h^ dZddlZddlmZddlmZmZmZddlm Z m Z m Z m Z m Z mZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZmZm Z m!Z!m"Z"m#Z#ddl$m%Z%m&Z&ddl'm(Z(m)Z)m*Z*m+Z+ddl,m-Z-m.Z.dd l/m0Z0dd l1m2Z2m3Z3idd d d ddddddddddddddddddd d!d"d#d$d%d&d'd(d)d*d+id,d-d.d/d0d1d2d3d4d5d6d7d8d9d:d;dd?d@dAdBdCdDdEdFdGdHdIdJdKdLdMidNdOdPdQdRdSdTdUdVdWdXdYdZd[d\d]d^d_d`dadbdcdddedfdgdhdidjdkdldmdndoidpdqdrdsdtdudvdwdxdydzd{d|d}d~dddddddddddddddddddddddddddZ4GddeZ5GddeZ6GddeZ7ee5e7dpdZ8dZ9GddeZ:gdZ;Gdde:Z<ee5eee5e>dpdzGddeZ?ee5e?drGddeZ@ee5e@dvee?e@dvGddeZAee5eAdrdGddeZBee5eBdrdzGddeBZCee5eCdrdzdGddeZDee5eDdrde*jEfde*jFfgZGGddeZHdZIGd„de(ZJee5eJdJGdĄdeJZKGdƄde(ZLee5eLdJdzdddddddΜZMdddddddddddٜ ZNGdڄdeZOGd܄deOZPGdބdeOZQGddeOZRid dՓddؓddd*dd@ddddzdddddddddddddddddddddddddZSGddeOe&ZTGddeZUGddeOe&ZVGddeZWGddeWZXGd d eWZYGd d eXZZGd deZ[ee-e[ee.e[dS(a  SMB 1.0 (Server Message Block), also known as CIFS. .. note:: You will find more complete documentation for this layer over at `SMB `_ Specs: - [MS-CIFS] (base) - [MS-SMB] (extension of CIFS - SMB v1) N)conf)Packet bind_layers bind_top_down) ByteEnumField ByteFieldConditionalField FieldLenFieldFieldListField FlagsFieldIPFieldLEFieldLenFieldLEIntEnumField LEIntField LELongFieldLEShortEnumField LEShortFieldMultipleTypeField PacketFieldPacketLenFieldPacketListFieldReversePadField ScalingField ShortFieldStrFixedLenField StrNullFieldStrNullFieldUtf16 UTCTimeField UUIDField XLEShortField XStrLenField) DNSStrFieldDNSCompressedPacket)_NTLMPayloadPacket_NTLMPayloadField _NTLM_ENUM_NTLM_post_build) NBTSession NBTDatagram) GSSAPI_BLOB) STATUS_ERREF SMB2_HeaderSMB_COM_CREATE_DIRECTORYSMB_COM_DELETE_DIRECTORY SMB_COM_OPENSMB_COM_CREATE SMB_COM_CLOSE SMB_COM_FLUSHSMB_COM_DELETESMB_COM_RENAMESMB_COM_QUERY_INFORMATION SMB_COM_SET_INFORMATION SMB_COM_READ SMB_COM_WRITE SMB_COM_LOCK_BYTE_RANGE SMB_COM_UNLOCK_BYTE_RANGESMB_COM_CREATE_TEMPORARYSMB_COM_CREATE_NEWSMB_COM_CHECK_DIRECTORYSMB_COM_PROCESS_EXIT SMB_COM_SEEKSMB_COM_LOCK_AND_READSMB_COM_WRITE_AND_UNLOCKSMB_COM_READ_RAWSMB_COM_READ_MPXSMB_COM_READ_MPX_SECONDARYSMB_COM_WRITE_RAWSMB_COM_WRITE_MPXSMB_COM_WRITE_MPX_SECONDARY SMB_COM_WRITE_COMPLETE!SMB_COM_QUERY_SERVER"SMB_COM_SET_INFORMATION2#SMB_COM_QUERY_INFORMATION2$SMB_COM_LOCKING_ANDX%SMB_COM_TRANSACTION&SMB_COM_TRANSACTION_SECONDARY' SMB_COM_IOCTL(SMB_COM_IOCTL_SECONDARY) SMB_COM_COPY* SMB_COM_MOVE+ SMB_COM_ECHO,SMB_COM_WRITE_AND_CLOSE-SMB_COM_OPEN_ANDX.SMB_COM_READ_ANDX/SMB_COM_WRITE_ANDX0SMB_COM_NEW_FILE_SIZE1SMB_COM_CLOSE_AND_TREE_DISC2SMB_COM_TRANSACTION23SMB_COM_TRANSACTION2_SECONDARY4SMB_COM_FIND_CLOSE25SMB_COM_FIND_NOTIFY_CLOSEpSMB_COM_TREE_CONNECTqSMB_COM_TREE_DISCONNECTrSMB_COM_NEGOTIATEsSMB_COM_SESSION_SETUP_ANDXtSMB_COM_LOGOFF_ANDXuSMB_COM_TREE_CONNECT_ANDX~SMB_COM_SECURITY_PACKAGE_ANDXSMB_COM_QUERY_INFORMATION_DISKSMB_COM_SEARCH SMB_COM_FINDSMB_COM_FIND_UNIQUESMB_COM_FIND_CLOSESMB_COM_NT_TRANSACTSMB_COM_NT_TRANSACT_SECONDARYSMB_COM_NT_CREATE_ANDXSMB_COM_NT_CANCELSMB_COM_NT_RENAMESMB_COM_OPEN_PRINT_FILESMB_COM_WRITE_PRINT_FILESMB_COM_CLOSE_PRINT_FILESMB_COM_GET_PRINT_QUEUESMB_COM_READ_BULKSMB_COM_WRITE_BULKSMB_COM_WRITE_BULK_DATASMB_COM_INVALIDSMB_COM_NO_ANDX_COMMAND)cNeZdZdZedddeddeeddee d d d gd e d ddgde ddeddd e dde dde dde dde ddg Z fdZ dZ xZS) SMB_HeaderzSMB 1 Protocol Request HeaderStartSMBr4CommandrStatusrFlagsr<)LOCK_AND_READ_OK BUF_AVAILresCASE_INSENSITIVECANONICALIZED_PATHSOPLOCKOPBATCHREPLYