + # We will need to use this uid field for all future requests/responses + self._uid = smb['Uid'] + + # Now we have to extract the blob to continue the auth process + sessionResponse = SMBCommand(smb['Data'][0]) + sessionParameters = SMBSessionSetupAndX_Extended_Response_Parameters(sessionResponse['Parameters']) + sessionData = SMBSessionSetupAndX_Extended_Response_Data(flags = smb['Flags2']) + sessionData['SecurityBlobLength'] = sessionParameters['SecurityBlobLength'] + sessionData.fromString(sessionResponse['Data']) + + self._action = sessionParameters['Action'] + # If smb sign required, let's enable it for the rest of the connection + if self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SIGNATURES_REQUIRED: + self._SigningSessionKey = sessionKey.contents + self._SignSequenceNumber = 2 + self._SignatureEnabled = True + + # restore unicode flag if needed + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 |= SMB.FLAGS2_UNICODE + + return 1 + else: + raise Exception('Error: Could not login successfully') + + def login_extended(self, user, password, domain = '', lmhash = '', nthash = '', use_ntlmv2 = True ): + + # login feature does not support unicode + # disable it if enabled + flags2 = self.__flags2 + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE) + + # Once everything's working we should join login methods into a single one + smb = NewSMBPacket() + # Are we required to sign SMB? If so we do it, if not we skip it + if self._SignatureRequired: + smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE + + sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) + sessionSetup['Parameters'] = SMBSessionSetupAndX_Extended_Parameters() + sessionSetup['Data'] = SMBSessionSetupAndX_Extended_Data() + + sessionSetup['Parameters']['MaxBufferSize'] = 61440 + sessionSetup['Parameters']['MaxMpxCount'] = 2 + sessionSetup['Parameters']['VcNumber'] = 1 + sessionSetup['Parameters']['SessionKey'] = 0 + sessionSetup['Parameters']['Capabilities'] = SMB.CAP_EXTENDED_SECURITY | SMB.CAP_USE_NT_ERRORS | SMB.CAP_UNICODE | SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX + + + # Let's build a NegTokenInit with the NTLMSSP + # TODO: In the future we should be able to choose different providers + + blob = SPNEGO_NegTokenInit() + + # NTLMSSP + blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']] + auth = ntlm.getNTLMSSPType1('','',self._SignatureRequired, use_ntlmv2 = use_ntlmv2) + blob['MechToken'] = str(auth) + + sessionSetup['Parameters']['SecurityBlobLength'] = len(blob) + sessionSetup['Parameters'].getData() + sessionSetup['Data']['SecurityBlob'] = blob.getData() + + # Fake Data here, don't want to get us fingerprinted + sessionSetup['Data']['NativeOS'] = 'Unix' + sessionSetup['Data']['NativeLanMan'] = 'Samba' + + smb.addCommand(sessionSetup) + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX): + # We will need to use this uid field for all future requests/responses + self._uid = smb['Uid'] + + # Now we have to extract the blob to continue the auth process + sessionResponse = SMBCommand(smb['Data'][0]) + sessionParameters = SMBSessionSetupAndX_Extended_Response_Parameters(sessionResponse['Parameters']) + sessionData = SMBSessionSetupAndX_Extended_Response_Data(flags = smb['Flags2']) + sessionData['SecurityBlobLength'] = sessionParameters['SecurityBlobLength'] + sessionData.fromString(sessionResponse['Data']) + respToken = SPNEGO_NegTokenResp(sessionData['SecurityBlob']) + + # Let's parse some data and keep it to ourselves in case it is asked + ntlmChallenge = ntlm.NTLMAuthChallenge(respToken['ResponseToken']) + if ntlmChallenge['TargetInfoFields_len'] > 0: + av_pairs = ntlm.AV_PAIRS(ntlmChallenge['TargetInfoFields'][:ntlmChallenge['TargetInfoFields_len']]) + if av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] is not None: + try: + self.__server_name = av_pairs[ntlm.NTLMSSP_AV_HOSTNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + if av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] is not None: + try: + if self.__server_name != av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le'): + self.__server_domain = av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + if av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] is not None: + try: + self.__server_dns_domain_name = av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + + # Parse Version to know the target Operating system name. Not provided elsewhere anymore + if ntlmChallenge.fields.has_key('Version'): + version = ntlmChallenge['Version'] + + if len(version) >= 4: + self.__server_os_major, self.__server_os_minor, self.__server_os_build = unpack('<BBH',version[:4]) + + type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth, respToken['ResponseToken'], user, password, domain, lmhash, nthash, use_ntlmv2 = use_ntlmv2) + + if exportedSessionKey is not None: + self._SigningSessionKey = exportedSessionKey + + smb = NewSMBPacket() + + # Are we required to sign SMB? If so we do it, if not we skip it + if self._SignatureRequired: + smb['Flags2'] |= SMB.FLAGS2_SMB_SECURITY_SIGNATURE + + respToken2 = SPNEGO_NegTokenResp() + respToken2['ResponseToken'] = str(type3) + + # Reusing the previous structure + sessionSetup['Parameters']['SecurityBlobLength'] = len(respToken2) + sessionSetup['Data']['SecurityBlob'] = respToken2.getData() + + # Storing some info for later use + self.__server_os = sessionData['NativeOS'] + self.__server_lanman = sessionData['NativeLanMan'] + + smb.addCommand(sessionSetup) + self.sendSMB(smb) + + smb = self.recvSMB() + self._uid = 0 + if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX): + self._uid = smb['Uid'] + sessionResponse = SMBCommand(smb['Data'][0]) + sessionParameters = SMBSessionSetupAndXResponse_Parameters(sessionResponse['Parameters']) + + self._action = sessionParameters['Action'] + # If smb sign required, let's enable it for the rest of the connection + if self._dialects_parameters['SecurityMode'] & SMB.SECURITY_SIGNATURES_REQUIRED: + self._SignSequenceNumber = 2 + self._SignatureEnabled = True + + # restore unicode flag if needed + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 |= SMB.FLAGS2_UNICODE + + return 1 + else: + raise Exception('Error: Could not login successfully') + + def getCredentials(self): + return ( + self.__userName, + self.__password, + self.__domain, + self.__lmhash, + self.__nthash, + self.__aesKey, + self.__TGT, + self.__TGS) + + def getIOCapabilities(self): + res = dict() + if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_READX) and self._SignatureEnabled is False: + max_size = 65000 + else: + max_size = self._dialects_parameters['MaxBufferSize'] # Read in multiple KB blocks + res['MaxReadSize'] = max_size + res['MaxWriteSize'] = max_size + return res + + def login(self, user, password, domain = '', lmhash = '', nthash = '', ntlm_fallback = True): + + # If we have hashes, normalize them + if lmhash != '' or nthash != '': + if len(lmhash) % 2: lmhash = '0%s' % lmhash + if len(nthash) % 2: nthash = '0%s' % nthash + try: # just in case they were converted already + lmhash = a2b_hex(lmhash) + nthash = a2b_hex(nthash) + except: + pass + + self.__userName = user + self.__password = password + self.__domain = domain + self.__lmhash = lmhash + self.__nthash = nthash + self.__aesKey = '' + self.__TGT = None + self.__TGS = None + + if self._dialects_parameters['Capabilities'] & SMB.CAP_EXTENDED_SECURITY: + try: + self.login_extended(user, password, domain, lmhash, nthash, use_ntlmv2 = True) + except: + # If the target OS is Windows 5.0 or Samba, let's try using NTLMv1 + if ntlm_fallback and ((self.get_server_lanman().find('Windows 2000') != -1) or (self.get_server_lanman().find('Samba') != -1)): + self.login_extended(user, password, domain, lmhash, nthash, use_ntlmv2 = False) + self.__isNTLMv2 = False + else: + raise + elif ntlm_fallback: + self.login_standard(user, password, domain, lmhash, nthash) + self.__isNTLMv2 = False + else: + raise SessionError('Cannot authenticate against target, enable ntlm_fallback') + + def login_standard(self, user, password, domain = '', lmhash = '', nthash = ''): + + # login feature does not support unicode + # disable it if enabled + flags2 = self.__flags2 + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 = flags2 & (flags2 ^ SMB.FLAGS2_UNICODE) + + # Only supports NTLMv1 + # Password is only encrypted if the server passed us an "encryption key" during protocol dialect negotiation + if self._dialects_parameters['ChallengeLength'] > 0: + if lmhash != '' or nthash != '': + pwd_ansi = self.get_ntlmv1_response(lmhash) + pwd_unicode = self.get_ntlmv1_response(nthash) + elif password: + lmhash = ntlm.compute_lmhash(password) + nthash = ntlm.compute_nthash(password) + pwd_ansi = self.get_ntlmv1_response(lmhash) + pwd_unicode = self.get_ntlmv1_response(nthash) + else: # NULL SESSION + pwd_ansi = '' + pwd_unicode = '' + else: + pwd_ansi = password + pwd_unicode = '' + + smb = NewSMBPacket() + + sessionSetup = SMBCommand(SMB.SMB_COM_SESSION_SETUP_ANDX) + sessionSetup['Parameters'] = SMBSessionSetupAndX_Parameters() + sessionSetup['Data'] = SMBSessionSetupAndX_Data() + + sessionSetup['Parameters']['MaxBuffer'] = 61440 + sessionSetup['Parameters']['MaxMpxCount'] = 2 + sessionSetup['Parameters']['VCNumber'] = os.getpid() + sessionSetup['Parameters']['SessionKey'] = self._dialects_parameters['SessionKey'] + sessionSetup['Parameters']['AnsiPwdLength'] = len(pwd_ansi) + sessionSetup['Parameters']['UnicodePwdLength'] = len(pwd_unicode) + sessionSetup['Parameters']['Capabilities'] = SMB.CAP_RAW_MODE | SMB.CAP_USE_NT_ERRORS | SMB.CAP_LARGE_READX | SMB.CAP_LARGE_WRITEX + + sessionSetup['Data']['AnsiPwd'] = pwd_ansi + sessionSetup['Data']['UnicodePwd'] = pwd_unicode + sessionSetup['Data']['Account'] = str(user) + sessionSetup['Data']['PrimaryDomain'] = str(domain) + sessionSetup['Data']['NativeOS'] = str(os.name) + sessionSetup['Data']['NativeLanMan'] = 'pysmb' + smb.addCommand(sessionSetup) + + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_SESSION_SETUP_ANDX): + # We will need to use this uid field for all future requests/responses + self._uid = smb['Uid'] + sessionResponse = SMBCommand(smb['Data'][0]) + sessionParameters = SMBSessionSetupAndXResponse_Parameters(sessionResponse['Parameters']) + sessionData = SMBSessionSetupAndXResponse_Data(flags = smb['Flags2'], data = sessionResponse['Data']) + + self._action = sessionParameters['Action'] + + # Still gotta figure out how to do this with no EXTENDED_SECURITY + if sessionParameters['Action'] & SMB_SETUP_USE_LANMAN_KEY == 0: + self._SigningChallengeResponse = sessionSetup['Data']['UnicodePwd'] + self._SigningSessionKey = nthash + else: + self._SigningChallengeResponse = sessionSetup['Data']['AnsiPwd'] + self._SigningSessionKey = lmhash + + #self._SignSequenceNumber = 1 + #self.checkSignSMB(smb, self._SigningSessionKey ,self._SigningChallengeResponse) + #self._SignatureEnabled = True + self.__server_os = sessionData['NativeOS'] + self.__server_lanman = sessionData['NativeLanMan'] + self.__server_domain = sessionData['PrimaryDomain'] + + # restore unicode flag if needed + if flags2 & SMB.FLAGS2_UNICODE: + self.__flags2 |= SMB.FLAGS2_UNICODE + + return 1 + else: raise Exception('Error: Could not login successfully') + + def waitNamedPipe(self, tid, pipe, timeout = 5, noAnswer = 0): + smb = NewSMBPacket() + smb['Tid'] = tid + + transCommand = SMBCommand(SMB.SMB_COM_TRANSACTION) + transCommand['Parameters'] = SMBTransaction_Parameters() + transCommand['Data'] = SMBTransaction_Data() + + setup = '\x53\x00\x00\x00' + name = '\\PIPE%s\x00' % pipe + transCommand['Parameters']['Setup'] = setup + transCommand['Parameters']['TotalParameterCount'] = 0 + transCommand['Parameters']['TotalDataCount'] = 0 + transCommand['Parameters']['MaxParameterCount'] = 0 + transCommand['Parameters']['MaxDataCount'] = 0 + transCommand['Parameters']['Timeout'] = timeout * 1000 + + transCommand['Parameters']['ParameterCount'] = 0 + transCommand['Parameters']['ParameterOffset'] = 32+3+28+len(setup)+len(name) + + transCommand['Parameters']['DataCount'] = 0 + transCommand['Parameters']['DataOffset'] = 0 + + transCommand['Data']['Name'] = name + transCommand['Data']['Trans_Parameters'] = '' + transCommand['Data']['Trans_Data'] = '' + + if noAnswer: + transCommand['Parameters']['Flags'] = TRANS_NO_RESPONSE + + smb.addCommand(transCommand) + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_TRANSACTION): + return 1 + return 0 + + def read(self, tid, fid, offset=0, max_size = None, wait_answer=1): + if not max_size: + max_size = self._dialects_parameters['MaxBufferSize'] # Read in multiple KB blocks + + # max_size is not working, because although it would, the server returns an error (More data avail) + + smb = NewSMBPacket() + smb['Tid'] = tid + + read = SMBCommand(SMB.SMB_COM_READ) + read['Parameters'] = SMBRead_Parameters() + read['Parameters']['Fid'] = fid + read['Parameters']['Offset'] = offset + read['Parameters']['Count'] = max_size + smb.addCommand(read) + + if wait_answer: + while 1: + self.sendSMB(smb) + ans = self.recvSMB() + + if ans.isValidAnswer(SMB.SMB_COM_READ): + readResponse = SMBCommand(ans['Data'][0]) + readData = SMBReadResponse_Data(readResponse['Data']) + + return readData['Data'] + + return None + + def read_andx(self, tid, fid, offset=0, max_size = None, wait_answer=1, smb_packet=None): + if not max_size: + if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_READX) and self._SignatureEnabled is False: + max_size = 65000 + else: + max_size = self._dialects_parameters['MaxBufferSize'] # Read in multiple KB blocks + + # max_size is not working, because although it would, the server returns an error (More data avail) + + if smb_packet is None: + smb = NewSMBPacket() + smb['Tid'] = tid + + readAndX = SMBCommand(SMB.SMB_COM_READ_ANDX) + readAndX['Parameters'] = SMBReadAndX_Parameters() + readAndX['Parameters']['Fid'] = fid + readAndX['Parameters']['Offset'] = offset + readAndX['Parameters']['MaxCount'] = max_size + smb.addCommand(readAndX) + else: + smb = smb_packet + + if wait_answer: + answer = '' + while 1: + self.sendSMB(smb) + ans = self.recvSMB() + + if ans.isValidAnswer(SMB.SMB_COM_READ_ANDX): + # XXX Here we are only using a few fields from the response + readAndXResponse = SMBCommand(ans['Data'][0]) + readAndXParameters = SMBReadAndXResponse_Parameters(readAndXResponse['Parameters']) + + offset = readAndXParameters['DataOffset'] + count = readAndXParameters['DataCount']+0x10000*readAndXParameters['DataCount_Hi'] + answer += str(ans)[offset:offset+count] + if not ans.isMoreData(): + return answer + max_size = min(max_size, readAndXParameters['Remaining']) + readAndX['Parameters']['Offset'] += count # XXX Offset is not important (apparently) + else: + self.sendSMB(smb) + ans = self.recvSMB() + + try: + if ans.isValidAnswer(SMB.SMB_COM_READ_ANDX): + return ans + else: + return None + except: + return ans + + return None + + def read_raw(self, tid, fid, offset=0, max_size = None, wait_answer=1): + if not max_size: + max_size = self._dialects_parameters['MaxBufferSize'] # Read in multiple KB blocks + + # max_size is not working, because although it would, the server returns an error (More data avail) + smb = NewSMBPacket() + smb['Tid'] = tid + + readRaw = SMBCommand(SMB.SMB_COM_READ_RAW) + readRaw['Parameters'] = SMBReadRaw_Parameters() + readRaw['Parameters']['Fid'] = fid + readRaw['Parameters']['Offset'] = offset + readRaw['Parameters']['MaxCount'] = max_size + smb.addCommand(readRaw) + + self.sendSMB(smb) + if wait_answer: + data = self._sess.recv_packet(self.__timeout).get_trailer() + if not data: + # If there is no data it means there was an error + data = self.read_andx(tid, fid, offset, max_size) + return data + + return None + + def write(self,tid,fid,data, offset = 0, wait_answer=1): + smb = NewSMBPacket() + smb['Tid'] = tid + + write = SMBCommand(SMB.SMB_COM_WRITE) + write['Parameters'] = SMBWrite_Parameters() + write['Data'] = SMBWrite_Data() + write['Parameters']['Fid'] = fid + write['Parameters']['Count'] = len(data) + write['Parameters']['Offset'] = offset + write['Parameters']['Remaining'] = len(data) + write['Data']['Data'] = data + smb.addCommand(write) + + self.sendSMB(smb) + + if wait_answer: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_WRITE): + return smb + return None + + def write_andx(self,tid,fid,data, offset = 0, wait_answer=1, write_pipe_mode = False, smb_packet=None): + if smb_packet is None: + smb = NewSMBPacket() + smb['Tid'] = tid + + writeAndX = SMBCommand(SMB.SMB_COM_WRITE_ANDX) + smb.addCommand(writeAndX) + + writeAndX['Parameters'] = SMBWriteAndX_Parameters() + writeAndX['Parameters']['Fid'] = fid + writeAndX['Parameters']['Offset'] = offset + writeAndX['Parameters']['WriteMode'] = 8 + writeAndX['Parameters']['Remaining'] = len(data) + writeAndX['Parameters']['DataLength'] = len(data) + writeAndX['Parameters']['DataOffset'] = len(smb) # this length already includes the parameter + writeAndX['Data'] = data + + if write_pipe_mode is True: + # First of all we gotta know what the MaxBuffSize is + maxBuffSize = self._dialects_parameters['MaxBufferSize'] + if len(data) > maxBuffSize: + chunks_size = maxBuffSize - 60 + writeAndX['Parameters']['WriteMode'] = 0x0c + sendData = '\xff\xff' + data + totalLen = len(sendData) + writeAndX['Parameters']['DataLength'] = chunks_size + writeAndX['Parameters']['Remaining'] = totalLen-2 + writeAndX['Data'] = sendData[:chunks_size] + + self.sendSMB(smb) + if wait_answer: + smbResp = self.recvSMB() + smbResp.isValidAnswer(SMB.SMB_COM_WRITE_ANDX) + + alreadySent = chunks_size + sendData = sendData[chunks_size:] + + while alreadySent < totalLen: + writeAndX['Parameters']['WriteMode'] = 0x04 + writeAndX['Parameters']['DataLength'] = len(sendData[:chunks_size]) + writeAndX['Data'] = sendData[:chunks_size] + self.sendSMB(smb) + if wait_answer: + smbResp = self.recvSMB() + smbResp.isValidAnswer(SMB.SMB_COM_WRITE_ANDX) + alreadySent += writeAndX['Parameters']['DataLength'] + sendData = sendData[chunks_size:] + + return smbResp + + else: + smb = smb_packet + + self.sendSMB(smb) + + if wait_answer: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_WRITE_ANDX): + return smb + return None + + def write_raw(self,tid,fid,data, offset = 0, wait_answer=1): + LOG.warning("[MS-CIFS] This command was introduced in the CorePlus dialect, but is often listed as part of the LAN Manager 1.0 dialect.This command has been deprecated.Clients SHOULD use SMB_COM_WRITE_ANDX") + smb = NewSMBPacket() + smb['Tid'] = tid + + writeRaw = SMBCommand(SMB.SMB_COM_WRITE_RAW) + writeRaw['Parameters'] = SMBWriteRaw_Parameters() + writeRaw['Parameters']['Fid'] = fid + writeRaw['Parameters']['Offset'] = offset + writeRaw['Parameters']['Count'] = len(data) + writeRaw['Parameters']['DataLength'] = 0 + writeRaw['Parameters']['DataOffset'] = 0 + smb.addCommand(writeRaw) + + self.sendSMB(smb) + self._sess.send_packet(data) + + if wait_answer: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_WRITE_RAW): + return smb + return None + + def TransactNamedPipe(self, tid, fid, data = '', noAnswer = 0, waitAnswer = 1, offset = 0): + self.send_trans(tid,pack('<HH', 0x26, fid),'\\PIPE\\\x00','',data, noAnswer = noAnswer) + + if noAnswer or not waitAnswer: + return + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_TRANSACTION): + transResponse = SMBCommand(smb['Data'][0]) + transParameters = SMBTransactionResponse_Parameters(transResponse['Parameters']) + return transResponse['Data'][-transParameters['TotalDataCount']:] # Remove Potential Prefix Padding + return None + + def TransactNamedPipeRecv(self): + s = self.recvSMB() + if s.isValidAnswer(SMB.SMB_COM_TRANSACTION): + transResponse = SMBCommand(s['Data'][0]) + transParameters = SMBTransactionResponse_Parameters(transResponse['Parameters']) + return transResponse['Data'][-transParameters['TotalDataCount']:] # Remove Potential Prefix Padding + return None + + def nt_create_andx(self,tid,filename, smb_packet=None, cmd = None, shareAccessMode = FILE_SHARE_READ | FILE_SHARE_WRITE, disposition = FILE_OPEN, accessMask = 0x2019f): + filename = filename.replace('/', '\\') + filename = filename.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else filename + + if smb_packet is None: + smb = NewSMBPacket() + smb['Tid'] = tid + else: + smb = smb_packet + + if cmd is None: + ntCreate = SMBCommand(SMB.SMB_COM_NT_CREATE_ANDX) + ntCreate['Parameters'] = SMBNtCreateAndX_Parameters() + ntCreate['Data'] = SMBNtCreateAndX_Data(flags=self.__flags2) + ntCreate['Parameters']['FileNameLength'] = len(filename) + ntCreate['Parameters']['CreateFlags'] = 0x16 + ntCreate['Parameters']['AccessMask'] = accessMask + ntCreate['Parameters']['CreateOptions'] = 0x40 + ntCreate['Parameters']['ShareAccess'] = shareAccessMode + ntCreate['Parameters']['Disposition'] = disposition + ntCreate['Data']['FileName'] = filename + + if self.__flags2 & SMB.FLAGS2_UNICODE: + ntCreate['Data']['Pad'] = 0x0 + else: + ntCreate = cmd + + smb.addCommand(ntCreate) + + self.sendSMB(smb) + + while 1: + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_NT_CREATE_ANDX): + # XXX Here we are ignoring the rest of the response + ntCreateResponse = SMBCommand(smb['Data'][0]) + ntCreateParameters = SMBNtCreateAndXResponse_Parameters(ntCreateResponse['Parameters']) + + self.fid = ntCreateParameters['Fid'] + return ntCreateParameters['Fid'] + + def logoff(self): + smb = NewSMBPacket() + + logOff = SMBCommand(SMB.SMB_COM_LOGOFF_ANDX) + logOff['Parameters'] = SMBLogOffAndX() + smb.addCommand(logOff) + + self.sendSMB(smb) + self.recvSMB() + # Let's clear some fields so you can login again under the same session + self._uid = 0 + + def list_path(self, service, path = '*', password = None): + path = path.replace('/', '\\') + path = path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else path + + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + findFirstParameter = SMBFindFirst2_Parameters() + findFirstParameter['SearchAttributes'] = SMB_FILE_ATTRIBUTE_DIRECTORY | SMB_FILE_ATTRIBUTE_HIDDEN | \ + SMB_FILE_ATTRIBUTE_SYSTEM | SMB_FILE_ATTRIBUTE_READONLY | \ + SMB_FILE_ATTRIBUTE_ARCHIVE + findFirstParameter['SearchCount'] = 512 + findFirstParameter['Flags'] = SMB_FIND_RETURN_RESUME_KEYS | SMB_FIND_CLOSE_AT_EOS + findFirstParameter['InformationLevel'] = SMB_FIND_FILE_BOTH_DIRECTORY_INFO + findFirstParameter['SearchStorageType'] = 0 + findFirstParameter['FileName'] = path + ('\x00\x00' if self.__flags2 & SMB.FLAGS2_UNICODE else '\x00') + self.send_trans2(tid, SMB.TRANS2_FIND_FIRST2, '\x00', findFirstParameter, '') + files = [ ] + + totalDataCount = 1 + findData = '' + findFirst2ParameterBlock = '' + while len(findData) < totalDataCount: + resp = self.recvSMB() + + if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2): + trans2Response = SMBCommand(resp['Data'][0]) + trans2Parameters = SMBTransaction2Response_Parameters(trans2Response['Parameters']) + totalDataCount = trans2Parameters['TotalDataCount'] + findFirst2ParameterBlock += trans2Response['Data'][trans2Parameters['ParameterOffset']-55:][:trans2Parameters['ParameterCount']] + findData += trans2Response['Data'][trans2Parameters['DataOffset']-55:] + + findParameterBlock = SMBFindFirst2Response_Parameters(findFirst2ParameterBlock) + # Save the SID for resume operations + sid = findParameterBlock['SID'] + + while True: + record = SMBFindFileBothDirectoryInfo(data = findData) + + shortname = record['ShortName'].decode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else record['ShortName'] + filename = record['FileName'].decode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else record['FileName'] + + fileRecord = SharedFile(record['CreationTime'], record['LastAccessTime'], record['LastChangeTime'], + record['EndOfFile'], record['AllocationSize'], record['ExtFileAttributes'], + shortname, filename) + files.append(fileRecord) + if record['NextEntryOffset'] > 0 and len(findData[record['NextEntryOffset']:]) > 0: + findData = findData[record['NextEntryOffset']:] + else: + # More data to search? + if findParameterBlock['EndOfSearch'] == 0: + resume_filename = record['FileName'] + findNextParameter = SMBFindNext2_Parameters() + findNextParameter['SID'] = sid + findNextParameter['SearchCount'] = 1024 + findNextParameter['InformationLevel'] = SMB_FIND_FILE_BOTH_DIRECTORY_INFO + findNextParameter['ResumeKey'] = 0 + findNextParameter['Flags'] = SMB_FIND_RETURN_RESUME_KEYS | SMB_FIND_CLOSE_AT_EOS + findNextParameter['FileName'] = resume_filename + ('\x00\x00' if self.__flags2 & SMB.FLAGS2_UNICODE else '\x00') + self.send_trans2(tid, SMB.TRANS2_FIND_NEXT2, '\x00', findNextParameter, '') + findData = '' + findNext2ParameterBlock = '' + totalDataCount = 1 + while len(findData) < totalDataCount: + resp = self.recvSMB() + + if resp.isValidAnswer(SMB.SMB_COM_TRANSACTION2): + trans2Response = SMBCommand(resp['Data'][0]) + trans2Parameters = SMBTransaction2Response_Parameters(trans2Response['Parameters']) + totalDataCount = trans2Parameters['TotalDataCount'] + findNext2ParameterBlock += trans2Response['Data'][trans2Parameters['ParameterOffset']-55:][:trans2Parameters['ParameterCount']] + findData += trans2Response['Data'][trans2Parameters['DataOffset']-55:] + findParameterBlock = SMBFindNext2Response_Parameters(findNext2ParameterBlock) + else: + break + finally: + self.disconnect_tree(tid) + + return files + + def retr_file(self, service, filename, callback, mode = FILE_OPEN, offset = 0, password = None, shareAccessMode = SMB_ACCESS_READ): + filename = string.replace(filename, '/', '\\') + + fid = -1 + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + fid = self.nt_create_andx(tid, filename, shareAccessMode = shareAccessMode, accessMask = 0x20089) + + res = self.query_file_info(tid, fid) + datasize = SMBQueryFileStandardInfo(res)['EndOfFile'] + + self.__nonraw_retr_file(tid, fid, offset, datasize, callback) + finally: + if fid >= 0: + self.close(tid, fid) + self.disconnect_tree(tid) + + def stor_file(self, service, filename, callback, mode = FILE_OVERWRITE_IF, offset = 0, password = None, shareAccessMode = SMB_ACCESS_WRITE): + filename = string.replace(filename, '/', '\\') + + fid = -1 + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + fid = self.nt_create_andx(tid, filename, shareAccessMode = shareAccessMode, disposition = mode ) + + self.__nonraw_stor_file(tid, fid, offset, 0, callback) + finally: + if fid >= 0: + self.close(tid, fid) + self.disconnect_tree(tid) + + def stor_file_nonraw(self, service, filename, callback, mode = FILE_OVERWRITE_IF, offset = 0, password = None, shareAccessMode = SMB_ACCESS_WRITE ): + filename = string.replace(filename, '/', '\\') + + fid = -1 + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + fid = self.nt_create_andx(tid, filename, shareAccessMode = shareAccessMode, disposition = mode) + self.__nonraw_stor_file(tid, fid, offset, 0, callback) + finally: + if fid >= 0: + self.close(tid, fid) + self.disconnect_tree(tid) + + def check_dir(self, service, path, password = None): + path = string.replace(path,'/', '\\') + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + smb = NewSMBPacket() + smb['Tid'] = tid + smb['Mid'] = 0 + + cmd = SMBCommand(SMB.SMB_COM_CHECK_DIRECTORY) + cmd['Parameters'] = '' + cmd['Data'] = SMBCheckDirectory_Data(flags = self.__flags2) + cmd['Data']['DirectoryName'] = path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else path + smb.addCommand(cmd) + + self.sendSMB(smb) + + while 1: + s = self.recvSMB() + if s.isValidAnswer(SMB.SMB_COM_CHECK_DIRECTORY): + return + finally: + self.disconnect_tree(tid) + + def remove(self, service, path, password = None): + path = string.replace(path,'/', '\\') + # Perform a list to ensure the path exists + self.list_path(service, path, password) + + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + smb = NewSMBPacket() + smb['Tid'] = tid + smb['Mid'] = 0 + + cmd = SMBCommand(SMB.SMB_COM_DELETE) + cmd['Parameters'] = SMBDelete_Parameters() + cmd['Parameters']['SearchAttributes'] = ATTR_HIDDEN | ATTR_SYSTEM | ATTR_ARCHIVE + cmd['Data'] = SMBDelete_Data(flags = self.__flags2) + cmd['Data']['FileName'] = (path + '\x00').encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else (path + '\x00') + smb.addCommand(cmd) + + self.sendSMB(smb) + + while 1: + s = self.recvSMB() + if s.isValidAnswer(SMB.SMB_COM_DELETE): + return + finally: + self.disconnect_tree(tid) + + def rmdir(self, service, path, password = None): + path = string.replace(path,'/', '\\') + # Check that the directory exists + self.check_dir(service, path, password) + + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + path = path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else path + + smb = NewSMBPacket() + smb['Tid'] = tid + createDir = SMBCommand(SMB.SMB_COM_DELETE_DIRECTORY) + createDir['Data'] = SMBDeleteDirectory_Data(flags=self.__flags2) + createDir['Data']['DirectoryName'] = path + smb.addCommand(createDir) + + self.sendSMB(smb) + + while 1: + s = self.recvSMB() + if s.isValidAnswer(SMB.SMB_COM_DELETE_DIRECTORY): + return + finally: + self.disconnect_tree(tid) + + def mkdir(self, service, path, password = None): + path = string.replace(path,'/', '\\') + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + path = path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else path + + smb = NewSMBPacket() + smb['Tid'] = tid + smb['Mid'] = 0 + + createDir = SMBCommand(SMB.SMB_COM_CREATE_DIRECTORY) + createDir['Data'] = SMBCreateDirectory_Data(flags=self.__flags2) + createDir['Data']['DirectoryName'] = path + smb.addCommand(createDir) + + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_CREATE_DIRECTORY): + return 1 + return 0 + finally: + self.disconnect_tree(tid) + + def rename(self, service, old_path, new_path, password = None): + old_path = string.replace(old_path,'/', '\\') + new_path = string.replace(new_path,'/', '\\') + tid = self.tree_connect_andx('\\\\' + self.__remote_name + '\\' + service, password) + try: + smb = NewSMBPacket() + smb['Tid'] = tid + smb['Mid'] = 0 + + renameCmd = SMBCommand(SMB.SMB_COM_RENAME) + renameCmd['Parameters'] = SMBRename_Parameters() + renameCmd['Parameters']['SearchAttributes'] = ATTR_SYSTEM | ATTR_HIDDEN | ATTR_DIRECTORY + renameCmd['Data'] = SMBRename_Data(flags = self.__flags2) + renameCmd['Data']['OldFileName'] = old_path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else old_path + renameCmd['Data']['NewFileName'] = new_path.encode('utf-16le') if self.__flags2 & SMB.FLAGS2_UNICODE else new_path + smb.addCommand(renameCmd) + + self.sendSMB(smb) + + smb = self.recvSMB() + if smb.isValidAnswer(SMB.SMB_COM_RENAME): + return 1 + return 0 + finally: + self.disconnect_tree(tid) + + def writeFile(self, treeId, fileId, data, offset = 0): + if (self._dialects_parameters['Capabilities'] & SMB.CAP_LARGE_WRITEX) and self._SignatureEnabled is False: + max_buf_size = 65000 + else: + max_buf_size = self._dialects_parameters['MaxBufferSize'] & ~0x3ff # Write in multiple KB blocks + + write_offset = offset + while 1: + if len(data) == 0: + break + writeData = data[:max_buf_size] + data = data[max_buf_size:] + + smb = self.write_andx(treeId,fileId,writeData, write_offset) + writeResponse = SMBCommand(smb['Data'][0]) + writeResponseParameters = SMBWriteAndXResponse_Parameters(writeResponse['Parameters']) + write_offset += writeResponseParameters['Count'] + + def get_socket(self): + return self._sess.get_socket() + +ERRDOS = { 1: 'Invalid function', + 2: 'File not found', + 3: 'Invalid directory', + 4: 'Too many open files', + 5: 'Access denied', + 6: 'Invalid file handle. Please file a bug report.', + 7: 'Memory control blocks destroyed', + 8: 'Out of memory', + 9: 'Invalid memory block address', + 10: 'Invalid environment', + 11: 'Invalid format', + 12: 'Invalid open mode', + 13: 'Invalid data', + 15: 'Invalid drive', + 16: 'Attempt to remove server\'s current directory', + 17: 'Not the same device', + 18: 'No files found', + 32: 'Sharing mode conflicts detected', + 33: 'Lock request conflicts detected', + 80: 'File already exists' + } + +ERRSRV = { 1: 'Non-specific error', + 2: 'Bad password', + 4: 'Access denied', + 5: 'Invalid tid. Please file a bug report.', + 6: 'Invalid network name', + 7: 'Invalid device', + 49: 'Print queue full', + 50: 'Print queue full', + 51: 'EOF on print queue dump', + 52: 'Invalid print file handle', + 64: 'Command not recognized. Please file a bug report.', + 65: 'Internal server error', + 67: 'Invalid path', + 69: 'Invalid access permissions', + 71: 'Invalid attribute mode', + 81: 'Server is paused', + 82: 'Not receiving messages', + 83: 'No room to buffer messages', + 87: 'Too many remote user names', + 88: 'Operation timeout', + 89: 'Out of resources', + 91: 'Invalid user handle. Please file a bug report.', + 250: 'Temporarily unable to support raw mode for transfer', + 251: 'Temporarily unable to support raw mode for transfer', + 252: 'Continue in MPX mode', + 65535: 'Unsupported function' + } + +ERRHRD = { 19: 'Media is write-protected', + 20: 'Unknown unit', + 21: 'Drive not ready', + 22: 'Unknown command', + 23: 'CRC error', + 24: 'Bad request', + 25: 'Seek error', + 26: 'Unknown media type', + 27: 'Sector not found', + 28: 'Printer out of paper', + 29: 'Write fault', + 30: 'Read fault', + 31: 'General failure', + 32: 'Open conflicts with an existing open', + 33: 'Invalid lock request', + 34: 'Wrong disk in drive', + 35: 'FCBs not available', + 36: 'Sharing buffer exceeded' + } + diff --git a/tests/python_dependencies/impacket/smb3.py b/tests/python_dependencies/impacket/smb3.py new file mode 100644 index 000000000..5548e4b0c --- /dev/null +++ b/tests/python_dependencies/impacket/smb3.py @@ -0,0 +1,1629 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (@agsolino) +# +# Description: +# [MS-SMB2] Protocol Implementation (SMB2 and SMB3) +# As you might see in the code, it's implemented strictly following +# the structures defined in the protocol specification. This may +# not be the most efficient way (e.g. self._Connection is the +# same to self._Session in the context of this library ) but +# it certainly helps following the document way easier. +# +# ToDo: +# [X] Implement SMB2_CHANGE_NOTIFY +# [X] Implement SMB2_QUERY_INFO +# [X] Implement SMB2_SET_INFO +# [ ] Implement SMB2_OPLOCK_BREAK +# [X] Implement SMB3 signing +# [ ] Implement SMB3 encryption +# [ ] Add more backward compatible commands from the smb.py code +# [ ] Fix up all the 'ToDo' comments inside the code +# + +import socket +import ntpath +import random +import string +import struct +from binascii import a2b_hex +from contextlib import contextmanager + +from impacket import nmb, ntlm, uuid, crypto, LOG +from impacket.smb3structs import * +from impacket.nt_errors import STATUS_SUCCESS, STATUS_MORE_PROCESSING_REQUIRED, STATUS_INVALID_PARAMETER, \ + STATUS_NO_MORE_FILES, STATUS_PENDING, STATUS_NOT_IMPLEMENTED, ERROR_MESSAGES +from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, SPNEGO_NegTokenResp + + +# For signing +import hashlib, hmac, copy + +# Structs to be used +TREE_CONNECT = { + 'ShareName' : '', + 'TreeConnectId' : 0, + 'Session' : 0, + 'IsDfsShare' : False, + # If the client implements the SMB 3.0 dialect, + # the client MUST also implement the following + 'IsCAShare' : False, + 'EncryptData' : False, + 'IsScaleoutShare' : False, + # Outside the protocol + 'NumberOfUses' : 0, +} + +FILE = { + 'OpenTable' : [], + 'LeaseKey' : '', + 'LeaseState' : 0, + 'LeaseEpoch' : 0, +} + +OPEN = { + 'FileID' : '', + 'TreeConnect' : 0, + 'Connection' : 0, # Not Used + 'Oplocklevel' : 0, + 'Durable' : False, + 'FileName' : '', + 'ResilientHandle' : False, + 'LastDisconnectTime' : 0, + 'ResilientTimeout' : 0, + 'OperationBuckets' : [], + # If the client implements the SMB 3.0 dialect, + # the client MUST implement the following + 'CreateGuid' : '', + 'IsPersistent' : False, + 'DesiredAccess' : '', + 'ShareMode' : 0, + 'CreateOption' : '', + 'FileAttributes' : '', + 'CreateDisposition' : '', +} + +REQUEST = { + 'CancelID' : '', + 'Message' : '', + 'Timestamp' : 0, +} + +CHANNEL = { + 'SigningKey' : '', + 'Connection' : 0, +} + + +class SessionError(Exception): + def __init__( self, error = 0, packet=0): + Exception.__init__(self) + self.error = error + self.packet = packet + + def get_error_code( self ): + return self.error + + def get_error_packet( self ): + return self.packet + + def __str__( self ): + return 'SMB SessionError: %s(%s)' % (ERROR_MESSAGES[self.error]) + + +class SMB3: + def __init__(self, remote_name, remote_host, my_name = None, host_type = nmb.TYPE_SERVER, sess_port = 445, timeout=60, UDP = 0, preferredDialect = None, session = None): + + # [MS-SMB2] Section 3 + self.RequireMessageSigning = False # + self.ConnectionTable = {} + self.GlobalFileTable = {} + self.ClientGuid = ''.join([random.choice(string.letters) for i in range(16)]) + # Only for SMB 3.0 + self.EncryptionAlgorithmList = ['AES-CCM'] + self.MaxDialect = [] + self.RequireSecureNegotiate = False + + # Per Transport Connection Data + self._Connection = { + # Indexed by SessionID + #'SessionTable' : {}, + # Indexed by MessageID + 'OutstandingRequests' : {}, + 'OutstandingResponses' : {}, # + 'SequenceWindow' : 0, # + 'GSSNegotiateToken' : '', # + 'MaxTransactSize' : 0, # + 'MaxReadSize' : 0, # + 'MaxWriteSize' : 0, # + 'ServerGuid' : '', # + 'RequireSigning' : False, # + 'ServerName' : '', # + # If the client implements the SMB 2.1 or SMB 3.0 dialects, it MUST + # also implement the following + 'Dialect' : '', # + 'SupportsFileLeasing' : False, # + 'SupportsMultiCredit' : False, # + # If the client implements the SMB 3.0 dialect, + # it MUST also implement the following + 'SupportsDirectoryLeasing' : False, # + 'SupportsMultiChannel' : False, # + 'SupportsPersistentHandles': False, # + 'SupportsEncryption' : False, # + 'ClientCapabilities' : 0, + 'ServerCapabilities' : 0, # + 'ClientSecurityMode' : 0, # + 'ServerSecurityMode' : 0, # + # Outside the protocol + 'ServerIP' : '', # + } + + self._Session = { + 'SessionID' : 0, # + 'TreeConnectTable' : {}, # + 'SessionKey' : '', # + 'SigningRequired' : False, # + 'Connection' : 0, # + 'UserCredentials' : '', # + 'OpenTable' : {}, # + # If the client implements the SMB 3.0 dialect, + # it MUST also implement the following + 'ChannelList' : [], + 'ChannelSequence' : 0, + #'EncryptData' : False, + 'EncryptData' : True, + 'EncryptionKey' : '', + 'DecryptionKey' : '', + 'SigningKey' : '', + 'ApplicationKey' : '', + # Outside the protocol + 'SessionFlags' : 0, # + 'ServerName' : '', # + 'ServerDomain' : '', # + 'ServerDNSDomainName' : '', # + 'ServerOS' : '', # + 'SigningActivated' : False, # + } + + self.SMB_PACKET = SMB2Packet + + self._timeout = timeout + self._Connection['ServerIP'] = remote_host + self._NetBIOSSession = None + + self.__userName = '' + self.__password = '' + self.__domain = '' + self.__lmhash = '' + self.__nthash = '' + self.__kdc = '' + self.__aesKey = '' + self.__TGT = None + self.__TGS = None + + if sess_port == 445 and remote_name == '*SMBSERVER': + self._Connection['ServerName'] = remote_host + else: + self._Connection['ServerName'] = remote_name + + if session is None: + if not my_name: + my_name = socket.gethostname() + i = string.find(my_name, '.') + if i > -1: + my_name = my_name[:i] + + if UDP: + self._NetBIOSSession = nmb.NetBIOSUDPSession(my_name, self._Connection['ServerName'], remote_host, host_type, sess_port, self._timeout) + else: + self._NetBIOSSession = nmb.NetBIOSTCPSession(my_name, self._Connection['ServerName'], remote_host, host_type, sess_port, self._timeout) + + self.negotiateSession(preferredDialect) + else: + self._NetBIOSSession = session + # We should increase the SequenceWindow since a packet was already received. + self._Connection['SequenceWindow'] += 1 + # Let's negotiate again using the same connection + self.negotiateSession(preferredDialect) + + def printStatus(self): + print "CONNECTION" + for i in self._Connection.items(): + print "%-40s : %s" % i + print + print "SESSION" + for i in self._Session.items(): + print "%-40s : %s" % i + + def getServerName(self): + return self._Session['ServerName'] + + def getServerIP(self): + return self._Connection['ServerIP'] + + def getServerDomain(self): + return self._Session['ServerDomain'] + + def getServerDNSDomainName(self): + return self._Session['ServerDNSDomainName'] + + def getServerOS(self): + return self._Session['ServerOS'] + + def getServerOSMajor(self): + return self._Session['ServerOSMajor'] + + def getServerOSMinor(self): + return self._Session['ServerOSMinor'] + + def getServerOSBuild(self): + return self._Session['ServerOSBuild'] + + def isGuestSession(self): + return self._Session['SessionFlags'] & SMB2_SESSION_FLAG_IS_GUEST + + def setTimeout(self, timeout): + self._timeout = timeout + + @contextmanager + def useTimeout(self, timeout): + prev_timeout = self.getTimeout(timeout) + try: + yield + finally: + self.setTimeout(prev_timeout) + + def getDialect(self): + return self._Connection['Dialect'] + + + def signSMB(self, packet): + packet['Signature'] = '\x00'*16 + if self._Connection['Dialect'] == SMB2_DIALECT_21 or self._Connection['Dialect'] == SMB2_DIALECT_002: + if len(self._Session['SessionKey']) > 0: + signature = hmac.new(self._Session['SessionKey'], str(packet), hashlib.sha256).digest() + packet['Signature'] = signature[:16] + else: + if len(self._Session['SessionKey']) > 0: + p = str(packet) + signature = crypto.AES_CMAC(self._Session['SigningKey'], p, len(p)) + packet['Signature'] = signature + + def sendSMB(self, packet): + # The idea here is to receive multiple/single commands and create a compound request, and send it + # Should return the MessageID for later retrieval. Implement compounded related requests. + + # If Connection.Dialect is equal to "3.000" and if Connection.SupportsMultiChannel or + # Connection.SupportsPersistentHandles is TRUE, the client MUST set ChannelSequence in the + # SMB2 header to Session.ChannelSequence + + # Check this is not a CANCEL request. If so, don't consume sequece numbers + if packet['Command'] is not SMB2_CANCEL: + packet['MessageID'] = self._Connection['SequenceWindow'] + self._Connection['SequenceWindow'] += 1 + packet['SessionID'] = self._Session['SessionID'] + + # Default the credit charge to 1 unless set by the caller + if packet.fields.has_key('CreditCharge') is False: + packet['CreditCharge'] = 1 + + # Standard credit request after negotiating protocol + if self._Connection['SequenceWindow'] > 3: + packet['CreditRequestResponse'] = 127 + + messageId = packet['MessageID'] + + if self._Session['SigningActivated'] is True and self._Connection['SequenceWindow'] > 2: + if packet['TreeID'] > 0 and self._Session['TreeConnectTable'].has_key(packet['TreeID']) is True: + if self._Session['TreeConnectTable'][packet['TreeID']]['EncryptData'] is False: + packet['Flags'] = SMB2_FLAGS_SIGNED + self.signSMB(packet) + elif packet['TreeID'] == 0: + packet['Flags'] = SMB2_FLAGS_SIGNED + self.signSMB(packet) + + if (self._Session['SessionFlags'] & SMB2_SESSION_FLAG_ENCRYPT_DATA) or ( packet['TreeID'] != 0 and self._Session['TreeConnectTable'][packet['TreeID']]['EncryptData'] is True): + plainText = str(packet) + transformHeader = SMB2_TRANSFORM_HEADER() + transformHeader['Nonce'] = ''.join([random.choice(string.letters) for i in range(11)]) + transformHeader['OriginalMessageSize'] = len(plainText) + transformHeader['EncryptionAlgorithm'] = SMB2_ENCRYPTION_AES128_CCM + transformHeader['SessionID'] = self._Session['SessionID'] + from Crypto.Cipher import AES + try: + AES.MODE_CCM + except: + LOG.critical("Your pycrypto doesn't support AES.MODE_CCM. Currently only pycrypto experimental supports this mode.\nDownload it from https://www.dlitz.net/software/pycrypto ") + raise + cipher = AES.new(self._Session['EncryptionKey'], AES.MODE_CCM, transformHeader['Nonce']) + cipher.update(str(transformHeader)[20:]) + cipherText = cipher.encrypt(plainText) + transformHeader['Signature'] = cipher.digest() + packet = str(transformHeader) + cipherText + + self._NetBIOSSession.send_packet(str(packet)) + return messageId + + def recvSMB(self, packetID = None): + # First, verify we don't have the packet already + if self._Connection['OutstandingResponses'].has_key(packetID): + return self._Connection['OutstandingResponses'].pop(packetID) + + data = self._NetBIOSSession.recv_packet(self._timeout) + + if data.get_trailer().startswith('\xfdSMB'): + # Packet is encrypted + transformHeader = SMB2_TRANSFORM_HEADER(data.get_trailer()) + from Crypto.Cipher import AES + try: + AES.MODE_CCM + except: + LOG.critical("Your pycrypto doesn't support AES.MODE_CCM. Currently only pycrypto experimental supports this mode.\nDownload it from https://www.dlitz.net/software/pycrypto ") + raise + cipher = AES.new(self._Session['DecryptionKey'], AES.MODE_CCM, transformHeader['Nonce'][:11]) + cipher.update(str(transformHeader)[20:]) + plainText = cipher.decrypt(data.get_trailer()[len(SMB2_TRANSFORM_HEADER()):]) + #cipher.verify(transformHeader['Signature']) + packet = SMB2Packet(plainText) + else: + # In all SMB dialects for a response this field is interpreted as the Status field. + # This field can be set to any value. For a list of valid status codes, + # see [MS-ERREF] section 2.3. + packet = SMB2Packet(data.get_trailer()) + + # Loop while we receive pending requests + if packet['Status'] == STATUS_PENDING: + status = STATUS_PENDING + while status == STATUS_PENDING: + data = self._NetBIOSSession.recv_packet(self._timeout) + if data.get_trailer().startswith('\xfeSMB'): + packet = SMB2Packet(data.get_trailer()) + else: + # Packet is encrypted + transformHeader = SMB2_TRANSFORM_HEADER(data.get_trailer()) + from Crypto.Cipher import AES + try: + AES.MODE_CCM + except: + LOG.critical("Your pycrypto doesn't support AES.MODE_CCM. Currently only pycrypto experimental supports this mode.\nDownload it from https://www.dlitz.net/software/pycrypto ") + raise + cipher = AES.new(self._Session['DecryptionKey'], AES.MODE_CCM, transformHeader['Nonce'][:11]) + cipher.update(str(transformHeader)[20:]) + plainText = cipher.decrypt(data.get_trailer()[len(SMB2_TRANSFORM_HEADER()):]) + #cipher.verify(transformHeader['Signature']) + packet = SMB2Packet(plainText) + status = packet['Status'] + + if packet['MessageID'] == packetID or packetID is None: + # if self._Session['SigningRequired'] is True: + # self.signSMB(packet) + # Let's update the sequenceWindow based on the CreditsCharged + self._Connection['SequenceWindow'] += (packet['CreditCharge'] - 1) + return packet + else: + self._Connection['OutstandingResponses'][packet['MessageID']] = packet + return self.recvSMB(packetID) + + def negotiateSession(self, preferredDialect = None): + packet = self.SMB_PACKET() + packet['Command'] = SMB2_NEGOTIATE + negSession = SMB2Negotiate() + + negSession['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED + if self.RequireMessageSigning is True: + negSession['SecurityMode'] |= SMB2_NEGOTIATE_SIGNING_REQUIRED + negSession['Capabilities'] = SMB2_GLOBAL_CAP_ENCRYPTION + negSession['ClientGuid'] = self.ClientGuid + if preferredDialect is not None: + negSession['Dialects'] = [preferredDialect] + else: + negSession['Dialects'] = [SMB2_DIALECT_002, SMB2_DIALECT_21, SMB2_DIALECT_30] + negSession['DialectCount'] = len(negSession['Dialects']) + packet['Data'] = negSession + + # Storing this data for later use + self._Connection['ClientSecurityMode'] = negSession['SecurityMode'] + self._Connection['Capabilities'] = negSession['Capabilities'] + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_SUCCESS): + # ToDo this: + # If the DialectRevision in the SMB2 NEGOTIATE Response is 0x02FF, the client MUST issue a new + # SMB2 NEGOTIATE request as described in section 3.2.4.2.2.2 with the only exception + # that the client MUST allocate sequence number 1 from Connection.SequenceWindow, and MUST set + # MessageId field of the SMB2 header to 1. Otherwise, the client MUST proceed as follows. + negResp = SMB2Negotiate_Response(ans['Data']) + self._Connection['MaxTransactSize'] = min(0x100000,negResp['MaxTransactSize']) + self._Connection['MaxReadSize'] = min(0x100000,negResp['MaxReadSize']) + self._Connection['MaxWriteSize'] = min(0x100000,negResp['MaxWriteSize']) + self._Connection['ServerGuid'] = negResp['ServerGuid'] + self._Connection['GSSNegotiateToken'] = negResp['Buffer'] + self._Connection['Dialect'] = negResp['DialectRevision'] + if (negResp['SecurityMode'] & SMB2_NEGOTIATE_SIGNING_REQUIRED) == SMB2_NEGOTIATE_SIGNING_REQUIRED: + self._Connection['RequireSigning'] = True + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_LEASING) == SMB2_GLOBAL_CAP_LEASING: + self._Connection['SupportsFileLeasing'] = True + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_LARGE_MTU) == SMB2_GLOBAL_CAP_LARGE_MTU: + self._Connection['SupportsMultiCredit'] = True + + if self._Connection['Dialect'] == SMB2_DIALECT_30: + # Switching to the right packet format + self.SMB_PACKET = SMB3Packet + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_DIRECTORY_LEASING) == SMB2_GLOBAL_CAP_DIRECTORY_LEASING: + self._Connection['SupportsDirectoryLeasing'] = True + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_MULTI_CHANNEL) == SMB2_GLOBAL_CAP_MULTI_CHANNEL: + self._Connection['SupportsMultiChannel'] = True + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_PERSISTENT_HANDLES) == SMB2_GLOBAL_CAP_PERSISTENT_HANDLES: + self._Connection['SupportsPersistentHandles'] = True + if (negResp['Capabilities'] & SMB2_GLOBAL_CAP_ENCRYPTION) == SMB2_GLOBAL_CAP_ENCRYPTION: + self._Connection['SupportsEncryption'] = True + + self._Connection['ServerCapabilities'] = negResp['Capabilities'] + self._Connection['ServerSecurityMode'] = negResp['SecurityMode'] + + def getCredentials(self): + return ( + self.__userName, + self.__password, + self.__domain, + self.__lmhash, + self.__nthash, + self.__aesKey, + self.__TGT, + self.__TGS) + + def kerberosLogin(self, user, password, domain = '', lmhash = '', nthash = '', aesKey='', kdcHost = '', TGT=None, TGS=None): + # If TGT or TGS are specified, they are in the form of: + # TGS['KDC_REP'] = the response from the server + # TGS['cipher'] = the cipher used + # TGS['sessionKey'] = the sessionKey + # If we have hashes, normalize them + if lmhash != '' or nthash != '': + if len(lmhash) % 2: lmhash = '0%s' % lmhash + if len(nthash) % 2: nthash = '0%s' % nthash + try: # just in case they were converted already + lmhash = a2b_hex(lmhash) + nthash = a2b_hex(nthash) + except: + pass + + self.__userName = user + self.__password = password + self.__domain = domain + self.__lmhash = lmhash + self.__nthash = nthash + self.__kdc = kdcHost + self.__aesKey = aesKey + self.__TGT = TGT + self.__TGS = TGS + + sessionSetup = SMB2SessionSetup() + if self.RequireMessageSigning is True: + sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_REQUIRED + else: + sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED + + sessionSetup['Flags'] = 0 + #sessionSetup['Capabilities'] = SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_DFS + + # Importing down here so pyasn1 is not required if kerberos is not used. + from impacket.krb5.asn1 import AP_REQ, Authenticator, TGS_REP, seq_set + from impacket.krb5.kerberosv5 import getKerberosTGT, getKerberosTGS + from impacket.krb5 import constants + from impacket.krb5.types import Principal, KerberosTime, Ticket + from pyasn1.codec.der import decoder, encoder + import datetime + + # First of all, we need to get a TGT for the user + userName = Principal(user, type=constants.PrincipalNameType.NT_PRINCIPAL.value) + if TGT is None: + if TGS is None: + tgt, cipher, oldSessionKey, sessionKey = getKerberosTGT(userName, password, domain, lmhash, nthash, aesKey, kdcHost) + else: + tgt = TGT['KDC_REP'] + cipher = TGT['cipher'] + sessionKey = TGT['sessionKey'] + + # Save the ticket + # If you want, for debugging purposes +# from impacket.krb5.ccache import CCache +# ccache = CCache() +# try: +# if TGS is None: +# ccache.fromTGT(tgt, oldSessionKey, sessionKey) +# else: +# ccache.fromTGS(TGS['KDC_REP'], TGS['oldSessionKey'], TGS['sessionKey'] ) +# ccache.saveFile('/tmp/ticket.bin') +# except Exception, e: +# print e +# pass + + # Now that we have the TGT, we should ask for a TGS for cifs + + if TGS is None: + serverName = Principal('cifs/%s' % (self._Connection['ServerName']), type=constants.PrincipalNameType.NT_SRV_INST.value) + tgs, cipher, oldSessionKey, sessionKey = getKerberosTGS(serverName, domain, kdcHost, tgt, cipher, sessionKey) + else: + tgs = TGS['KDC_REP'] + cipher = TGS['cipher'] + sessionKey = TGS['sessionKey'] + + # Let's build a NegTokenInit with a Kerberos REQ_AP + + blob = SPNEGO_NegTokenInit() + + # Kerberos + blob['MechTypes'] = [TypesMech['MS KRB5 - Microsoft Kerberos 5']] + + # Let's extract the ticket from the TGS + tgs = decoder.decode(tgs, asn1Spec = TGS_REP())[0] + ticket = Ticket() + ticket.from_asn1(tgs['ticket']) + + # Now let's build the AP_REQ + apReq = AP_REQ() + apReq['pvno'] = 5 + apReq['msg-type'] = int(constants.ApplicationTagNumbers.AP_REQ.value) + + opts = list() + apReq['ap-options'] = constants.encodeFlags(opts) + seq_set(apReq,'ticket', ticket.to_asn1) + + authenticator = Authenticator() + authenticator['authenticator-vno'] = 5 + authenticator['crealm'] = domain + seq_set(authenticator, 'cname', userName.components_to_asn1) + now = datetime.datetime.utcnow() + + authenticator['cusec'] = now.microsecond + authenticator['ctime'] = KerberosTime.to_asn1(now) + + encodedAuthenticator = encoder.encode(authenticator) + + # Key Usage 11 + # AP-REQ Authenticator (includes application authenticator + # subkey), encrypted with the application session key + # (Section 5.5.1) + encryptedEncodedAuthenticator = cipher.encrypt(sessionKey, 11, encodedAuthenticator, None) + + apReq['authenticator'] = None + apReq['authenticator']['etype'] = cipher.enctype + apReq['authenticator']['cipher'] = encryptedEncodedAuthenticator + + blob['MechToken'] = encoder.encode(apReq) + + sessionSetup['SecurityBufferLength'] = len(blob) + sessionSetup['Buffer'] = blob.getData() + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_SESSION_SETUP + packet['Data'] = sessionSetup + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_SUCCESS): + self._Session['SessionID'] = ans['SessionID'] + self._Session['SigningRequired'] = self._Connection['RequireSigning'] + self._Session['UserCredentials'] = (user, password, domain, lmhash, nthash) + self._Session['Connection'] = self._NetBIOSSession.get_socket() + + self._Session['SessionKey'] = sessionKey.contents[:16] + if self._Session['SigningRequired'] is True and self._Connection['Dialect'] == SMB2_DIALECT_30: + self._Session['SigningKey'] = crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCMAC\x00", "SmbSign\x00", 128) + + # Calculate the key derivations for dialect 3.0 + if self._Session['SigningRequired'] is True: + self._Session['SigningActivated'] = True + if self._Connection['Dialect'] == SMB2_DIALECT_30: + self._Session['ApplicationKey'] = crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2APP\x00", "SmbRpc\x00", 128) + self._Session['EncryptionKey'] = crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCCM\x00", "ServerIn \x00", 128) + self._Session['DecryptionKey'] = crypto.KDF_CounterMode(self._Session['SessionKey'], "SMB2AESCCM\x00", "ServerOut\x00", 128) + + return True + else: + # We clean the stuff we used in case we want to authenticate again + # within the same connection + self._Session['UserCredentials'] = '' + self._Session['Connection'] = 0 + self._Session['SessionID'] = 0 + self._Session['SigningRequired'] = False + self._Session['SigningKey'] = '' + self._Session['SessionKey'] = '' + self._Session['SigningActivated'] = False + raise + + + def login(self, user, password, domain = '', lmhash = '', nthash = ''): + # If we have hashes, normalize them + if lmhash != '' or nthash != '': + if len(lmhash) % 2: lmhash = '0%s' % lmhash + if len(nthash) % 2: nthash = '0%s' % nthash + try: # just in case they were converted already + lmhash = a2b_hex(lmhash) + nthash = a2b_hex(nthash) + except: + pass + + self.__userName = user + self.__password = password + self.__domain = domain + self.__lmhash = lmhash + self.__nthash = nthash + self.__aesKey = '' + self.__TGT = None + self.__TGS = None + + sessionSetup = SMB2SessionSetup() + if self.RequireMessageSigning is True: + sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_REQUIRED + else: + sessionSetup['SecurityMode'] = SMB2_NEGOTIATE_SIGNING_ENABLED + + sessionSetup['Flags'] = 0 + #sessionSetup['Capabilities'] = SMB2_GLOBAL_CAP_LARGE_MTU | SMB2_GLOBAL_CAP_LEASING | SMB2_GLOBAL_CAP_DFS + + # Let's build a NegTokenInit with the NTLMSSP + # TODO: In the future we should be able to choose different providers + + blob = SPNEGO_NegTokenInit() + + # NTLMSSP + blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']] + auth = ntlm.getNTLMSSPType1('','', self._Connection['RequireSigning']) + blob['MechToken'] = str(auth) + + sessionSetup['SecurityBufferLength'] = len(blob) + sessionSetup['Buffer'] = blob.getData() + + # ToDo: + # If this authentication is for establishing an alternative channel for an existing Session, as specified + # in section 3.2.4.1.7, the client MUST also set the following values: + # The SessionId field in the SMB2 header MUST be set to the Session.SessionId for the new + # channel being established. + # The SMB2_SESSION_FLAG_BINDING bit MUST be set in the Flags field. + # The PreviousSessionId field MUST be set to zero. + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_SESSION_SETUP + packet['Data'] = sessionSetup + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_MORE_PROCESSING_REQUIRED): + self._Session['SessionID'] = ans['SessionID'] + self._Session['SigningRequired'] = self._Connection['RequireSigning'] + self._Session['UserCredentials'] = (user, password, domain, lmhash, nthash) + self._Session['Connection'] = self._NetBIOSSession.get_socket() + sessionSetupResponse = SMB2SessionSetup_Response(ans['Data']) + respToken = SPNEGO_NegTokenResp(sessionSetupResponse['Buffer']) + + # Let's parse some data and keep it to ourselves in case it is asked + ntlmChallenge = ntlm.NTLMAuthChallenge(respToken['ResponseToken']) + if ntlmChallenge['TargetInfoFields_len'] > 0: + av_pairs = ntlm.AV_PAIRS(ntlmChallenge['TargetInfoFields'][:ntlmChallenge['TargetInfoFields_len']]) + if av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] is not None: + try: + self._Session['ServerName'] = av_pairs[ntlm.NTLMSSP_AV_HOSTNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + if av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] is not None: + try: + if self._Session['ServerName'] != av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le'): + self._Session['ServerDomain'] = av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + if av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] is not None: + try: + self._Session['ServerDNSDomainName'] = av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME][1].decode('utf-16le') + except: + # For some reason, we couldn't decode Unicode here.. silently discard the operation + pass + + # Parse Version to know the target Operating system name. Not provided elsewhere anymore + if ntlmChallenge.fields.has_key('Version'): + version = ntlmChallenge['Version'] + + if len(version) >= 4: + self._Session['ServerOS'] = "Windows %d.%d Build %d" % (ord(version[0]), ord(version[1]), struct.unpack('<H',version[2:4])[0]) + self._Session["ServerOSMajor"] = ord(version[0]) + self._Session["ServerOSMinor"] = ord(version[1]) + self._Session["ServerOSBuild"] = struct.unpack('<H',version[2:4])[0] + + type3, exportedSessionKey = ntlm.getNTLMSSPType3(auth, respToken['ResponseToken'], user, password, domain, lmhash, nthash) + + if exportedSessionKey is not None: + self._Session['SessionKey'] = exportedSessionKey + if self._Session['SigningRequired'] is True and self._Connection['Dialect'] == SMB2_DIALECT_30: + self._Session['SigningKey'] = crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCMAC\x00", "SmbSign\x00", 128) + + respToken2 = SPNEGO_NegTokenResp() + respToken2['ResponseToken'] = str(type3) + + # Reusing the previous structure + sessionSetup['SecurityBufferLength'] = len(respToken2) + sessionSetup['Buffer'] = respToken2.getData() + + packetID = self.sendSMB(packet) + packet = self.recvSMB(packetID) + try: + if packet.isValidAnswer(STATUS_SUCCESS): + sessionSetupResponse = SMB2SessionSetup_Response(packet['Data']) + self._Session['SessionFlags'] = sessionSetupResponse['SessionFlags'] + + # Calculate the key derivations for dialect 3.0 + if self._Session['SigningRequired'] is True: + self._Session['SigningActivated'] = True + if self._Connection['Dialect'] == SMB2_DIALECT_30: + self._Session['ApplicationKey'] = crypto.KDF_CounterMode(exportedSessionKey, "SMB2APP\x00", "SmbRpc\x00", 128) + self._Session['EncryptionKey'] = crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCCM\x00", "ServerIn \x00", 128) + self._Session['DecryptionKey'] = crypto.KDF_CounterMode(exportedSessionKey, "SMB2AESCCM\x00", "ServerOut\x00", 128) + + return True + except: + # We clean the stuff we used in case we want to authenticate again + # within the same connection + self._Session['UserCredentials'] = '' + self._Session['Connection'] = 0 + self._Session['SessionID'] = 0 + self._Session['SigningRequired'] = False + self._Session['SigningKey'] = '' + self._Session['SessionKey'] = '' + self._Session['SigningActivated'] = False + raise + + def connectTree(self, share): + + # Just in case this came with the full path (maybe an SMB1 client), let's just leave + # the sharename, we'll take care of the rest + + #print self._Session['TreeConnectTable'] + share = share.split('\\')[-1] + if self._Session['TreeConnectTable'].has_key(share): + # Already connected, no need to reconnect + treeEntry = self._Session['TreeConnectTable'][share] + treeEntry['NumberOfUses'] += 1 + self._Session['TreeConnectTable'][treeEntry['TreeConnectId']]['NumberOfUses'] += 1 + return treeEntry['TreeConnectId'] + + #path = share + try: + _, _, _, _, sockaddr = socket.getaddrinfo(self._Connection['ServerIP'], 80, 0, 0, socket.IPPROTO_TCP)[0] + remoteHost = sockaddr[0] + except: + remoteHost = self._Connection['ServerIP'] + path = '\\\\' + remoteHost + '\\' +share + + treeConnect = SMB2TreeConnect() + treeConnect['Buffer'] = path.encode('utf-16le') + treeConnect['PathLength'] = len(path)*2 + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_TREE_CONNECT + packet['Data'] = treeConnect + packetID = self.sendSMB(packet) + packet = self.recvSMB(packetID) + if packet.isValidAnswer(STATUS_SUCCESS): + treeConnectResponse = SMB2TreeConnect_Response(packet['Data']) + treeEntry = copy.deepcopy(TREE_CONNECT) + treeEntry['ShareName'] = share + treeEntry['TreeConnectId'] = packet['TreeID'] + treeEntry['Session'] = packet['SessionID'] + treeEntry['NumberOfUses'] += 1 + if (treeConnectResponse['Capabilities'] & SMB2_SHARE_CAP_DFS) == SMB2_SHARE_CAP_DFS: + treeEntry['IsDfsShare'] = True + if (treeConnectResponse['Capabilities'] & SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY) == SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY: + treeEntry['IsCAShare'] = True + + if self._Connection['Dialect'] == SMB2_DIALECT_30: + if (self._Connection['SupportsEncryption'] is True) and ((treeConnectResponse['ShareFlags'] & SMB2_SHAREFLAG_ENCRYPT_DATA) == SMB2_SHAREFLAG_ENCRYPT_DATA): + treeEntry['EncryptData'] = True + # ToDo: This and what follows + # If Session.EncryptData is FALSE, the client MUST then generate an encryption key, a + # decryption key as specified in section 3.1.4.2, by providing the following inputs and store + # them in Session.EncryptionKey and Session.DecryptionKey: + if (treeConnectResponse['Capabilities'] & SMB2_SHARE_CAP_SCALEOUT) == SMB2_SHARE_CAP_SCALEOUT: + treeEntry['IsScaleoutShare'] = True + + self._Session['TreeConnectTable'][packet['TreeID']] = treeEntry + self._Session['TreeConnectTable'][share] = treeEntry + + return packet['TreeID'] + + def disconnectTree(self, treeId): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + if self._Session['TreeConnectTable'].has_key(treeId): + # More than 1 use? descrease it and return, if not, send the packet + if self._Session['TreeConnectTable'][treeId]['NumberOfUses'] > 1: + treeEntry = self._Session['TreeConnectTable'][treeId] + treeEntry['NumberOfUses'] -= 1 + self._Session['TreeConnectTable'][treeEntry['ShareName']]['NumberOfUses'] -= 1 + return True + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_TREE_DISCONNECT + packet['TreeID'] = treeId + treeDisconnect = SMB2TreeDisconnect() + packet['Data'] = treeDisconnect + packetID = self.sendSMB(packet) + packet = self.recvSMB(packetID) + if packet.isValidAnswer(STATUS_SUCCESS): + shareName = self._Session['TreeConnectTable'][treeId]['ShareName'] + del(self._Session['TreeConnectTable'][shareName]) + del(self._Session['TreeConnectTable'][treeId]) + return True + + def create(self, treeId, fileName, desiredAccess, shareMode, creationOptions, creationDisposition, fileAttributes, impersonationLevel = SMB2_IL_IMPERSONATION, securityFlags = 0, oplockLevel = SMB2_OPLOCK_LEVEL_NONE, createContexts = None): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + fileName = string.replace(fileName, '/', '\\') + if len(fileName) > 0: + fileName = ntpath.normpath(fileName) + if fileName[0] == '\\': + fileName = fileName[1:] + + if self._Session['TreeConnectTable'][treeId]['IsDfsShare'] is True: + pathName = fileName + else: + pathName = '\\\\' + self._Connection['ServerName'] + '\\' + fileName + + fileEntry = copy.deepcopy(FILE) + fileEntry['LeaseKey'] = uuid.generate() + fileEntry['LeaseState'] = SMB2_LEASE_NONE + self.GlobalFileTable[pathName] = fileEntry + + if self._Connection['Dialect'] == SMB2_DIALECT_30 and self._Connection['SupportsDirectoryLeasing'] is True: + # Is this file NOT on the root directory? + if len(fileName.split('\\')) > 2: + parentDir = ntpath.dirname(pathName) + if self.GlobalFileTable.has_key(parentDir): + LOG.critical("Don't know what to do now! :-o") + raise + else: + parentEntry = copy.deepcopy(FILE) + parentEntry['LeaseKey'] = uuid.generate() + parentEntry['LeaseState'] = SMB2_LEASE_NONE + self.GlobalFileTable[parentDir] = parentEntry + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_CREATE + packet['TreeID'] = treeId + if self._Session['TreeConnectTable'][treeId]['IsDfsShare'] is True: + packet['Flags'] = SMB2_FLAGS_DFS_OPERATIONS + + smb2Create = SMB2Create() + smb2Create['SecurityFlags'] = 0 + smb2Create['RequestedOplockLevel'] = oplockLevel + smb2Create['ImpersonationLevel'] = impersonationLevel + smb2Create['DesiredAccess'] = desiredAccess + smb2Create['FileAttributes'] = fileAttributes + smb2Create['ShareAccess'] = shareMode + smb2Create['CreateDisposition'] = creationDisposition + smb2Create['CreateOptions'] = creationOptions + + smb2Create['NameLength'] = len(fileName)*2 + if fileName != '': + smb2Create['Buffer'] = fileName.encode('utf-16le') + else: + smb2Create['Buffer'] = '\x00' + + if createContexts is not None: + smb2Create['Buffer'] += createContexts + smb2Create['CreateContextsOffset'] = len(SMB2Packet()) + SMB2Create.SIZE + smb2Create['NameLength'] + smb2Create['CreateContextsLength'] = len(createContexts) + else: + smb2Create['CreateContextsOffset'] = 0 + smb2Create['CreateContextsLength'] = 0 + + packet['Data'] = smb2Create + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_SUCCESS): + createResponse = SMB2Create_Response(ans['Data']) + + openFile = copy.deepcopy(OPEN) + openFile['FileID'] = createResponse['FileID'] + openFile['TreeConnect'] = treeId + openFile['Oplocklevel'] = oplockLevel + openFile['Durable'] = False + openFile['ResilientHandle'] = False + openFile['LastDisconnectTime'] = 0 + openFile['FileName'] = pathName + + # ToDo: Complete the OperationBuckets + if self._Connection['Dialect'] == SMB2_DIALECT_30: + openFile['DesiredAccess'] = oplockLevel + openFile['ShareMode'] = oplockLevel + openFile['CreateOptions'] = oplockLevel + openFile['FileAttributes'] = oplockLevel + openFile['CreateDisposition'] = oplockLevel + + # ToDo: Process the contexts + self._Session['OpenTable'][str(createResponse['FileID'])] = openFile + + # The client MUST generate a handle for the Open, and it MUST + # return success and the generated handle to the calling application. + # In our case, str(FileID) + return str(createResponse['FileID']) + + def close(self, treeId, fileId): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_CLOSE + packet['TreeID'] = treeId + + smbClose = SMB2Close() + smbClose['Flags'] = 0 + smbClose['FileID'] = fileId + + packet['Data'] = smbClose + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + del(self.GlobalFileTable[self._Session['OpenTable'][fileId]['FileName']]) + del(self._Session['OpenTable'][fileId]) + + # ToDo Remove stuff from GlobalFileTable + return True + + def read(self, treeId, fileId, offset = 0, bytesToRead = 0, waitAnswer = True): + # IMPORTANT NOTE: As you can see, this was coded as a recursive function + # Hence, you can exhaust the memory pretty easy ( large bytesToRead ) + # This function should NOT be used for reading files directly, but another higher + # level function should be used that will break the read into smaller pieces + + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_READ + packet['TreeID'] = treeId + + if self._Connection['MaxReadSize'] < bytesToRead: + maxBytesToRead = self._Connection['MaxReadSize'] + else: + maxBytesToRead = bytesToRead + + if self._Connection['Dialect'] != SMB2_DIALECT_002 and self._Connection['SupportsMultiCredit'] is True: + packet['CreditCharge'] = ( 1 + (maxBytesToRead - 1) / 65536) + else: + maxBytesToRead = min(65536,bytesToRead) + + smbRead = SMB2Read() + smbRead['Padding'] = 0x50 + smbRead['FileID'] = fileId + smbRead['Length'] = maxBytesToRead + smbRead['Offset'] = offset + packet['Data'] = smbRead + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + readResponse = SMB2Read_Response(ans['Data']) + retData = readResponse['Buffer'] + if readResponse['DataRemaining'] > 0: + retData += self.read(treeId, fileId, offset+len(retData), readResponse['DataRemaining'], waitAnswer) + return retData + + def write(self, treeId, fileId, data, offset = 0, bytesToWrite = 0, waitAnswer = True): + # IMPORTANT NOTE: As you can see, this was coded as a recursive function + # Hence, you can exhaust the memory pretty easy ( large bytesToWrite ) + # This function should NOT be used for writing directly to files, but another higher + # level function should be used that will break the writes into smaller pieces + + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_WRITE + packet['TreeID'] = treeId + + if self._Connection['MaxWriteSize'] < bytesToWrite: + maxBytesToWrite = self._Connection['MaxWriteSize'] + else: + maxBytesToWrite = bytesToWrite + + if self._Connection['Dialect'] != SMB2_DIALECT_002 and self._Connection['SupportsMultiCredit'] is True: + packet['CreditCharge'] = ( 1 + (maxBytesToWrite - 1) / 65536) + else: + maxBytesToWrite = min(65536,bytesToWrite) + + smbWrite = SMB2Write() + smbWrite['FileID'] = fileId + smbWrite['Length'] = maxBytesToWrite + smbWrite['Offset'] = offset + smbWrite['WriteChannelInfoOffset'] = 0 + smbWrite['Buffer'] = data[:maxBytesToWrite] + packet['Data'] = smbWrite + + packetID = self.sendSMB(packet) + if waitAnswer is True: + ans = self.recvSMB(packetID) + else: + return maxBytesToWrite + + if ans.isValidAnswer(STATUS_SUCCESS): + writeResponse = SMB2Write_Response(ans['Data']) + bytesWritten = writeResponse['Count'] + if bytesWritten < bytesToWrite: + bytesWritten += self.write(treeId, fileId, data[bytesWritten:], offset+bytesWritten, bytesToWrite-bytesWritten, waitAnswer) + return bytesWritten + + def queryDirectory(self, treeId, fileId, searchString = '*', resumeIndex = 0, informationClass = FILENAMES_INFORMATION, maxBufferSize = None, enumRestart = False, singleEntry = False): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_QUERY_DIRECTORY + packet['TreeID'] = treeId + + queryDirectory = SMB2QueryDirectory() + queryDirectory['FileInformationClass'] = informationClass + if resumeIndex != 0 : + queryDirectory['Flags'] = SMB2_INDEX_SPECIFIED + queryDirectory['FileIndex'] = resumeIndex + queryDirectory['FileID'] = fileId + if maxBufferSize is None: + maxBufferSize = self._Connection['MaxReadSize'] + queryDirectory['OutputBufferLength'] = maxBufferSize + queryDirectory['FileNameLength'] = len(searchString)*2 + queryDirectory['Buffer'] = searchString.encode('utf-16le') + + packet['Data'] = queryDirectory + + if self._Connection['Dialect'] != SMB2_DIALECT_002 and self._Connection['SupportsMultiCredit'] is True: + packet['CreditCharge'] = ( 1 + (maxBufferSize - 1) / 65536) + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_SUCCESS): + queryDirectoryResponse = SMB2QueryDirectory_Response(ans['Data']) + return queryDirectoryResponse['Buffer'] + + def echo(self): + packet = self.SMB_PACKET() + packet['Command'] = SMB2_ECHO + smbEcho = SMB2Echo() + packet['Data'] = smbEcho + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + if ans.isValidAnswer(STATUS_SUCCESS): + return True + + def cancel(self, packetID): + packet = self.SMB_PACKET() + packet['Command'] = SMB2_CANCEL + packet['MessageID'] = packetID + + smbCancel = SMB2Cancel() + + packet['Data'] = smbCancel + self.sendSMB(packet) + + def ioctl(self, treeId, fileId = None, ctlCode = -1, flags = 0, inputBlob = '', maxInputResponse = None, maxOutputResponse = None, waitAnswer = 1): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if fileId is None: + fileId = '\xff'*16 + else: + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_IOCTL + packet['TreeID'] = treeId + + smbIoctl = SMB2Ioctl() + smbIoctl['FileID'] = fileId + smbIoctl['CtlCode'] = ctlCode + smbIoctl['MaxInputResponse'] = maxInputResponse + smbIoctl['MaxOutputResponse'] = maxOutputResponse + smbIoctl['InputCount'] = len(inputBlob) + if len(inputBlob) == 0: + smbIoctl['InputOffset'] = 0 + smbIoctl['Buffer'] = '\x00' + else: + smbIoctl['Buffer'] = inputBlob + smbIoctl['OutputOffset'] = 0 + smbIoctl['MaxOutputResponse'] = maxOutputResponse + smbIoctl['Flags'] = flags + + packet['Data'] = smbIoctl + + packetID = self.sendSMB(packet) + + if waitAnswer == 0: + return True + + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + smbIoctlResponse = SMB2Ioctl_Response(ans['Data']) + return smbIoctlResponse['Buffer'] + + def flush(self,treeId, fileId): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_FLUSH + packet['TreeID'] = treeId + + smbFlush = SMB2Flush() + smbFlush['FileID'] = fileId + + packet['Data'] = smbFlush + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + return True + + def lock(self, treeId, fileId, locks, lockSequence = 0): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_LOCK + packet['TreeID'] = treeId + + smbLock = SMB2Lock() + smbLock['FileID'] = fileId + smbLock['LockCount'] = len(locks) + smbLock['LockSequence'] = lockSequence + smbLock['Locks'] = ''.join(str(x) for x in locks) + + packet['Data'] = smbLock + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + smbFlushResponse = SMB2Lock_Response(ans['Data']) + return True + + # ToDo: + # If Open.ResilientHandle is TRUE or Connection.SupportsMultiChannel is TRUE, the client MUST + # do the following: + # The client MUST scan through Open.OperationBuckets and find an element with its Free field + # set to TRUE. If no such element could be found, an implementation-specific error MUST be + # returned to the application. + # Let the zero-based array index of the element chosen above be referred to as BucketIndex, and + # let BucketNumber = BucketIndex +1. + # Set Open.OperationBuckets[BucketIndex].Free = FALSE + # Let the SequenceNumber of the element chosen above be referred to as BucketSequence. + # The LockSequence field of the SMB2 lock request MUST be set to (BucketNumber<< 4) + + # BucketSequence. + # Increment the SequenceNumber of the element chosen above using MOD 16 arithmetic. + + def logoff(self): + packet = self.SMB_PACKET() + packet['Command'] = SMB2_LOGOFF + + smbLogoff = SMB2Logoff() + + packet['Data'] = smbLogoff + + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + # We clean the stuff we used in case we want to authenticate again + # within the same connection + self._Session['UserCredentials'] = '' + self._Session['Connection'] = 0 + self._Session['SessionID'] = 0 + self._Session['SigningRequired'] = False + self._Session['SigningKey'] = '' + self._Session['SessionKey'] = '' + self._Session['SigningActivated'] = False + return True + + def queryInfo(self, treeId, fileId, inputBlob = '', infoType = SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_STANDARD_INFO, additionalInformation = 0, flags = 0 ): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_QUERY_INFO + packet['TreeID'] = treeId + + queryInfo = SMB2QueryInfo() + queryInfo['FileID'] = fileId + queryInfo['InfoType'] = SMB2_0_INFO_FILE + queryInfo['FileInfoClass'] = fileInfoClass + queryInfo['OutputBufferLength'] = 65535 + queryInfo['AdditionalInformation'] = additionalInformation + if len(inputBlob) == 0: + queryInfo['InputBufferOffset'] = 0 + queryInfo['Buffer'] = '\x00' + else: + queryInfo['InputBufferLength'] = len(inputBlob) + queryInfo['Buffer'] = inputBlob + queryInfo['Flags'] = flags + + packet['Data'] = queryInfo + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + queryResponse = SMB2QueryInfo_Response(ans['Data']) + return queryResponse['Buffer'] + + def setInfo(self, treeId, fileId, inputBlob = '', infoType = SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_STANDARD_INFO, additionalInformation = 0 ): + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if self._Session['OpenTable'].has_key(fileId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + + packet = self.SMB_PACKET() + packet['Command'] = SMB2_SET_INFO + packet['TreeID'] = treeId + + setInfo = SMB2SetInfo() + setInfo['InfoType'] = SMB2_0_INFO_FILE + setInfo['FileInfoClass'] = fileInfoClass + setInfo['BufferLength'] = len(inputBlob) + setInfo['AdditionalInformation'] = additionalInformation + setInfo['FileID'] = fileId + setInfo['Buffer'] = inputBlob + + packet['Data'] = setInfo + packetID = self.sendSMB(packet) + ans = self.recvSMB(packetID) + + if ans.isValidAnswer(STATUS_SUCCESS): + return True + + def getSessionKey(self): + if self.getDialect() == SMB2_DIALECT_30: + return self._Session['ApplicationKey'] + else: + return self._Session['SessionKey'] + + def setSessionKey(self, key): + if self.getDialect() == SMB2_DIALECT_30: + self._Session['ApplicationKey'] = key + else: + self._Session['SessionKey'] = key + + ###################################################################### + # Higher level functions + + def rename(self, shareName, oldPath, newPath): + oldPath = string.replace(oldPath,'/', '\\') + oldPath = ntpath.normpath(oldPath) + if len(oldPath) > 0 and oldPath[0] == '\\': + oldPath = oldPath[1:] + + newPath = string.replace(newPath,'/', '\\') + newPath = ntpath.normpath(newPath) + if len(newPath) > 0 and newPath[0] == '\\': + newPath = newPath[1:] + + treeId = self.connectTree(shareName) + fileId = None + try: + fileId = self.create(treeId, oldPath, MAXIMUM_ALLOWED ,FILE_SHARE_READ | FILE_SHARE_WRITE |FILE_SHARE_DELETE, 0x200020, FILE_OPEN, 0) + renameReq = FILE_RENAME_INFORMATION_TYPE_2() + renameReq['ReplaceIfExists'] = 1 + renameReq['RootDirectory'] = '\x00'*8 + renameReq['FileNameLength'] = len(newPath)*2 + renameReq['FileName'] = newPath.encode('utf-16le') + self.setInfo(treeId, fileId, renameReq, infoType = SMB2_0_INFO_FILE, fileInfoClass = SMB2_FILE_RENAME_INFO) + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + return True + + def writeFile(self, treeId, fileId, data, offset = 0): + finished = False + writeOffset = offset + while not finished: + if len(data) == 0: + break + writeData = data[:self._Connection['MaxWriteSize']] + data = data[self._Connection['MaxWriteSize']:] + written = self.write(treeId, fileId, writeData, writeOffset, len(writeData)) + writeOffset += written + return writeOffset - offset + + def listPath(self, shareName, path, password = None): + # ToDo: Handle situations where share is password protected + path = string.replace(path,'/', '\\') + path = ntpath.normpath(path) + if len(path) > 0 and path[0] == '\\': + path = path[1:] + + treeId = self.connectTree(shareName) + + fileId = None + try: + # ToDo, we're assuming it's a directory, we should check what the file type is + fileId = self.create(treeId, ntpath.dirname(path), FILE_READ_ATTRIBUTES | FILE_READ_DATA ,FILE_SHARE_READ | FILE_SHARE_WRITE |FILE_SHARE_DELETE, FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT, FILE_OPEN, 0) + res = '' + files = [] + from impacket import smb + while True: + try: + res = self.queryDirectory( treeId, fileId, ntpath.basename(path), maxBufferSize = 65535, informationClass = FILE_FULL_DIRECTORY_INFORMATION ) + nextOffset = 1 + while nextOffset != 0: + fileInfo = smb.SMBFindFileFullDirectoryInfo(smb.SMB.FLAGS2_UNICODE) + fileInfo.fromString(res) + files.append(smb.SharedFile(fileInfo['CreationTime'],fileInfo['LastAccessTime'],fileInfo['LastChangeTime'],fileInfo['EndOfFile'],fileInfo['AllocationSize'],fileInfo['ExtFileAttributes'],fileInfo['FileName'].decode('utf-16le'), fileInfo['FileName'].decode('utf-16le'))) + nextOffset = fileInfo['NextEntryOffset'] + res = res[nextOffset:] + except SessionError, e: + if (e.get_error_code()) != STATUS_NO_MORE_FILES: + raise + break + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + return files + + def mkdir(self, shareName, pathName, password = None): + # ToDo: Handle situations where share is password protected + pathName = string.replace(pathName,'/', '\\') + pathName = ntpath.normpath(pathName) + if len(pathName) > 0 and pathName[0] == '\\': + pathName = pathName[1:] + + treeId = self.connectTree(shareName) + + fileId = None + try: + fileId = self.create(treeId, pathName,GENERIC_ALL ,FILE_SHARE_READ | FILE_SHARE_WRITE |FILE_SHARE_DELETE, FILE_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT, FILE_CREATE, 0) + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + return True + + def rmdir(self, shareName, pathName, password = None): + # ToDo: Handle situations where share is password protected + pathName = string.replace(pathName,'/', '\\') + pathName = ntpath.normpath(pathName) + if len(pathName) > 0 and pathName[0] == '\\': + pathName = pathName[1:] + + treeId = self.connectTree(shareName) + + fileId = None + try: + fileId = self.create(treeId, pathName, DELETE, FILE_SHARE_DELETE, FILE_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE, FILE_OPEN, 0) + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + return True + + def remove(self, shareName, pathName, password = None): + # ToDo: Handle situations where share is password protected + pathName = string.replace(pathName,'/', '\\') + pathName = ntpath.normpath(pathName) + if len(pathName) > 0 and pathName[0] == '\\': + pathName = pathName[1:] + + treeId = self.connectTree(shareName) + + fileId = None + try: + fileId = self.create(treeId, pathName,DELETE | FILE_READ_ATTRIBUTES, FILE_SHARE_DELETE, FILE_NON_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE, FILE_OPEN, 0) + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + return True + + def retrieveFile(self, shareName, path, callback, mode = FILE_OPEN, offset = 0, password = None, shareAccessMode = FILE_SHARE_READ): + # ToDo: Handle situations where share is password protected + path = string.replace(path,'/', '\\') + path = ntpath.normpath(path) + if len(path) > 0 and path[0] == '\\': + path = path[1:] + + treeId = self.connectTree(shareName) + fileId = None + from impacket import smb + try: + fileId = self.create(treeId, path, FILE_READ_DATA, shareAccessMode, FILE_NON_DIRECTORY_FILE, mode, 0) + res = self.queryInfo(treeId, fileId) + fileInfo = smb.SMBQueryFileStandardInfo(res) + fileSize = fileInfo['EndOfFile'] + if (fileSize-offset) < self._Connection['MaxReadSize']: + # Skip reading 0 bytes files. + if (fileSize-offset) > 0: + data = self.read(treeId, fileId, offset, fileSize-offset) + callback(data) + else: + written = 0 + toBeRead = fileSize-offset + while written < toBeRead: + data = self.read(treeId, fileId, offset, self._Connection['MaxReadSize']) + written += len(data) + offset += len(data) + callback(data) + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + def storeFile(self, shareName, path, callback, mode = FILE_OVERWRITE_IF, offset = 0, password = None, shareAccessMode = FILE_SHARE_WRITE): + # ToDo: Handle situations where share is password protected + path = string.replace(path,'/', '\\') + path = ntpath.normpath(path) + if len(path) > 0 and path[0] == '\\': + path = path[1:] + + treeId = self.connectTree(shareName) + fileId = None + try: + fileId = self.create(treeId, path, FILE_WRITE_DATA, shareAccessMode, FILE_NON_DIRECTORY_FILE, mode, 0) + finished = False + writeOffset = offset + while not finished: + data = callback(self._Connection['MaxWriteSize']) + if len(data) == 0: + break + written = self.write(treeId, fileId, data, writeOffset, len(data)) + writeOffset += written + finally: + if fileId is not None: + self.close(treeId, fileId) + self.disconnectTree(treeId) + + def waitNamedPipe(self, treeId, pipename, timeout = 5): + pipename = ntpath.basename(pipename) + if self._Session['TreeConnectTable'].has_key(treeId) is False: + raise SessionError(STATUS_INVALID_PARAMETER) + if len(pipename) > 0xffff: + raise SessionError(STATUS_INVALID_PARAMETER) + + pipeWait = FSCTL_PIPE_WAIT_STRUCTURE() + pipeWait['Timeout'] = timeout*100000 + pipeWait['NameLength'] = len(pipename)*2 + pipeWait['TimeoutSpecified'] = 1 + pipeWait['Name'] = pipename.encode('utf-16le') + + return self.ioctl(treeId, None, FSCTL_PIPE_WAIT,flags=SMB2_0_IOCTL_IS_FSCTL, inputBlob=pipeWait, maxInputResponse = 0, maxOutputResponse=0) + + def getIOCapabilities(self): + res = dict() + + res['MaxReadSize'] = self._Connection['MaxReadSize'] + res['MaxWriteSize'] = self._Connection['MaxWriteSize'] + return res + + + ###################################################################### + # Backward compatibility functions and alias for SMB1 and DCE Transports + # NOTE: It is strongly recommended not to use these commands + # when implementing new client calls. + get_server_name = getServerName + get_server_domain = getServerDomain + get_server_dns_domain_name = getServerDNSDomainName + get_remote_name = getServerName + get_remote_host = getServerIP + get_server_os = getServerOS + get_server_os_major = getServerOSMajor + get_server_os_minor = getServerOSMinor + get_server_os_build = getServerOSBuild + tree_connect_andx = connectTree + tree_connect = connectTree + connect_tree = connectTree + disconnect_tree = disconnectTree + set_timeout = setTimeout + use_timeout = useTimeout + stor_file = storeFile + retr_file = retrieveFile + list_path = listPath + + def __del__(self): + if self._NetBIOSSession: + self._NetBIOSSession.close() + + + def doesSupportNTLMv2(self): + # Always true :P + return True + + def is_login_required(self): + # Always true :P + return True + + def is_signing_required(self): + return self._Session["SigningRequired"] + + def nt_create_andx(self, treeId, fileName, smb_packet=None, cmd = None): + if len(fileName) > 0 and fileName[0] == '\\': + fileName = fileName[1:] + + if cmd is not None: + from impacket import smb + ntCreate = smb.SMBCommand(data = str(cmd)) + params = smb.SMBNtCreateAndX_Parameters(ntCreate['Parameters']) + return self.create(treeId, fileName, params['AccessMask'], params['ShareAccess'], + params['CreateOptions'], params['Disposition'], params['FileAttributes'], + params['Impersonation'], params['SecurityFlags']) + + else: + return self.create(treeId, fileName, + FILE_READ_DATA | FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_READ_EA | + FILE_WRITE_EA | FILE_WRITE_ATTRIBUTES | FILE_READ_ATTRIBUTES | READ_CONTROL, + FILE_SHARE_READ | FILE_SHARE_WRITE, FILE_NON_DIRECTORY_FILE, FILE_OPEN, 0 ) + + def get_socket(self): + return self._NetBIOSSession.get_socket() + + + def write_andx(self,tid,fid,data, offset = 0, wait_answer=1, write_pipe_mode = False, smb_packet=None): + # ToDo: Handle the custom smb_packet situation + return self.write(tid, fid, data, offset, len(data)) + + def TransactNamedPipe(self, tid, fid, data, noAnswer = 0, waitAnswer = 1, offset = 0): + return self.ioctl(tid, fid, FSCTL_PIPE_TRANSCEIVE, SMB2_0_IOCTL_IS_FSCTL, data, maxOutputResponse = 65535, waitAnswer = noAnswer | waitAnswer) + + def TransactNamedPipeRecv(self): + ans = self.recvSMB() + + if ans.isValidAnswer(STATUS_SUCCESS): + smbIoctlResponse = SMB2Ioctl_Response(ans['Data']) + return smbIoctlResponse['Buffer'] + + + def read_andx(self, tid, fid, offset=0, max_size = None, wait_answer=1, smb_packet=None): + # ToDo: Handle the custom smb_packet situation + if max_size is None: + max_size = self._Connection['MaxReadSize'] + return self.read(tid, fid, offset, max_size, wait_answer) + + def list_shared(self): + # In the context of SMB2/3, forget about the old LANMAN, throw NOT IMPLEMENTED + raise SessionError(STATUS_NOT_IMPLEMENTED) + + def open_andx(self, tid, fileName, open_mode, desired_access): + # ToDo Return all the attributes of the file + if len(fileName) > 0 and fileName[0] == '\\': + fileName = fileName[1:] + + fileId = self.create(tid,fileName,desired_access, open_mode, FILE_NON_DIRECTORY_FILE, open_mode, 0) + return fileId, 0, 0, 0, 0, 0, 0, 0, 0 + diff --git a/tests/python_dependencies/impacket/smb3structs.py b/tests/python_dependencies/impacket/smb3structs.py new file mode 100644 index 000000000..ddc8a9084 --- /dev/null +++ b/tests/python_dependencies/impacket/smb3structs.py @@ -0,0 +1,1363 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (@agsolino) +# +# Description: +# SMB 2 and 3 Protocol Structures and constants [MS-SMB2] +# + +from impacket.structure import Structure + +# Constants + +# SMB Packet +SMB2_PACKET_SIZE = 64 + +# SMB Commands +SMB2_NEGOTIATE = 0x0000 # +SMB2_SESSION_SETUP = 0x0001 # +SMB2_LOGOFF = 0x0002 # +SMB2_TREE_CONNECT = 0x0003 # +SMB2_TREE_DISCONNECT = 0x0004 # +SMB2_CREATE = 0x0005 # +SMB2_CLOSE = 0x0006 # +SMB2_FLUSH = 0x0007 # +SMB2_READ = 0x0008 # +SMB2_WRITE = 0x0009 # +SMB2_LOCK = 0x000A # +SMB2_IOCTL = 0x000B # +SMB2_CANCEL = 0x000C # +SMB2_ECHO = 0x000D # +SMB2_QUERY_DIRECTORY = 0x000E # +SMB2_CHANGE_NOTIFY = 0x000F +SMB2_QUERY_INFO = 0x0010 # +SMB2_SET_INFO = 0x0011 +SMB2_OPLOCK_BREAK = 0x0012 + +# SMB Flags +SMB2_FLAGS_SERVER_TO_REDIR = 0x00000001 +SMB2_FLAGS_ASYNC_COMMAND = 0x00000002 +SMB2_FLAGS_RELATED_OPERATIONS = 0x00000004 +SMB2_FLAGS_SIGNED = 0x00000008 +SMB2_FLAGS_DFS_OPERATIONS = 0x10000000 +SMB2_FLAGS_REPLAY_OPERATION = 0x80000000 + +# SMB Error SymLink Flags +SYMLINK_FLAG_ABSOLUTE = 0x0 +SYMLINK_FLAG_RELATIVE = 0x1 + +# SMB2_NEGOTIATE +# Security Modes +SMB2_NEGOTIATE_SIGNING_ENABLED = 0x1 +SMB2_NEGOTIATE_SIGNING_REQUIRED = 0x2 + +# Capabilities +SMB2_GLOBAL_CAP_DFS = 0x01 +SMB2_GLOBAL_CAP_LEASING = 0x02 +SMB2_GLOBAL_CAP_LARGE_MTU = 0x04 +SMB2_GLOBAL_CAP_MULTI_CHANNEL = 0x08 +SMB2_GLOBAL_CAP_PERSISTENT_HANDLES = 0x10 +SMB2_GLOBAL_CAP_DIRECTORY_LEASING = 0x20 +SMB2_GLOBAL_CAP_ENCRYPTION = 0x40 + +# Dialects +SMB2_DIALECT_002 = 0x0202 +SMB2_DIALECT_21 = 0x0210 +SMB2_DIALECT_30 = 0x0300 +SMB2_DIALECT_WILDCARD = 0x02FF + +# SMB2_SESSION_SETUP +# Flags +SMB2_SESSION_FLAG_BINDING = 0x01 +SMB2_SESSION_FLAG_IS_GUEST = 0x01 +SMB2_SESSION_FLAG_IS_NULL = 0x02 +SMB2_SESSION_FLAG_ENCRYPT_DATA = 0x04 + +# SMB2_TREE_CONNECT +# Types +SMB2_SHARE_TYPE_DISK = 0x1 +SMB2_SHARE_TYPE_PIPE = 0x2 +SMB2_SHARE_TYPE_PRINT = 0x3 + +# Share Flags +SMB2_SHAREFLAG_MANUAL_CACHING = 0x00000000 +SMB2_SHAREFLAG_AUTO_CACHING = 0x00000010 +SMB2_SHAREFLAG_VDO_CACHING = 0x00000020 +SMB2_SHAREFLAG_NO_CACHING = 0x00000030 +SMB2_SHAREFLAG_DFS = 0x00000001 +SMB2_SHAREFLAG_DFS_ROOT = 0x00000002 +SMB2_SHAREFLAG_RESTRICT_EXCLUSIVE_OPENS = 0x00000100 +SMB2_SHAREFLAG_FORCE_SHARED_DELETE = 0x00000200 +SMB2_SHAREFLAG_ALLOW_NAMESPACE_CACHING = 0x00000400 +SMB2_SHAREFLAG_ACCESS_BASED_DIRECTORY_ENUM = 0x00000800 +SMB2_SHAREFLAG_FORCE_LEVELII_OPLOCK = 0x00001000 +SMB2_SHAREFLAG_ENABLE_HASH_V1 = 0x00002000 +SMB2_SHAREFLAG_ENABLE_HASH_V2 = 0x00004000 +SMB2_SHAREFLAG_ENCRYPT_DATA = 0x00008000 + +# Capabilities +SMB2_SHARE_CAP_DFS = 0x00000008 +SMB2_SHARE_CAP_CONTINUOUS_AVAILABILITY = 0x00000010 +SMB2_SHARE_CAP_SCALEOUT = 0x00000020 +SMB2_SHARE_CAP_CLUSTER = 0x00000040 + +# SMB_CREATE +# Oplocks +SMB2_OPLOCK_LEVEL_NONE = 0x00 +SMB2_OPLOCK_LEVEL_II = 0x01 +SMB2_OPLOCK_LEVEL_EXCLUSIVE = 0x08 +SMB2_OPLOCK_LEVEL_BATCH = 0x09 +SMB2_OPLOCK_LEVEL_LEASE = 0xFF + +# Impersonation Level +SMB2_IL_ANONYMOUS = 0x00000000 +SMB2_IL_IDENTIFICATION = 0x00000001 +SMB2_IL_IMPERSONATION = 0x00000002 +SMB2_IL_DELEGATE = 0x00000003 + +# File Attributes +FILE_ATTRIBUTE_ARCHIVE = 0x00000020 +FILE_ATTRIBUTE_COMPRESSED = 0x00000800 +FILE_ATTRIBUTE_DIRECTORY = 0x00000010 +FILE_ATTRIBUTE_ENCRYPTED = 0x00004000 +FILE_ATTRIBUTE_HIDDEN = 0x00000002 +FILE_ATTRIBUTE_NORMAL = 0x00000080 +FILE_ATTRIBUTE_NOT_CONTENT_INDEXED = 0x00002000 +FILE_ATTRIBUTE_OFFLINE = 0x00001000 +FILE_ATTRIBUTE_READONLY = 0x00000001 +FILE_ATTRIBUTE_REPARSE_POINT = 0x00000400 +FILE_ATTRIBUTE_SPARSE_FILE = 0x00000200 +FILE_ATTRIBUTE_SYSTEM = 0x00000004 +FILE_ATTRIBUTE_TEMPORARY = 0x00000100 +FILE_ATTRIBUTE_INTEGRITY_STREAM = 0x00000800 +FILE_ATTRIBUTE_NO_SCRUB_DATA = 0x00020000 + +# Share Access +FILE_SHARE_READ = 0x00000001 +FILE_SHARE_WRITE = 0x00000002 +FILE_SHARE_DELETE = 0x00000004 + +# Create Disposition +FILE_SUPERSEDE = 0x00000000 +FILE_OPEN = 0x00000001 +FILE_CREATE = 0x00000002 +FILE_OPEN_IF = 0x00000003 +FILE_OVERWRITE = 0x00000004 +FILE_OVERWRITE_IF = 0x00000005 + +# Create Options +FILE_DIRECTORY_FILE = 0x00000001 +FILE_WRITE_THROUGH = 0x00000002 +FILE_SEQUENTIAL_ONLY = 0x00000004 +FILE_NO_INTERMEDIATE_BUFFERING = 0x00000008 +FILE_SYNCHRONOUS_IO_ALERT = 0x00000010 +FILE_SYNCHRONOUS_IO_NONALERT = 0x00000020 +FILE_NON_DIRECTORY_FILE = 0x00000040 +FILE_COMPLETE_IF_OPLOCKED = 0x00000100 +FILE_NO_EA_KNOWLEDGE = 0x00000200 +FILE_RANDOM_ACCESS = 0x00000800 +FILE_DELETE_ON_CLOSE = 0x00001000 +FILE_OPEN_BY_FILE_ID = 0x00002000 +FILE_OPEN_FOR_BACKUP_INTENT = 0x00004000 +FILE_NO_COMPRESSION = 0x00008000 +FILE_RESERVE_OPFILTER = 0x00100000 +FILE_OPEN_REPARSE_POINT = 0x00200000 +FILE_OPEN_NO_RECALL = 0x00400000 +FILE_OPEN_FOR_FREE_SPACE_QUERY = 0x00800000 + +# File Access Mask / Desired Access +FILE_READ_DATA = 0x00000001 +FILE_WRITE_DATA = 0x00000002 +FILE_APPEND_DATA = 0x00000004 +FILE_READ_EA = 0x00000008 +FILE_WRITE_EA = 0x00000010 +FILE_EXECUTE = 0x00000020 +FILE_READ_ATTRIBUTES = 0x00000080 +FILE_WRITE_ATTRIBUTES = 0x00000100 +DELETE = 0x00010000 +READ_CONTROL = 0x00020000 +WRITE_DAC = 0x00040000 +WRITE_OWNER = 0x00080000 +SYNCHRONIZE = 0x00100000 +ACCESS_SYSTEM_SECURITY = 0x01000000 +MAXIMUM_ALLOWED = 0x02000000 +GENERIC_ALL = 0x10000000 +GENERIC_EXECUTE = 0x20000000 +GENERIC_WRITE = 0x40000000 +GENERIC_READ = 0x80000000 + +# Directory Access Mask +FILE_LIST_DIRECTORY = 0x00000001 +FILE_ADD_FILE = 0x00000002 +FILE_ADD_SUBDIRECTORY = 0x00000004 +FILE_TRAVERSE = 0x00000020 +FILE_DELETE_CHILD = 0x00000040 + +# Create Contexts +SMB2_CREATE_EA_BUFFER = 0x45787441 +SMB2_CREATE_SD_BUFFER = 0x53656344 +SMB2_CREATE_DURABLE_HANDLE_REQUEST = 0x44486e51 +SMB2_CREATE_DURABLE_HANDLE_RECONNECT = 0x44486e43 +SMB2_CREATE_ALLOCATION_SIZE = 0x416c5369 +SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST = 0x4d784163 +SMB2_CREATE_TIMEWARP_TOKEN = 0x54577270 +SMB2_CREATE_QUERY_ON_DISK_ID = 0x51466964 +SMB2_CREATE_REQUEST = 0x52714c73 +SMB2_CREATE_REQUEST_LEASE_V2 = 0x52714c73 +SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 = 0x44483251 +SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2 = 0x44483243 +SMB2_CREATE_APP_INSTANCE_ID = 0x45BCA66AEFA7F74A9008FA462E144D74 + +# Flags +SMB2_CREATE_FLAG_REPARSEPOINT = 0x1 +FILE_NEED_EA = 0x80 + +# CreateAction +FILE_SUPERSEDED = 0x00000000 +FILE_OPENED = 0x00000001 +FILE_CREATED = 0x00000002 +FILE_OVERWRITTEN = 0x00000003 + +# SMB2_CREATE_REQUEST_LEASE states +SMB2_LEASE_NONE = 0x00 +SMB2_LEASE_READ_CACHING = 0x01 +SMB2_LEASE_HANDLE_CACHING = 0x02 +SMB2_LEASE_WRITE_CACHING = 0x04 + +# SMB2_CREATE_REQUEST_LEASE_V2 Flags +SMB2_LEASE_FLAG_PARENT_LEASE_KEY_SET = 0x4 + +# SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2 Flags +SMB2_DHANDLE_FLAG_PERSISTENT = 0x02 + +# SMB2_CLOSE +# Flags +SMB2_CLOSE_FLAG_POSTQUERY_ATTRIB = 0x0001 + +# SMB2_READ +# Channel +SMB2_CHANNEL_NONE = 0x00 +SMB2_CHANNEL_RDMA_V1 = 0x01 + +# SMB2_WRITE +# Flags +SMB2_WRITEFLAG_WRITE_THROUGH = 0x01 + +# Lease Break Notification +SMB2_NOTIFY_BREAK_LEASE_FLAG_ACK_REQUIRED = 0x01 + +# SMB_LOCK +# Flags +SMB2_LOCKFLAG_SHARED_LOCK = 0x01 +SMB2_LOCKFLAG_EXCLUSIVE_LOCK = 0x02 +SMB2_LOCKFLAG_UNLOCK = 0x04 +SMB2_LOCKFLAG_FAIL_IMMEDIATELY = 0x10 + +# SMB IOCTL +# Control Codes +FSCTL_DFS_GET_REFERRALS = 0x00060194 +FSCTL_PIPE_PEEK = 0x0011400C +FSCTL_PIPE_WAIT = 0x00110018 +FSCTL_PIPE_TRANSCEIVE = 0x0011C017 +FSCTL_SRV_COPYCHUNK = 0x001440F2 +FSCTL_SRV_ENUMERATE_SNAPSHOTS = 0x00144064 +FSCTL_SRV_REQUEST_RESUME_KEY = 0x00140078 +FSCTL_SRV_READ_HASH = 0x001441bb +FSCTL_SRV_COPYCHUNK_WRITE = 0x001480F2 +FSCTL_LMR_REQUEST_RESILIENCY = 0x001401D4 +FSCTL_QUERY_NETWORK_INTERFACE_INFO = 0x001401FC +FSCTL_SET_REPARSE_POINT = 0x000900A4 +FSCTL_DFS_GET_REFERRALS_EX = 0x000601B0 +FSCTL_FILE_LEVEL_TRIM = 0x00098208 +FSCTL_VALIDATE_NEGOTIATE_INFO = 0x00140204 + +# Flags +SMB2_0_IOCTL_IS_FSCTL = 0x1 + +# SRV_READ_HASH +# Type +SRV_HASH_TYPE_PEER_DIST = 0x01 + +# Version +SRV_HASH_VER_1 = 0x1 +SRV_HASH_VER_2 = 0x2 + +# Retrieval Type +SRV_HASH_RETRIEVE_HASH_BASED = 0x01 +SRV_HASH_RETRIEVE_FILE_BASED = 0x02 + +# NETWORK_INTERFACE_INFO +# Capabilities +RSS_CAPABLE = 0x01 +RDMA_CAPABLE = 0x02 + +# SMB2_QUERY_DIRECTORIES +# Information Class +FILE_DIRECTORY_INFORMATION = 0x01 +FILE_FULL_DIRECTORY_INFORMATION = 0x02 +FILEID_FULL_DIRECTORY_INFORMATION = 0x26 +FILE_BOTH_DIRECTORY_INFORMATION = 0x03 +FILEID_BOTH_DIRECTORY_INFORMATION = 0x25 +FILENAMES_INFORMATION = 0x0C + +# Flags +SMB2_RESTART_SCANS = 0x01 +SMB2_RETURN_SINGLE_ENTRY = 0x02 +SMB2_INDEX_SPECIFIED = 0x04 +SMB2_REOPEN = 0x10 + +# SMB2_CHANGE_NOTIFY +# Flags +SMB2_WATCH_TREE = 0x01 + +# Filters +FILE_NOTIFY_CHANGE_FILE_NAME = 0x00000001 +FILE_NOTIFY_CHANGE_DIR_NAME = 0x00000002 +FILE_NOTIFY_CHANGE_ATTRIBUTES = 0x00000004 +FILE_NOTIFY_CHANGE_SIZE = 0x00000008 +FILE_NOTIFY_CHANGE_LAST_WRITE = 0x00000010 +FILE_NOTIFY_CHANGE_LAST_ACCESS = 0x00000020 +FILE_NOTIFY_CHANGE_CREATION = 0x00000040 +FILE_NOTIFY_CHANGE_EA = 0x00000080 +FILE_NOTIFY_CHANGE_SECURITY = 0x00000100 +FILE_NOTIFY_CHANGE_STREAM_NAME = 0x00000200 +FILE_NOTIFY_CHANGE_STREAM_SIZE = 0x00000400 +FILE_NOTIFY_CHANGE_STREAM_WRITE = 0x00000800 + +# FILE_NOTIFY_INFORMATION +# Actions +FILE_ACTION_ADDED = 0x00000001 +FILE_ACTION_REMOVED = 0x00000002 +FILE_ACTION_MODIFIED = 0x00000003 +FILE_ACTION_RENAMED_OLD_NAME = 0x00000004 +FILE_ACTION_RENAMED_NEW_NAME = 0x00000005 + +# SMB2_QUERY_INFO +# InfoTypes +SMB2_0_INFO_FILE = 0x01 +SMB2_0_INFO_FILESYSTEM = 0x02 +SMB2_0_INFO_SECURITY = 0x03 +SMB2_0_INFO_QUOTA = 0x04 + +# File Information Classes +SMB2_FILE_ACCESS_INFO = 8 +SMB2_FILE_ALIGNMENT_INFO = 17 +SMB2_FILE_ALL_INFO = 18 +SMB2_FILE_ALLOCATION_INFO = 19 +SMB2_FILE_ALTERNATE_NAME_INFO = 21 +SMB2_ATTRIBUTE_TAG_INFO = 35 +SMB2_FILE_BASIC_INFO = 4 +SMB2_FILE_BOTH_DIRECTORY_INFO = 3 +SMB2_FILE_COMPRESSION_INFO = 28 +SMB2_FILE_DIRECTORY_INFO = 1 +SMB2_FILE_DISPOSITION_INFO = 13 +SMB2_FILE_EA_INFO = 7 +SMB2_FILE_END_OF_FILE_INFO = 20 +SMB2_FULL_DIRECTORY_INFO = 2 +SMB2_FULL_EA_INFO = 15 +SMB2_FILE_HARDLINK_INFO = 46 +SMB2_FILE_ID_BOTH_DIRECTORY_INFO = 37 +SMB2_FILE_ID_FULL_DIRECTORY_INFO = 38 +SMB2_FILE_ID_GLOBAL_TX_DIRECTORY_INFO = 50 +SMB2_FILE_INTERNAL_INFO = 6 +SMB2_FILE_LINK_INFO = 11 +SMB2_FILE_MAILSLOT_QUERY_INFO = 26 +SMB2_FILE_MAILSLOT_SET_INFO = 27 +SMB2_FILE_MODE_INFO = 16 +SMB2_FILE_MOVE_CLUSTER_INFO = 31 +SMB2_FILE_NAME_INFO = 9 +SMB2_FILE_NAMES_INFO = 12 +SMB2_FILE_NETWORK_OPEN_INFO = 34 +SMB2_FILE_NORMALIZED_NAME_INFO = 48 +SMB2_FILE_OBJECT_ID_INFO = 29 +SMB2_FILE_PIPE_INFO = 23 +SMB2_FILE_PIPE_LOCAL_INFO = 24 +SMB2_FILE_PIPE_REMOTE_INFO = 25 +SMB2_FILE_POSITION_INFO = 14 +SMB2_FILE_QUOTA_INFO = 32 +SMB2_FILE_RENAME_INFO = 10 +SMB2_FILE_REPARSE_POINT_INFO = 33 +SMB2_FILE_SFIO_RESERVE_INFO = 44 +SMB2_FILE_SHORT_NAME_INFO = 45 +SMB2_FILE_STANDARD_INFO = 5 +SMB2_FILE_STANDARD_LINK_INFO = 54 +SMB2_FILE_STREAM_INFO = 22 +SMB2_FILE_TRACKING_INFO = 36 +SMB2_FILE_VALID_DATA_LENGTH_INFO = 39 + +# File System Information Classes +SMB2_FILESYSTEM_VOLUME_INFO = 1 +SMB2_FILESYSTEM_LABEL_INFO = 2 +SMB2_FILESYSTEM_SIZE_INFO = 3 +SMB2_FILESYSTEM_DEVICE_INFO = 4 +SMB2_FILESYSTEM_ATTRIBUTE_INFO = 5 +SMB2_FILESYSTEM_CONTROL_INFO = 6 +SMB2_FILESYSTEM_FULL_SIZE_INFO = 7 +SMB2_FILESYSTEM_OBJECT_ID_INFO = 8 +SMB2_FILESYSTEM_DRIVER_PATH_INFO = 9 +SMB2_FILESYSTEM_SECTOR_SIZE_INFO = 11 + +# Additional information +OWNER_SECURITY_INFORMATION = 0x00000001 +GROUP_SECURITY_INFORMATION = 0x00000002 +DACL_SECURITY_INFORMATION = 0x00000004 +SACL_SECURITY_INFORMATION = 0x00000008 +LABEL_SECURITY_INFORMATION = 0x00000010 + +# Flags +SL_RESTART_SCAN = 0x00000001 +SL_RETURN_SINGLE_ENTRY = 0x00000002 +SL_INDEX_SPECIFIED = 0x00000004 + +# TRANSFORM_HEADER +SMB2_ENCRYPTION_AES128_CCM = 0x0001 + + +# STRUCtures +# Represents a SMB2/3 Packet +class SMBPacketBase(Structure): + def addCommand(self,command): + # Pad to 8 bytes and put the offset of another SMBPacket + raise 'Implement This!' + + def isValidAnswer(self, status): + if self['Status'] != status: + import smb3 + raise smb3.SessionError(self['Status'], self) + return True + + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['TreeID'] = 0 + + +class SMB2PacketAsync(SMBPacketBase): + structure = ( + ('ProtocolID','"\xfeSMB'), + ('StructureSize','<H=64'), + ('CreditCharge','<H=0'), + ('Status','<L=0'), + ('Command','<H=0'), + ('CreditRequestResponse','<H=0'), + ('Flags','<L=0'), + ('NextCommand','<L=0'), + ('MessageID','<Q=0'), + ('AsyncID','<Q=0'), + ('SessionID','<Q=0'), + ('Signature','16s=""'), + ('Data',':=""'), + ) + +class SMB3PacketAsync(SMBPacketBase): + structure = ( + ('ProtocolID','"\xfeSMB'), + ('StructureSize','<H=64'), + ('CreditCharge','<H=0'), + ('ChannelSequence','<H=0'), + ('Reserved','<H=0'), + ('Command','<H=0'), + ('CreditRequestResponse','<H=0'), + ('Flags','<L=0'), + ('NextCommand','<L=0'), + ('MessageID','<Q=0'), + ('AsyncID','<Q=0'), + ('SessionID','<Q=0'), + ('Signature','16s=""'), + ('Data',':=""'), + ) + +class SMB2Packet(SMBPacketBase): + structure = ( + ('ProtocolID','"\xfeSMB'), + ('StructureSize','<H=64'), + ('CreditCharge','<H=0'), + ('Status','<L=0'), + ('Command','<H=0'), + ('CreditRequestResponse','<H=0'), + ('Flags','<L=0'), + ('NextCommand','<L=0'), + ('MessageID','<Q=0'), + ('Reserved','<L=0'), + ('TreeID','<L=0'), + ('SessionID','<Q=0'), + ('Signature','16s=""'), + ('Data',':=""'), + ) + +class SMB3Packet(SMBPacketBase): + structure = ( + ('ProtocolID','"\xfeSMB'), + ('StructureSize','<H=64'), + ('CreditCharge','<H=0'), + ('ChannelSequence','<H=0'), + ('Reserved','<H=0'), + ('Command','<H=0'), + ('CreditRequestResponse','<H=0'), + ('Flags','<L=0'), + ('NextCommand','<L=0'), + ('MessageID','<Q=0'), + ('Reserved','<L=0'), + ('TreeID','<L=0'), + ('SessionID','<Q=0'), + ('Signature','16s=""'), + ('Data',':=""'), + ) + +class SMB2Error(Structure): + structure = ( + ('StructureSize','<H=9'), + ('Reserved','<H=0'), + ('ByteCount','<L=0'), + ('_ErrorData','_-ErrorData','self["ByteCount"]'), + ('ErrorData','"\xff'), + ) + +class SMB2ErrorSymbolicLink(Structure): + structure = ( + ('SymLinkLength','<L=0'), + ('SymLinkErrorTag','<L=0'), + ('ReparseTag','<L=0'), + ('ReparseDataLenght','<H=0'), + ('UnparsedPathLength','<H=0'), + ('SubstituteNameOffset','<H=0'), + ('SubstituteNameLength','<H=0'), + ('PrintNameOffset','<H=0'), + ('PrintNameLength','<H=0'), + ('Flags','<L=0'), + ('PathBuffer',':'), + ) + +# SMB2_NEGOTIATE +class SMB2Negotiate(Structure): + structure = ( + ('StructureSize','<H=36'), + ('DialectCount','<H=0'), + ('SecurityMode','<H=0'), + ('Reserved','<H=0'), + ('Capabilities','<L=0'), + ('ClientGuid','16s=""'), + ('ClientStartTime','<Q=0'), + ('Dialects','*<H'), + ) + +class SMB2Negotiate_Response(Structure): + structure = ( + ('StructureSize','<H=65'), + ('SecurityMode','<H=0'), + ('DialectRevision','<H=0'), + ('Reserved','<H=0'), + ('ServerGuid','16s=""'), + ('Capabilities','<L=0'), + ('MaxTransactSize','<L=0'), + ('MaxReadSize','<L=0'), + ('MaxWriteSize','<L=0'), + ('SystemTime','<Q=0'), + ('ServerStartTime','<Q=0'), + ('SecurityBufferOffset','<H=0'), + ('SecurityBufferLength','<H=0'), + ('Reserved2','<L=0'), + ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["SecurityBufferLength"]'), + ('Buffer',':'), + ) + +# SMB2_SESSION_SETUP +class SMB2SessionSetup(Structure): + SIZE = 24 + structure = ( + ('StructureSize','<H=25'), + ('Flags','<B=0'), + ('SecurityMode','<B=0'), + ('Capabilities','<L=0'), + ('Channel','<L=0'), + ('SecurityBufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('SecurityBufferLength','<H=0'), + ('PreviousSessionId','<Q=0'), + ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["SecurityBufferLength"]'), + ('Buffer',':'), + ) + + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + + def getData(self): + #self['AlignPad'] = '\x00' * ((8 - ((24 + SMB2_PACKET_SIZE) & 7)) & 7) + #self['SecurityBufferOffset'] = 24 + SMB2_PACKET_SIZE +len(self['AlignPad']) + #self['SecurityBufferLength'] += len(self['AlignPad']) + return Structure.getData(self) + + +class SMB2SessionSetup_Response(Structure): + structure = ( + ('StructureSize','<H=9'), + ('SessionFlags','<H=0'), + ('SecurityBufferOffset','<H=0'), + ('SecurityBufferLength','<H=0'), + ('_AlignPad','_-AlignPad','self["SecurityBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["SecurityBufferLength"]'), + ('Buffer',':'), + ) + +# SMB2_LOGOFF +class SMB2Logoff(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + + +class SMB2Logoff_Response(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +# SMB2_TREE_CONNECT +class SMB2TreeConnect(Structure): + SIZE = 8 + structure = ( + ('StructureSize','<H=9'), + ('Reserved','<H=0'), + ('PathOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('PathLength','<H=0'), + ('_AlignPad','_-AlignPad','self["PathOffset"] - (64 + self.SIZE - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["PathLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + +class SMB2TreeConnect_Response(Structure): + structure = ( + ('StructureSize','<H=16'), + ('ShareType','<B=0'), + ('Reserved','<B=0'), + ('ShareFlags','<L=0'), + ('Capabilities','<L=0'), + ('MaximalAccess','<L=0'), + ) + +# SMB2_TREE_DISCONNECT +class SMB2TreeDisconnect(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +class SMB2TreeDisconnect_Response(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +# SMB2_CREATE +class SMB2Create(Structure): + SIZE = 56 + structure = ( + ('StructureSize','<H=57'), + ('SecurityFlags','<B=0'), + ('RequestedOplockLevel','<B=0'), + ('ImpersonationLevel','<L=0'), + ('SmbCreateFlags','<Q=0'), + ('Reserved','<Q=0'), + ('DesiredAccess','<L=0'), + ('FileAttributes','<L=0'), + ('ShareAccess','<L=0'), + ('CreateDisposition','<L=0'), + ('CreateOptions','<L=0'), + ('NameOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('NameLength','<H=0'), + ('CreateContextsOffset','<L=0'), + ('CreateContextsLength','<L=0'), + ('_AlignPad','_-AlignPad','self["NameOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["CreateContextsLength"]+self["NameLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + +class SMB2CreateContext(Structure): + structure = ( + ('Next','<L=0'), + ('NameOffset','<H=0'), + ('NameLength','<H=0'), + ('Reserved','<H=0'), + ('DataOffset','<H=0'), + ('DataLength','<L=0'), + ('_Buffer','_-Buffer','self["DataLength"]+self["NameLength"]'), + ('Buffer',':'), + ) + +class SMB2_FILEID(Structure): + structure = ( + ('Persistent','<Q=0'), + ('Volatile','<Q=0'), + ) + +class SMB2Create_Response(Structure): + structure = ( + ('StructureSize','<H=89'), + ('OplockLevel','<B=0'), + ('Flags','<B=0'), + ('CreateAction','<L=0'), + ('CreationTime','<Q=0'), + ('LastAccessTime','<Q=0'), + ('LastWriteTime','<Q=0'), + ('ChangeTime','<Q=0'), + ('AllocationSize','<Q=0'), + ('EndOfFile','<Q=0'), + ('FileAttributes','<L=0'), + ('Reserved2','<L=0'), + ('FileID',':',SMB2_FILEID), + ('CreateContextsOffset','<L=0'), + ('CreateContextsLength','<L=0'), + ('_AlignPad','_-AlignPad','self["CreateContextsOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["CreateContextsLength"]'), + ('Buffer',':'), + ) + +class FILE_FULL_EA_INFORMATION(Structure): + structure = ( + ('NextEntryOffset','<L=0'), + ('Flags','<B=0'), + ('EaNameLength','<B=0'), + ('EaValueLength','<H=0'), + ('_EaName','_-EaName','self["EaNameLength"]'), + ('EaName',':'), + ('_EaValue','_-EaValue','self["EaValue"]'), + ('EaValue',':'), + ) + + +class SMB2_CREATE_DURABLE_HANDLE_RECONNECT(Structure): + structure = ( + ('Data',':',SMB2_FILEID), + ) + +class SMB2_CREATE_DURABLE_HANDLE_REQUEST(Structure): + structure = ( + ('DurableRequest','16s=""'), + ) + +class SMB2_CREATE_DURABLE_HANDLE_RESPONSE(Structure): + structure = ( + ('Reserved','<Q=0'), + ) + +class SMB2_CREATE_QUERY_MAXIMAL_ACCESS_REQUEST(Structure): + structure = ( + ('Timestamp','<Q=0'), + ) + +class SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE(Structure): + structure = ( + ('QueryStatus','<L=0'), + ('MaximalAccess','<L=0'), + ) + +class SMB2_CREATE_ALLOCATION_SIZE(Structure): + structure = ( + ('AllocationSize','<Q=0'), + ) + +class SMB2_CREATE_TIMEWARP_TOKEN(Structure): + structure = ( + ('AllocationSize','<Q=0'), + ) + +class SMB2_CREATE_REQUEST_LEASE(Structure): + structure = ( + ('LeaseKey','16s=""'), + ('LeaseState','<L=0'), + ('LeaseFlags','<L=0'), + ('LeaseDuration','<Q=0'), + ) + +SMB2_CREATE_RESPONSE_LEASE = SMB2_CREATE_REQUEST_LEASE + +class SMB2_CREATE_REQUEST_LEASE_V2(Structure): + structure = ( + ('LeaseKey','16s=""'), + ('LeaseState','<L=0'), + ('Flags','<L=0'), + ('LeaseDuration','<Q=0'), + ('ParentLeaseKey','16s=""'), + ('Epoch','<H=0'), + ('Reserved','<H=0'), + ) + +SMB2_CREATE_RESPONSE_LEASE_V2 = SMB2_CREATE_REQUEST_LEASE_V2 + +class SMB2_CREATE_DURABLE_HANDLE_REQUEST_V2(Structure): + structure = ( + ('Timeout','<L=0'), + ('Flags','<L=0'), + ('Reserved','8s=""'), + ('CreateGuid','16s=""'), + ) + +class SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2(Structure): + structure = ( + ('Timeout','<L=0'), + ('Flags','<L=0'), + ) + +class SMB2_CREATE_DURABLE_HANDLE_RECONNECT_V2(Structure): + structure = ( + ('FileID',':', SMB2_FILEID), + ('CreateGuid','16s=""'), + ('Flags','<L=0'), + ) + +class SMB2_CREATE_APP_INSTANCE_ID(Structure): + structure = ( + ('StructureSize','<H=0'), + ('Reserved','<H=0'), + ('AppInstanceId','16s=""'), + ) + +class SMB2_CREATE_QUERY_ON_DISK_ID(Structure): + structure = ( + ('DiskIDBuffer','32s=""'), + ) + +# Todo: Add Classes for +#SMB2_CREATE_SD_BUFFER + +# SMB2_CLOSE +class SMB2Close(Structure): + structure = ( + ('StructureSize','<H=24'), + ('Flags','<H=0'), + ('Reserved','<L=0'), + ('FileID',':', SMB2_FILEID), + ) + +class SMB2Close_Response(Structure): + structure = ( + ('StructureSize','<H=60'), + ('Flags','<H=0'), + ('Reserved','<L=0'), + ('CreationTime','<Q=0'), + ('LastAccessTime','<Q=0'), + ('LastWriteTime','<Q=0'), + ('ChangeTime','<Q=0'), + ('AllocationSize','<Q=0'), + ('EndofFile','<Q=0'), + ('FileAttributes','<L=0'), + ) + +# SMB2_FLUSH +class SMB2Flush(Structure): + structure = ( + ('StructureSize','<H=24'), + ('Reserved1','<H=0'), + ('Reserved2','<L=0'), + ('FileID',':',SMB2_FILEID), + ) + +class SMB2Flush_Response(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +# SMB2_READ +class SMB2Read(Structure): + SIZE = 48 + structure = ( + ('StructureSize','<H=49'), + ('Padding','<B=0'), + ('Reserved','<B=0'), + ('Length','<L=0'), + ('Offset','<Q=0'), + ('FileID',':',SMB2_FILEID), + ('MinimumCount','<L=0'), + ('Channel','<L=0'), + ('RemainingBytes','<L=0'), + ('ReadChannelInfoOffset','<H=0'), + ('ReadChannelInfoLength','<H=0'), + ('_AlignPad','_-AlignPad','self["ReadChannelInfoOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["ReadChannelInfoLength"]'), + ('Buffer',':=0'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + + +class SMB2Read_Response(Structure): + structure = ( + ('StructureSize','<H=17'), + ('DataOffset','<B=0'), + ('Reserved','<B=0'), + ('DataLength','<L=0'), + ('DataRemaining','<L=0'), + ('Reserved2','<L=0'), + ('_AlignPad','_-AlignPad','self["DataOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["DataLength"]'), + ('Buffer',':'), + ) + +# SMB2_WRITE +class SMB2Write(Structure): + SIZE = 48 + structure = ( + ('StructureSize','<H=49'), + ('DataOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('Length','<L=0'), + ('Offset','<Q=0'), + ('FileID',':',SMB2_FILEID), + ('Channel','<L=0'), + ('RemainingBytes','<L=0'), + ('WriteChannelInfoOffset','<H=0'), + ('WriteChannelInfoLength','<H=0'), + ('_AlignPad','_-AlignPad','self["DataOffset"] + self["WriteChannelInfoOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('Flags','<L=0'), + ('_Buffer','_-Buffer','self["Length"]+self["WriteChannelInfoLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + + +class SMB2Write_Response(Structure): + structure = ( + ('StructureSize','<H=17'), + ('Reserved','<H=0'), + ('Count','<L=0'), + ('Remaining','<L=0'), + ('WriteChannelInfoOffset','<H=0'), + ('WriteChannelInfoLength','<H=0'), + ) + +class SMB2OplockBreakNotification(Structure): + structure = ( + ('StructureSize','<H=24'), + ('OplockLevel','<B=0'), + ('Reserved','<B=0'), + ('Reserved2','<L=0'), + ('FileID',':',SMB2_FILEID), + ) + +SMB2OplockBreakAcknowledgment = SMB2OplockBreakNotification +SMB2OplockBreakResponse = SMB2OplockBreakNotification + +class SMB2LeaseBreakNotification(Structure): + structure = ( + ('StructureSize','<H=44'), + ('NewEpoch','<H=0'), + ('Flags','<L=0'), + ('LeaseKey','16s=""'), + ('CurrentLeaseState','<L=0'), + ('NewLeaseState','<L=0'), + ('BreakReason','<L=0'), + ('AccessMaskHint','<L=0'), + ('ShareMaskHint','<L=0'), + ) + +class SMB2LeaseBreakAcknowledgement(Structure): + structure = ( + ('StructureSize','<H=36'), + ('Reserved','<H=0'), + ('Flags','<L=0'), + ('LeaseKey','16s=""'), + ('LeaseState','<L=0'), + ('LeaseDuration','<Q=0'), + ) + +SMB2LeaseBreakResponse = SMB2LeaseBreakAcknowledgement + +# SMB2_LOCK +class SMB2_LOCK_ELEMENT(Structure): + structure = ( + ('Offset','<Q=0'), + ('Length','<Q=0'), + ('Flags','<L=0'), + ('Reserved','<L=0'), + ) + +class SMB2Lock(Structure): + structure = ( + ('StructureSize','<H=48'), + ('LockCount','<H=0'), + ('LockSequence','<L=0'), + ('FileID',':',SMB2_FILEID), + ('_Locks','_-Locks','self["LockCount"]*24'), + ('Locks',':'), + ) + +class SMB2Lock_Response(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + + +# SMB2_ECHO +class SMB2Echo(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +SMB2Echo_Response = SMB2Echo + +# SMB2_CANCEL` +class SMB2Cancel(Structure): + structure = ( + ('StructureSize','<H=4'), + ('Reserved','<H=0'), + ) + +# SMB2_IOCTL +class SMB2Ioctl(Structure): + SIZE = 56 + structure = ( + ('StructureSize','<H=57'), + ('Reserved','<H=0'), + ('CtlCode','<L=0'), + ('FileID',':',SMB2_FILEID), + ('InputOffset','<L=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('InputCount','<L=0'), + ('MaxInputResponse','<L=0'), + ('OutputOffset','<L=(self.SIZE + 64 + len(self["AlignPad"]) + self["InputCount"])'), + ('OutputCount','<L=0'), + ('MaxOutputResponse','<L=0'), + ('Flags','<L=0'), + ('Reserved2','<L=0'), + #('_AlignPad','_-AlignPad','self["InputOffset"] + self["OutputOffset"] - (64 + self["StructureSize"] - 1)'), + #('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["InputCount"]+self["OutputCount"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + +class FSCTL_PIPE_WAIT_STRUCTURE(Structure): + structure = ( + ('Timeout','<q=0'), + ('NameLength','<L=0'), + ('TimeoutSpecified','<B=0'), + ('Padding','<B=0'), + ('_Name','_-Name','self["NameLength"]'), + ('Name',':'), + ) + +class SRV_COPYCHUNK_COPY(Structure): + structure = ( + ('SourceKey','24s=""'), + ('ChunkCount','<L=0'), + ('Reserved','<L=0'), + ('_Chunks','_-Chunks', 'self["ChunkCount"]*len(SRV_COPYCHUNK)'), + ('Chunks',':'), + ) + +class SRV_COPYCHUNK(Structure): + structure = ( + ('SourceOffset','<Q=0'), + ('TargetOffset','<Q=0'), + ('Length','<L=0'), + ('Reserved','<L=0'), + ) + +class SRV_COPYCHUNK_RESPONSE(Structure): + structure = ( + ('ChunksWritten','<L=0'), + ('ChunkBytesWritten','<L=0'), + ('TotalBytesWritten','<L=0'), + ) + +class SRV_READ_HASH(Structure): + structure = ( + ('HashType','<L=0'), + ('HashVersion','<L=0'), + ('HashRetrievalType','<L=0'), + ('Length','<L=0'), + ('Offset','<Q=0'), + ) + +class NETWORK_RESILIENCY_REQUEST(Structure): + structure = ( + ('Timeout','<L=0'), + ('Reserved','<L=0'), + ) + +class VALIDATE_NEGOTIATE_INFO(Structure): + structure = ( + ('Capabilities','<L=0'), + ('Guid','16s=""'), + ('SecurityMode','<H=0'), + #('DialectCount','<H=0'), + ('Dialects','<H*<H'), + ) + +class SRV_SNAPSHOT_ARRAY(Structure): + structure = ( + ('NumberOfSnapShots','<L=0'), + ('NumberOfSnapShotsReturned','<L=0'), + ('SnapShotArraySize','<L=0'), + ('_SnapShots','_-SnapShots','self["SnapShotArraySize"]'), + ('SnapShots',':'), + ) + +class SRV_REQUEST_RESUME_KEY(Structure): + structure = ( + ('ResumeKey','24s=""'), + ('ContextLength','<L=0'), + ('_Context','_-Context','self["ContextLength"]'), + ('Context',':'), + ) + +class HASH_HEADER(Structure): + structure = ( + ('HashType','<L=0'), + ('HashVersion','<L=0'), + ('SourceFileChangeTime','<Q=0'), + ('SourceFileSize','<Q=0'), + ('HashBlobLength','<L=0'), + ('HashBlobOffset','<L=0'), + ('Dirty','<H=0'), + ('SourceFileNameLength','<L=0'), + ('_SourceFileName','_-SourceFileName','self["SourceFileNameLength"]',), + ('SourceFileName',':'), + ) + +class SRV_HASH_RETRIEVE_HASH_BASED(Structure): + structure = ( + ('Offset','<Q=0'), + ('BufferLength','<L=0'), + ('Reserved','<L=0'), + ('_Buffer','_-Buffer','self["BufferLength"]'), + ('Buffer',':'), + ) + +class SRV_HASH_RETRIEVE_FILE_BASED(Structure): + structure = ( + ('FileDataOffset','<Q=0'), + ('FileDataLength','<Q=0'), + ('BufferLength','<L=0'), + ('Reserved','<L=0'), + ('_Buffer','_-Buffer','self["BufferLength"]'), + ('Buffer',':'), + ) + +class NETWORK_INTERFACE_INFO(Structure): + structure = ( + ('Next','<L=0'), + ('IfIndex','<L=0'), + ('Capability','<L=0'), + ('Reserved','<L=0'), + ('LinkSpeed','<Q=0'), + ('SockAddr_Storage','128s=""'), + ) + +class SMB2Ioctl_Response(Structure): + structure = ( + ('StructureSize','<H=49'), + ('Reserved','<H=0'), + ('CtlCode','<L=0'), + ('FileID',':',SMB2_FILEID), + ('InputOffset','<L=0'), + ('InputCount','<L=0'), + ('OutputOffset','<L=0'), + ('OutputCount','<L=0'), + ('Flags','<L=0'), + ('Reserved2','<L=0'), + ('_AlignPad','_-AlignPad','self["OutputOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["InputCount"]+self["OutputCount"]'), + ('Buffer',':'), + ) + +# SMB2_QUERY_DIRECTORY +class SMB2QueryDirectory(Structure): + SIZE = 32 + structure = ( + ('StructureSize','<H=33'), + ('FileInformationClass','<B=0'), + ('Flags','<B=0'), + ('FileIndex','<L=0'), + ('FileID',':',SMB2_FILEID), + ('FileNameOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('FileNameLength','<H=0'), + ('OutputBufferLength','<L=0'), + ('_AlignPad','_-AlignPad','self["FileNameOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["FileNameLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + +class SMB2QueryDirectory_Response(Structure): + structure = ( + ('StructureSize','<H=9'), + ('OutputBufferOffset','<H=0'), + ('OutputBufferLength','<L=0'), + ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["OutputBufferLength"]'), + ('Buffer',':'), + ) + +# SMB2_CHANGE_NOTIFY +class SMB2ChangeNotify(Structure): + structure = ( + ('StructureSize','<H=32'), + ('Flags','<H=0'), + ('OutputBufferLength','<L=0'), + ('FileID',':',SMB2_FILEID), + ('CompletionFilter','<L=0'), + ('Reserved','<L=0'), + ) + +class SMB2ChangeNotify_Response(Structure): + structure = ( + ('StructureSize','<H=9'), + ('OutputBufferOffset','<H=0'), + ('OutputBufferLength','<L=0'), + ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["OutputBufferLength"]'), + ('Buffer',':'), + ) + +class FILE_NOTIFY_INFORMATION(Structure): + structure = ( + ('NextEntryOffset','<L=0'), + ('Action','<L=0'), + ('FileNameLength','<L=0'), + ('_FileName','_-FileName','self["FileNameLength"]',), + ('FileName',':'), + ) + +# SMB2_QUERY_INFO +class SMB2QueryInfo(Structure): + SIZE = 40 + structure = ( + ('StructureSize','<H=41'), + ('InfoType','<B=0'), + ('FileInfoClass','<B=0'), + ('OutputBufferLength','<L=0'), + ('InputBufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('Reserved','<H=0'), + ('InputBufferLength','<L=0'), + ('AdditionalInformation','<L=0'), + ('Flags','<L=0'), + ('FileID',':',SMB2_FILEID), + ('_AlignPad','_-AlignPad','self["InputBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["InputBufferLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + + +class SMB2_QUERY_QUOTA_INFO(Structure): + structure = ( + ('ReturnSingle','<B=0'), + ('RestartScan','<B=0'), + ('Reserved','<H=0'), + ('SidListLength','<L=0'), + ('StartSidLength','<L=0'), + ('StartSidOffset','<L=0'), + # ToDo: Check 2.2.37.1 here + ('SidBuffer',':'), + ) + +class SMB2QueryInfo_Response(Structure): + structure = ( + ('StructureSize','<H=9'), + ('OutputBufferOffset','<H=0'), + ('OutputBufferLength','<L=0'), + ('_AlignPad','_-AlignPad','self["OutputBufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["OutputBufferLength"]'), + ('Buffer',':'), + ) + +# SMB2_SET_INFO +class SMB2SetInfo(Structure): + SIZE = 32 + structure = ( + ('StructureSize','<H=33'), + ('InfoType','<B=0'), + ('FileInfoClass','<B=0'), + ('BufferLength','<L=0'), + ('BufferOffset','<H=(self.SIZE + 64 + len(self["AlignPad"]))'), + ('Reserved','<H=0'), + ('AdditionalInformation','<L=0'), + ('FileID',':',SMB2_FILEID), + ('_AlignPad','_-AlignPad','self["BufferOffset"] - (64 + self["StructureSize"] - 1)'), + ('AlignPad',':=""'), + ('_Buffer','_-Buffer','self["BufferLength"]'), + ('Buffer',':'), + ) + def __init__(self, data = None): + Structure.__init__(self,data) + if data is None: + self['AlignPad'] = '' + +class SMB2SetInfo_Response(Structure): + structure = ( + ('StructureSize','<H=2'), + ) + +class FILE_RENAME_INFORMATION_TYPE_2(Structure): + structure = ( + ('ReplaceIfExists','<B=0'), + ('Reserved','7s=""'), + ('RootDirectory','<Q=0'), + ('FileNameLength','<L=0'), + ('_FileName','_-FileName','self["FileNameLength"]'), + ('FileName',':'), + ) + +class SMB2_TRANSFORM_HEADER(Structure): + structure = ( + ('ProtocolID','"\xfdSMB'), + ('Signature','16s=""'), + ('Nonce','16s=""'), + ('OriginalMessageSize','<L=0'), + ('Reserved','<H=0'), + ('EncryptionAlgorithm','<H=0'), + ('SessionID','<Q=0'), + ) + +# SMB2_FILE_INTERNAL_INFO +class FileInternalInformation(Structure): + structure = ( + ('IndexNumber','<q=0'), + ) diff --git a/tests/python_dependencies/impacket/smbserver.py b/tests/python_dependencies/impacket/smbserver.py new file mode 100644 index 000000000..4baebbb20 --- /dev/null +++ b/tests/python_dependencies/impacket/smbserver.py @@ -0,0 +1,4416 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (@agsolino) +# +# TODO: +# [-] Functions should return NT error codes +# [-] Handling errors in all situations, right now it's just raising exceptions. +# [*] Standard authentication support +# [ ] Organize the connectionData stuff +# [*] Add capability to send a bad user ID if the user is not authenticated, +# right now you can ask for any command without actually being authenticated +# [ ] PATH TRAVERSALS EVERYWHERE.. BE WARNED! +# [ ] Check the credentials.. now we're just letting everybody to log in. +# [ ] Check error situation (now many places assume the right data is coming) +# [ ] Implement IPC to the main process so the connectionData is on a single place +# [ ] Hence.. implement locking +# estamos en la B + +from __future__ import with_statement +import calendar +import socket +import time +import datetime +import struct +import ConfigParser +import SocketServer +import threading +import logging +import logging.config +import ntpath +import os +import fnmatch +import errno +import sys +import random +import shutil +import string +from binascii import unhexlify, hexlify + +# For signing +from impacket import smb, nmb, ntlm, uuid, LOG +from impacket import smb3structs as smb2 +from impacket.spnego import SPNEGO_NegTokenInit, TypesMech, MechTypes, SPNEGO_NegTokenResp, ASN1_AID, ASN1_SUPPORTED_MECH +from impacket.nt_errors import STATUS_NO_MORE_FILES, STATUS_NETWORK_NAME_DELETED, STATUS_INVALID_PARAMETER, \ + STATUS_FILE_CLOSED, STATUS_MORE_PROCESSING_REQUIRED, STATUS_OBJECT_PATH_NOT_FOUND, STATUS_DIRECTORY_NOT_EMPTY, \ + STATUS_FILE_IS_A_DIRECTORY, STATUS_NOT_IMPLEMENTED, STATUS_INVALID_HANDLE, STATUS_OBJECT_NAME_COLLISION, \ + STATUS_NO_SUCH_FILE, STATUS_CANCELLED, STATUS_OBJECT_NAME_NOT_FOUND, STATUS_SUCCESS, STATUS_ACCESS_DENIED, \ + STATUS_NOT_SUPPORTED, STATUS_INVALID_DEVICE_REQUEST, STATUS_FS_DRIVER_REQUIRED, STATUS_INVALID_INFO_CLASS + +# These ones not defined in nt_errors +STATUS_SMB_BAD_UID = 0x005B0002 +STATUS_SMB_BAD_TID = 0x00050002 + +# Utility functions +# and general functions. +# There are some common functions that can be accessed from more than one SMB +# command (or either TRANSACTION). That's why I'm putting them here +# TODO: Return NT ERROR Codes + +def outputToJohnFormat(challenge, username, domain, lmresponse, ntresponse): +# We don't want to add a possible failure here, since this is an +# extra bonus. We try, if it fails, returns nothing + ret_value = '' + try: + if len(ntresponse) > 24: + # Extended Security - NTLMv2 + ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username.decode('utf-16le'), domain.decode('utf-16le'), hexlify(challenge), hexlify(ntresponse)[:32], hexlify(ntresponse)[32:]), 'hash_version':'ntlmv2'} + else: + # NTLMv1 + ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username.decode('utf-16le'), domain.decode('utf-16le'), hexlify(lmresponse), hexlify(ntresponse), hexlify(challenge)), 'hash_version':'ntlm'} + except: + # Let's try w/o decoding Unicode + try: + if len(ntresponse) > 24: + # Extended Security - NTLMv2 + ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username, domain, hexlify(challenge), hexlify(ntresponse)[:32], hexlify(ntresponse)[32:]), 'hash_version':'ntlmv2'} + else: + # NTLMv1 + ret_value = {'hash_string':'%s::%s:%s:%s:%s' % (username, domain, hexlify(lmresponse), hexlify(ntresponse), hexlify(challenge)), 'hash_version':'ntlm'} + except Exception, e: + LOG.error("outputToJohnFormat: %s" % e) + pass + + return ret_value + +def writeJohnOutputToFile(hash_string, hash_version, file_name): + fn_data = os.path.splitext(file_name) + if hash_version == "ntlmv2": + output_filename = fn_data[0] + "_ntlmv2" + fn_data[1] + else: + output_filename = fn_data[0] + "_ntlm" + fn_data[1] + + with open(output_filename,"a") as f: + f.write(hash_string) + f.write('\n') + + +def decodeSMBString( flags, text ): + if flags & smb.SMB.FLAGS2_UNICODE: + return text.decode('utf-16le') + else: + return text + +def encodeSMBString( flags, text ): + if flags & smb.SMB.FLAGS2_UNICODE: + return (text).encode('utf-16le') + else: + return text + +def getFileTime(t): + t *= 10000000 + t += 116444736000000000 + return t + +def getUnixTime(t): + t -= 116444736000000000 + t /= 10000000 + return t + +def getSMBDate(t): + # TODO: Fix this :P + d = datetime.date.fromtimestamp(t) + year = d.year - 1980 + ret = (year << 8) + (d.month << 4) + d.day + return ret + +def getSMBTime(t): + # TODO: Fix this :P + d = datetime.datetime.fromtimestamp(t) + return (d.hour << 8) + (d.minute << 4) + d.second + +def getShares(connId, smbServer): + config = smbServer.getServerConfig() + sections = config.sections() + # Remove the global one + del(sections[sections.index('global')]) + shares = {} + for i in sections: + shares[i] = dict(config.items(i)) + return shares + +def searchShare(connId, share, smbServer): + config = smbServer.getServerConfig() + if config.has_section(share): + return dict(config.items(share)) + else: + return None + +def openFile(path,fileName, accessMode, fileAttributes, openMode): + fileName = os.path.normpath(fileName.replace('\\','/')) + errorCode = 0 + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + mode = 0 + # Check the Open Mode + if openMode & 0x10: + # If the file does not exist, create it. + mode = os.O_CREAT + else: + # If file does not exist, return an error + if os.path.exists(pathName) is not True: + errorCode = STATUS_NO_SUCH_FILE + return 0,mode, pathName, errorCode + + if os.path.isdir(pathName) and (fileAttributes & smb.ATTR_DIRECTORY) == 0: + # Request to open a normal file and this is actually a directory + errorCode = STATUS_FILE_IS_A_DIRECTORY + return 0, mode, pathName, errorCode + # Check the Access Mode + if accessMode & 0x7 == 1: + mode |= os.O_WRONLY + elif accessMode & 0x7 == 2: + mode |= os.O_RDWR + else: + mode = os.O_RDONLY + + try: + if sys.platform == 'win32': + mode |= os.O_BINARY + fid = os.open(pathName, mode) + except Exception, e: + LOG.error("openFile: %s,%s" % (pathName, mode) ,e) + fid = 0 + errorCode = STATUS_ACCESS_DENIED + + return fid, mode, pathName, errorCode + +def queryFsInformation(path, filename, level=0): + + if isinstance(filename,unicode): + encoding = 'utf-16le' + flags = smb.SMB.FLAGS2_UNICODE + else: + encoding = 'ascii' + flags = 0 + + fileName = os.path.normpath(filename.replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + fileSize = os.path.getsize(pathName) + (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = os.stat(pathName) + if level == smb.SMB_QUERY_FS_ATTRIBUTE_INFO or level == smb2.SMB2_FILESYSTEM_ATTRIBUTE_INFO: + data = smb.SMBQueryFsAttributeInfo() + data['FileSystemAttributes'] = smb.FILE_CASE_SENSITIVE_SEARCH | smb.FILE_CASE_PRESERVED_NAMES + data['MaxFilenNameLengthInBytes'] = 255 + data['LengthOfFileSystemName'] = len('XTFS')*2 + data['FileSystemName'] = 'XTFS'.encode('utf-16le') + return data.getData() + elif level == smb.SMB_INFO_VOLUME: + data = smb.SMBQueryFsInfoVolume( flags = flags ) + data['VolumeLabel'] = 'SHARE'.encode(encoding) + return data.getData() + elif level == smb.SMB_QUERY_FS_VOLUME_INFO or level == smb2.SMB2_FILESYSTEM_VOLUME_INFO: + data = smb.SMBQueryFsVolumeInfo() + data['VolumeLabel'] = '' + data['VolumeCreationTime'] = getFileTime(ctime) + return data.getData() + elif level == smb.SMB_QUERY_FS_SIZE_INFO: + data = smb.SMBQueryFsSizeInfo() + return data.getData() + elif level == smb.FILE_FS_FULL_SIZE_INFORMATION: + data = smb.SMBFileFsFullSizeInformation() + return data.getData() + elif level == smb.FILE_FS_SIZE_INFORMATION: + data = smb.FileFsSizeInformation() + return data.getData() + else: + lastWriteTime = mtime + attribs = 0 + if os.path.isdir(pathName): + attribs |= smb.SMB_FILE_ATTRIBUTE_DIRECTORY + if os.path.isfile(pathName): + attribs |= smb.SMB_FILE_ATTRIBUTE_NORMAL + fileAttributes = attribs + return fileSize, lastWriteTime, fileAttributes + +def findFirst2(path, fileName, level, searchAttributes, isSMB2 = False): + # TODO: Depending on the level, this could be done much simpler + + #print "FindFirs2 path:%s, filename:%s" % (path, fileName) + fileName = os.path.normpath(fileName.replace('\\','/')) + # Let's choose the right encoding depending on the request + if isinstance(fileName,unicode): + encoding = 'utf-16le' + flags = smb.SMB.FLAGS2_UNICODE + else: + encoding = 'ascii' + flags = 0 + + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + + pathName = os.path.join(path,fileName) + files = [] + + if pathName.find('*') == -1 and pathName.find('?') == -1: + # No search patterns + pattern = '' + else: + pattern = os.path.basename(pathName) + dirName = os.path.dirname(pathName) + + # Always add . and .. Not that important for Windows, but Samba whines if + # not present (for * search only) + if pattern == '*': + files.append(os.path.join(dirName,'.')) + files.append(os.path.join(dirName,'..')) + + if pattern != '': + for file in os.listdir(dirName): + if fnmatch.fnmatch(file.lower(),pattern.lower()): + entry = os.path.join(dirName, file) + if os.path.isdir(entry): + if searchAttributes & smb.ATTR_DIRECTORY: + files.append(entry) + else: + files.append(entry) + else: + if os.path.exists(pathName): + files.append(pathName) + + searchResult = [] + searchCount = len(files) + errorCode = STATUS_SUCCESS + + for i in files: + if level == smb.SMB_FIND_FILE_BOTH_DIRECTORY_INFO or level == smb2.SMB2_FILE_BOTH_DIRECTORY_INFO: + item = smb.SMBFindFileBothDirectoryInfo( flags = flags ) + elif level == smb.SMB_FIND_FILE_DIRECTORY_INFO or level == smb2.SMB2_FILE_DIRECTORY_INFO: + item = smb.SMBFindFileDirectoryInfo( flags = flags ) + elif level == smb.SMB_FIND_FILE_FULL_DIRECTORY_INFO or level == smb2.SMB2_FULL_DIRECTORY_INFO: + item = smb.SMBFindFileFullDirectoryInfo( flags = flags ) + elif level == smb.SMB_FIND_INFO_STANDARD: + item = smb.SMBFindInfoStandard( flags = flags ) + elif level == smb.SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO or level == smb2.SMB2_FILE_ID_FULL_DIRECTORY_INFO: + item = smb.SMBFindFileIdFullDirectoryInfo( flags = flags ) + elif level == smb.SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO or level == smb2.SMB2_FILE_ID_BOTH_DIRECTORY_INFO: + item = smb.SMBFindFileIdBothDirectoryInfo( flags = flags ) + elif level == smb.SMB_FIND_FILE_NAMES_INFO or level == smb2.SMB2_FILE_NAMES_INFO: + item = smb.SMBFindFileNamesInfo( flags = flags ) + else: + LOG.error("Wrong level %d!" % level) + return searchResult, searchCount, STATUS_NOT_SUPPORTED + + (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = os.stat(i) + if os.path.isdir(i): + item['ExtFileAttributes'] = smb.ATTR_DIRECTORY + else: + item['ExtFileAttributes'] = smb.ATTR_NORMAL | smb.ATTR_ARCHIVE + + item['FileName'] = os.path.basename(i).encode(encoding) + + if level == smb.SMB_FIND_FILE_BOTH_DIRECTORY_INFO or level == smb.SMB_FIND_FILE_ID_BOTH_DIRECTORY_INFO or level == smb2.SMB2_FILE_ID_BOTH_DIRECTORY_INFO or level == smb2.SMB2_FILE_BOTH_DIRECTORY_INFO: + item['EaSize'] = 0 + item['EndOfFile'] = size + item['AllocationSize'] = size + item['CreationTime'] = getFileTime(ctime) + item['LastAccessTime'] = getFileTime(atime) + item['LastWriteTime'] = getFileTime(mtime) + item['LastChangeTime'] = getFileTime(mtime) + item['ShortName'] = '\x00'*24 + item['FileName'] = os.path.basename(i).encode(encoding) + padLen = (8-(len(item) % 8)) % 8 + item['NextEntryOffset'] = len(item) + padLen + elif level == smb.SMB_FIND_FILE_DIRECTORY_INFO: + item['EndOfFile'] = size + item['AllocationSize'] = size + item['CreationTime'] = getFileTime(ctime) + item['LastAccessTime'] = getFileTime(atime) + item['LastWriteTime'] = getFileTime(mtime) + item['LastChangeTime'] = getFileTime(mtime) + item['FileName'] = os.path.basename(i).encode(encoding) + padLen = (8-(len(item) % 8)) % 8 + item['NextEntryOffset'] = len(item) + padLen + elif level == smb.SMB_FIND_FILE_FULL_DIRECTORY_INFO or level == smb.SMB_FIND_FILE_ID_FULL_DIRECTORY_INFO or level == smb2.SMB2_FULL_DIRECTORY_INFO: + item['EaSize'] = 0 + item['EndOfFile'] = size + item['AllocationSize'] = size + item['CreationTime'] = getFileTime(ctime) + item['LastAccessTime'] = getFileTime(atime) + item['LastWriteTime'] = getFileTime(mtime) + item['LastChangeTime'] = getFileTime(mtime) + padLen = (8-(len(item) % 8)) % 8 + item['NextEntryOffset'] = len(item) + padLen + elif level == smb.SMB_FIND_INFO_STANDARD: + item['EaSize'] = size + item['CreationDate'] = getSMBDate(ctime) + item['CreationTime'] = getSMBTime(ctime) + item['LastAccessDate'] = getSMBDate(atime) + item['LastAccessTime'] = getSMBTime(atime) + item['LastWriteDate'] = getSMBDate(mtime) + item['LastWriteTime'] = getSMBTime(mtime) + searchResult.append(item) + + # No more files + if (level >= smb.SMB_FIND_FILE_DIRECTORY_INFO or isSMB2 == True) and searchCount > 0: + searchResult[-1]['NextEntryOffset'] = 0 + + return searchResult, searchCount, errorCode + +def queryFileInformation(path, filename, level): + #print "queryFileInfo path: %s, filename: %s, level:0x%x" % (path,filename,level) + return queryPathInformation(path,filename, level) + +def queryPathInformation(path, filename, level): + # TODO: Depending on the level, this could be done much simpler + #print "queryPathInfo path: %s, filename: %s, level:0x%x" % (path,filename,level) + try: + errorCode = 0 + fileName = os.path.normpath(filename.replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\') and path != '': + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + if os.path.exists(pathName): + (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = os.stat(pathName) + if level == smb.SMB_QUERY_FILE_BASIC_INFO: + infoRecord = smb.SMBQueryFileBasicInfo() + infoRecord['CreationTime'] = getFileTime(ctime) + infoRecord['LastAccessTime'] = getFileTime(atime) + infoRecord['LastWriteTime'] = getFileTime(mtime) + infoRecord['LastChangeTime'] = getFileTime(mtime) + if os.path.isdir(pathName): + infoRecord['ExtFileAttributes'] = smb.ATTR_DIRECTORY + else: + infoRecord['ExtFileAttributes'] = smb.ATTR_NORMAL | smb.ATTR_ARCHIVE + elif level == smb.SMB_QUERY_FILE_STANDARD_INFO: + infoRecord = smb.SMBQueryFileStandardInfo() + infoRecord['AllocationSize'] = size + infoRecord['EndOfFile'] = size + if os.path.isdir(pathName): + infoRecord['Directory'] = 1 + else: + infoRecord['Directory'] = 0 + elif level == smb.SMB_QUERY_FILE_ALL_INFO or level == smb2.SMB2_FILE_ALL_INFO: + infoRecord = smb.SMBQueryFileAllInfo() + infoRecord['CreationTime'] = getFileTime(ctime) + infoRecord['LastAccessTime'] = getFileTime(atime) + infoRecord['LastWriteTime'] = getFileTime(mtime) + infoRecord['LastChangeTime'] = getFileTime(mtime) + if os.path.isdir(pathName): + infoRecord['ExtFileAttributes'] = smb.ATTR_DIRECTORY + else: + infoRecord['ExtFileAttributes'] = smb.ATTR_NORMAL | smb.ATTR_ARCHIVE + infoRecord['AllocationSize'] = size + infoRecord['EndOfFile'] = size + if os.path.isdir(pathName): + infoRecord['Directory'] = 1 + else: + infoRecord['Directory'] = 0 + infoRecord['FileName'] = filename.encode('utf-16le') + elif level == smb2.SMB2_FILE_NETWORK_OPEN_INFO: + infoRecord = smb.SMBFileNetworkOpenInfo() + infoRecord['CreationTime'] = getFileTime(ctime) + infoRecord['LastAccessTime'] = getFileTime(atime) + infoRecord['LastWriteTime'] = getFileTime(mtime) + infoRecord['ChangeTime'] = getFileTime(mtime) + infoRecord['AllocationSize'] = size + infoRecord['EndOfFile'] = size + if os.path.isdir(pathName): + infoRecord['FileAttributes'] = smb.ATTR_DIRECTORY + else: + infoRecord['FileAttributes'] = smb.ATTR_NORMAL | smb.ATTR_ARCHIVE + elif level == smb.SMB_QUERY_FILE_EA_INFO or level == smb2.SMB2_FILE_EA_INFO: + infoRecord = smb.SMBQueryFileEaInfo() + elif level == smb2.SMB2_FILE_STREAM_INFO: + infoRecord = smb.SMBFileStreamInformation() + else: + LOG.error('Unknown level for query path info! 0x%x' % level) + # UNSUPPORTED + return None, STATUS_NOT_SUPPORTED + + return infoRecord, errorCode + else: + # NOT FOUND + return None, STATUS_OBJECT_NAME_NOT_FOUND + except Exception, e: + LOG.error('queryPathInfo: %s' % e) + raise + +def queryDiskInformation(path): +# TODO: Do something useful here :) +# For now we just return fake values + totalUnits = 65535 + freeUnits = 65535 + return totalUnits, freeUnits + +# Here we implement the NT transaction handlers +class NTTRANSCommands: + def default(self, connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + pass + +# Here we implement the NT transaction handlers +class TRANSCommands: + @staticmethod + def lanMan(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + # Minimal [MS-RAP] implementation, just to return the shares + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = STATUS_SUCCESS + if struct.unpack('<H',parameters[:2])[0] == 0: + # NetShareEnum Request + netShareEnum = smb.SMBNetShareEnum(parameters) + if netShareEnum['InfoLevel'] == 1: + shares = getShares(connId, smbServer) + respParameters = smb.SMBNetShareEnumResponse() + respParameters['EntriesReturned'] = len(shares) + respParameters['EntriesAvailable'] = len(shares) + tailData = '' + for i in shares: + # NetShareInfo1 len == 20 + entry = smb.NetShareInfo1() + entry['NetworkName'] = i + '\x00'*(13-len(i)) + entry['Type'] = int(shares[i]['share type']) + # (beto) If offset == 0 it crashes explorer.exe on windows 7 + entry['RemarkOffsetLow'] = 20 * len(shares) + len(tailData) + respData += entry.getData() + if shares[i].has_key('comment'): + tailData += shares[i]['comment'] + '\x00' + else: + tailData += '\x00' + respData += tailData + else: + # We don't support other info levels + errorCode = STATUS_NOT_SUPPORTED + elif struct.unpack('<H',parameters[:2])[0] == 13: + # NetrServerGetInfo Request + respParameters = smb.SMBNetServerGetInfoResponse() + netServerInfo = smb.SMBNetServerInfo1() + netServerInfo['ServerName'] = smbServer.getServerName() + respData = str(netServerInfo) + respParameters['TotalBytesAvailable'] = len(respData) + elif struct.unpack('<H',parameters[:2])[0] == 1: + # NetrShareGetInfo Request + request = smb.SMBNetShareGetInfo(parameters) + respParameters = smb.SMBNetShareGetInfoResponse() + shares = getShares(connId, smbServer) + share = shares[request['ShareName'].upper()] + shareInfo = smb.NetShareInfo1() + shareInfo['NetworkName'] = request['ShareName'].upper() + '\x00' + shareInfo['Type'] = int(share['share type']) + respData = shareInfo.getData() + if share.has_key('comment'): + shareInfo['RemarkOffsetLow'] = len(respData) + respData += share['comment'] + '\x00' + respParameters['TotalBytesAvailable'] = len(respData) + + else: + # We don't know how to handle anything else + errorCode = STATUS_NOT_SUPPORTED + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + @staticmethod + def transactNamedPipe(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = STATUS_SUCCESS + SMBCommand = smb.SMBCommand(recvPacket['Data'][0]) + transParameters= smb.SMBTransaction_Parameters(SMBCommand['Parameters']) + + # Extract the FID + fid = struct.unpack('<H', transParameters['Setup'][2:])[0] + + if connData['OpenedFiles'].has_key(fid): + fileHandle = connData['OpenedFiles'][fid]['FileHandle'] + if fileHandle != PIPE_FILE_DESCRIPTOR: + os.write(fileHandle,data) + respData = os.read(fileHandle,data) + else: + sock = connData['OpenedFiles'][fid]['Socket'] + sock.send(data) + respData = sock.recv(maxDataCount) + else: + errorCode = STATUS_INVALID_HANDLE + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + +# Here we implement the transaction2 handlers +class TRANS2Commands: + # All these commands return setup, parameters, data, errorCode + @staticmethod + def setPathInformation(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = STATUS_SUCCESS + setPathInfoParameters = smb.SMBSetPathInformation_Parameters(flags = recvPacket['Flags2'], data = parameters) + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + fileName = decodeSMBString(recvPacket['Flags2'], setPathInfoParameters['FileName']) + fileName = os.path.normpath(fileName.replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\') and path != '': + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + if os.path.exists(pathName): + informationLevel = setPathInfoParameters['InformationLevel'] + if informationLevel == smb.SMB_SET_FILE_BASIC_INFO: + infoRecord = smb.SMBSetFileBasicInfo(data) + # Creation time won't be set, the other ones we play with. + atime = infoRecord['LastAccessTime'] + if atime == 0: + atime = -1 + else: + atime = getUnixTime(atime) + mtime = infoRecord['LastWriteTime'] + if mtime == 0: + mtime = -1 + else: + mtime = getUnixTime(mtime) + if mtime != -1 or atime != -1: + os.utime(pathName,(atime,mtime)) + else: + smbServer.log('Unknown level for set path info! 0x%x' % setPathInfoParameters['InformationLevel'], logging.ERROR) + # UNSUPPORTED + errorCode = STATUS_NOT_SUPPORTED + else: + errorCode = STATUS_OBJECT_NAME_NOT_FOUND + + if errorCode == STATUS_SUCCESS: + respParameters = smb.SMBSetPathInformationResponse_Parameters() + + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + + @staticmethod + def setFileInformation(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = STATUS_SUCCESS + setFileInfoParameters = smb.SMBSetFileInformation_Parameters(parameters) + + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + if connData['OpenedFiles'].has_key(setFileInfoParameters['FID']): + fileName = connData['OpenedFiles'][setFileInfoParameters['FID']]['FileName'] + informationLevel = setFileInfoParameters['InformationLevel'] + if informationLevel == smb.SMB_SET_FILE_DISPOSITION_INFO: + infoRecord = smb.SMBSetFileDispositionInfo(parameters) + if infoRecord['DeletePending'] > 0: + # Mark this file for removal after closed + connData['OpenedFiles'][setFileInfoParameters['FID']]['DeleteOnClose'] = True + respParameters = smb.SMBSetFileInformationResponse_Parameters() + elif informationLevel == smb.SMB_SET_FILE_BASIC_INFO: + infoRecord = smb.SMBSetFileBasicInfo(data) + # Creation time won't be set, the other ones we play with. + atime = infoRecord['LastAccessTime'] + if atime == 0: + atime = -1 + else: + atime = getUnixTime(atime) + mtime = infoRecord['LastWriteTime'] + if mtime == 0: + mtime = -1 + else: + mtime = getUnixTime(mtime) + os.utime(fileName,(atime,mtime)) + elif informationLevel == smb.SMB_SET_FILE_END_OF_FILE_INFO: + fileHandle = connData['OpenedFiles'][setFileInfoParameters['FID']]['FileHandle'] + infoRecord = smb.SMBSetFileEndOfFileInfo(data) + if infoRecord['EndOfFile'] > 0: + os.lseek(fileHandle, infoRecord['EndOfFile']-1, 0) + os.write(fileHandle, '\x00') + else: + smbServer.log('Unknown level for set file info! 0x%x' % setFileInfoParameters['InformationLevel'], logging.ERROR) + # UNSUPPORTED + errorCode = STATUS_NOT_SUPPORTED + else: + errorCode = STATUS_NO_SUCH_FILE + + if errorCode == STATUS_SUCCESS: + respParameters = smb.SMBSetFileInformationResponse_Parameters() + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + @staticmethod + def queryFileInformation(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + + queryFileInfoParameters = smb.SMBQueryFileInformation_Parameters(parameters) + + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + if connData['OpenedFiles'].has_key(queryFileInfoParameters['FID']): + fileName = connData['OpenedFiles'][queryFileInfoParameters['FID']]['FileName'] + + infoRecord, errorCode = queryFileInformation('', fileName, queryFileInfoParameters['InformationLevel']) + + if infoRecord is not None: + respParameters = smb.SMBQueryFileInformationResponse_Parameters() + respData = infoRecord + else: + errorCode = STATUS_INVALID_HANDLE + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + @staticmethod + def queryPathInformation(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = 0 + + queryPathInfoParameters = smb.SMBQueryPathInformation_Parameters(flags = recvPacket['Flags2'], data = parameters) + + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + try: + infoRecord, errorCode = queryPathInformation(path, decodeSMBString(recvPacket['Flags2'], queryPathInfoParameters['FileName']), queryPathInfoParameters['InformationLevel']) + except Exception, e: + smbServer.log("queryPathInformation: %s" % e,logging.ERROR) + + if infoRecord is not None: + respParameters = smb.SMBQueryPathInformationResponse_Parameters() + respData = infoRecord + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + @staticmethod + def queryFsInformation(connId, smbServer, recvPacket, parameters, data, maxDataCount = 0): + connData = smbServer.getConnectionData(connId) + errorCode = 0 + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + data = queryFsInformation(connData['ConnectedShares'][recvPacket['Tid']]['path'], '', struct.unpack('<H',parameters)[0]) + + smbServer.setConnectionData(connId, connData) + + return '','', data, errorCode + + @staticmethod + def findNext2(connId, smbServer, recvPacket, parameters, data, maxDataCount): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + errorCode = STATUS_SUCCESS + findNext2Parameters = smb.SMBFindNext2_Parameters(flags = recvPacket['Flags2'], data = parameters) + + sid = findNext2Parameters['SID'] + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + if connData['SIDs'].has_key(sid): + searchResult = connData['SIDs'][sid] + respParameters = smb.SMBFindNext2Response_Parameters() + endOfSearch = 1 + searchCount = 1 + totalData = 0 + for i in enumerate(searchResult): + data = i[1].getData() + lenData = len(data) + if (totalData+lenData) >= maxDataCount or (i[0]+1) >= findNext2Parameters['SearchCount']: + # We gotta stop here and continue on a find_next2 + endOfSearch = 0 + connData['SIDs'][sid] = searchResult[i[0]:] + respParameters['LastNameOffset'] = totalData + break + else: + searchCount +=1 + respData += data + totalData += lenData + + # Have we reached the end of the search or still stuff to send? + if endOfSearch > 0: + # Let's remove the SID from our ConnData + del(connData['SIDs'][sid]) + + respParameters['EndOfSearch'] = endOfSearch + respParameters['SearchCount'] = searchCount + else: + errorCode = STATUS_INVALID_HANDLE + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + + @staticmethod + def findFirst2(connId, smbServer, recvPacket, parameters, data, maxDataCount): + connData = smbServer.getConnectionData(connId) + + respSetup = '' + respParameters = '' + respData = '' + findFirst2Parameters = smb.SMBFindFirst2_Parameters( recvPacket['Flags2'], data = parameters) + + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + + searchResult, searchCount, errorCode = findFirst2(path, + decodeSMBString( recvPacket['Flags2'], findFirst2Parameters['FileName'] ), + findFirst2Parameters['InformationLevel'], + findFirst2Parameters['SearchAttributes'] ) + + respParameters = smb.SMBFindFirst2Response_Parameters() + endOfSearch = 1 + sid = 0x80 # default SID + searchCount = 0 + totalData = 0 + for i in enumerate(searchResult): + #i[1].dump() + data = i[1].getData() + lenData = len(data) + if (totalData+lenData) >= maxDataCount or (i[0]+1) > findFirst2Parameters['SearchCount']: + # We gotta stop here and continue on a find_next2 + endOfSearch = 0 + # Simple way to generate a fid + if len(connData['SIDs']) == 0: + sid = 1 + else: + sid = connData['SIDs'].keys()[-1] + 1 + # Store the remaining search results in the ConnData SID + connData['SIDs'][sid] = searchResult[i[0]:] + respParameters['LastNameOffset'] = totalData + break + else: + searchCount +=1 + respData += data + + padLen = (8-(lenData % 8)) %8 + respData += '\xaa'*padLen + totalData += lenData + padLen + + respParameters['SID'] = sid + respParameters['EndOfSearch'] = endOfSearch + respParameters['SearchCount'] = searchCount + else: + errorCode = STATUS_SMB_BAD_TID + + smbServer.setConnectionData(connId, connData) + + return respSetup, respParameters, respData, errorCode + +# Here we implement the commands handlers +class SMBCommands: + + @staticmethod + def smbTransaction(connId, smbServer, SMBCommand, recvPacket, transCommands): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + + transParameters= smb.SMBTransaction_Parameters(SMBCommand['Parameters']) + + # Do the stuff + if transParameters['ParameterCount'] != transParameters['TotalParameterCount']: + # TODO: Handle partial parameters + raise Exception("Unsupported partial parameters in TRANSACT2!") + else: + transData = smb.SMBTransaction_SData(flags = recvPacket['Flags2']) + # Standard says servers shouldn't trust Parameters and Data comes + # in order, so we have to parse the offsets, ugly + + paramCount = transParameters['ParameterCount'] + transData['Trans_ParametersLength'] = paramCount + dataCount = transParameters['DataCount'] + transData['Trans_DataLength'] = dataCount + transData.fromString(SMBCommand['Data']) + if transParameters['ParameterOffset'] > 0: + paramOffset = transParameters['ParameterOffset'] - 63 - transParameters['SetupLength'] + transData['Trans_Parameters'] = SMBCommand['Data'][paramOffset:paramOffset+paramCount] + else: + transData['Trans_Parameters'] = '' + + if transParameters['DataOffset'] > 0: + dataOffset = transParameters['DataOffset'] - 63 - transParameters['SetupLength'] + transData['Trans_Data'] = SMBCommand['Data'][dataOffset:dataOffset + dataCount] + else: + transData['Trans_Data'] = '' + + # Call the handler for this TRANSACTION + if transParameters['SetupCount'] == 0: + # No subcommand, let's play with the Name + command = decodeSMBString(recvPacket['Flags2'],transData['Name']) + else: + command = struct.unpack('<H', transParameters['Setup'][:2])[0] + + if transCommands.has_key(command): + # Call the TRANS subcommand + setup = '' + parameters = '' + data = '' + try: + setup, parameters, data, errorCode = transCommands[command](connId, + smbServer, + recvPacket, + transData['Trans_Parameters'], + transData['Trans_Data'], + transParameters['MaxDataCount']) + except Exception, e: + #print 'Transaction: %s' % e,e + smbServer.log('Transaction: (%r,%s)' % (command, e), logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + #raise + + if setup == '' and parameters == '' and data == '': + # Something wen't wrong + respParameters = '' + respData = '' + else: + # Build the answer + data = str(data) + remainingData = len(data) + parameters = str(parameters) + remainingParameters = len(parameters) + commands = [] + dataDisplacement = 0 + while remainingData > 0 or remainingParameters > 0: + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + respParameters = smb.SMBTransactionResponse_Parameters() + respData = smb.SMBTransaction2Response_Data() + + respParameters['TotalParameterCount'] = len(parameters) + respParameters['ParameterCount'] = len(parameters) + respData['Trans_ParametersLength'] = len(parameters) + respParameters['TotalDataCount'] = len(data) + respParameters['DataDisplacement'] = dataDisplacement + + # TODO: Do the same for parameters + if len(data) > transParameters['MaxDataCount']: + # Answer doesn't fit in this packet + LOG.debug("Lowering answer from %d to %d" % (len(data),transParameters['MaxDataCount']) ) + respParameters['DataCount'] = transParameters['MaxDataCount'] + else: + respParameters['DataCount'] = len(data) + + respData['Trans_DataLength'] = respParameters['DataCount'] + respParameters['SetupCount'] = len(setup) + respParameters['Setup'] = setup + # TODO: Make sure we're calculating the pad right + if len(parameters) > 0: + #padLen = 4 - (55 + len(setup)) % 4 + padLen = (4 - (55 + len(setup)) % 4 ) % 4 + padBytes = '\xFF' * padLen + respData['Pad1'] = padBytes + respParameters['ParameterOffset'] = 55 + len(setup) + padLen + else: + padLen = 0 + respParameters['ParameterOffset'] = 0 + respData['Pad1'] = '' + + if len(data) > 0: + #pad2Len = 4 - (55 + len(setup) + padLen + len(parameters)) % 4 + pad2Len = (4 - (55 + len(setup) + padLen + len(parameters)) % 4) % 4 + respData['Pad2'] = '\xFF' * pad2Len + respParameters['DataOffset'] = 55 + len(setup) + padLen + len(parameters) + pad2Len + else: + respParameters['DataOffset'] = 0 + respData['Pad2'] = '' + + respData['Trans_Parameters'] = parameters[:respParameters['ParameterCount']] + respData['Trans_Data'] = data[:respParameters['DataCount']] + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + data = data[respParameters['DataCount']:] + remainingData -= respParameters['DataCount'] + dataDisplacement += respParameters['DataCount'] + 1 + + parameters = parameters[respParameters['ParameterCount']:] + remainingParameters -= respParameters['ParameterCount'] + commands.append(respSMBCommand) + + smbServer.setConnectionData(connId, connData) + return commands, None, errorCode + + else: + smbServer.log("Unsupported Transact command %r" % command, logging.ERROR) + respParameters = '' + respData = '' + errorCode = STATUS_NOT_IMPLEMENTED + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbNTTransact(connId, smbServer, SMBCommand, recvPacket, transCommands): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + + NTTransParameters= smb.SMBNTTransaction_Parameters(SMBCommand['Parameters']) + # Do the stuff + if NTTransParameters['ParameterCount'] != NTTransParameters['TotalParameterCount']: + # TODO: Handle partial parameters + raise Exception("Unsupported partial parameters in NTTrans!") + else: + NTTransData = smb.SMBNTTransaction_Data() + # Standard says servers shouldn't trust Parameters and Data comes + # in order, so we have to parse the offsets, ugly + + paramCount = NTTransParameters['ParameterCount'] + NTTransData['NT_Trans_ParametersLength'] = paramCount + dataCount = NTTransParameters['DataCount'] + NTTransData['NT_Trans_DataLength'] = dataCount + + if NTTransParameters['ParameterOffset'] > 0: + paramOffset = NTTransParameters['ParameterOffset'] - 73 - NTTransParameters['SetupLength'] + NTTransData['NT_Trans_Parameters'] = SMBCommand['Data'][paramOffset:paramOffset+paramCount] + else: + NTTransData['NT_Trans_Parameters'] = '' + + if NTTransParameters['DataOffset'] > 0: + dataOffset = NTTransParameters['DataOffset'] - 73 - NTTransParameters['SetupLength'] + NTTransData['NT_Trans_Data'] = SMBCommand['Data'][dataOffset:dataOffset + dataCount] + else: + NTTransData['NT_Trans_Data'] = '' + + # Call the handler for this TRANSACTION + command = NTTransParameters['Function'] + if transCommands.has_key(command): + # Call the NT TRANS subcommand + setup = '' + parameters = '' + data = '' + try: + setup, parameters, data, errorCode = transCommands[command](connId, + smbServer, + recvPacket, + NTTransData['NT_Trans_Parameters'], + NTTransData['NT_Trans_Data'], + NTTransParameters['MaxDataCount']) + except Exception, e: + smbServer.log('NTTransaction: (0x%x,%s)' % (command, e), logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + #raise + + if setup == '' and parameters == '' and data == '': + # Something wen't wrong + respParameters = '' + respData = '' + if errorCode == STATUS_SUCCESS: + errorCode = STATUS_ACCESS_DENIED + else: + # Build the answer + data = str(data) + remainingData = len(data) + parameters = str(parameters) + remainingParameters = len(parameters) + commands = [] + dataDisplacement = 0 + while remainingData > 0 or remainingParameters > 0: + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + respParameters = smb.SMBNTTransactionResponse_Parameters() + respData = smb.SMBNTTransactionResponse_Data() + + respParameters['TotalParameterCount'] = len(parameters) + respParameters['ParameterCount'] = len(parameters) + respData['Trans_ParametersLength'] = len(parameters) + respParameters['TotalDataCount'] = len(data) + respParameters['DataDisplacement'] = dataDisplacement + # TODO: Do the same for parameters + if len(data) > NTTransParameters['MaxDataCount']: + # Answer doesn't fit in this packet + LOG.debug("Lowering answer from %d to %d" % (len(data),NTTransParameters['MaxDataCount']) ) + respParameters['DataCount'] = NTTransParameters['MaxDataCount'] + else: + respParameters['DataCount'] = len(data) + + respData['NT_Trans_DataLength'] = respParameters['DataCount'] + respParameters['SetupCount'] = len(setup) + respParameters['Setup'] = setup + # TODO: Make sure we're calculating the pad right + if len(parameters) > 0: + #padLen = 4 - (71 + len(setup)) % 4 + padLen = (4 - (73 + len(setup)) % 4 ) % 4 + padBytes = '\xFF' * padLen + respData['Pad1'] = padBytes + respParameters['ParameterOffset'] = 73 + len(setup) + padLen + else: + padLen = 0 + respParameters['ParameterOffset'] = 0 + respData['Pad1'] = '' + + if len(data) > 0: + #pad2Len = 4 - (71 + len(setup) + padLen + len(parameters)) % 4 + pad2Len = (4 - (73 + len(setup) + padLen + len(parameters)) % 4) % 4 + respData['Pad2'] = '\xFF' * pad2Len + respParameters['DataOffset'] = 73 + len(setup) + padLen + len(parameters) + pad2Len + else: + respParameters['DataOffset'] = 0 + respData['Pad2'] = '' + + respData['NT_Trans_Parameters'] = parameters[:respParameters['ParameterCount']] + respData['NT_Trans_Data'] = data[:respParameters['DataCount']] + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + data = data[respParameters['DataCount']:] + remainingData -= respParameters['DataCount'] + dataDisplacement += respParameters['DataCount'] + 1 + + parameters = parameters[respParameters['ParameterCount']:] + remainingParameters -= respParameters['ParameterCount'] + commands.append(respSMBCommand) + + smbServer.setConnectionData(connId, connData) + return commands, None, errorCode + + else: + #smbServer.log("Unsupported NTTransact command 0x%x" % command, logging.ERROR) + respParameters = '' + respData = '' + errorCode = STATUS_NOT_IMPLEMENTED + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbTransaction2(connId, smbServer, SMBCommand, recvPacket, transCommands): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + + trans2Parameters= smb.SMBTransaction2_Parameters(SMBCommand['Parameters']) + + # Do the stuff + if trans2Parameters['ParameterCount'] != trans2Parameters['TotalParameterCount']: + # TODO: Handle partial parameters + #print "Unsupported partial parameters in TRANSACT2!" + raise Exception("Unsupported partial parameters in TRANSACT2!") + else: + trans2Data = smb.SMBTransaction2_Data() + # Standard says servers shouldn't trust Parameters and Data comes + # in order, so we have to parse the offsets, ugly + + paramCount = trans2Parameters['ParameterCount'] + trans2Data['Trans_ParametersLength'] = paramCount + dataCount = trans2Parameters['DataCount'] + trans2Data['Trans_DataLength'] = dataCount + + if trans2Parameters['ParameterOffset'] > 0: + paramOffset = trans2Parameters['ParameterOffset'] - 63 - trans2Parameters['SetupLength'] + trans2Data['Trans_Parameters'] = SMBCommand['Data'][paramOffset:paramOffset+paramCount] + else: + trans2Data['Trans_Parameters'] = '' + + if trans2Parameters['DataOffset'] > 0: + dataOffset = trans2Parameters['DataOffset'] - 63 - trans2Parameters['SetupLength'] + trans2Data['Trans_Data'] = SMBCommand['Data'][dataOffset:dataOffset + dataCount] + else: + trans2Data['Trans_Data'] = '' + + # Call the handler for this TRANSACTION + command = struct.unpack('<H', trans2Parameters['Setup'])[0] + if transCommands.has_key(command): + # Call the TRANS2 subcommand + try: + setup, parameters, data, errorCode = transCommands[command](connId, + smbServer, + recvPacket, + trans2Data['Trans_Parameters'], + trans2Data['Trans_Data'], + trans2Parameters['MaxDataCount']) + except Exception, e: + smbServer.log('Transaction2: (0x%x,%s)' % (command, e), logging.ERROR) + #import traceback + #traceback.print_exc() + raise + + if setup == '' and parameters == '' and data == '': + # Something wen't wrong + respParameters = '' + respData = '' + else: + # Build the answer + data = str(data) + remainingData = len(data) + parameters = str(parameters) + remainingParameters = len(parameters) + commands = [] + dataDisplacement = 0 + while remainingData > 0 or remainingParameters > 0: + respSMBCommand = smb.SMBCommand(recvPacket['Command']) + respParameters = smb.SMBTransaction2Response_Parameters() + respData = smb.SMBTransaction2Response_Data() + + respParameters['TotalParameterCount'] = len(parameters) + respParameters['ParameterCount'] = len(parameters) + respData['Trans_ParametersLength'] = len(parameters) + respParameters['TotalDataCount'] = len(data) + respParameters['DataDisplacement'] = dataDisplacement + # TODO: Do the same for parameters + if len(data) > trans2Parameters['MaxDataCount']: + # Answer doesn't fit in this packet + LOG.debug("Lowering answer from %d to %d" % (len(data),trans2Parameters['MaxDataCount']) ) + respParameters['DataCount'] = trans2Parameters['MaxDataCount'] + else: + respParameters['DataCount'] = len(data) + + respData['Trans_DataLength'] = respParameters['DataCount'] + respParameters['SetupCount'] = len(setup) + respParameters['Setup'] = setup + # TODO: Make sure we're calculating the pad right + if len(parameters) > 0: + #padLen = 4 - (55 + len(setup)) % 4 + padLen = (4 - (55 + len(setup)) % 4 ) % 4 + padBytes = '\xFF' * padLen + respData['Pad1'] = padBytes + respParameters['ParameterOffset'] = 55 + len(setup) + padLen + else: + padLen = 0 + respParameters['ParameterOffset'] = 0 + respData['Pad1'] = '' + + if len(data) > 0: + #pad2Len = 4 - (55 + len(setup) + padLen + len(parameters)) % 4 + pad2Len = (4 - (55 + len(setup) + padLen + len(parameters)) % 4) % 4 + respData['Pad2'] = '\xFF' * pad2Len + respParameters['DataOffset'] = 55 + len(setup) + padLen + len(parameters) + pad2Len + else: + respParameters['DataOffset'] = 0 + respData['Pad2'] = '' + + respData['Trans_Parameters'] = parameters[:respParameters['ParameterCount']] + respData['Trans_Data'] = data[:respParameters['DataCount']] + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + data = data[respParameters['DataCount']:] + remainingData -= respParameters['DataCount'] + dataDisplacement += respParameters['DataCount'] + 1 + + parameters = parameters[respParameters['ParameterCount']:] + remainingParameters -= respParameters['ParameterCount'] + commands.append(respSMBCommand) + + smbServer.setConnectionData(connId, connData) + return commands, None, errorCode + + else: + smbServer.log("Unsupported Transact/2 command 0x%x" % command, logging.ERROR) + respParameters = '' + respData = '' + errorCode = STATUS_NOT_IMPLEMENTED + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComLockingAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_LOCKING_ANDX) + respParameters = '' + respData = '' + + # I'm actually doing nothing.. just make MacOS happy ;) + errorCode = STATUS_SUCCESS + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbComClose(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_CLOSE) + respParameters = '' + respData = '' + + comClose = smb.SMBClose_Parameters(SMBCommand['Parameters']) + + if connData['OpenedFiles'].has_key(comClose['FID']): + errorCode = STATUS_SUCCESS + fileHandle = connData['OpenedFiles'][comClose['FID']]['FileHandle'] + try: + if fileHandle == PIPE_FILE_DESCRIPTOR: + connData['OpenedFiles'][comClose['FID']]['Socket'].close() + elif fileHandle != VOID_FILE_DESCRIPTOR: + os.close(fileHandle) + except Exception, e: + smbServer.log("comClose %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + # Check if the file was marked for removal + if connData['OpenedFiles'][comClose['FID']]['DeleteOnClose'] is True: + try: + os.remove(connData['OpenedFiles'][comClose['FID']]['FileName']) + except Exception, e: + smbServer.log("comClose %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + del(connData['OpenedFiles'][comClose['FID']]) + else: + errorCode = STATUS_INVALID_HANDLE + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComWrite(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_WRITE) + respParameters = smb.SMBWriteResponse_Parameters() + respData = '' + + comWriteParameters = smb.SMBWrite_Parameters(SMBCommand['Parameters']) + comWriteData = smb.SMBWrite_Data(SMBCommand['Data']) + + if connData['OpenedFiles'].has_key(comWriteParameters['Fid']): + fileHandle = connData['OpenedFiles'][comWriteParameters['Fid']]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + # TODO: Handle big size files + # If we're trying to write past the file end we just skip the write call (Vista does this) + if os.lseek(fileHandle, 0, 2) >= comWriteParameters['Offset']: + os.lseek(fileHandle,comWriteParameters['Offset'],0) + os.write(fileHandle,comWriteData['Data']) + else: + sock = connData['OpenedFiles'][comWriteParameters['Fid']]['Socket'] + sock.send(comWriteData['Data']) + respParameters['Count'] = comWriteParameters['Count'] + except Exception, e: + smbServer.log('smbComWrite: %s' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComFlush(connId, smbServer, SMBCommand,recvPacket ): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_FLUSH) + respParameters = '' + respData = '' + + comFlush = smb.SMBFlush_Parameters(SMBCommand['Parameters']) + + if connData['OpenedFiles'].has_key(comFlush['FID']): + errorCode = STATUS_SUCCESS + fileHandle = connData['OpenedFiles'][comFlush['FID']]['FileHandle'] + try: + os.fsync(fileHandle) + except Exception, e: + smbServer.log("comFlush %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbComCreateDirectory(connId, smbServer, SMBCommand,recvPacket ): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY) + respParameters = '' + respData = '' + + comCreateDirectoryData= smb.SMBCreateDirectory_Data(flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + errorCode = STATUS_SUCCESS + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + fileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],comCreateDirectoryData['DirectoryName']).replace('\\','/')) + if len(fileName) > 0: + if fileName[0] == '/' or fileName[0] == '\\': + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + if os.path.exists(pathName): + errorCode = STATUS_OBJECT_NAME_COLLISION + + # TODO: More checks here in the future.. Specially when we support + # user access + else: + try: + os.mkdir(pathName) + except Exception, e: + smbServer.log("smbComCreateDirectory: %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComRename(connId, smbServer, SMBCommand, recvPacket ): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_RENAME) + respParameters = '' + respData = '' + + comRenameData = smb.SMBRename_Data(flags = recvPacket['Flags2'], data = SMBCommand['Data']) + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + errorCode = STATUS_SUCCESS + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + oldFileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],comRenameData['OldFileName']).replace('\\','/')) + newFileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],comRenameData['NewFileName']).replace('\\','/')) + if len(oldFileName) > 0 and (oldFileName[0] == '/' or oldFileName[0] == '\\'): + # strip leading '/' + oldFileName = oldFileName[1:] + oldPathName = os.path.join(path,oldFileName) + if len(newFileName) > 0 and (newFileName[0] == '/' or newFileName[0] == '\\'): + # strip leading '/' + newFileName = newFileName[1:] + newPathName = os.path.join(path,newFileName) + + if os.path.exists(oldPathName) is not True: + errorCode = STATUS_NO_SUCH_FILE + + # TODO: More checks here in the future.. Specially when we support + # user access + else: + try: + os.rename(oldPathName,newPathName) + except OSError, e: + smbServer.log("smbComRename: %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComDelete(connId, smbServer, SMBCommand, recvPacket ): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_DELETE) + respParameters = '' + respData = '' + + comDeleteData = smb.SMBDelete_Data(flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + errorCode = STATUS_SUCCESS + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + fileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],comDeleteData['FileName']).replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + if os.path.exists(pathName) is not True: + errorCode = STATUS_NO_SUCH_FILE + + # TODO: More checks here in the future.. Specially when we support + # user access + else: + try: + os.remove(pathName) + except OSError, e: + smbServer.log("smbComDelete: %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbComDeleteDirectory(connId, smbServer, SMBCommand, recvPacket ): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY) + respParameters = '' + respData = '' + + comDeleteDirectoryData= smb.SMBDeleteDirectory_Data(flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + errorCode = STATUS_SUCCESS + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + fileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],comDeleteDirectoryData['DirectoryName']).replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + if os.path.exists(pathName) is not True: + errorCode = STATUS_NO_SUCH_FILE + + # TODO: More checks here in the future.. Specially when we support + # user access + else: + try: + os.rmdir(pathName) + except OSError, e: + smbServer.log("smbComDeleteDirectory: %s" % e,logging.ERROR) + if e.errno == errno.ENOTEMPTY: + errorCode = STATUS_DIRECTORY_NOT_EMPTY + else: + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + + @staticmethod + def smbComWriteAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_WRITE_ANDX) + respParameters = smb.SMBWriteAndXResponse_Parameters() + respData = '' + + if SMBCommand['WordCount'] == 0x0C: + writeAndX = smb.SMBWriteAndX_Parameters_Short(SMBCommand['Parameters']) + writeAndXData = smb.SMBWriteAndX_Data_Short() + else: + writeAndX = smb.SMBWriteAndX_Parameters(SMBCommand['Parameters']) + writeAndXData = smb.SMBWriteAndX_Data() + writeAndXData['DataLength'] = writeAndX['DataLength'] + writeAndXData['DataOffset'] = writeAndX['DataOffset'] + writeAndXData.fromString(SMBCommand['Data']) + + + if connData['OpenedFiles'].has_key(writeAndX['Fid']): + fileHandle = connData['OpenedFiles'][writeAndX['Fid']]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + offset = writeAndX['Offset'] + if writeAndX.fields.has_key('HighOffset'): + offset += (writeAndX['HighOffset'] << 32) + # If we're trying to write past the file end we just skip the write call (Vista does this) + if os.lseek(fileHandle, 0, 2) >= offset: + os.lseek(fileHandle,offset,0) + os.write(fileHandle,writeAndXData['Data']) + else: + sock = connData['OpenedFiles'][writeAndX['Fid']]['Socket'] + sock.send(writeAndXData['Data']) + + respParameters['Count'] = writeAndX['DataLength'] + respParameters['Available']= 0xff + except Exception, e: + smbServer.log('smbComWriteAndx: %s' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComRead(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_READ) + respParameters = smb.SMBReadResponse_Parameters() + respData = smb.SMBReadResponse_Data() + + comReadParameters = smb.SMBRead_Parameters(SMBCommand['Parameters']) + + if connData['OpenedFiles'].has_key(comReadParameters['Fid']): + fileHandle = connData['OpenedFiles'][comReadParameters['Fid']]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + # TODO: Handle big size files + os.lseek(fileHandle,comReadParameters['Offset'],0) + content = os.read(fileHandle,comReadParameters['Count']) + else: + sock = connData['OpenedFiles'][comReadParameters['Fid']]['Socket'] + content = sock.recv(comReadParameters['Count']) + respParameters['Count'] = len(content) + respData['DataLength'] = len(content) + respData['Data'] = content + except Exception, e: + smbServer.log('smbComRead: %s ' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComReadAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_READ_ANDX) + respParameters = smb.SMBReadAndXResponse_Parameters() + respData = '' + + if SMBCommand['WordCount'] == 0x0A: + readAndX = smb.SMBReadAndX_Parameters2(SMBCommand['Parameters']) + else: + readAndX = smb.SMBReadAndX_Parameters(SMBCommand['Parameters']) + + if connData['OpenedFiles'].has_key(readAndX['Fid']): + fileHandle = connData['OpenedFiles'][readAndX['Fid']]['FileHandle'] + errorCode = 0 + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + offset = readAndX['Offset'] + if readAndX.fields.has_key('HighOffset'): + offset += (readAndX['HighOffset'] << 32) + os.lseek(fileHandle,offset,0) + content = os.read(fileHandle,readAndX['MaxCount']) + else: + sock = connData['OpenedFiles'][readAndX['Fid']]['Socket'] + content = sock.recv(readAndX['MaxCount']) + respParameters['Remaining'] = 0xffff + respParameters['DataCount'] = len(content) + respParameters['DataOffset'] = 59 + respParameters['DataCount_Hi'] = 0 + respData = content + except Exception, e: + smbServer.log('smbComReadAndX: %s ' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbQueryInformation(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION) + respParameters = smb.SMBQueryInformationResponse_Parameters() + respData = '' + + queryInformation= smb.SMBQueryInformation_Data(flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + fileSize, lastWriteTime, fileAttributes = queryFsInformation( + connData['ConnectedShares'][recvPacket['Tid']]['path'], + decodeSMBString(recvPacket['Flags2'],queryInformation['FileName'])) + + respParameters['FileSize'] = fileSize + respParameters['LastWriteTime'] = lastWriteTime + respParameters['FileAttributes'] = fileAttributes + errorCode = STATUS_SUCCESS + else: + # STATUS_SMB_BAD_TID + errorCode = STATUS_SMB_BAD_TID + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smbQueryInformationDisk(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION_DISK) + respParameters = smb.SMBQueryInformationDiskResponse_Parameters() + respData = '' + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + totalUnits, freeUnits = queryDiskInformation( + connData['ConnectedShares'][recvPacket['Tid']]['path']) + + respParameters['TotalUnits'] = totalUnits + respParameters['BlocksPerUnit'] = 1 + respParameters['BlockSize'] = 1 + respParameters['FreeUnits'] = freeUnits + errorCode = STATUS_SUCCESS + else: + # STATUS_SMB_BAD_TID + respData = '' + respParameters = '' + errorCode = STATUS_SMB_BAD_TID + + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComEcho(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_ECHO) + respParameters = smb.SMBEchoResponse_Parameters() + respData = smb.SMBEchoResponse_Data() + + echoData = smb.SMBEcho_Data(SMBCommand['Data']) + + respParameters['SequenceNumber'] = 1 + respData['Data'] = echoData['Data'] + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + errorCode = STATUS_SUCCESS + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComTreeDisconnect(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_TREE_DISCONNECT) + + # Check if the Tid matches the Tid trying to disconnect + respParameters = '' + respData = '' + + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + smbServer.log("Disconnecting Share(%d:%s)" % (recvPacket['Tid'],connData['ConnectedShares'][recvPacket['Tid']]['shareName'])) + del(connData['ConnectedShares'][recvPacket['Tid']]) + errorCode = STATUS_SUCCESS + else: + # STATUS_SMB_BAD_TID + errorCode = STATUS_SMB_BAD_TID + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComLogOffAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_LOGOFF_ANDX) + + # Check if the Uid matches the user trying to logoff + respParameters = '' + respData = '' + if recvPacket['Uid'] != connData['Uid']: + # STATUS_SMB_BAD_UID + errorCode = STATUS_SMB_BAD_UID + else: + errorCode = STATUS_SUCCESS + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + connData['Uid'] = 0 + + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComQueryInformation2(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_QUERY_INFORMATION2) + respParameters = smb.SMBQueryInformation2Response_Parameters() + respData = '' + + queryInformation2 = smb.SMBQueryInformation2_Parameters(SMBCommand['Parameters']) + errorCode = 0xFF + if connData['OpenedFiles'].has_key(queryInformation2['Fid']): + errorCode = STATUS_SUCCESS + pathName = connData['OpenedFiles'][queryInformation2['Fid']]['FileName'] + try: + (mode, ino, dev, nlink, uid, gid, size, atime, mtime, ctime) = os.stat(pathName) + respParameters['CreateDate'] = getSMBDate(ctime) + respParameters['CreationTime'] = getSMBTime(ctime) + respParameters['LastAccessDate'] = getSMBDate(atime) + respParameters['LastAccessTime'] = getSMBTime(atime) + respParameters['LastWriteDate'] = getSMBDate(mtime) + respParameters['LastWriteTime'] = getSMBTime(mtime) + respParameters['FileDataSize'] = size + respParameters['FileAllocationSize'] = size + attribs = 0 + if os.path.isdir(pathName): + attribs = smb.SMB_FILE_ATTRIBUTE_DIRECTORY + if os.path.isfile(pathName): + attribs = smb.SMB_FILE_ATTRIBUTE_NORMAL + respParameters['FileAttributes'] = attribs + except Exception, e: + smbServer.log('smbComQueryInformation2 %s' % e,logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + + if errorCode > 0: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComNtCreateAndX(connId, smbServer, SMBCommand, recvPacket): + # TODO: Fully implement this + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_NT_CREATE_ANDX) + respParameters = smb.SMBNtCreateAndXResponse_Parameters() + respData = '' + + ntCreateAndXParameters = smb.SMBNtCreateAndX_Parameters(SMBCommand['Parameters']) + ntCreateAndXData = smb.SMBNtCreateAndX_Data( flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + #if ntCreateAndXParameters['CreateFlags'] & 0x10: # NT_CREATE_REQUEST_EXTENDED_RESPONSE + # respParameters = smb.SMBNtCreateAndXExtendedResponse_Parameters() + # respParameters['VolumeGUID'] = '\x00' + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + # If we have a rootFid, the path is relative to that fid + errorCode = STATUS_SUCCESS + if ntCreateAndXParameters['RootFid'] > 0: + path = connData['OpenedFiles'][ntCreateAndXParameters['RootFid']]['FileName'] + LOG.debug("RootFid present %s!" % path) + else: + if connData['ConnectedShares'][recvPacket['Tid']].has_key('path'): + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + else: + path = 'NONE' + errorCode = STATUS_ACCESS_DENIED + + deleteOnClose = False + + fileName = os.path.normpath(decodeSMBString(recvPacket['Flags2'],ntCreateAndXData['FileName']).replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + createDisposition = ntCreateAndXParameters['Disposition'] + mode = 0 + + if createDisposition == smb.FILE_SUPERSEDE: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb.FILE_OVERWRITE_IF == smb.FILE_OVERWRITE_IF: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb.FILE_OVERWRITE == smb.FILE_OVERWRITE: + if os.path.exists(pathName) is True: + mode |= os.O_TRUNC + else: + errorCode = STATUS_NO_SUCH_FILE + elif createDisposition & smb.FILE_OPEN_IF == smb.FILE_OPEN_IF: + if os.path.exists(pathName) is True: + mode |= os.O_TRUNC + else: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb.FILE_CREATE == smb.FILE_CREATE: + if os.path.exists(pathName) is True: + errorCode = STATUS_OBJECT_NAME_COLLISION + else: + mode |= os.O_CREAT + elif createDisposition & smb.FILE_OPEN == smb.FILE_OPEN: + if os.path.exists(pathName) is not True and smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)) is not True: + errorCode = STATUS_NO_SUCH_FILE + + if errorCode == STATUS_SUCCESS: + desiredAccess = ntCreateAndXParameters['AccessMask'] + if (desiredAccess & smb.FILE_READ_DATA) or (desiredAccess & smb.GENERIC_READ): + mode |= os.O_RDONLY + if (desiredAccess & smb.FILE_WRITE_DATA) or (desiredAccess & smb.GENERIC_WRITE): + if (desiredAccess & smb.FILE_READ_DATA) or (desiredAccess & smb.GENERIC_READ): + mode |= os.O_RDWR #| os.O_APPEND + else: + mode |= os.O_WRONLY #| os.O_APPEND + if desiredAccess & smb.GENERIC_ALL: + mode |= os.O_RDWR #| os.O_APPEND + + createOptions = ntCreateAndXParameters['CreateOptions'] + if mode & os.O_CREAT == os.O_CREAT: + if createOptions & smb.FILE_DIRECTORY_FILE == smb.FILE_DIRECTORY_FILE: + try: + # Let's create the directory + os.mkdir(pathName) + mode = os.O_RDONLY + except Exception, e: + smbServer.log("NTCreateAndX: %s,%s,%s" % (pathName,mode,e),logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + if createOptions & smb.FILE_NON_DIRECTORY_FILE == smb.FILE_NON_DIRECTORY_FILE: + # If the file being opened is a directory, the server MUST fail the request with + # STATUS_FILE_IS_A_DIRECTORY in the Status field of the SMB Header in the server + # response. + if os.path.isdir(pathName) is True: + errorCode = STATUS_FILE_IS_A_DIRECTORY + + if createOptions & smb.FILE_DELETE_ON_CLOSE == smb.FILE_DELETE_ON_CLOSE: + deleteOnClose = True + + if errorCode == STATUS_SUCCESS: + try: + if os.path.isdir(pathName) and sys.platform == 'win32': + fid = VOID_FILE_DESCRIPTOR + else: + if sys.platform == 'win32': + mode |= os.O_BINARY + if smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)): + fid = PIPE_FILE_DESCRIPTOR + sock = socket.socket() + sock.connect(smbServer.getRegisteredNamedPipes()[unicode(pathName)]) + else: + fid = os.open(pathName, mode) + except Exception, e: + smbServer.log("NTCreateAndX: %s,%s,%s" % (pathName,mode,e),logging.ERROR) + #print e + fid = 0 + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + if errorCode == STATUS_SUCCESS: + # Simple way to generate a fid + if len(connData['OpenedFiles']) == 0: + fakefid = 1 + else: + fakefid = connData['OpenedFiles'].keys()[-1] + 1 + respParameters['Fid'] = fakefid + respParameters['CreateAction'] = createDisposition + if fid == PIPE_FILE_DESCRIPTOR: + respParameters['FileAttributes'] = 0x80 + respParameters['IsDirectory'] = 0 + respParameters['CreateTime'] = 0 + respParameters['LastAccessTime'] = 0 + respParameters['LastWriteTime'] = 0 + respParameters['LastChangeTime'] = 0 + respParameters['AllocationSize'] = 4096 + respParameters['EndOfFile'] = 0 + respParameters['FileType'] = 2 + respParameters['IPCState'] = 0x5ff + else: + if os.path.isdir(pathName): + respParameters['FileAttributes'] = smb.SMB_FILE_ATTRIBUTE_DIRECTORY + respParameters['IsDirectory'] = 1 + else: + respParameters['IsDirectory'] = 0 + respParameters['FileAttributes'] = ntCreateAndXParameters['FileAttributes'] + # Let's get this file's information + respInfo, errorCode = queryPathInformation('',pathName,level= smb.SMB_QUERY_FILE_ALL_INFO) + if errorCode == STATUS_SUCCESS: + respParameters['CreateTime'] = respInfo['CreationTime'] + respParameters['LastAccessTime'] = respInfo['LastAccessTime'] + respParameters['LastWriteTime'] = respInfo['LastWriteTime'] + respParameters['LastChangeTime'] = respInfo['LastChangeTime'] + respParameters['FileAttributes'] = respInfo['ExtFileAttributes'] + respParameters['AllocationSize'] = respInfo['AllocationSize'] + respParameters['EndOfFile'] = respInfo['EndOfFile'] + else: + respParameters = '' + respData = '' + + if errorCode == STATUS_SUCCESS: + # Let's store the fid for the connection + # smbServer.log('Create file %s, mode:0x%x' % (pathName, mode)) + connData['OpenedFiles'][fakefid] = {} + connData['OpenedFiles'][fakefid]['FileHandle'] = fid + connData['OpenedFiles'][fakefid]['FileName'] = pathName + connData['OpenedFiles'][fakefid]['DeleteOnClose'] = deleteOnClose + if fid == PIPE_FILE_DESCRIPTOR: + connData['OpenedFiles'][fakefid]['Socket'] = sock + else: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComOpenAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_OPEN_ANDX) + respParameters = smb.SMBOpenAndXResponse_Parameters() + respData = '' + + openAndXParameters = smb.SMBOpenAndX_Parameters(SMBCommand['Parameters']) + openAndXData = smb.SMBOpenAndX_Data( flags = recvPacket['Flags2'], data = SMBCommand['Data']) + + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['Tid']): + path = connData['ConnectedShares'][recvPacket['Tid']]['path'] + openedFile, mode, pathName, errorCode = openFile(path, + decodeSMBString(recvPacket['Flags2'],openAndXData['FileName']), + openAndXParameters['DesiredAccess'], + openAndXParameters['FileAttributes'], + openAndXParameters['OpenMode']) + else: + errorCode = STATUS_SMB_BAD_TID + + if errorCode == STATUS_SUCCESS: + # Simple way to generate a fid + fid = len(connData['OpenedFiles']) + 1 + if len(connData['OpenedFiles']) == 0: + fid = 1 + else: + fid = connData['OpenedFiles'].keys()[-1] + 1 + respParameters['Fid'] = fid + if mode & os.O_CREAT: + # File did not exist and was created + respParameters['Action'] = 0x2 + elif mode & os.O_RDONLY: + # File existed and was opened + respParameters['Action'] = 0x1 + elif mode & os.O_APPEND: + # File existed and was opened + respParameters['Action'] = 0x1 + else: + # File existed and was truncated + respParameters['Action'] = 0x3 + + # Let's store the fid for the connection + #smbServer.log('Opening file %s' % pathName) + connData['OpenedFiles'][fid] = {} + connData['OpenedFiles'][fid]['FileHandle'] = openedFile + connData['OpenedFiles'][fid]['FileName'] = pathName + connData['OpenedFiles'][fid]['DeleteOnClose'] = False + else: + respParameters = '' + respData = '' + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComTreeConnectAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId) + + resp = smb.NewSMBPacket() + resp['Flags1'] = smb.SMB.FLAGS1_REPLY + resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES | recvPacket['Flags2'] & smb.SMB.FLAGS2_UNICODE + + resp['Tid'] = recvPacket['Tid'] + resp['Mid'] = recvPacket['Mid'] + resp['Pid'] = connData['Pid'] + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_TREE_CONNECT_ANDX) + respParameters = smb.SMBTreeConnectAndXResponse_Parameters() + respData = smb.SMBTreeConnectAndXResponse_Data() + + treeConnectAndXParameters = smb.SMBTreeConnectAndX_Parameters(SMBCommand['Parameters']) + + if treeConnectAndXParameters['Flags'] & 0x8: + respParameters = smb.SMBTreeConnectAndXExtendedResponse_Parameters() + + treeConnectAndXData = smb.SMBTreeConnectAndX_Data( flags = recvPacket['Flags2'] ) + treeConnectAndXData['_PasswordLength'] = treeConnectAndXParameters['PasswordLength'] + treeConnectAndXData.fromString(SMBCommand['Data']) + + errorCode = STATUS_SUCCESS + + ## Process here the request, does the share exist? + UNCOrShare = decodeSMBString(recvPacket['Flags2'], treeConnectAndXData['Path']) + + # Is this a UNC? + if ntpath.ismount(UNCOrShare): + path = UNCOrShare.split('\\')[3] + else: + path = ntpath.basename(UNCOrShare) + + share = searchShare(connId, path, smbServer) + if share is not None: + # Simple way to generate a Tid + if len(connData['ConnectedShares']) == 0: + tid = 1 + else: + tid = connData['ConnectedShares'].keys()[-1] + 1 + connData['ConnectedShares'][tid] = share + connData['ConnectedShares'][tid]['shareName'] = path + resp['Tid'] = tid + #smbServer.log("Connecting Share(%d:%s)" % (tid,path)) + else: + smbServer.log("TreeConnectAndX not found %s" % path, logging.ERROR) + errorCode = STATUS_OBJECT_PATH_NOT_FOUND + resp['ErrorCode'] = errorCode >> 16 + resp['ErrorClass'] = errorCode & 0xff + ## + respParameters['OptionalSupport'] = smb.SMB.SMB_SUPPORT_SEARCH_BITS + + if path == 'IPC$': + respData['Service'] = 'IPC' + else: + respData['Service'] = path + respData['PadLen'] = 0 + respData['NativeFileSystem'] = encodeSMBString(recvPacket['Flags2'], 'NTFS' ) + + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + resp['Uid'] = connData['Uid'] + resp.addCommand(respSMBCommand) + smbServer.setConnectionData(connId, connData) + + return None, [resp], errorCode + + @staticmethod + def smbComSessionSetupAndX(connId, smbServer, SMBCommand, recvPacket): + connData = smbServer.getConnectionData(connId, checkStatus = False) + + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX) + + # From [MS-SMB] + # When extended security is being used (see section 3.2.4.2.4), the + # request MUST take the following form + # [..] + # WordCount (1 byte): The value of this field MUST be 0x0C. + if SMBCommand['WordCount'] == 12: + # Extended security. Here we deal with all SPNEGO stuff + respParameters = smb.SMBSessionSetupAndX_Extended_Response_Parameters() + respData = smb.SMBSessionSetupAndX_Extended_Response_Data(flags = recvPacket['Flags2']) + sessionSetupParameters = smb.SMBSessionSetupAndX_Extended_Parameters(SMBCommand['Parameters']) + sessionSetupData = smb.SMBSessionSetupAndX_Extended_Data() + sessionSetupData['SecurityBlobLength'] = sessionSetupParameters['SecurityBlobLength'] + sessionSetupData.fromString(SMBCommand['Data']) + connData['Capabilities'] = sessionSetupParameters['Capabilities'] + + rawNTLM = False + if struct.unpack('B',sessionSetupData['SecurityBlob'][0])[0] == ASN1_AID: + # NEGOTIATE packet + blob = SPNEGO_NegTokenInit(sessionSetupData['SecurityBlob']) + token = blob['MechToken'] + if len(blob['MechTypes'][0]) > 0: + # Is this GSSAPI NTLM or something else we don't support? + mechType = blob['MechTypes'][0] + if mechType != TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']: + # Nope, do we know it? + if MechTypes.has_key(mechType): + mechStr = MechTypes[mechType] + else: + mechStr = hexlify(mechType) + smbServer.log("Unsupported MechType '%s'" % mechStr, logging.CRITICAL) + # We don't know the token, we answer back again saying + # we just support NTLM. + # ToDo: Build this into a SPNEGO_NegTokenResp() + respToken = '\xa1\x15\x30\x13\xa0\x03\x0a\x01\x03\xa1\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a' + respParameters['SecurityBlobLength'] = len(respToken) + respData['SecurityBlobLength'] = respParameters['SecurityBlobLength'] + respData['SecurityBlob'] = respToken + respData['NativeOS'] = encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS()) + respData['NativeLanMan'] = encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS()) + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + return [respSMBCommand], None, STATUS_MORE_PROCESSING_REQUIRED + + elif struct.unpack('B',sessionSetupData['SecurityBlob'][0])[0] == ASN1_SUPPORTED_MECH: + # AUTH packet + blob = SPNEGO_NegTokenResp(sessionSetupData['SecurityBlob']) + token = blob['ResponseToken'] + else: + # No GSSAPI stuff, raw NTLMSSP + rawNTLM = True + token = sessionSetupData['SecurityBlob'] + + # Here we only handle NTLMSSP, depending on what stage of the + # authentication we are, we act on it + messageType = struct.unpack('<L',token[len('NTLMSSP\x00'):len('NTLMSSP\x00')+4])[0] + + if messageType == 0x01: + # NEGOTIATE_MESSAGE + negotiateMessage = ntlm.NTLMAuthNegotiate() + negotiateMessage.fromString(token) + # Let's store it in the connection data + connData['NEGOTIATE_MESSAGE'] = negotiateMessage + # Let's build the answer flags + # TODO: Parse all the flags. With this we're leaving some clients out + + ansFlags = 0 + + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_56: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_56 + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_128: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_128 + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_UNICODE + if negotiateMessage['flags'] & ntlm.NTLM_NEGOTIATE_OEM: + ansFlags |= ntlm.NTLM_NEGOTIATE_OEM + + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_VERSION | ntlm.NTLMSSP_NEGOTIATE_TARGET_INFO | ntlm.NTLMSSP_TARGET_TYPE_SERVER | ntlm.NTLMSSP_NEGOTIATE_NTLM | ntlm.NTLMSSP_REQUEST_TARGET + + # Generate the AV_PAIRS + av_pairs = ntlm.AV_PAIRS() + # TODO: Put the proper data from SMBSERVER config + av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] = av_pairs[ntlm.NTLMSSP_AV_DNS_HOSTNAME] = smbServer.getServerName().encode('utf-16le') + av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] = av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] = smbServer.getServerDomain().encode('utf-16le') + av_pairs[ntlm.NTLMSSP_AV_TIME] = struct.pack('<q', (116444736000000000 + calendar.timegm(time.gmtime()) * 10000000) ) + + challengeMessage = ntlm.NTLMAuthChallenge() + challengeMessage['flags'] = ansFlags + challengeMessage['domain_len'] = len(smbServer.getServerDomain().encode('utf-16le')) + challengeMessage['domain_max_len'] = challengeMessage['domain_len'] + challengeMessage['domain_offset'] = 40 + 16 + challengeMessage['challenge'] = smbServer.getSMBChallenge() + challengeMessage['domain_name'] = smbServer.getServerDomain().encode('utf-16le') + challengeMessage['TargetInfoFields_len'] = len(av_pairs) + challengeMessage['TargetInfoFields_max_len'] = len(av_pairs) + challengeMessage['TargetInfoFields'] = av_pairs + challengeMessage['TargetInfoFields_offset'] = 40 + 16 + len(challengeMessage['domain_name']) + challengeMessage['Version'] = '\xff'*8 + challengeMessage['VersionLen'] = 8 + + if rawNTLM is False: + respToken = SPNEGO_NegTokenResp() + # accept-incomplete. We want more data + respToken['NegResult'] = '\x01' + respToken['SupportedMech'] = TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider'] + + respToken['ResponseToken'] = challengeMessage.getData() + else: + respToken = challengeMessage + + # Setting the packet to STATUS_MORE_PROCESSING + errorCode = STATUS_MORE_PROCESSING_REQUIRED + # Let's set up an UID for this connection and store it + # in the connection's data + # Picking a fixed value + # TODO: Manage more UIDs for the same session + connData['Uid'] = 10 + # Let's store it in the connection data + connData['CHALLENGE_MESSAGE'] = challengeMessage + + elif messageType == 0x02: + # CHALLENGE_MESSAGE + raise Exception('Challenge Message raise, not implemented!') + elif messageType == 0x03: + # AUTHENTICATE_MESSAGE, here we deal with authentication + authenticateMessage = ntlm.NTLMAuthChallengeResponse() + authenticateMessage.fromString(token) + smbServer.log("AUTHENTICATE_MESSAGE (%s\\%s,%s)" % (authenticateMessage['domain_name'], authenticateMessage['user_name'], authenticateMessage['host_name'])) + # TODO: Check the credentials! Now granting permissions + + respToken = SPNEGO_NegTokenResp() + # accept-completed + respToken['NegResult'] = '\x00' + + # Status SUCCESS + errorCode = STATUS_SUCCESS + smbServer.log('User %s\\%s authenticated successfully' % (authenticateMessage['user_name'], authenticateMessage['host_name'])) + # Let's store it in the connection data + connData['AUTHENTICATE_MESSAGE'] = authenticateMessage + try: + jtr_dump_path = smbServer.getJTRdumpPath() + ntlm_hash_data = outputToJohnFormat( connData['CHALLENGE_MESSAGE']['challenge'], authenticateMessage['user_name'], authenticateMessage['domain_name'], authenticateMessage['lanman'], authenticateMessage['ntlm'] ) + smbServer.log(ntlm_hash_data['hash_string']) + if jtr_dump_path is not '': + writeJohnOutputToFile(ntlm_hash_data['hash_string'], ntlm_hash_data['hash_version'], jtr_dump_path) + except: + smbServer.log("Could not write NTLM Hashes to the specified JTR_Dump_Path %s" % jtr_dump_path) + else: + raise Exception("Unknown NTLMSSP MessageType %d" % messageType) + + respParameters['SecurityBlobLength'] = len(respToken) + respData['SecurityBlobLength'] = respParameters['SecurityBlobLength'] + respData['SecurityBlob'] = respToken.getData() + + else: + # Process Standard Security + respParameters = smb.SMBSessionSetupAndXResponse_Parameters() + respData = smb.SMBSessionSetupAndXResponse_Data() + sessionSetupParameters = smb.SMBSessionSetupAndX_Parameters(SMBCommand['Parameters']) + sessionSetupData = smb.SMBSessionSetupAndX_Data() + sessionSetupData['AnsiPwdLength'] = sessionSetupParameters['AnsiPwdLength'] + sessionSetupData['UnicodePwdLength'] = sessionSetupParameters['UnicodePwdLength'] + sessionSetupData.fromString(SMBCommand['Data']) + connData['Capabilities'] = sessionSetupParameters['Capabilities'] + # Do the verification here, for just now we grant access + # TODO: Manage more UIDs for the same session + errorCode = STATUS_SUCCESS + connData['Uid'] = 10 + respParameters['Action'] = 0 + smbServer.log('User %s\\%s authenticated successfully (basic)' % (sessionSetupData['PrimaryDomain'], sessionSetupData['Account'])) + try: + jtr_dump_path = smbServer.getJTRdumpPath() + ntlm_hash_data = outputToJohnFormat( '', sessionSetupData['Account'], sessionSetupData['PrimaryDomain'], sessionSetupData['AnsiPwd'], sessionSetupData['UnicodePwd'] ) + smbServer.log(ntlm_hash_data['hash_string']) + if jtr_dump_path is not '': + writeJohnOutputToFile(ntlm_hash_data['hash_string'], ntlm_hash_data['hash_version'], jtr_dump_path) + except: + smbServer.log("Could not write NTLM Hashes to the specified JTR_Dump_Path %s" % jtr_dump_path) + + respData['NativeOS'] = encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS()) + respData['NativeLanMan'] = encodeSMBString(recvPacket['Flags2'], smbServer.getServerOS()) + respSMBCommand['Parameters'] = respParameters + respSMBCommand['Data'] = respData + + # From now on, the client can ask for other commands + connData['Authenticated'] = True + # For now, just switching to nobody + #os.setregid(65534,65534) + #os.setreuid(65534,65534) + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smbComNegotiate(connId, smbServer, SMBCommand, recvPacket ): + connData = smbServer.getConnectionData(connId, checkStatus = False) + connData['Pid'] = recvPacket['Pid'] + + SMBCommand = smb.SMBCommand(recvPacket['Data'][0]) + respSMBCommand = smb.SMBCommand(smb.SMB.SMB_COM_NEGOTIATE) + + resp = smb.NewSMBPacket() + resp['Flags1'] = smb.SMB.FLAGS1_REPLY + resp['Pid'] = connData['Pid'] + resp['Tid'] = recvPacket['Tid'] + resp['Mid'] = recvPacket['Mid'] + + # TODO: We support more dialects, and parse them accordingly + dialects = SMBCommand['Data'].split('\x02') + try: + index = dialects.index('NT LM 0.12\x00') - 1 + # Let's fill the data for NTLM + if recvPacket['Flags2'] & smb.SMB.FLAGS2_EXTENDED_SECURITY: + resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_UNICODE + #resp['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS + _dialects_data = smb.SMBExtended_Security_Data() + _dialects_data['ServerGUID'] = 'A'*16 + blob = SPNEGO_NegTokenInit() + blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']] + _dialects_data['SecurityBlob'] = blob.getData() + + _dialects_parameters = smb.SMBExtended_Security_Parameters() + _dialects_parameters['Capabilities'] = smb.SMB.CAP_EXTENDED_SECURITY | smb.SMB.CAP_USE_NT_ERRORS | smb.SMB.CAP_NT_SMBS | smb.SMB.CAP_UNICODE + _dialects_parameters['ChallengeLength'] = 0 + + else: + resp['Flags2'] = smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_UNICODE + _dialects_parameters = smb.SMBNTLMDialect_Parameters() + _dialects_data= smb.SMBNTLMDialect_Data() + _dialects_data['Payload'] = '' + if connData.has_key('EncryptionKey'): + _dialects_data['Challenge'] = connData['EncryptionKey'] + _dialects_parameters['ChallengeLength'] = len(str(_dialects_data)) + else: + # TODO: Handle random challenges, now one that can be used with rainbow tables + _dialects_data['Challenge'] = '\x11\x22\x33\x44\x55\x66\x77\x88' + _dialects_parameters['ChallengeLength'] = 8 + _dialects_parameters['Capabilities'] = smb.SMB.CAP_USE_NT_ERRORS | smb.SMB.CAP_NT_SMBS + + # Let's see if we need to support RPC_REMOTE_APIS + config = smbServer.getServerConfig() + if config.has_option('global','rpc_apis'): + if config.getboolean('global', 'rpc_apis') is True: + _dialects_parameters['Capabilities'] |= smb.SMB.CAP_RPC_REMOTE_APIS + + _dialects_parameters['DialectIndex'] = index + _dialects_parameters['SecurityMode'] = smb.SMB.SECURITY_AUTH_ENCRYPTED | smb.SMB.SECURITY_SHARE_USER + _dialects_parameters['MaxMpxCount'] = 1 + _dialects_parameters['MaxNumberVcs'] = 1 + _dialects_parameters['MaxBufferSize'] = 64000 + _dialects_parameters['MaxRawSize'] = 65536 + _dialects_parameters['SessionKey'] = 0 + _dialects_parameters['LowDateTime'] = 0 + _dialects_parameters['HighDateTime'] = 0 + _dialects_parameters['ServerTimeZone'] = 0 + + + respSMBCommand['Data'] = _dialects_data + respSMBCommand['Parameters'] = _dialects_parameters + connData['_dialects_data'] = _dialects_data + connData['_dialects_parameters'] = _dialects_parameters + + except Exception, e: + # No NTLM throw an error + smbServer.log('smbComNegotiate: %s' % e, logging.ERROR) + respSMBCommand['Data'] = struct.pack('<H',0xffff) + + + smbServer.setConnectionData(connId, connData) + + resp.addCommand(respSMBCommand) + + return None, [resp], STATUS_SUCCESS + + @staticmethod + def default(connId, smbServer, SMBCommand, recvPacket): + # By default we return an SMB Packet with error not implemented + smbServer.log("Not implemented command: 0x%x" % recvPacket['Command'],logging.DEBUG) + packet = smb.NewSMBPacket() + packet['Flags1'] = smb.SMB.FLAGS1_REPLY + packet['Flags2'] = smb.SMB.FLAGS2_NT_STATUS + packet['Command'] = recvPacket['Command'] + packet['Pid'] = recvPacket['Pid'] + packet['Tid'] = recvPacket['Tid'] + packet['Mid'] = recvPacket['Mid'] + packet['Uid'] = recvPacket['Uid'] + packet['Data'] = '\x00\x00\x00' + errorCode = STATUS_NOT_IMPLEMENTED + packet['ErrorCode'] = errorCode >> 16 + packet['ErrorClass'] = errorCode & 0xff + + return None, [packet], errorCode + +class SMB2Commands: + @staticmethod + def smb2Negotiate(connId, smbServer, recvPacket, isSMB1 = False): + connData = smbServer.getConnectionData(connId, checkStatus = False) + + respPacket = smb2.SMB2Packet() + respPacket['Flags'] = smb2.SMB2_FLAGS_SERVER_TO_REDIR + respPacket['Status'] = STATUS_SUCCESS + respPacket['CreditRequestResponse'] = 1 + respPacket['Command'] = smb2.SMB2_NEGOTIATE + respPacket['SessionID'] = 0 + if isSMB1 is False: + respPacket['MessageID'] = recvPacket['MessageID'] + else: + respPacket['MessageID'] = 0 + respPacket['TreeID'] = 0 + + + respSMBCommand = smb2.SMB2Negotiate_Response() + + respSMBCommand['SecurityMode'] = 1 + if isSMB1 is True: + # Let's first parse the packet to see if the client supports SMB2 + SMBCommand = smb.SMBCommand(recvPacket['Data'][0]) + + dialects = SMBCommand['Data'].split('\x02') + if 'SMB 2.002\x00' in dialects or 'SMB 2.???\x00' in dialects: + respSMBCommand['DialectRevision'] = smb2.SMB2_DIALECT_002 + else: + # Client does not support SMB2 fallbacking + raise Exception('SMB2 not supported, fallbacking') + else: + respSMBCommand['DialectRevision'] = smb2.SMB2_DIALECT_002 + respSMBCommand['ServerGuid'] = 'A'*16 + respSMBCommand['Capabilities'] = 0 + respSMBCommand['MaxTransactSize'] = 65536 + respSMBCommand['MaxReadSize'] = 65536 + respSMBCommand['MaxWriteSize'] = 65536 + respSMBCommand['SystemTime'] = getFileTime(calendar.timegm(time.gmtime())) + respSMBCommand['ServerStartTime'] = getFileTime(calendar.timegm(time.gmtime())) + respSMBCommand['SecurityBufferOffset'] = 0x80 + + blob = SPNEGO_NegTokenInit() + blob['MechTypes'] = [TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']] + + respSMBCommand['Buffer'] = blob.getData() + respSMBCommand['SecurityBufferLength'] = len(respSMBCommand['Buffer']) + + respPacket['Data'] = respSMBCommand + + smbServer.setConnectionData(connId, connData) + + return None, [respPacket], STATUS_SUCCESS + + @staticmethod + def smb2SessionSetup(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId, checkStatus = False) + + respSMBCommand = smb2.SMB2SessionSetup_Response() + + sessionSetupData = smb2.SMB2SessionSetup(recvPacket['Data']) + + connData['Capabilities'] = sessionSetupData['Capabilities'] + + securityBlob = sessionSetupData['Buffer'] + + rawNTLM = False + if struct.unpack('B',securityBlob[0])[0] == ASN1_AID: + # NEGOTIATE packet + blob = SPNEGO_NegTokenInit(securityBlob) + token = blob['MechToken'] + if len(blob['MechTypes'][0]) > 0: + # Is this GSSAPI NTLM or something else we don't support? + mechType = blob['MechTypes'][0] + if mechType != TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider']: + # Nope, do we know it? + if MechTypes.has_key(mechType): + mechStr = MechTypes[mechType] + else: + mechStr = hexlify(mechType) + smbServer.log("Unsupported MechType '%s'" % mechStr, logging.CRITICAL) + # We don't know the token, we answer back again saying + # we just support NTLM. + # ToDo: Build this into a SPNEGO_NegTokenResp() + respToken = '\xa1\x15\x30\x13\xa0\x03\x0a\x01\x03\xa1\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a' + respSMBCommand['SecurityBufferOffset'] = 0x48 + respSMBCommand['SecurityBufferLength'] = len(respToken) + respSMBCommand['Buffer'] = respToken + + return [respSMBCommand], None, STATUS_MORE_PROCESSING_REQUIRED + elif struct.unpack('B',securityBlob[0])[0] == ASN1_SUPPORTED_MECH: + # AUTH packet + blob = SPNEGO_NegTokenResp(securityBlob) + token = blob['ResponseToken'] + else: + # No GSSAPI stuff, raw NTLMSSP + rawNTLM = True + token = securityBlob + + # Here we only handle NTLMSSP, depending on what stage of the + # authentication we are, we act on it + messageType = struct.unpack('<L',token[len('NTLMSSP\x00'):len('NTLMSSP\x00')+4])[0] + + if messageType == 0x01: + # NEGOTIATE_MESSAGE + negotiateMessage = ntlm.NTLMAuthNegotiate() + negotiateMessage.fromString(token) + # Let's store it in the connection data + connData['NEGOTIATE_MESSAGE'] = negotiateMessage + # Let's build the answer flags + # TODO: Parse all the flags. With this we're leaving some clients out + + ansFlags = 0 + + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_56: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_56 + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_128: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_128 + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_KEY_EXCH + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY + if negotiateMessage['flags'] & ntlm.NTLMSSP_NEGOTIATE_UNICODE: + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_UNICODE + if negotiateMessage['flags'] & ntlm.NTLM_NEGOTIATE_OEM: + ansFlags |= ntlm.NTLM_NEGOTIATE_OEM + + ansFlags |= ntlm.NTLMSSP_NEGOTIATE_VERSION | ntlm.NTLMSSP_NEGOTIATE_TARGET_INFO | ntlm.NTLMSSP_TARGET_TYPE_SERVER | ntlm.NTLMSSP_NEGOTIATE_NTLM | ntlm.NTLMSSP_REQUEST_TARGET + + # Generate the AV_PAIRS + av_pairs = ntlm.AV_PAIRS() + # TODO: Put the proper data from SMBSERVER config + av_pairs[ntlm.NTLMSSP_AV_HOSTNAME] = av_pairs[ntlm.NTLMSSP_AV_DNS_HOSTNAME] = smbServer.getServerName().encode('utf-16le') + av_pairs[ntlm.NTLMSSP_AV_DOMAINNAME] = av_pairs[ntlm.NTLMSSP_AV_DNS_DOMAINNAME] = smbServer.getServerDomain().encode('utf-16le') + av_pairs[ntlm.NTLMSSP_AV_TIME] = struct.pack('<q', (116444736000000000 + calendar.timegm(time.gmtime()) * 10000000) ) + + challengeMessage = ntlm.NTLMAuthChallenge() + challengeMessage['flags'] = ansFlags + challengeMessage['domain_len'] = len(smbServer.getServerDomain().encode('utf-16le')) + challengeMessage['domain_max_len'] = challengeMessage['domain_len'] + challengeMessage['domain_offset'] = 40 + 16 + challengeMessage['challenge'] = smbServer.getSMBChallenge() + challengeMessage['domain_name'] = smbServer.getServerDomain().encode('utf-16le') + challengeMessage['TargetInfoFields_len'] = len(av_pairs) + challengeMessage['TargetInfoFields_max_len'] = len(av_pairs) + challengeMessage['TargetInfoFields'] = av_pairs + challengeMessage['TargetInfoFields_offset'] = 40 + 16 + len(challengeMessage['domain_name']) + challengeMessage['Version'] = '\xff'*8 + challengeMessage['VersionLen'] = 8 + + if rawNTLM is False: + respToken = SPNEGO_NegTokenResp() + # accept-incomplete. We want more data + respToken['NegResult'] = '\x01' + respToken['SupportedMech'] = TypesMech['NTLMSSP - Microsoft NTLM Security Support Provider'] + + respToken['ResponseToken'] = challengeMessage.getData() + else: + respToken = challengeMessage + + # Setting the packet to STATUS_MORE_PROCESSING + errorCode = STATUS_MORE_PROCESSING_REQUIRED + # Let's set up an UID for this connection and store it + # in the connection's data + # Picking a fixed value + # TODO: Manage more UIDs for the same session + connData['Uid'] = random.randint(1,0xffffffff) + # Let's store it in the connection data + connData['CHALLENGE_MESSAGE'] = challengeMessage + + elif messageType == 0x02: + # CHALLENGE_MESSAGE + raise Exception('Challenge Message raise, not implemented!') + elif messageType == 0x03: + # AUTHENTICATE_MESSAGE, here we deal with authentication + authenticateMessage = ntlm.NTLMAuthChallengeResponse() + authenticateMessage.fromString(token) + smbServer.log("AUTHENTICATE_MESSAGE (%s\\%s,%s)" % (authenticateMessage['domain_name'], authenticateMessage['user_name'], authenticateMessage['host_name'])) + # TODO: Check the credentials! Now granting permissions + + respToken = SPNEGO_NegTokenResp() + # accept-completed + respToken['NegResult'] = '\x00' + + # Status SUCCESS + errorCode = STATUS_SUCCESS + smbServer.log('User %s\\%s authenticated successfully' % (authenticateMessage['user_name'], authenticateMessage['host_name'])) + # Let's store it in the connection data + connData['AUTHENTICATE_MESSAGE'] = authenticateMessage + try: + jtr_dump_path = smbServer.getJTRdumpPath() + ntlm_hash_data = outputToJohnFormat( connData['CHALLENGE_MESSAGE']['challenge'], authenticateMessage['user_name'], authenticateMessage['domain_name'], authenticateMessage['lanman'], authenticateMessage['ntlm'] ) + smbServer.log(ntlm_hash_data['hash_string']) + if jtr_dump_path is not '': + writeJohnOutputToFile(ntlm_hash_data['hash_string'], ntlm_hash_data['hash_version'], jtr_dump_path) + except: + smbServer.log("Could not write NTLM Hashes to the specified JTR_Dump_Path %s" % jtr_dump_path) + respSMBCommand['SessionFlags'] = 1 + else: + raise Exception("Unknown NTLMSSP MessageType %d" % messageType) + + respSMBCommand['SecurityBufferOffset'] = 0x48 + respSMBCommand['SecurityBufferLength'] = len(respToken) + respSMBCommand['Buffer'] = respToken.getData() + + # From now on, the client can ask for other commands + connData['Authenticated'] = True + # For now, just switching to nobody + #os.setregid(65534,65534) + #os.setreuid(65534,65534) + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2TreeConnect(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respPacket = smb2.SMB2Packet() + respPacket['Flags'] = smb2.SMB2_FLAGS_SERVER_TO_REDIR + respPacket['Status'] = STATUS_SUCCESS + respPacket['CreditRequestResponse'] = 1 + respPacket['Command'] = recvPacket['Command'] + respPacket['SessionID'] = connData['Uid'] + respPacket['Reserved'] = recvPacket['Reserved'] + respPacket['MessageID'] = recvPacket['MessageID'] + respPacket['TreeID'] = recvPacket['TreeID'] + + respSMBCommand = smb2.SMB2TreeConnect_Response() + + treeConnectRequest = smb2.SMB2TreeConnect(recvPacket['Data']) + + errorCode = STATUS_SUCCESS + + ## Process here the request, does the share exist? + path = str(recvPacket)[treeConnectRequest['PathOffset']:][:treeConnectRequest['PathLength']] + UNCOrShare = path.decode('utf-16le') + + # Is this a UNC? + if ntpath.ismount(UNCOrShare): + path = UNCOrShare.split('\\')[3] + else: + path = ntpath.basename(UNCOrShare) + + share = searchShare(connId, path.upper(), smbServer) + if share is not None: + # Simple way to generate a Tid + if len(connData['ConnectedShares']) == 0: + tid = 1 + else: + tid = connData['ConnectedShares'].keys()[-1] + 1 + connData['ConnectedShares'][tid] = share + connData['ConnectedShares'][tid]['shareName'] = path + respPacket['TreeID'] = tid + smbServer.log("Connecting Share(%d:%s)" % (tid,path)) + else: + smbServer.log("SMB2_TREE_CONNECT not found %s" % path, logging.ERROR) + errorCode = STATUS_OBJECT_PATH_NOT_FOUND + respPacket['Status'] = errorCode + ## + + if path == 'IPC$': + respSMBCommand['ShareType'] = smb2.SMB2_SHARE_TYPE_PIPE + respSMBCommand['ShareFlags'] = 0x30 + else: + respSMBCommand['ShareType'] = smb2.SMB2_SHARE_TYPE_DISK + respSMBCommand['ShareFlags'] = 0x0 + + respSMBCommand['Capabilities'] = 0 + respSMBCommand['MaximalAccess'] = 0x000f01ff + + respPacket['Data'] = respSMBCommand + + smbServer.setConnectionData(connId, connData) + + return None, [respPacket], errorCode + + @staticmethod + def smb2Create(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Create_Response() + + ntCreateRequest = smb2.SMB2Create(recvPacket['Data']) + + respSMBCommand['Buffer'] = '\x00' + # Get the Tid associated + if connData['ConnectedShares'].has_key(recvPacket['TreeID']): + # If we have a rootFid, the path is relative to that fid + errorCode = STATUS_SUCCESS + if connData['ConnectedShares'][recvPacket['TreeID']].has_key('path'): + path = connData['ConnectedShares'][recvPacket['TreeID']]['path'] + else: + path = 'NONE' + errorCode = STATUS_ACCESS_DENIED + + deleteOnClose = False + + fileName = os.path.normpath(ntCreateRequest['Buffer'][:ntCreateRequest['NameLength']].decode('utf-16le').replace('\\','/')) + if len(fileName) > 0 and (fileName[0] == '/' or fileName[0] == '\\'): + # strip leading '/' + fileName = fileName[1:] + pathName = os.path.join(path,fileName) + createDisposition = ntCreateRequest['CreateDisposition'] + mode = 0 + + if createDisposition == smb2.FILE_SUPERSEDE: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb2.FILE_OVERWRITE_IF == smb2.FILE_OVERWRITE_IF: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb2.FILE_OVERWRITE == smb2.FILE_OVERWRITE: + if os.path.exists(pathName) is True: + mode |= os.O_TRUNC + else: + errorCode = STATUS_NO_SUCH_FILE + elif createDisposition & smb2.FILE_OPEN_IF == smb2.FILE_OPEN_IF: + if os.path.exists(pathName) is True: + mode |= os.O_TRUNC + else: + mode |= os.O_TRUNC | os.O_CREAT + elif createDisposition & smb2.FILE_CREATE == smb2.FILE_CREATE: + if os.path.exists(pathName) is True: + errorCode = STATUS_OBJECT_NAME_COLLISION + else: + mode |= os.O_CREAT + elif createDisposition & smb2.FILE_OPEN == smb2.FILE_OPEN: + if os.path.exists(pathName) is not True and smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)) is not True: + errorCode = STATUS_NO_SUCH_FILE + + if errorCode == STATUS_SUCCESS: + desiredAccess = ntCreateRequest['DesiredAccess'] + if (desiredAccess & smb2.FILE_READ_DATA) or (desiredAccess & smb2.GENERIC_READ): + mode |= os.O_RDONLY + if (desiredAccess & smb2.FILE_WRITE_DATA) or (desiredAccess & smb2.GENERIC_WRITE): + if (desiredAccess & smb2.FILE_READ_DATA) or (desiredAccess & smb2.GENERIC_READ): + mode |= os.O_RDWR #| os.O_APPEND + else: + mode |= os.O_WRONLY #| os.O_APPEND + if desiredAccess & smb2.GENERIC_ALL: + mode |= os.O_RDWR #| os.O_APPEND + + createOptions = ntCreateRequest['CreateOptions'] + if mode & os.O_CREAT == os.O_CREAT: + if createOptions & smb2.FILE_DIRECTORY_FILE == smb2.FILE_DIRECTORY_FILE: + try: + # Let's create the directory + os.mkdir(pathName) + mode = os.O_RDONLY + except Exception, e: + smbServer.log("SMB2_CREATE: %s,%s,%s" % (pathName,mode,e),logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + if createOptions & smb2.FILE_NON_DIRECTORY_FILE == smb2.FILE_NON_DIRECTORY_FILE: + # If the file being opened is a directory, the server MUST fail the request with + # STATUS_FILE_IS_A_DIRECTORY in the Status field of the SMB Header in the server + # response. + if os.path.isdir(pathName) is True: + errorCode = STATUS_FILE_IS_A_DIRECTORY + + if createOptions & smb2.FILE_DELETE_ON_CLOSE == smb2.FILE_DELETE_ON_CLOSE: + deleteOnClose = True + + if errorCode == STATUS_SUCCESS: + try: + if os.path.isdir(pathName) and sys.platform == 'win32': + fid = VOID_FILE_DESCRIPTOR + else: + if sys.platform == 'win32': + mode |= os.O_BINARY + if smbServer.getRegisteredNamedPipes().has_key(unicode(pathName)): + fid = PIPE_FILE_DESCRIPTOR + sock = socket.socket() + sock.connect(smbServer.getRegisteredNamedPipes()[unicode(pathName)]) + else: + fid = os.open(pathName, mode) + except Exception, e: + smbServer.log("SMB2_CREATE: %s,%s,%s" % (pathName,mode,e),logging.ERROR) + #print e + fid = 0 + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_SMB_BAD_TID + + if errorCode == STATUS_SUCCESS: + # Simple way to generate a fid + fakefid = uuid.generate() + + respSMBCommand['FileID'] = fakefid + respSMBCommand['CreateAction'] = createDisposition + + if fid == PIPE_FILE_DESCRIPTOR: + respSMBCommand['CreationTime'] = 0 + respSMBCommand['LastAccessTime'] = 0 + respSMBCommand['LastWriteTime'] = 0 + respSMBCommand['ChangeTime'] = 0 + respSMBCommand['AllocationSize'] = 4096 + respSMBCommand['EndOfFile'] = 0 + respSMBCommand['FileAttributes'] = 0x80 + + else: + if os.path.isdir(pathName): + respSMBCommand['FileAttributes'] = smb.SMB_FILE_ATTRIBUTE_DIRECTORY + else: + respSMBCommand['FileAttributes'] = ntCreateRequest['FileAttributes'] + # Let's get this file's information + respInfo, errorCode = queryPathInformation('',pathName,level= smb.SMB_QUERY_FILE_ALL_INFO) + if errorCode == STATUS_SUCCESS: + respSMBCommand['CreationTime'] = respInfo['CreationTime'] + respSMBCommand['LastAccessTime'] = respInfo['LastAccessTime'] + respSMBCommand['LastWriteTime'] = respInfo['LastWriteTime'] + respSMBCommand['LastChangeTime'] = respInfo['LastChangeTime'] + respSMBCommand['FileAttributes'] = respInfo['ExtFileAttributes'] + respSMBCommand['AllocationSize'] = respInfo['AllocationSize'] + respSMBCommand['EndOfFile'] = respInfo['EndOfFile'] + + if errorCode == STATUS_SUCCESS: + # Let's store the fid for the connection + # smbServer.log('Create file %s, mode:0x%x' % (pathName, mode)) + connData['OpenedFiles'][fakefid] = {} + connData['OpenedFiles'][fakefid]['FileHandle'] = fid + connData['OpenedFiles'][fakefid]['FileName'] = pathName + connData['OpenedFiles'][fakefid]['DeleteOnClose'] = deleteOnClose + connData['OpenedFiles'][fakefid]['Open'] = {} + connData['OpenedFiles'][fakefid]['Open']['EnumerationLocation'] = 0 + connData['OpenedFiles'][fakefid]['Open']['EnumerationSearchPattern'] = '' + if fid == PIPE_FILE_DESCRIPTOR: + connData['OpenedFiles'][fakefid]['Socket'] = sock + else: + respSMBCommand = smb2.SMB2Error() + + if errorCode == STATUS_SUCCESS: + connData['LastRequest']['SMB2_CREATE'] = respSMBCommand + smbServer.setConnectionData(connId, connData) + + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Close(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Close_Response() + + closeRequest = smb2.SMB2Close(recvPacket['Data']) + + if str(closeRequest['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(closeRequest['FileID']) + else: + fileID = str(closeRequest['FileID']) + + if connData['OpenedFiles'].has_key(fileID): + errorCode = STATUS_SUCCESS + fileHandle = connData['OpenedFiles'][fileID]['FileHandle'] + pathName = connData['OpenedFiles'][fileID]['FileName'] + infoRecord = None + try: + if fileHandle == PIPE_FILE_DESCRIPTOR: + connData['OpenedFiles'][fileID]['Socket'].close() + elif fileHandle != VOID_FILE_DESCRIPTOR: + os.close(fileHandle) + infoRecord, errorCode = queryFileInformation(os.path.dirname(pathName), os.path.basename(pathName), smb2.SMB2_FILE_NETWORK_OPEN_INFO) + except Exception, e: + smbServer.log("SMB2_CLOSE %s" % e, logging.ERROR) + errorCode = STATUS_INVALID_HANDLE + else: + # Check if the file was marked for removal + if connData['OpenedFiles'][fileID]['DeleteOnClose'] is True: + try: + if os.path.isdir(pathName): + shutil.rmtree(connData['OpenedFiles'][fileID]['FileName']) + else: + os.remove(connData['OpenedFiles'][fileID]['FileName']) + except Exception, e: + smbServer.log("SMB2_CLOSE %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + + # Now fill out the response + if infoRecord is not None: + respSMBCommand['CreationTime'] = infoRecord['CreationTime'] + respSMBCommand['LastAccessTime'] = infoRecord['LastAccessTime'] + respSMBCommand['LastWriteTime'] = infoRecord['LastWriteTime'] + respSMBCommand['ChangeTime'] = infoRecord['ChangeTime'] + respSMBCommand['AllocationSize'] = infoRecord['AllocationSize'] + respSMBCommand['EndofFile'] = infoRecord['EndOfFile'] + respSMBCommand['FileAttributes'] = infoRecord['FileAttributes'] + if errorCode == STATUS_SUCCESS: + del(connData['OpenedFiles'][fileID]) + else: + errorCode = STATUS_INVALID_HANDLE + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2QueryInfo(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2QueryInfo_Response() + + queryInfo = smb2.SMB2QueryInfo(recvPacket['Data']) + + errorCode = STATUS_SUCCESS + + respSMBCommand['OutputBufferOffset'] = 0x48 + respSMBCommand['Buffer'] = '\x00' + + if str(queryInfo['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(queryInfo['FileID']) + else: + fileID = str(queryInfo['FileID']) + + if connData['ConnectedShares'].has_key(recvPacket['TreeID']): + if connData['OpenedFiles'].has_key(fileID): + fileName = connData['OpenedFiles'][fileID]['FileName'] + + if queryInfo['InfoType'] == smb2.SMB2_0_INFO_FILE: + if queryInfo['FileInfoClass'] == smb2.SMB2_FILE_INTERNAL_INFO: + # No need to call queryFileInformation, we have the data here + infoRecord = smb2.FileInternalInformation() + infoRecord['IndexNumber'] = fileID + else: + infoRecord, errorCode = queryFileInformation(os.path.dirname(fileName), os.path.basename(fileName), queryInfo['FileInfoClass']) + elif queryInfo['InfoType'] == smb2.SMB2_0_INFO_FILESYSTEM: + infoRecord = queryFsInformation(os.path.dirname(fileName), os.path.basename(fileName), queryInfo['FileInfoClass']) + elif queryInfo['InfoType'] == smb2.SMB2_0_INFO_SECURITY: + # Failing for now, until we support it + infoRecord = None + errorCode = STATUS_ACCESS_DENIED + else: + smbServer.log("queryInfo not supported (%x)" % queryInfo['InfoType'], logging.ERROR) + + if infoRecord is not None: + respSMBCommand['OutputBufferLength'] = len(infoRecord) + respSMBCommand['Buffer'] = infoRecord + else: + errorCode = STATUS_INVALID_HANDLE + else: + errorCode = STATUS_SMB_BAD_TID + + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2SetInfo(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2SetInfo_Response() + + setInfo = smb2.SMB2SetInfo(recvPacket['Data']) + + errorCode = STATUS_SUCCESS + + if str(setInfo['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(setInfo['FileID']) + else: + fileID = str(setInfo['FileID']) + + if connData['ConnectedShares'].has_key(recvPacket['TreeID']): + path = connData['ConnectedShares'][recvPacket['TreeID']]['path'] + if connData['OpenedFiles'].has_key(fileID): + pathName = connData['OpenedFiles'][fileID]['FileName'] + + if setInfo['InfoType'] == smb2.SMB2_0_INFO_FILE: + # The file information is being set + informationLevel = setInfo['FileInfoClass'] + if informationLevel == smb2.SMB2_FILE_DISPOSITION_INFO: + infoRecord = smb.SMBSetFileDispositionInfo(setInfo['Buffer']) + if infoRecord['DeletePending'] > 0: + # Mark this file for removal after closed + connData['OpenedFiles'][fileID]['DeleteOnClose'] = True + elif informationLevel == smb2.SMB2_FILE_BASIC_INFO: + infoRecord = smb.SMBSetFileBasicInfo(setInfo['Buffer']) + # Creation time won't be set, the other ones we play with. + atime = infoRecord['LastWriteTime'] + if atime == 0: + atime = -1 + else: + atime = getUnixTime(atime) + mtime = infoRecord['ChangeTime'] + if mtime == 0: + mtime = -1 + else: + mtime = getUnixTime(mtime) + if atime > 0 and mtime > 0: + os.utime(pathName,(atime,mtime)) + elif informationLevel == smb2.SMB2_FILE_END_OF_FILE_INFO: + fileHandle = connData['OpenedFiles'][fileID]['FileHandle'] + infoRecord = smb.SMBSetFileEndOfFileInfo(setInfo['Buffer']) + if infoRecord['EndOfFile'] > 0: + os.lseek(fileHandle, infoRecord['EndOfFile']-1, 0) + os.write(fileHandle, '\x00') + elif informationLevel == smb2.SMB2_FILE_RENAME_INFO: + renameInfo = smb2.FILE_RENAME_INFORMATION_TYPE_2(setInfo['Buffer']) + newPathName = os.path.join(path,renameInfo['FileName'].decode('utf-16le').replace('\\', '/')) + if renameInfo['ReplaceIfExists'] == 0 and os.path.exists(newPathName): + return [smb2.SMB2Error()], None, STATUS_OBJECT_NAME_COLLISION + try: + os.rename(pathName,newPathName) + connData['OpenedFiles'][fileID]['FileName'] = newPathName + except Exception, e: + smbServer.log("smb2SetInfo: %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + smbServer.log('Unknown level for set file info! 0x%x' % informationLevel, logging.ERROR) + # UNSUPPORTED + errorCode = STATUS_NOT_SUPPORTED + #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_FILESYSTEM: + # # The underlying object store information is being set. + # setInfo = queryFsInformation('/', fileName, queryInfo['FileInfoClass']) + #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_SECURITY: + # # The security information is being set. + # # Failing for now, until we support it + # infoRecord = None + # errorCode = STATUS_ACCESS_DENIED + #elif setInfo['InfoType'] == smb2.SMB2_0_INFO_QUOTA: + # # The underlying object store quota information is being set. + # setInfo = queryFsInformation('/', fileName, queryInfo['FileInfoClass']) + else: + smbServer.log("setInfo not supported (%x)" % setInfo['InfoType'], logging.ERROR) + + else: + errorCode = STATUS_INVALID_HANDLE + else: + errorCode = STATUS_SMB_BAD_TID + + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Write(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Write_Response() + writeRequest = smb2.SMB2Write(recvPacket['Data']) + + respSMBCommand['Buffer'] = '\x00' + + if str(writeRequest['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(writeRequest['FileID']) + else: + fileID = str(writeRequest['FileID']) + + if connData['OpenedFiles'].has_key(fileID): + fileHandle = connData['OpenedFiles'][fileID]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + offset = writeRequest['Offset'] + # If we're trying to write past the file end we just skip the write call (Vista does this) + if os.lseek(fileHandle, 0, 2) >= offset: + os.lseek(fileHandle,offset,0) + os.write(fileHandle,writeRequest['Buffer']) + else: + sock = connData['OpenedFiles'][fileID]['Socket'] + sock.send(writeRequest['Buffer']) + + respSMBCommand['Count'] = writeRequest['Length'] + respSMBCommand['Remaining']= 0xff + except Exception, e: + smbServer.log('SMB2_WRITE: %s' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Read(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Read_Response() + readRequest = smb2.SMB2Read(recvPacket['Data']) + + respSMBCommand['Buffer'] = '\x00' + + if str(readRequest['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(readRequest['FileID']) + else: + fileID = str(readRequest['FileID']) + + if connData['OpenedFiles'].has_key(fileID): + fileHandle = connData['OpenedFiles'][fileID]['FileHandle'] + errorCode = 0 + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + offset = readRequest['Offset'] + os.lseek(fileHandle,offset,0) + content = os.read(fileHandle,readRequest['Length']) + else: + sock = connData['OpenedFiles'][fileID]['Socket'] + content = sock.recv(readRequest['Length']) + + respSMBCommand['DataOffset'] = 0x50 + respSMBCommand['DataLength'] = len(content) + respSMBCommand['DataRemaining']= 0 + respSMBCommand['Buffer'] = content + except Exception, e: + smbServer.log('SMB2_READ: %s ' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Flush(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Flush_Response() + flushRequest = smb2.SMB2Flush(recvPacket['Data']) + + if connData['OpenedFiles'].has_key(str(flushRequest['FileID'])): + fileHandle = connData['OpenedFiles'][str(flushRequest['FileID'])]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + os.fsync(fileHandle) + except Exception, e: + smbServer.log("SMB2_FLUSH %s" % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_HANDLE + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + + @staticmethod + def smb2QueryDirectory(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + respSMBCommand = smb2.SMB2QueryDirectory_Response() + queryDirectoryRequest = smb2.SMB2QueryDirectory(recvPacket['Data']) + + respSMBCommand['Buffer'] = '\x00' + + # The server MUST locate the tree connection, as specified in section 3.3.5.2.11. + if connData['ConnectedShares'].has_key(recvPacket['TreeID']) is False: + return [smb2.SMB2Error()], None, STATUS_NETWORK_NAME_DELETED + + # Next, the server MUST locate the open for the directory to be queried + # If no open is found, the server MUST fail the request with STATUS_FILE_CLOSED + if str(queryDirectoryRequest['FileID']) == '\xff'*16: + # Let's take the data from the lastRequest + if connData['LastRequest'].has_key('SMB2_CREATE'): + fileID = connData['LastRequest']['SMB2_CREATE']['FileID'] + else: + fileID = str(queryDirectoryRequest['FileID']) + else: + fileID = str(queryDirectoryRequest['FileID']) + + if connData['OpenedFiles'].has_key(fileID) is False: + return [smb2.SMB2Error()], None, STATUS_FILE_CLOSED + + # If the open is not an open to a directory, the request MUST be failed + # with STATUS_INVALID_PARAMETER. + if os.path.isdir(connData['OpenedFiles'][fileID]['FileName']) is False: + return [smb2.SMB2Error()], None, STATUS_INVALID_PARAMETER + + # If any other information class is specified in the FileInformationClass + # field of the SMB2 QUERY_DIRECTORY Request, the server MUST fail the + # operation with STATUS_INVALID_INFO_CLASS. + if queryDirectoryRequest['FileInformationClass'] not in ( + smb2.FILE_DIRECTORY_INFORMATION, smb2.FILE_FULL_DIRECTORY_INFORMATION, smb2.FILEID_FULL_DIRECTORY_INFORMATION, + smb2.FILE_BOTH_DIRECTORY_INFORMATION, smb2.FILEID_BOTH_DIRECTORY_INFORMATION, smb2.FILENAMES_INFORMATION): + return [smb2.SMB2Error()], None, STATUS_INVALID_INFO_CLASS + + # If SMB2_REOPEN is set in the Flags field of the SMB2 QUERY_DIRECTORY + # Request, the server SHOULD<326> set Open.EnumerationLocation to 0 + # and Open.EnumerationSearchPattern to an empty string. + if queryDirectoryRequest['Flags'] & smb2.SMB2_REOPEN: + connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] = 0 + connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = '' + + # If SMB2_RESTART_SCANS is set in the Flags field of the SMB2 + # QUERY_DIRECTORY Request, the server MUST set + # Open.EnumerationLocation to 0. + if queryDirectoryRequest['Flags'] & smb2.SMB2_RESTART_SCANS: + connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] = 0 + + # If Open.EnumerationLocation is 0 and Open.EnumerationSearchPattern + # is an empty string, then Open.EnumerationSearchPattern MUST be set + # to the search pattern specified in the SMB2 QUERY_DIRECTORY by + # FileNameOffset and FileNameLength. If FileNameLength is 0, the server + # SHOULD<327> set Open.EnumerationSearchPattern as "*" to search all entries. + + pattern = queryDirectoryRequest['Buffer'].decode('utf-16le') + if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] == 0 and \ + connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] == '': + if pattern == '': + pattern = '*' + connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = pattern + + # If SMB2_INDEX_SPECIFIED is set and FileNameLength is not zero, + # the server MUST set Open.EnumerationSearchPattern to the search pattern + # specified in the request by FileNameOffset and FileNameLength. + if queryDirectoryRequest['Flags'] & smb2.SMB2_INDEX_SPECIFIED and \ + queryDirectoryRequest['FileNameLength'] > 0: + connData['OpenedFiles'][fileID]['Open']['EnumerationSearchPattern'] = pattern + + pathName = os.path.join(os.path.normpath(connData['OpenedFiles'][fileID]['FileName']),pattern) + searchResult, searchCount, errorCode = findFirst2(os.path.dirname(pathName), + os.path.basename(pathName), + queryDirectoryRequest['FileInformationClass'], + smb.ATTR_DIRECTORY, isSMB2 = True ) + + if errorCode != STATUS_SUCCESS: + return [smb2.SMB2Error()], None, errorCode + + if searchCount > 2 and pattern == '*': + # strip . and .. + searchCount -= 2 + searchResult = searchResult[2:] + + if searchCount == 0 and connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] == 0: + return [smb2.SMB2Error()], None, STATUS_NO_SUCH_FILE + + if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] < 0: + return [smb2.SMB2Error()], None, STATUS_NO_MORE_FILES + + totalData = 0 + respData = '' + for nItem in range(connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'], searchCount): + connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] += 1 + if queryDirectoryRequest['Flags'] & smb2.SL_RETURN_SINGLE_ENTRY: + # If single entry is requested we must clear the NextEntryOffset + searchResult[nItem]['NextEntryOffset'] = 0 + data = searchResult[nItem].getData() + lenData = len(data) + padLen = (8-(lenData % 8)) %8 + + if (totalData+lenData) >= queryDirectoryRequest['OutputBufferLength']: + connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] -= 1 + break + else: + respData += data + '\x00'*padLen + totalData += lenData + padLen + + if queryDirectoryRequest['Flags'] & smb2.SL_RETURN_SINGLE_ENTRY: + break + + if connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] >= searchCount: + connData['OpenedFiles'][fileID]['Open']['EnumerationLocation'] = -1 + + respSMBCommand['OutputBufferOffset'] = 0x48 + respSMBCommand['OutputBufferLength'] = totalData + respSMBCommand['Buffer'] = respData + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2ChangeNotify(connId, smbServer, recvPacket): + + return [smb2.SMB2Error()], None, STATUS_NOT_SUPPORTED + + @staticmethod + def smb2Echo(connId, smbServer, recvPacket): + + respSMBCommand = smb2.SMB2Echo_Response() + + return [respSMBCommand], None, STATUS_SUCCESS + + @staticmethod + def smb2TreeDisconnect(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2TreeDisconnect_Response() + + if connData['ConnectedShares'].has_key(recvPacket['TreeID']): + smbServer.log("Disconnecting Share(%d:%s)" % (recvPacket['TreeID'],connData['ConnectedShares'][recvPacket['TreeID']]['shareName'])) + del(connData['ConnectedShares'][recvPacket['TreeID']]) + errorCode = STATUS_SUCCESS + else: + # STATUS_SMB_BAD_TID + errorCode = STATUS_SMB_BAD_TID + + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Logoff(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Logoff_Response() + + if recvPacket['SessionID'] != connData['Uid']: + # STATUS_SMB_BAD_UID + errorCode = STATUS_SMB_BAD_UID + else: + errorCode = STATUS_SUCCESS + + connData['Uid'] = 0 + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Ioctl(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Ioctl_Response() + ioctlRequest = smb2.SMB2Ioctl(recvPacket['Data']) + + ioctls = smbServer.getIoctls() + if ioctls.has_key(ioctlRequest['CtlCode']): + outputData, errorCode = ioctls[ioctlRequest['CtlCode']](connId, smbServer, ioctlRequest) + if errorCode == STATUS_SUCCESS: + respSMBCommand['CtlCode'] = ioctlRequest['CtlCode'] + respSMBCommand['FileID'] = ioctlRequest['FileID'] + respSMBCommand['InputOffset'] = 0 + respSMBCommand['InputCount'] = 0 + respSMBCommand['OutputOffset'] = 0x70 + respSMBCommand['OutputCount'] = len(outputData) + respSMBCommand['Flags'] = 0 + respSMBCommand['Buffer'] = outputData + else: + respSMBCommand = outputData + else: + smbServer.log("Ioctl not implemented command: 0x%x" % ioctlRequest['CtlCode'],logging.DEBUG) + errorCode = STATUS_INVALID_DEVICE_REQUEST + respSMBCommand = smb2.SMB2Error() + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Lock(connId, smbServer, recvPacket): + connData = smbServer.getConnectionData(connId) + + respSMBCommand = smb2.SMB2Lock_Response() + + # I'm actually doing nothing.. just make MacOS happy ;) + errorCode = STATUS_SUCCESS + + smbServer.setConnectionData(connId, connData) + return [respSMBCommand], None, errorCode + + @staticmethod + def smb2Cancel(connId, smbServer, recvPacket): + # I'm actually doing nothing + return [smb2.SMB2Error()], None, STATUS_CANCELLED + + @staticmethod + def default(connId, smbServer, recvPacket): + # By default we return an SMB Packet with error not implemented + smbServer.log("Not implemented command: 0x%x" % recvPacket['Command'],logging.DEBUG) + return [smb2.SMB2Error()], None, STATUS_NOT_SUPPORTED + +class Ioctls: + @staticmethod + def fsctlDfsGetReferrals(connId, smbServer, ioctlRequest): + return smb2.SMB2Error(), STATUS_FS_DRIVER_REQUIRED + + @staticmethod + def fsctlPipeTransceive(connId, smbServer, ioctlRequest): + connData = smbServer.getConnectionData(connId) + + ioctlResponse = '' + + if connData['OpenedFiles'].has_key(str(ioctlRequest['FileID'])): + fileHandle = connData['OpenedFiles'][str(ioctlRequest['FileID'])]['FileHandle'] + errorCode = STATUS_SUCCESS + try: + if fileHandle != PIPE_FILE_DESCRIPTOR: + errorCode = STATUS_INVALID_DEVICE_REQUEST + else: + sock = connData['OpenedFiles'][str(ioctlRequest['FileID'])]['Socket'] + sock.sendall(ioctlRequest['Buffer']) + ioctlResponse = sock.recv(ioctlRequest['MaxOutputResponse']) + except Exception, e: + smbServer.log('fsctlPipeTransceive: %s ' % e, logging.ERROR) + errorCode = STATUS_ACCESS_DENIED + else: + errorCode = STATUS_INVALID_DEVICE_REQUEST + + smbServer.setConnectionData(connId, connData) + return ioctlResponse, errorCode + + @staticmethod + def fsctlValidateNegotiateInfo(connId, smbServer, ioctlRequest): + connData = smbServer.getConnectionData(connId) + + errorCode = STATUS_SUCCESS + + validateNegotiateInfo = smb2.VALIDATE_NEGOTIATE_INFO(ioctlRequest['Buffer']) + validateNegotiateInfo['Capabilities'] = 0 + validateNegotiateInfo['Guid'] = 'A'*16 + validateNegotiateInfo['SecurityMode'] = 1 + validateNegotiateInfo['Dialects'] = (smb2.SMB2_DIALECT_002,) + + smbServer.setConnectionData(connId, connData) + return validateNegotiateInfo.getData(), errorCode + + +class SMBSERVERHandler(SocketServer.BaseRequestHandler): + def __init__(self, request, client_address, server, select_poll = False): + self.__SMB = server + self.__ip, self.__port = client_address + self.__request = request + self.__connId = threading.currentThread().getName() + self.__timeOut = 60*5 + self.__select_poll = select_poll + #self.__connId = os.getpid() + SocketServer.BaseRequestHandler.__init__(self, request, client_address, server) + + def handle(self): + self.__SMB.log("Incoming connection (%s,%d)" % (self.__ip, self.__port)) + self.__SMB.addConnection(self.__connId, self.__ip, self.__port) + while True: + try: + # Firt of all let's get the NETBIOS packet + session = nmb.NetBIOSTCPSession(self.__SMB.getServerName(),'HOST', self.__ip, sess_port = self.__port, sock = self.__request, select_poll = self.__select_poll) + try: + p = session.recv_packet(self.__timeOut) + except nmb.NetBIOSTimeout: + raise + except nmb.NetBIOSError: + break + + if p.get_type() == nmb.NETBIOS_SESSION_REQUEST: + # Someone is requesting a session, we're gonna accept them all :) + _, rn, my = p.get_trailer().split(' ') + remote_name = nmb.decode_name('\x20'+rn) + myname = nmb.decode_name('\x20'+my) + self.__SMB.log("NetBIOS Session request (%s,%s,%s)" % (self.__ip, remote_name[1].strip(), myname[1])) + r = nmb.NetBIOSSessionPacket() + r.set_type(nmb.NETBIOS_SESSION_POSITIVE_RESPONSE) + r.set_trailer(p.get_trailer()) + self.__request.send(r.rawData()) + else: + resp = self.__SMB.processRequest(self.__connId, p.get_trailer()) + # Send all the packets recevied. Except for big transactions this should be + # a single packet + for i in resp: + session.send_packet(str(i)) + except Exception, e: + self.__SMB.log("Handle: %s" % e) + #import traceback + #traceback.print_exc() + break + + def finish(self): + # Thread/process is dying, we should tell the main SMB thread to remove all this thread data + self.__SMB.log("Closing down connection (%s,%d)" % (self.__ip, self.__port)) + self.__SMB.removeConnection(self.__connId) + return SocketServer.BaseRequestHandler.finish(self) + +class SMBSERVER(SocketServer.ThreadingMixIn, SocketServer.TCPServer): +#class SMBSERVER(SocketServer.ForkingMixIn, SocketServer.TCPServer): + def __init__(self, server_address, handler_class=SMBSERVERHandler, config_parser = None): + SocketServer.TCPServer.allow_reuse_address = True + SocketServer.TCPServer.__init__(self, server_address, handler_class) + + # Server name and OS to be presented whenever is necessary + self.__serverName = '' + self.__serverOS = '' + self.__serverDomain = '' + self.__challenge = '' + self.__log = None + + # Our ConfigParser data + self.__serverConfig = config_parser + + # Our credentials to be used during the server's lifetime + self.__credentials = {} + + # Our log file + self.__logFile = '' + + # Registered Named Pipes, format is PipeName,Socket + self.__registeredNamedPipes = {} + + # JTR dump path + self.__jtr_dump_path = '' + + # SMB2 Support flag = default not active + self.__SMB2Support = False + + # Our list of commands we will answer, by default the NOT IMPLEMENTED one + self.__smbCommandsHandler = SMBCommands() + self.__smbTrans2Handler = TRANS2Commands() + self.__smbTransHandler = TRANSCommands() + self.__smbNTTransHandler = NTTRANSCommands() + self.__smb2CommandsHandler = SMB2Commands() + self.__IoctlHandler = Ioctls() + + self.__smbNTTransCommands = { + # NT IOCTL, can't find doc for this + 0xff :self.__smbNTTransHandler.default + } + + self.__smbTransCommands = { +'\\PIPE\\LANMAN' :self.__smbTransHandler.lanMan, +smb.SMB.TRANS_TRANSACT_NMPIPE :self.__smbTransHandler.transactNamedPipe, + } + self.__smbTrans2Commands = { + smb.SMB.TRANS2_FIND_FIRST2 :self.__smbTrans2Handler.findFirst2, + smb.SMB.TRANS2_FIND_NEXT2 :self.__smbTrans2Handler.findNext2, + smb.SMB.TRANS2_QUERY_FS_INFORMATION :self.__smbTrans2Handler.queryFsInformation, + smb.SMB.TRANS2_QUERY_PATH_INFORMATION :self.__smbTrans2Handler.queryPathInformation, + smb.SMB.TRANS2_QUERY_FILE_INFORMATION :self.__smbTrans2Handler.queryFileInformation, + smb.SMB.TRANS2_SET_FILE_INFORMATION :self.__smbTrans2Handler.setFileInformation, + smb.SMB.TRANS2_SET_PATH_INFORMATION :self.__smbTrans2Handler.setPathInformation + } + + self.__smbCommands = { + #smb.SMB.SMB_COM_FLUSH: self.__smbCommandsHandler.smbComFlush, + smb.SMB.SMB_COM_CREATE_DIRECTORY: self.__smbCommandsHandler.smbComCreateDirectory, + smb.SMB.SMB_COM_DELETE_DIRECTORY: self.__smbCommandsHandler.smbComDeleteDirectory, + smb.SMB.SMB_COM_RENAME: self.__smbCommandsHandler.smbComRename, + smb.SMB.SMB_COM_DELETE: self.__smbCommandsHandler.smbComDelete, + smb.SMB.SMB_COM_NEGOTIATE: self.__smbCommandsHandler.smbComNegotiate, + smb.SMB.SMB_COM_SESSION_SETUP_ANDX: self.__smbCommandsHandler.smbComSessionSetupAndX, + smb.SMB.SMB_COM_LOGOFF_ANDX: self.__smbCommandsHandler.smbComLogOffAndX, + smb.SMB.SMB_COM_TREE_CONNECT_ANDX: self.__smbCommandsHandler.smbComTreeConnectAndX, + smb.SMB.SMB_COM_TREE_DISCONNECT: self.__smbCommandsHandler.smbComTreeDisconnect, + smb.SMB.SMB_COM_ECHO: self.__smbCommandsHandler.smbComEcho, + smb.SMB.SMB_COM_QUERY_INFORMATION: self.__smbCommandsHandler.smbQueryInformation, + smb.SMB.SMB_COM_TRANSACTION2: self.__smbCommandsHandler.smbTransaction2, + smb.SMB.SMB_COM_TRANSACTION: self.__smbCommandsHandler.smbTransaction, + # Not needed for now + smb.SMB.SMB_COM_NT_TRANSACT: self.__smbCommandsHandler.smbNTTransact, + smb.SMB.SMB_COM_QUERY_INFORMATION_DISK: self.__smbCommandsHandler.smbQueryInformationDisk, + smb.SMB.SMB_COM_OPEN_ANDX: self.__smbCommandsHandler.smbComOpenAndX, + smb.SMB.SMB_COM_QUERY_INFORMATION2: self.__smbCommandsHandler.smbComQueryInformation2, + smb.SMB.SMB_COM_READ_ANDX: self.__smbCommandsHandler.smbComReadAndX, + smb.SMB.SMB_COM_READ: self.__smbCommandsHandler.smbComRead, + smb.SMB.SMB_COM_WRITE_ANDX: self.__smbCommandsHandler.smbComWriteAndX, + smb.SMB.SMB_COM_WRITE: self.__smbCommandsHandler.smbComWrite, + smb.SMB.SMB_COM_CLOSE: self.__smbCommandsHandler.smbComClose, + smb.SMB.SMB_COM_LOCKING_ANDX: self.__smbCommandsHandler.smbComLockingAndX, + smb.SMB.SMB_COM_NT_CREATE_ANDX: self.__smbCommandsHandler.smbComNtCreateAndX, + 0xFF: self.__smbCommandsHandler.default +} + + self.__smb2Ioctls = { + smb2.FSCTL_DFS_GET_REFERRALS: self.__IoctlHandler.fsctlDfsGetReferrals, +# smb2.FSCTL_PIPE_PEEK: self.__IoctlHandler.fsctlPipePeek, +# smb2.FSCTL_PIPE_WAIT: self.__IoctlHandler.fsctlPipeWait, + smb2.FSCTL_PIPE_TRANSCEIVE: self.__IoctlHandler.fsctlPipeTransceive, +# smb2.FSCTL_SRV_COPYCHUNK: self.__IoctlHandler.fsctlSrvCopyChunk, +# smb2.FSCTL_SRV_ENUMERATE_SNAPSHOTS: self.__IoctlHandler.fsctlSrvEnumerateSnapshots, +# smb2.FSCTL_SRV_REQUEST_RESUME_KEY: self.__IoctlHandler.fsctlSrvRequestResumeKey, +# smb2.FSCTL_SRV_READ_HASH: self.__IoctlHandler.fsctlSrvReadHash, +# smb2.FSCTL_SRV_COPYCHUNK_WRITE: self.__IoctlHandler.fsctlSrvCopyChunkWrite, +# smb2.FSCTL_LMR_REQUEST_RESILIENCY: self.__IoctlHandler.fsctlLmrRequestResiliency, +# smb2.FSCTL_QUERY_NETWORK_INTERFACE_INFO: self.__IoctlHandler.fsctlQueryNetworkInterfaceInfo, +# smb2.FSCTL_SET_REPARSE_POINT: self.__IoctlHandler.fsctlSetReparsePoint, +# smb2.FSCTL_DFS_GET_REFERRALS_EX: self.__IoctlHandler.fsctlDfsGetReferralsEx, +# smb2.FSCTL_FILE_LEVEL_TRIM: self.__IoctlHandler.fsctlFileLevelTrim, + smb2.FSCTL_VALIDATE_NEGOTIATE_INFO: self.__IoctlHandler.fsctlValidateNegotiateInfo, +} + + self.__smb2Commands = { + smb2.SMB2_NEGOTIATE: self.__smb2CommandsHandler.smb2Negotiate, + smb2.SMB2_SESSION_SETUP: self.__smb2CommandsHandler.smb2SessionSetup, + smb2.SMB2_LOGOFF: self.__smb2CommandsHandler.smb2Logoff, + smb2.SMB2_TREE_CONNECT: self.__smb2CommandsHandler.smb2TreeConnect, + smb2.SMB2_TREE_DISCONNECT: self.__smb2CommandsHandler.smb2TreeDisconnect, + smb2.SMB2_CREATE: self.__smb2CommandsHandler.smb2Create, + smb2.SMB2_CLOSE: self.__smb2CommandsHandler.smb2Close, + smb2.SMB2_FLUSH: self.__smb2CommandsHandler.smb2Flush, + smb2.SMB2_READ: self.__smb2CommandsHandler.smb2Read, + smb2.SMB2_WRITE: self.__smb2CommandsHandler.smb2Write, + smb2.SMB2_LOCK: self.__smb2CommandsHandler.smb2Lock, + smb2.SMB2_IOCTL: self.__smb2CommandsHandler.smb2Ioctl, + smb2.SMB2_CANCEL: self.__smb2CommandsHandler.smb2Cancel, + smb2.SMB2_ECHO: self.__smb2CommandsHandler.smb2Echo, + smb2.SMB2_QUERY_DIRECTORY: self.__smb2CommandsHandler.smb2QueryDirectory, + smb2.SMB2_CHANGE_NOTIFY: self.__smb2CommandsHandler.smb2ChangeNotify, + smb2.SMB2_QUERY_INFO: self.__smb2CommandsHandler.smb2QueryInfo, + smb2.SMB2_SET_INFO: self.__smb2CommandsHandler.smb2SetInfo, +# smb2.SMB2_OPLOCK_BREAK: self.__smb2CommandsHandler.smb2SessionSetup, + 0xFF: self.__smb2CommandsHandler.default +} + + # List of active connections + self.__activeConnections = {} + + def getIoctls(self): + return self.__smb2Ioctls + + def getCredentials(self): + return self.__credentials + + def removeConnection(self, name): + try: + del(self.__activeConnections[name]) + except: + pass + self.log("Remaining connections %s" % self.__activeConnections.keys()) + + def addConnection(self, name, ip, port): + self.__activeConnections[name] = {} + # Let's init with some know stuff we will need to have + # TODO: Document what's in there + #print "Current Connections", self.__activeConnections.keys() + self.__activeConnections[name]['PacketNum'] = 0 + self.__activeConnections[name]['ClientIP'] = ip + self.__activeConnections[name]['ClientPort'] = port + self.__activeConnections[name]['Uid'] = 0 + self.__activeConnections[name]['ConnectedShares'] = {} + self.__activeConnections[name]['OpenedFiles'] = {} + # SID results for findfirst2 + self.__activeConnections[name]['SIDs'] = {} + self.__activeConnections[name]['LastRequest'] = {} + + def getActiveConnections(self): + return self.__activeConnections + + def setConnectionData(self, connId, data): + self.__activeConnections[connId] = data + #print "setConnectionData" + #print self.__activeConnections + + def getConnectionData(self, connId, checkStatus = True): + conn = self.__activeConnections[connId] + if checkStatus is True: + if conn.has_key('Authenticated') is not True: + # Can't keep going further + raise Exception("User not Authenticated!") + return conn + + def getRegisteredNamedPipes(self): + return self.__registeredNamedPipes + + def registerNamedPipe(self, pipeName, address): + self.__registeredNamedPipes[unicode(pipeName)] = address + return True + + def unregisterNamedPipe(self, pipeName): + if self.__registeredNamedPipes.has_key(pipeName): + del(self.__registeredNamedPipes[unicode(pipeName)]) + return True + return False + + def unregisterTransaction(self, transCommand): + if self.__smbTransCommands.has_key(transCommand): + del(self.__smbTransCommands[transCommand]) + + def hookTransaction(self, transCommand, callback): + # If you call this function, callback will replace + # the current Transaction sub command. + # (don't get confused with the Transaction smbCommand) + # If the transaction sub command doesn't not exist, it is added + # If the transaction sub command exists, it returns the original function # replaced + # + # callback MUST be declared as: + # callback(connId, smbServer, recvPacket, parameters, data, maxDataCount=0) + # + # WHERE: + # + # connId : the connection Id, used to grab/update information about + # the current connection + # smbServer : the SMBServer instance available for you to ask + # configuration data + # recvPacket : the full SMBPacket that triggered this command + # parameters : the transaction parameters + # data : the transaction data + # maxDataCount: the max amount of data that can be transfered agreed + # with the client + # + # and MUST return: + # respSetup, respParameters, respData, errorCode + # + # WHERE: + # + # respSetup: the setup response of the transaction + # respParameters: the parameters response of the transaction + # respData: the data reponse of the transaction + # errorCode: the NT error code + + if self.__smbTransCommands.has_key(transCommand): + originalCommand = self.__smbTransCommands[transCommand] + else: + originalCommand = None + + self.__smbTransCommands[transCommand] = callback + return originalCommand + + def unregisterTransaction2(self, transCommand): + if self.__smbTrans2Commands.has_key(transCommand): + del(self.__smbTrans2Commands[transCommand]) + + def hookTransaction2(self, transCommand, callback): + # Here we should add to __smbTrans2Commands + # Same description as Transaction + if self.__smbTrans2Commands.has_key(transCommand): + originalCommand = self.__smbTrans2Commands[transCommand] + else: + originalCommand = None + + self.__smbTrans2Commands[transCommand] = callback + return originalCommand + + def unregisterNTTransaction(self, transCommand): + if self.__smbNTTransCommands.has_key(transCommand): + del(self.__smbNTTransCommands[transCommand]) + + def hookNTTransaction(self, transCommand, callback): + # Here we should add to __smbNTTransCommands + # Same description as Transaction + if self.__smbNTTransCommands.has_key(transCommand): + originalCommand = self.__smbNTTransCommands[transCommand] + else: + originalCommand = None + + self.__smbNTTransCommands[transCommand] = callback + return originalCommand + + def unregisterSmbCommand(self, smbCommand): + if self.__smbCommands.has_key(smbCommand): + del(self.__smbCommands[smbCommand]) + + def hookSmbCommand(self, smbCommand, callback): + # Here we should add to self.__smbCommands + # If you call this function, callback will replace + # the current smbCommand. + # If smbCommand doesn't not exist, it is added + # If SMB command exists, it returns the original function replaced + # + # callback MUST be declared as: + # callback(connId, smbServer, SMBCommand, recvPacket) + # + # WHERE: + # + # connId : the connection Id, used to grab/update information about + # the current connection + # smbServer : the SMBServer instance available for you to ask + # configuration data + # SMBCommand: the SMBCommand itself, with its data and parameters. + # Check smb.py:SMBCommand() for a reference + # recvPacket: the full SMBPacket that triggered this command + # + # and MUST return: + # <list of respSMBCommands>, <list of packets>, errorCode + # <list of packets> has higher preference over commands, in case you + # want to change the whole packet + # errorCode: the NT error code + # + # For SMB_COM_TRANSACTION2, SMB_COM_TRANSACTION and SMB_COM_NT_TRANSACT + # the callback function is slightly different: + # + # callback(connId, smbServer, SMBCommand, recvPacket, transCommands) + # + # WHERE: + # + # transCommands: a list of transaction subcommands already registered + # + + if self.__smbCommands.has_key(smbCommand): + originalCommand = self.__smbCommands[smbCommand] + else: + originalCommand = None + + self.__smbCommands[smbCommand] = callback + return originalCommand + + def unregisterSmb2Command(self, smb2Command): + if self.__smb2Commands.has_key(smb2Command): + del(self.__smb2Commands[smb2Command]) + + def hookSmb2Command(self, smb2Command, callback): + if self.__smb2Commands.has_key(smb2Command): + originalCommand = self.__smb2Commands[smb2Command] + else: + originalCommand = None + + self.__smb2Commands[smb2Command] = callback + return originalCommand + + def log(self, msg, level=logging.INFO): + self.__log.log(level,msg) + + def getServerName(self): + return self.__serverName + + def getServerOS(self): + return self.__serverOS + + def getServerDomain(self): + return self.__serverDomain + + def getSMBChallenge(self): + return self.__challenge + + def getServerConfig(self): + return self.__serverConfig + + def setServerConfig(self, config): + self.__serverConfig = config + + def getJTRdumpPath(self): + return self.__jtr_dump_path + + def verify_request(self, request, client_address): + # TODO: Control here the max amount of processes we want to launch + # returning False, closes the connection + return True + + def processRequest(self, connId, data): + + # TODO: Process batched commands. + isSMB2 = False + SMBCommand = None + try: + packet = smb.NewSMBPacket(data = data) + SMBCommand = smb.SMBCommand(packet['Data'][0]) + except: + # Maybe a SMB2 packet? + packet = smb2.SMB2Packet(data = data) + isSMB2 = True + + # We might have compound requests + compoundedPacketsResponse = [] + compoundedPackets = [] + try: + # Search out list of implemented commands + # We provide them with: + # connId : representing the data for this specific connection + # self : the SMBSERVER if they want to ask data to it + # SMBCommand : the SMBCommand they are expecting to process + # packet : the received packet itself, in case they need more data than the actual command + # Only for Transactions + # transCommand: a list of transaction subcommands + # We expect to get: + # respCommands: a list of answers for the commands processed + # respPacket : if the commands chose to directly craft packet/s, we use this and not the previous + # this MUST be a list + # errorCode : self explanatory + if isSMB2 is False: + if packet['Command'] == smb.SMB.SMB_COM_TRANSACTION2: + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet, + self.__smbTrans2Commands) + elif packet['Command'] == smb.SMB.SMB_COM_NT_TRANSACT: + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet, + self.__smbNTTransCommands) + elif packet['Command'] == smb.SMB.SMB_COM_TRANSACTION: + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet, + self.__smbTransCommands) + else: + if self.__smbCommands.has_key(packet['Command']): + if self.__SMB2Support is True: + if packet['Command'] == smb.SMB.SMB_COM_NEGOTIATE: + try: + respCommands, respPackets, errorCode = self.__smb2Commands[smb2.SMB2_NEGOTIATE](connId, self, packet, True) + isSMB2 = True + except Exception, e: + self.log('SMB2_NEGOTIATE: %s' % e, logging.ERROR) + # If something went wrong, let's fallback to SMB1 + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet) + #self.__SMB2Support = False + pass + else: + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet) + else: + respCommands, respPackets, errorCode = self.__smbCommands[packet['Command']]( + connId, + self, + SMBCommand, + packet) + else: + respCommands, respPackets, errorCode = self.__smbCommands[255](connId, self, SMBCommand, packet) + + compoundedPacketsResponse.append((respCommands, respPackets, errorCode)) + compoundedPackets.append(packet) + + else: + done = False + while not done: + if self.__smb2Commands.has_key(packet['Command']): + if self.__SMB2Support is True: + respCommands, respPackets, errorCode = self.__smb2Commands[packet['Command']]( + connId, + self, + packet) + else: + respCommands, respPackets, errorCode = self.__smb2Commands[255](connId, self, packet) + else: + respCommands, respPackets, errorCode = self.__smb2Commands[255](connId, self, packet) + # Let's store the result for this compounded packet + compoundedPacketsResponse.append((respCommands, respPackets, errorCode)) + compoundedPackets.append(packet) + if packet['NextCommand'] != 0: + data = data[packet['NextCommand']:] + packet = smb2.SMB2Packet(data = data) + else: + done = True + + except Exception, e: + #import traceback + #traceback.print_exc() + # Something wen't wrong, defaulting to Bad user ID + self.log('processRequest (0x%x,%s)' % (packet['Command'],e), logging.ERROR) + raise + + # We prepare the response packet to commands don't need to bother about that. + connData = self.getConnectionData(connId, False) + + # Force reconnection loop.. This is just a test.. client will send me back credentials :) + #connData['PacketNum'] += 1 + #if connData['PacketNum'] == 15: + # connData['PacketNum'] = 0 + # # Something wen't wrong, defaulting to Bad user ID + # self.log('Sending BAD USER ID!', logging.ERROR) + # #raise + # packet['Flags1'] |= smb.SMB.FLAGS1_REPLY + # packet['Flags2'] = 0 + # errorCode = STATUS_SMB_BAD_UID + # packet['ErrorCode'] = errorCode >> 16 + # packet['ErrorClass'] = errorCode & 0xff + # return [packet] + + self.setConnectionData(connId, connData) + + packetsToSend = [] + for packetNum in range(len(compoundedPacketsResponse)): + respCommands, respPackets, errorCode = compoundedPacketsResponse[packetNum] + packet = compoundedPackets[packetNum] + if respPackets is None: + for respCommand in respCommands: + if isSMB2 is False: + respPacket = smb.NewSMBPacket() + respPacket['Flags1'] = smb.SMB.FLAGS1_REPLY + + # TODO this should come from a per session configuration + respPacket['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES | packet['Flags2'] & smb.SMB.FLAGS2_UNICODE + #respPacket['Flags2'] = smb.SMB.FLAGS2_EXTENDED_SECURITY | smb.SMB.FLAGS2_NT_STATUS | smb.SMB.FLAGS2_LONG_NAMES + #respPacket['Flags1'] = 0x98 + #respPacket['Flags2'] = 0xc807 + + + respPacket['Tid'] = packet['Tid'] + respPacket['Mid'] = packet['Mid'] + respPacket['Pid'] = packet['Pid'] + respPacket['Uid'] = connData['Uid'] + + respPacket['ErrorCode'] = errorCode >> 16 + respPacket['_reserved'] = errorCode >> 8 & 0xff + respPacket['ErrorClass'] = errorCode & 0xff + respPacket.addCommand(respCommand) + + packetsToSend.append(respPacket) + else: + respPacket = smb2.SMB2Packet() + respPacket['Flags'] = smb2.SMB2_FLAGS_SERVER_TO_REDIR + if packetNum > 0: + respPacket['Flags'] |= smb2.SMB2_FLAGS_RELATED_OPERATIONS + respPacket['Status'] = errorCode + respPacket['CreditRequestResponse'] = packet['CreditRequestResponse'] + respPacket['Command'] = packet['Command'] + respPacket['CreditCharge'] = packet['CreditCharge'] + #respPacket['CreditCharge'] = 0 + respPacket['Reserved'] = packet['Reserved'] + respPacket['SessionID'] = connData['Uid'] + respPacket['MessageID'] = packet['MessageID'] + respPacket['TreeID'] = packet['TreeID'] + respPacket['Data'] = str(respCommand) + packetsToSend.append(respPacket) + else: + # The SMBCommand took care of building the packet + packetsToSend = respPackets + + if isSMB2 is True: + # Let's build a compound answer + finalData = '' + i = 0 + for i in range(len(packetsToSend)-1): + packet = packetsToSend[i] + # Align to 8-bytes + padLen = (8 - (len(packet) % 8) ) % 8 + packet['NextCommand'] = len(packet) + padLen + finalData += str(packet) + padLen*'\x00' + + # Last one + finalData += str(packetsToSend[len(packetsToSend)-1]) + packetsToSend = [finalData] + + # We clear the compound requests + connData['LastRequest'] = {} + + return packetsToSend + + def processConfigFile(self, configFile = None): + # TODO: Do a real config parser + if self.__serverConfig is None: + if configFile is None: + configFile = 'smb.conf' + self.__serverConfig = ConfigParser.ConfigParser() + self.__serverConfig.read(configFile) + + self.__serverName = self.__serverConfig.get('global','server_name') + self.__serverOS = self.__serverConfig.get('global','server_os') + self.__serverDomain = self.__serverConfig.get('global','server_domain') + self.__logFile = self.__serverConfig.get('global','log_file') + if self.__serverConfig.has_option('global', 'challenge'): + self.__challenge = self.__serverConfig.get('global', 'challenge') + else: + self.__challenge = 'A'*8 + + if self.__serverConfig.has_option("global", "jtr_dump_path"): + self.__jtr_dump_path = self.__serverConfig.get("global", "jtr_dump_path") + + if self.__serverConfig.has_option("global", "SMB2Support"): + self.__SMB2Support = self.__serverConfig.getboolean("global","SMB2Support") + else: + self.__SMB2Support = False + + if self.__logFile != 'None': + logging.basicConfig(filename = self.__logFile, + level = logging.DEBUG, + format="%(asctime)s: %(levelname)s: %(message)s", + datefmt = '%m/%d/%Y %I:%M:%S %p') + self.__log = LOG + + # Process the credentials + credentials_fname = self.__serverConfig.get('global','credentials_file') + if credentials_fname is not "": + cred = open(credentials_fname) + line = cred.readline() + while line: + name, domain, lmhash, nthash = line.split(':') + self.__credentials[name] = (domain, lmhash, nthash.strip('\r\n')) + line = cred.readline() + cred.close() + self.log('Config file parsed') + +# For windows platforms, opening a directory is not an option, so we set a void FD +VOID_FILE_DESCRIPTOR = -1 +PIPE_FILE_DESCRIPTOR = -2 + +###################################################################### +# HELPER CLASSES +###################################################################### + +from impacket.dcerpc.v5.rpcrt import DCERPCServer +from impacket.dcerpc.v5.dtypes import NULL +from impacket.dcerpc.v5.srvs import NetrShareEnum, NetrShareEnumResponse, SHARE_INFO_1, NetrServerGetInfo, NetrServerGetInfoResponse, NetrShareGetInfo, NetrShareGetInfoResponse +from impacket.dcerpc.v5.wkst import NetrWkstaGetInfo, NetrWkstaGetInfoResponse +from impacket.system_errors import ERROR_INVALID_LEVEL + +class WKSTServer(DCERPCServer): + def __init__(self): + DCERPCServer.__init__(self) + self.wkssvcCallBacks = { + 0: self.NetrWkstaGetInfo, + } + self.addCallbacks(('6BFFD098-A112-3610-9833-46C3F87E345A', '1.0'),'\\PIPE\\wkssvc', self.wkssvcCallBacks) + + def NetrWkstaGetInfo(self,data): + request = NetrWkstaGetInfo(data) + self.log("NetrWkstaGetInfo Level: %d" % request['Level']) + + answer = NetrWkstaGetInfoResponse() + + if request['Level'] not in (100, 101): + answer['ErrorCode'] = ERROR_INVALID_LEVEL + return answer + + answer['WkstaInfo']['tag'] = request['Level'] + + if request['Level'] == 100: + # Windows. Decimal value 500. + answer['WkstaInfo']['WkstaInfo100']['wki100_platform_id'] = 0x000001F4 + answer['WkstaInfo']['WkstaInfo100']['wki100_computername'] = NULL + answer['WkstaInfo']['WkstaInfo100']['wki100_langroup'] = NULL + answer['WkstaInfo']['WkstaInfo100']['wki100_ver_major'] = 5 + answer['WkstaInfo']['WkstaInfo100']['wki100_ver_minor'] = 0 + else: + # Windows. Decimal value 500. + answer['WkstaInfo']['WkstaInfo101']['wki101_platform_id'] = 0x000001F4 + answer['WkstaInfo']['WkstaInfo101']['wki101_computername'] = NULL + answer['WkstaInfo']['WkstaInfo101']['wki101_langroup'] = NULL + answer['WkstaInfo']['WkstaInfo101']['wki101_ver_major'] = 5 + answer['WkstaInfo']['WkstaInfo101']['wki101_ver_minor'] = 0 + answer['WkstaInfo']['WkstaInfo101']['wki101_lanroot'] = NULL + + return answer + +class SRVSServer(DCERPCServer): + def __init__(self): + DCERPCServer.__init__(self) + + self._shares = {} + self.__serverConfig = None + self.__logFile = None + + self.srvsvcCallBacks = { + 15: self.NetrShareEnum, + 16: self.NetrShareGetInfo, + 21: self.NetrServerGetInfo, + } + + self.addCallbacks(('4B324FC8-1670-01D3-1278-5A47BF6EE188', '3.0'),'\\PIPE\\srvsvc', self.srvsvcCallBacks) + + def setServerConfig(self, config): + self.__serverConfig = config + + def processConfigFile(self, configFile=None): + if configFile is not None: + self.__serverConfig = ConfigParser.ConfigParser() + self.__serverConfig.read(configFile) + sections = self.__serverConfig.sections() + # Let's check the log file + self.__logFile = self.__serverConfig.get('global','log_file') + if self.__logFile != 'None': + logging.basicConfig(filename = self.__logFile, + level = logging.DEBUG, + format="%(asctime)s: %(levelname)s: %(message)s", + datefmt = '%m/%d/%Y %I:%M:%S %p') + + # Remove the global one + del(sections[sections.index('global')]) + self._shares = {} + for i in sections: + self._shares[i] = dict(self.__serverConfig.items(i)) + + def NetrShareGetInfo(self,data): + request = NetrShareGetInfo(data) + self.log("NetrGetShareInfo Level: %d" % request['Level']) + + s = request['NetName'][:-1].upper() + answer = NetrShareGetInfoResponse() + if self._shares.has_key(s): + share = self._shares[s] + + answer['InfoStruct']['tag'] = 1 + answer['InfoStruct']['ShareInfo1']['shi1_netname']= s+'\x00' + answer['InfoStruct']['ShareInfo1']['shi1_type'] = share['share type'] + answer['InfoStruct']['ShareInfo1']['shi1_remark'] = share['comment']+'\x00' + answer['ErrorCode'] = 0 + else: + answer['InfoStruct']['tag'] = 1 + answer['InfoStruct']['ShareInfo1']= NULL + answer['ErrorCode'] = 0x0906 #WERR_NET_NAME_NOT_FOUND + + return answer + + def NetrServerGetInfo(self,data): + request = NetrServerGetInfo(data) + self.log("NetrServerGetInfo Level: %d" % request['Level']) + answer = NetrServerGetInfoResponse() + answer['InfoStruct']['tag'] = 101 + # PLATFORM_ID_NT = 500 + answer['InfoStruct']['ServerInfo101']['sv101_platform_id'] = 500 + answer['InfoStruct']['ServerInfo101']['sv101_name'] = request['ServerName'] + # Windows 7 = 6.1 + answer['InfoStruct']['ServerInfo101']['sv101_version_major'] = 6 + answer['InfoStruct']['ServerInfo101']['sv101_version_minor'] = 1 + # Workstation = 1 + answer['InfoStruct']['ServerInfo101']['sv101_type'] = 1 + answer['InfoStruct']['ServerInfo101']['sv101_comment'] = NULL + answer['ErrorCode'] = 0 + return answer + + def NetrShareEnum(self, data): + request = NetrShareEnum(data) + self.log("NetrShareEnum Level: %d" % request['InfoStruct']['Level']) + shareEnum = NetrShareEnumResponse() + shareEnum['InfoStruct']['Level'] = 1 + shareEnum['InfoStruct']['ShareInfo']['tag'] = 1 + shareEnum['TotalEntries'] = len(self._shares) + shareEnum['InfoStruct']['ShareInfo']['Level1']['EntriesRead'] = len(self._shares) + shareEnum['ErrorCode'] = 0 + + for i in self._shares: + shareInfo = SHARE_INFO_1() + shareInfo['shi1_netname'] = i+'\x00' + shareInfo['shi1_type'] = self._shares[i]['share type'] + shareInfo['shi1_remark'] = self._shares[i]['comment']+'\x00' + shareEnum['InfoStruct']['ShareInfo']['Level1']['Buffer'].append(shareInfo) + + return shareEnum + +class SimpleSMBServer: + """ + SimpleSMBServer class - Implements a simple, customizable SMB Server + + :param string listenAddress: the address you want the server to listen on + :param integer listenPort: the port number you want the server to listen on + :param string configFile: a file with all the servers' configuration. If no file specified, this class will create the basic parameters needed to run. You will need to add your shares manually tho. See addShare() method + """ + def __init__(self, listenAddress = '0.0.0.0', listenPort=445, configFile=''): + if configFile != '': + self.__server = SMBSERVER((listenAddress,listenPort)) + self.__server.processConfigFile(configFile) + self.__smbConfig = None + else: + # Here we write a mini config for the server + self.__smbConfig = ConfigParser.ConfigParser() + self.__smbConfig.add_section('global') + self.__smbConfig.set('global','server_name',''.join([random.choice(string.letters) for _ in range(8)])) + self.__smbConfig.set('global','server_os',''.join([random.choice(string.letters) for _ in range(8)]) +) + self.__smbConfig.set('global','server_domain',''.join([random.choice(string.letters) for _ in range(8)]) +) + self.__smbConfig.set('global','log_file','None') + self.__smbConfig.set('global','rpc_apis','yes') + self.__smbConfig.set('global','credentials_file','') + self.__smbConfig.set('global', 'challenge', "A"*8) + + # IPC always needed + self.__smbConfig.add_section('IPC$') + self.__smbConfig.set('IPC$','comment','') + self.__smbConfig.set('IPC$','read only','yes') + self.__smbConfig.set('IPC$','share type','3') + self.__smbConfig.set('IPC$','path','') + self.__server = SMBSERVER((listenAddress,listenPort), config_parser = self.__smbConfig) + self.__server.processConfigFile() + + # Now we have to register the MS-SRVS server. This specially important for + # Windows 7+ and Mavericks clients since they WONT (specially OSX) + # ask for shares using MS-RAP. + + self.__srvsServer = SRVSServer() + self.__srvsServer.daemon = True + self.__wkstServer = WKSTServer() + self.__wkstServer.daemon = True + self.__server.registerNamedPipe('srvsvc',('127.0.0.1',self.__srvsServer.getListenPort())) + self.__server.registerNamedPipe('wkssvc',('127.0.0.1',self.__wkstServer.getListenPort())) + + def start(self): + self.__srvsServer.start() + self.__wkstServer.start() + self.__server.serve_forever() + + def registerNamedPipe(self, pipeName, address): + return self.__server.registerNamedPipe(pipeName, address) + + def unregisterNamedPipe(self, pipeName): + return self.__server.unregisterNamedPipe(pipeName) + + def getRegisteredNamedPipes(self): + return self.__server.getRegisteredNamedPipes() + + def addShare(self, shareName, sharePath, shareComment='', shareType = 0, readOnly = 'no'): + self.__smbConfig.add_section(shareName) + self.__smbConfig.set(shareName, 'comment', shareComment) + self.__smbConfig.set(shareName, 'read only', readOnly) + self.__smbConfig.set(shareName, 'share type', shareType) + self.__smbConfig.set(shareName, 'path', sharePath) + self.__server.setServerConfig(self.__smbConfig) + self.__srvsServer.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + self.__srvsServer.processConfigFile() + + def removeShare(self, shareName): + self.__smbConfig.remove_section(shareName) + self.__server.setServerConfig(self.__smbConfig) + self.__srvsServer.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + self.__srvsServer.processConfigFile() + + def setSMBChallenge(self, challenge): + if challenge != '': + self.__smbConfig.set('global', 'challenge', unhexlify(challenge)) + self.__server.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + + def setLogFile(self, logFile): + self.__smbConfig.set('global','log_file',logFile) + self.__server.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + + def setCredentialsFile(self, logFile): + self.__smbConfig.set('global','credentials_file',logFile) + self.__server.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + + def setSMB2Support(self, value): + if value is True: + self.__smbConfig.set("global", "SMB2Support", "True") + else: + self.__smbConfig.set("global", "SMB2Support", "False") + self.__server.setServerConfig(self.__smbConfig) + self.__server.processConfigFile() + diff --git a/tests/python_dependencies/impacket/spnego.py b/tests/python_dependencies/impacket/spnego.py new file mode 100644 index 000000000..f177d18f7 --- /dev/null +++ b/tests/python_dependencies/impacket/spnego.py @@ -0,0 +1,372 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Author: Alberto Solino (beto@coresecurity.com) +# +# Description: +# SPNEGO functions used by SMB, SMB2/3 and DCERPC +# + +from struct import pack, unpack, calcsize + +############### GSS Stuff ################ +GSS_API_SPNEGO_UUID = '\x2b\x06\x01\x05\x05\x02' +ASN1_SEQUENCE = 0x30 +ASN1_AID = 0x60 +ASN1_OID = 0x06 +ASN1_OCTET_STRING = 0x04 +ASN1_MECH_TYPE = 0xa0 +ASN1_MECH_TOKEN = 0xa2 +ASN1_SUPPORTED_MECH = 0xa1 +ASN1_RESPONSE_TOKEN = 0xa2 +ASN1_ENUMERATED = 0x0a +MechTypes = { +'+\x06\x01\x04\x01\x827\x02\x02\x1e': 'SNMPv2-SMI::enterprises.311.2.2.30', +'+\x06\x01\x04\x01\x827\x02\x02\n': 'NTLMSSP - Microsoft NTLM Security Support Provider', +'*\x86H\x82\xf7\x12\x01\x02\x02': 'MS KRB5 - Microsoft Kerberos 5', +'*\x86H\x86\xf7\x12\x01\x02\x02': 'KRB5 - Kerberos 5', +'*\x86H\x86\xf7\x12\x01\x02\x02\x03': 'KRB5 - Kerberos 5 - User to User' +} +TypesMech = dict((v,k) for k, v in MechTypes.iteritems()) + +def asn1encode(data = ''): + #res = asn1.SEQUENCE(str).encode() + #import binascii + #print '\nalex asn1encode str: %s\n' % binascii.hexlify(str) + if 0 <= len(data) <= 0x7F: + res = pack('B', len(data)) + data + elif 0x80 <= len(data) <= 0xFF: + res = pack('BB', 0x81, len(data)) + data + elif 0x100 <= len(data) <= 0xFFFF: + res = pack('!BH', 0x82, len(data)) + data + elif 0x10000 <= len(data) <= 0xffffff: + res = pack('!BBH', 0x83, len(data) >> 16, len(data) & 0xFFFF) + data + elif 0x1000000 <= len(data) <= 0xffffffff: + res = pack('!BL', 0x84, len(data)) + data + else: + raise Exception('Error in asn1encode') + return str(res) + +def asn1decode(data = ''): + len1 = unpack('B', data[:1])[0] + data = data[1:] + if len1 == 0x81: + pad = calcsize('B') + len2 = unpack('B',data[:pad])[0] + data = data[pad:] + ans = data[:len2] + elif len1 == 0x82: + pad = calcsize('H') + len2 = unpack('!H', data[:pad])[0] + data = data[pad:] + ans = data[:len2] + elif len1 == 0x83: + pad = calcsize('B') + calcsize('!H') + len2, len3 = unpack('!BH', data[:pad]) + data = data[pad:] + ans = data[:len2 << 16 + len3] + elif len1 == 0x84: + pad = calcsize('!L') + len2 = unpack('!L', data[:pad])[0] + data = data[pad:] + ans = data[:len2] + # 1 byte length, string <= 0x7F + else: + pad = 0 + ans = data[:len1] + return ans, len(ans)+pad+1 + +class GSSAPI: +# Generic GSSAPI Header Format + def __init__(self, data = None): + self.fields = {} + self['UUID'] = GSS_API_SPNEGO_UUID + if data: + self.fromString(data) + pass + + def __setitem__(self,key,value): + self.fields[key] = value + + def __getitem__(self, key): + return self.fields[key] + + def __delitem__(self, key): + del self.fields[key] + + def __len__(self): + return len(self.getData()) + + def __str__(self): + return len(self.getData()) + + def fromString(self, data = None): + # Manual parse of the GSSAPI Header Format + # It should be something like + # AID = 0x60 TAG, BER Length + # OID = 0x06 TAG + # GSSAPI OID + # UUID data (BER Encoded) + # Payload + next_byte = unpack('B',data[:1])[0] + if next_byte != ASN1_AID: + raise Exception('Unknown AID=%x' % next_byte) + data = data[1:] + decode_data, total_bytes = asn1decode(data) + # Now we should have a OID tag + next_byte = unpack('B',decode_data[:1])[0] + if next_byte != ASN1_OID: + raise Exception('OID tag not found %x' % next_byte) + decode_data = decode_data[1:] + # Now the OID contents, should be SPNEGO UUID + uuid, total_bytes = asn1decode(decode_data) + self['OID'] = uuid + # the rest should be the data + self['Payload'] = decode_data[total_bytes:] + #pass + + def dump(self): + for i in self.fields.keys(): + print "%s: {%r}" % (i,self[i]) + + def getData(self): + ans = pack('B',ASN1_AID) + ans += asn1encode( + pack('B',ASN1_OID) + + asn1encode(self['UUID']) + + self['Payload'] ) + return ans + +class SPNEGO_NegTokenResp: + # http://tools.ietf.org/html/rfc4178#page-9 + # NegTokenResp ::= SEQUENCE { + # negState [0] ENUMERATED { + # accept-completed (0), + # accept-incomplete (1), + # reject (2), + # request-mic (3) + # } OPTIONAL, + # -- REQUIRED in the first reply from the target + # supportedMech [1] MechType OPTIONAL, + # -- present only in the first reply from the target + # responseToken [2] OCTET STRING OPTIONAL, + # mechListMIC [3] OCTET STRING OPTIONAL, + # ... + # } + # This structure is not prepended by a GSS generic header! + SPNEGO_NEG_TOKEN_RESP = 0xa1 + SPNEGO_NEG_TOKEN_TARG = 0xa0 + + def __init__(self, data = None): + self.fields = {} + if data: + self.fromString(data) + pass + + def __setitem__(self,key,value): + self.fields[key] = value + + def __getitem__(self, key): + return self.fields[key] + + def __delitem__(self, key): + del self.fields[key] + + def __len__(self): + return len(self.getData()) + + def __str__(self): + return len(self.getData()) + + def fromString(self, data = 0): + payload = data + next_byte = unpack('B', payload[:1])[0] + if next_byte != SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_RESP: + raise Exception('NegTokenResp not found %x' % next_byte) + payload = payload[1:] + decode_data, total_bytes = asn1decode(payload) + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_SEQUENCE: + raise Exception('SEQUENCE tag not found %x' % next_byte) + decode_data = decode_data[1:] + decode_data, total_bytes = asn1decode(decode_data) + next_byte = unpack('B',decode_data[:1])[0] + + if next_byte != ASN1_MECH_TYPE: + # MechType not found, could be an AUTH answer + if next_byte != ASN1_RESPONSE_TOKEN: + raise Exception('MechType/ResponseToken tag not found %x' % next_byte) + else: + decode_data2 = decode_data[1:] + decode_data2, total_bytes = asn1decode(decode_data2) + next_byte = unpack('B', decode_data2[:1])[0] + if next_byte != ASN1_ENUMERATED: + raise Exception('Enumerated tag not found %x' % next_byte) + item, total_bytes2 = asn1decode(decode_data) + self['NegResult'] = item + decode_data = decode_data[1:] + decode_data = decode_data[total_bytes:] + + # Do we have more data? + if len(decode_data) == 0: + return + + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_SUPPORTED_MECH: + if next_byte != ASN1_RESPONSE_TOKEN: + raise Exception('Supported Mech/ResponseToken tag not found %x' % next_byte) + else: + decode_data2 = decode_data[1:] + decode_data2, total_bytes = asn1decode(decode_data2) + next_byte = unpack('B', decode_data2[:1])[0] + if next_byte != ASN1_OID: + raise Exception('OID tag not found %x' % next_byte) + decode_data2 = decode_data2[1:] + item, total_bytes2 = asn1decode(decode_data2) + self['SuportedMech'] = item + + decode_data = decode_data[1:] + decode_data = decode_data[total_bytes:] + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_RESPONSE_TOKEN: + raise Exception('Response token tag not found %x' % next_byte) + + decode_data = decode_data[1:] + decode_data, total_bytes = asn1decode(decode_data) + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_OCTET_STRING: + raise Exception('Octet string token tag not found %x' % next_byte) + decode_data = decode_data[1:] + decode_data, total_bytes = asn1decode(decode_data) + self['ResponseToken'] = decode_data + + def dump(self): + for i in self.fields.keys(): + print "%s: {%r}" % (i,self[i]) + + def getData(self): + ans = pack('B',SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_RESP) + if self.fields.has_key('NegResult') and self.fields.has_key('SupportedMech'): + # Server resp + ans += asn1encode( + pack('B', ASN1_SEQUENCE) + + asn1encode( + pack('B',SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_TARG) + + asn1encode( + pack('B',ASN1_ENUMERATED) + + asn1encode( self['NegResult'] )) + + pack('B',ASN1_SUPPORTED_MECH) + + asn1encode( + pack('B',ASN1_OID) + + asn1encode(self['SupportedMech'])) + + pack('B',ASN1_RESPONSE_TOKEN ) + + asn1encode( + pack('B', ASN1_OCTET_STRING) + asn1encode(self['ResponseToken'])))) + elif self.fields.has_key('NegResult'): + # Server resp + ans += asn1encode( + pack('B', ASN1_SEQUENCE) + + asn1encode( + pack('B', SPNEGO_NegTokenResp.SPNEGO_NEG_TOKEN_TARG) + + asn1encode( + pack('B',ASN1_ENUMERATED) + + asn1encode( self['NegResult'] )))) + else: + # Client resp + ans += asn1encode( + pack('B', ASN1_SEQUENCE) + + asn1encode( + pack('B', ASN1_RESPONSE_TOKEN) + + asn1encode( + pack('B', ASN1_OCTET_STRING) + asn1encode(self['ResponseToken'])))) + return ans + +class SPNEGO_NegTokenInit(GSSAPI): + # http://tools.ietf.org/html/rfc4178#page-8 + # NegTokeInit :: = SEQUENCE { + # mechTypes [0] MechTypeList, + # reqFlags [1] ContextFlags OPTIONAL, + # mechToken [2] OCTET STRING OPTIONAL, + # mechListMIC [3] OCTET STRING OPTIONAL, + # } + SPNEGO_NEG_TOKEN_INIT = 0xa0 + def fromString(self, data = 0): + GSSAPI.fromString(self, data) + payload = self['Payload'] + next_byte = unpack('B', payload[:1])[0] + if next_byte != SPNEGO_NegTokenInit.SPNEGO_NEG_TOKEN_INIT: + raise Exception('NegTokenInit not found %x' % next_byte) + payload = payload[1:] + decode_data, total_bytes = asn1decode(payload) + # Now we should have a SEQUENCE Tag + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_SEQUENCE: + raise Exception('SEQUENCE tag not found %x' % next_byte) + decode_data = decode_data[1:] + decode_data, total_bytes2 = asn1decode(decode_data) + next_byte = unpack('B',decode_data[:1])[0] + if next_byte != ASN1_MECH_TYPE: + raise Exception('MechType tag not found %x' % next_byte) + decode_data = decode_data[1:] + remaining_data = decode_data + decode_data, total_bytes3 = asn1decode(decode_data) + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_SEQUENCE: + raise Exception('SEQUENCE tag not found %x' % next_byte) + decode_data = decode_data[1:] + decode_data, total_bytes4 = asn1decode(decode_data) + # And finally we should have the MechTypes + self['MechTypes'] = [] + while decode_data: + next_byte = unpack('B', decode_data[:1])[0] + if next_byte != ASN1_OID: + # Not a valid OID, there must be something else we won't unpack + break + decode_data = decode_data[1:] + item, total_bytes = asn1decode(decode_data) + self['MechTypes'].append(item) + decode_data = decode_data[total_bytes:] + + # Do we have MechTokens as well? + decode_data = remaining_data[total_bytes3:] + if len(decode_data) > 0: + next_byte = unpack('B', decode_data[:1])[0] + if next_byte == ASN1_MECH_TOKEN: + # We have tokens in here! + decode_data = decode_data[1:] + decode_data, total_bytes = asn1decode(decode_data) + next_byte = unpack('B', decode_data[:1])[0] + if next_byte == ASN1_OCTET_STRING: + decode_data = decode_data[1:] + decode_data, total_bytes = asn1decode(decode_data) + self['MechToken'] = decode_data + + def getData(self): + mechTypes = '' + for i in self['MechTypes']: + mechTypes += pack('B', ASN1_OID) + mechTypes += asn1encode(i) + + mechToken = '' + # Do we have tokens to send? + if self.fields.has_key('MechToken'): + mechToken = pack('B', ASN1_MECH_TOKEN) + asn1encode( + pack('B', ASN1_OCTET_STRING) + asn1encode( + self['MechToken'])) + + ans = pack('B',SPNEGO_NegTokenInit.SPNEGO_NEG_TOKEN_INIT) + ans += asn1encode( + pack('B', ASN1_SEQUENCE) + + asn1encode( + pack('B', ASN1_MECH_TYPE) + + asn1encode( + pack('B', ASN1_SEQUENCE) + + asn1encode(mechTypes)) + mechToken )) + + + self['Payload'] = ans + return GSSAPI.getData(self) + diff --git a/tests/python_dependencies/impacket/structure.py b/tests/python_dependencies/impacket/structure.py new file mode 100644 index 000000000..7a04117ff --- /dev/null +++ b/tests/python_dependencies/impacket/structure.py @@ -0,0 +1,743 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# + +from struct import pack, unpack, calcsize + +class Structure: + """ sublcasses can define commonHdr and/or structure. + each of them is an tuple of either two: (fieldName, format) or three: (fieldName, ':', class) fields. + [it can't be a dictionary, because order is important] + + where format specifies how the data in the field will be converted to/from bytes (string) + class is the class to use when unpacking ':' fields. + + each field can only contain one value (or an array of values for *) + i.e. struct.pack('Hl',1,2) is valid, but format specifier 'Hl' is not (you must use 2 dfferent fields) + + format specifiers: + specifiers from module pack can be used with the same format + see struct.__doc__ (pack/unpack is finally called) + x [padding byte] + c [character] + b [signed byte] + B [unsigned byte] + h [signed short] + H [unsigned short] + l [signed long] + L [unsigned long] + i [signed integer] + I [unsigned integer] + q [signed long long (quad)] + Q [unsigned long long (quad)] + s [string (array of chars), must be preceded with length in format specifier, padded with zeros] + p [pascal string (includes byte count), must be preceded with length in format specifier, padded with zeros] + f [float] + d [double] + = [native byte ordering, size and alignment] + @ [native byte ordering, standard size and alignment] + ! [network byte ordering] + < [little endian] + > [big endian] + + usual printf like specifiers can be used (if started with %) + [not recommeneded, there is no why to unpack this] + + %08x will output an 8 bytes hex + %s will output a string + %s\\x00 will output a NUL terminated string + %d%d will output 2 decimal digits (against the very same specification of Structure) + ... + + some additional format specifiers: + : just copy the bytes from the field into the output string (input may be string, other structure, or anything responding to __str__()) (for unpacking, all what's left is returned) + z same as :, but adds a NUL byte at the end (asciiz) (for unpacking the first NUL byte is used as terminator) [asciiz string] + u same as z, but adds two NUL bytes at the end (after padding to an even size with NULs). (same for unpacking) [unicode string] + w DCE-RPC/NDR string (it's a macro for [ '<L=(len(field)+1)/2','"\\x00\\x00\\x00\\x00','<L=(len(field)+1)/2',':' ] + ?-field length of field named 'field', formated as specified with ? ('?' may be '!H' for example). The input value overrides the real length + ?1*?2 array of elements. Each formated as '?2', the number of elements in the array is stored as specified by '?1' (?1 is optional, or can also be a constant (number), for unpacking) + 'xxxx literal xxxx (field's value doesn't change the output. quotes must not be closed or escaped) + "xxxx literal xxxx (field's value doesn't change the output. quotes must not be closed or escaped) + _ will not pack the field. Accepts a third argument, which is an unpack code. See _Test_UnpackCode for an example + ?=packcode will evaluate packcode in the context of the structure, and pack the result as specified by ?. Unpacking is made plain + ?&fieldname "Address of field fieldname". + For packing it will simply pack the id() of fieldname. Or use 0 if fieldname doesn't exists. + For unpacking, it's used to know weather fieldname has to be unpacked or not, i.e. by adding a & field you turn another field (fieldname) in an optional field. + + """ + commonHdr = () + structure = () + debug = 0 + + def __init__(self, data = None, alignment = 0): + if not hasattr(self, 'alignment'): + self.alignment = alignment + + self.fields = {} + self.rawData = data + if data is not None: + self.fromString(data) + else: + self.data = None + + @classmethod + def fromFile(self, file): + answer = self() + answer.fromString(file.read(len(answer))) + return answer + + def setAlignment(self, alignment): + self.alignment = alignment + + def setData(self, data): + self.data = data + + def packField(self, fieldName, format = None): + if self.debug: + print "packField( %s | %s )" % (fieldName, format) + + if format is None: + format = self.formatForField(fieldName) + + if self.fields.has_key(fieldName): + ans = self.pack(format, self.fields[fieldName], field = fieldName) + else: + ans = self.pack(format, None, field = fieldName) + + if self.debug: + print "\tanswer %r" % ans + + return ans + + def getData(self): + if self.data is not None: + return self.data + data = '' + for field in self.commonHdr+self.structure: + try: + data += self.packField(field[0], field[1]) + except Exception, e: + if self.fields.has_key(field[0]): + e.args += ("When packing field '%s | %s | %r' in %s" % (field[0], field[1], self[field[0]], self.__class__),) + else: + e.args += ("When packing field '%s | %s' in %s" % (field[0], field[1], self.__class__),) + raise + if self.alignment: + if len(data) % self.alignment: + data += ('\x00'*self.alignment)[:-(len(data) % self.alignment)] + + #if len(data) % self.alignment: data += ('\x00'*self.alignment)[:-(len(data) % self.alignment)] + return data + + def fromString(self, data): + self.rawData = data + for field in self.commonHdr+self.structure: + if self.debug: + print "fromString( %s | %s | %r )" % (field[0], field[1], data) + size = self.calcUnpackSize(field[1], data, field[0]) + if self.debug: + print " size = %d" % size + dataClassOrCode = str + if len(field) > 2: + dataClassOrCode = field[2] + try: + self[field[0]] = self.unpack(field[1], data[:size], dataClassOrCode = dataClassOrCode, field = field[0]) + except Exception,e: + e.args += ("When unpacking field '%s | %s | %r[:%d]'" % (field[0], field[1], data, size),) + raise + + size = self.calcPackSize(field[1], self[field[0]], field[0]) + if self.alignment and size % self.alignment: + size += self.alignment - (size % self.alignment) + data = data[size:] + + return self + + def __setitem__(self, key, value): + self.fields[key] = value + self.data = None # force recompute + + def __getitem__(self, key): + return self.fields[key] + + def __delitem__(self, key): + del self.fields[key] + + def __str__(self): + return self.getData() + + def __len__(self): + # XXX: improve + return len(self.getData()) + + def pack(self, format, data, field = None): + if self.debug: + print " pack( %s | %r | %s)" % (format, data, field) + + if field: + addressField = self.findAddressFieldFor(field) + if (addressField is not None) and (data is None): + return '' + + # void specifier + if format[:1] == '_': + return '' + + # quote specifier + if format[:1] == "'" or format[:1] == '"': + return format[1:] + + # code specifier + two = format.split('=') + if len(two) >= 2: + try: + return self.pack(two[0], data) + except: + fields = {'self':self} + fields.update(self.fields) + return self.pack(two[0], eval(two[1], {}, fields)) + + # address specifier + two = format.split('&') + if len(two) == 2: + try: + return self.pack(two[0], data) + except: + if (self.fields.has_key(two[1])) and (self[two[1]] is not None): + return self.pack(two[0], id(self[two[1]]) & ((1<<(calcsize(two[0])*8))-1) ) + else: + return self.pack(two[0], 0) + + # length specifier + two = format.split('-') + if len(two) == 2: + try: + return self.pack(two[0],data) + except: + return self.pack(two[0], self.calcPackFieldSize(two[1])) + + # array specifier + two = format.split('*') + if len(two) == 2: + answer = '' + for each in data: + answer += self.pack(two[1], each) + if two[0]: + if two[0].isdigit(): + if int(two[0]) != len(data): + raise Exception, "Array field has a constant size, and it doesn't match the actual value" + else: + return self.pack(two[0], len(data))+answer + return answer + + # "printf" string specifier + if format[:1] == '%': + # format string like specifier + return format % data + + # asciiz specifier + if format[:1] == 'z': + return str(data)+'\0' + + # unicode specifier + if format[:1] == 'u': + return str(data)+'\0\0' + (len(data) & 1 and '\0' or '') + + # DCE-RPC/NDR string specifier + if format[:1] == 'w': + if len(data) == 0: + data = '\0\0' + elif len(data) % 2: + data += '\0' + l = pack('<L', len(data)/2) + return '%s\0\0\0\0%s%s' % (l,l,data) + + if data is None: + raise Exception, "Trying to pack None" + + # literal specifier + if format[:1] == ':': + return str(data) + + # struct like specifier + return pack(format, data) + + def unpack(self, format, data, dataClassOrCode = str, field = None): + if self.debug: + print " unpack( %s | %r )" % (format, data) + + if field: + addressField = self.findAddressFieldFor(field) + if addressField is not None: + if not self[addressField]: + return + + # void specifier + if format[:1] == '_': + if dataClassOrCode != str: + fields = {'self':self, 'inputDataLeft':data} + fields.update(self.fields) + return eval(dataClassOrCode, {}, fields) + else: + return None + + # quote specifier + if format[:1] == "'" or format[:1] == '"': + answer = format[1:] + if answer != data: + raise Exception, "Unpacked data doesn't match constant value '%r' should be '%r'" % (data, answer) + return answer + + # address specifier + two = format.split('&') + if len(two) == 2: + return self.unpack(two[0],data) + + # code specifier + two = format.split('=') + if len(two) >= 2: + return self.unpack(two[0],data) + + # length specifier + two = format.split('-') + if len(two) == 2: + return self.unpack(two[0],data) + + # array specifier + two = format.split('*') + if len(two) == 2: + answer = [] + sofar = 0 + if two[0].isdigit(): + number = int(two[0]) + elif two[0]: + sofar += self.calcUnpackSize(two[0], data) + number = self.unpack(two[0], data[:sofar]) + else: + number = -1 + + while number and sofar < len(data): + nsofar = sofar + self.calcUnpackSize(two[1],data[sofar:]) + answer.append(self.unpack(two[1], data[sofar:nsofar], dataClassOrCode)) + number -= 1 + sofar = nsofar + return answer + + # "printf" string specifier + if format[:1] == '%': + # format string like specifier + return format % data + + # asciiz specifier + if format == 'z': + if data[-1] != '\x00': + raise Exception, ("%s 'z' field is not NUL terminated: %r" % (field, data)) + return data[:-1] # remove trailing NUL + + # unicode specifier + if format == 'u': + if data[-2:] != '\x00\x00': + raise Exception, ("%s 'u' field is not NUL-NUL terminated: %r" % (field, data)) + return data[:-2] # remove trailing NUL + + # DCE-RPC/NDR string specifier + if format == 'w': + l = unpack('<L', data[:4])[0] + return data[12:12+l*2] + + # literal specifier + if format == ':': + return dataClassOrCode(data) + + # struct like specifier + return unpack(format, data)[0] + + def calcPackSize(self, format, data, field = None): +# # print " calcPackSize %s:%r" % (format, data) + if field: + addressField = self.findAddressFieldFor(field) + if addressField is not None: + if not self[addressField]: + return 0 + + # void specifier + if format[:1] == '_': + return 0 + + # quote specifier + if format[:1] == "'" or format[:1] == '"': + return len(format)-1 + + # address specifier + two = format.split('&') + if len(two) == 2: + return self.calcPackSize(two[0], data) + + # code specifier + two = format.split('=') + if len(two) >= 2: + return self.calcPackSize(two[0], data) + + # length specifier + two = format.split('-') + if len(two) == 2: + return self.calcPackSize(two[0], data) + + # array specifier + two = format.split('*') + if len(two) == 2: + answer = 0 + if two[0].isdigit(): + if int(two[0]) != len(data): + raise Exception, "Array field has a constant size, and it doesn't match the actual value" + elif two[0]: + answer += self.calcPackSize(two[0], len(data)) + + for each in data: + answer += self.calcPackSize(two[1], each) + return answer + + # "printf" string specifier + if format[:1] == '%': + # format string like specifier + return len(format % data) + + # asciiz specifier + if format[:1] == 'z': + return len(data)+1 + + # asciiz specifier + if format[:1] == 'u': + l = len(data) + return l + (l & 1 and 3 or 2) + + # DCE-RPC/NDR string specifier + if format[:1] == 'w': + l = len(data) + return 12+l+l % 2 + + # literal specifier + if format[:1] == ':': + return len(data) + + # struct like specifier + return calcsize(format) + + def calcUnpackSize(self, format, data, field = None): + if self.debug: + print " calcUnpackSize( %s | %s | %r)" % (field, format, data) + + # void specifier + if format[:1] == '_': + return 0 + + addressField = self.findAddressFieldFor(field) + if addressField is not None: + if not self[addressField]: + return 0 + + try: + lengthField = self.findLengthFieldFor(field) + return self[lengthField] + except: + pass + + # XXX: Try to match to actual values, raise if no match + + # quote specifier + if format[:1] == "'" or format[:1] == '"': + return len(format)-1 + + # address specifier + two = format.split('&') + if len(two) == 2: + return self.calcUnpackSize(two[0], data) + + # code specifier + two = format.split('=') + if len(two) >= 2: + return self.calcUnpackSize(two[0], data) + + # length specifier + two = format.split('-') + if len(two) == 2: + return self.calcUnpackSize(two[0], data) + + # array specifier + two = format.split('*') + if len(two) == 2: + answer = 0 + if two[0]: + if two[0].isdigit(): + number = int(two[0]) + else: + answer += self.calcUnpackSize(two[0], data) + number = self.unpack(two[0], data[:answer]) + + while number: + number -= 1 + answer += self.calcUnpackSize(two[1], data[answer:]) + else: + while answer < len(data): + answer += self.calcUnpackSize(two[1], data[answer:]) + return answer + + # "printf" string specifier + if format[:1] == '%': + raise Exception, "Can't guess the size of a printf like specifier for unpacking" + + # asciiz specifier + if format[:1] == 'z': + return data.index('\x00')+1 + + # asciiz specifier + if format[:1] == 'u': + l = data.index('\x00\x00') + return l + (l & 1 and 3 or 2) + + # DCE-RPC/NDR string specifier + if format[:1] == 'w': + l = unpack('<L', data[:4])[0] + return 12+l*2 + + # literal specifier + if format[:1] == ':': + return len(data) + + # struct like specifier + return calcsize(format) + + def calcPackFieldSize(self, fieldName, format = None): + if format is None: + format = self.formatForField(fieldName) + + return self.calcPackSize(format, self[fieldName]) + + def formatForField(self, fieldName): + for field in self.commonHdr+self.structure: + if field[0] == fieldName: + return field[1] + raise Exception, ("Field %s not found" % fieldName) + + def findAddressFieldFor(self, fieldName): + descriptor = '&%s' % fieldName + l = len(descriptor) + for field in self.commonHdr+self.structure: + if field[1][-l:] == descriptor: + return field[0] + return None + + def findLengthFieldFor(self, fieldName): + descriptor = '-%s' % fieldName + l = len(descriptor) + for field in self.commonHdr+self.structure: + if field[1][-l:] == descriptor: + return field[0] + return None + + def zeroValue(self, format): + two = format.split('*') + if len(two) == 2: + if two[0].isdigit(): + return (self.zeroValue(two[1]),)*int(two[0]) + + if not format.find('*') == -1: return () + if 's' in format: return '' + if format in ['z',':','u']: return '' + if format == 'w': return '\x00\x00' + + return 0 + + def clear(self): + for field in self.commonHdr + self.structure: + self[field[0]] = self.zeroValue(field[1]) + + def dump(self, msg = None, indent = 0): + if msg is None: msg = self.__class__.__name__ + ind = ' '*indent + print "\n%s" % msg + fixedFields = [] + for field in self.commonHdr+self.structure: + i = field[0] + if i in self.fields: + fixedFields.append(i) + if isinstance(self[i], Structure): + self[i].dump('%s%s:{' % (ind,i), indent = indent + 4) + print "%s}" % ind + else: + print "%s%s: {%r}" % (ind,i,self[i]) + # Do we have remaining fields not defined in the structures? let's + # print them + remainingFields = list(set(self.fields) - set(fixedFields)) + for i in remainingFields: + if isinstance(self[i], Structure): + self[i].dump('%s%s:{' % (ind,i), indent = indent + 4) + print "%s}" % ind + else: + print "%s%s: {%r}" % (ind,i,self[i]) + + +class _StructureTest: + alignment = 0 + def create(self,data = None): + if data is not None: + return self.theClass(data, alignment = self.alignment) + else: + return self.theClass(alignment = self.alignment) + + def run(self): + print + print "-"*70 + testName = self.__class__.__name__ + print "starting test: %s....." % testName + a = self.create() + self.populate(a) + a.dump("packing.....") + a_str = str(a) + print "packed: %r" % a_str + print "unpacking....." + b = self.create(a_str) + b.dump("unpacked.....") + print "repacking....." + b_str = str(b) + if b_str != a_str: + print "ERROR: original packed and repacked don't match" + print "packed: %r" % b_str + +class _Test_simple(_StructureTest): + class theClass(Structure): + commonHdr = () + structure = ( + ('int1', '!L'), + ('len1','!L-z1'), + ('arr1','B*<L'), + ('z1', 'z'), + ('u1','u'), + ('', '"COCA'), + ('len2','!H-:1'), + ('', '"COCA'), + (':1', ':'), + ('int3','>L'), + ('code1','>L=len(arr1)*2+0x1000'), + ) + + def populate(self, a): + a['default'] = 'hola' + a['int1'] = 0x3131 + a['int3'] = 0x45444342 + a['z1'] = 'hola' + a['u1'] = 'hola'.encode('utf_16_le') + a[':1'] = ':1234:' + a['arr1'] = (0x12341234,0x88990077,0x41414141) + # a['len1'] = 0x42424242 + +class _Test_fixedLength(_Test_simple): + def populate(self, a): + _Test_simple.populate(self, a) + a['len1'] = 0x42424242 + +class _Test_simple_aligned4(_Test_simple): + alignment = 4 + +class _Test_nested(_StructureTest): + class theClass(Structure): + class _Inner(Structure): + structure = (('data', 'z'),) + + structure = ( + ('nest1', ':', _Inner), + ('nest2', ':', _Inner), + ('int', '<L'), + ) + + def populate(self, a): + a['nest1'] = _Test_nested.theClass._Inner() + a['nest2'] = _Test_nested.theClass._Inner() + a['nest1']['data'] = 'hola manola' + a['nest2']['data'] = 'chau loco' + a['int'] = 0x12345678 + +class _Test_Optional(_StructureTest): + class theClass(Structure): + structure = ( + ('pName','<L&Name'), + ('pList','<L&List'), + ('Name','w'), + ('List','<H*<L'), + ) + + def populate(self, a): + a['Name'] = 'Optional test' + a['List'] = (1,2,3,4) + +class _Test_Optional_sparse(_Test_Optional): + def populate(self, a): + _Test_Optional.populate(self, a) + del a['Name'] + +class _Test_AsciiZArray(_StructureTest): + class theClass(Structure): + structure = ( + ('head','<L'), + ('array','B*z'), + ('tail','<L'), + ) + + def populate(self, a): + a['head'] = 0x1234 + a['tail'] = 0xabcd + a['array'] = ('hola','manola','te traje') + +class _Test_UnpackCode(_StructureTest): + class theClass(Structure): + structure = ( + ('leni','<L=len(uno)*2'), + ('cuchi','_-uno','leni/2'), + ('uno',':'), + ('dos',':'), + ) + + def populate(self, a): + a['uno'] = 'soy un loco!' + a['dos'] = 'que haces fiera' + +class _Test_AAA(_StructureTest): + class theClass(Structure): + commonHdr = () + structure = ( + ('iv', '!L=((init_vector & 0xFFFFFF) << 8) | ((pad & 0x3f) << 2) | (keyid & 3)'), + ('init_vector', '_','(iv >> 8)'), + ('pad', '_','((iv >>2) & 0x3F)'), + ('keyid', '_','( iv & 0x03 )'), + ('dataLen', '_-data', 'len(inputDataLeft)-4'), + ('data',':'), + ('icv','>L'), + ) + + def populate(self, a): + a['init_vector']=0x01020304 + #a['pad']=int('01010101',2) + a['pad']=int('010101',2) + a['keyid']=0x07 + a['data']="\xA0\xA1\xA2\xA3\xA4\xA5\xA6\xA7\xA8\xA9" + a['icv'] = 0x05060708 + #a['iv'] = 0x01020304 + +if __name__ == '__main__': + _Test_simple().run() + + try: + _Test_fixedLength().run() + except: + print "cannot repack because length is bogus" + + _Test_simple_aligned4().run() + _Test_nested().run() + _Test_Optional().run() + _Test_Optional_sparse().run() + _Test_AsciiZArray().run() + _Test_UnpackCode().run() + _Test_AAA().run() diff --git a/tests/python_dependencies/impacket/uuid.py b/tests/python_dependencies/impacket/uuid.py new file mode 100644 index 000000000..fb4d7b3a0 --- /dev/null +++ b/tests/python_dependencies/impacket/uuid.py @@ -0,0 +1,68 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# +# Description: +# Generate UUID compliant with http://www.webdav.org/specs/draft-leach-uuids-guids-01.txt. +# A different, much simpler (not necessarily better) algorithm is used. +# +# Author: +# Javier Kohen (jkohen) +# + +import re + +from random import randrange +from struct import pack, unpack + +def generate(): + # UHm... crappy Python has an maximum integer of 2**31-1. + top = (1L<<31)-1 + return pack("IIII", randrange(top), randrange(top), randrange(top), randrange(top)) + +def bin_to_string(uuid): + uuid1, uuid2, uuid3 = unpack('<LHH', uuid[:8]) + uuid4, uuid5, uuid6 = unpack('>HHL', uuid[8:16]) + return '%08X-%04X-%04X-%04X-%04X%08X' % (uuid1, uuid2, uuid3, uuid4, uuid5, uuid6) + +def string_to_bin(uuid): + matches = re.match('([\dA-Fa-f]{8})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})-([\dA-Fa-f]{4})([\dA-Fa-f]{8})', uuid) + (uuid1, uuid2, uuid3, uuid4, uuid5, uuid6) = map(lambda x: long(x, 16), matches.groups()) + uuid = pack('<LHH', uuid1, uuid2, uuid3) + uuid += pack('>HHL', uuid4, uuid5, uuid6) + return uuid + +def stringver_to_bin(s): + (maj,min) = s.split('.') + return pack('<H',int(maj)) + pack('<H',int(min)) + +def uuidtup_to_bin(tup): + if len(tup) != 2: return + return string_to_bin(tup[0]) + stringver_to_bin(tup[1]) + +def bin_to_uuidtup(bin): + assert len(bin) == 20 + uuidstr = bin_to_string(bin[:16]) + maj, min = unpack("<HH", bin[16:]) + return uuidstr, "%d.%d" % (maj, min) + +#input: string +#output: tuple (uuid,version) +#if version is not found in the input string "1.0" is returned +#example: +# "00000000-0000-0000-0000-000000000000 3.0" returns ('00000000-0000-0000-0000-000000000000','3.0') +# "10000000-2000-3000-4000-500000000000 version 3.0" returns ('00000000-0000-0000-0000-000000000000','3.0') +# "10000000-2000-3000-4000-500000000000 v 3.0" returns ('00000000-0000-0000-0000-000000000000','3.0') +# "10000000-2000-3000-4000-500000000000" returns ('00000000-0000-0000-0000-000000000000','1.0') +def string_to_uuidtup(s): + g = re.search("([A-Fa-f0-9]{8}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{4}-[A-Fa-f0-9]{12}).*?([0-9]{1,5}\.[0-9]{1,5})",s+" 1.0") + if g: + (u,v) = g.groups() + return (u,v) + return + +def uuidtup_to_string(tup): + uuid, (maj, min) = tup + return "%s v%d.%d" % (uuid, maj, min) diff --git a/tests/python_dependencies/impacket/version.py b/tests/python_dependencies/impacket/version.py new file mode 100644 index 000000000..badd4a8a4 --- /dev/null +++ b/tests/python_dependencies/impacket/version.py @@ -0,0 +1,12 @@ +# Copyright (c) 2003-2016 CORE Security Technologies +# +# This software is provided under under a slightly modified version +# of the Apache Software License. See the accompanying LICENSE file +# for more information. +# + +VER_MAJOR = "0" +VER_MINOR = "9.15" + +BANNER = "Impacket v%s.%s - Copyright 2002-2016 Core Security Technologies\n" % (VER_MAJOR,VER_MINOR) + |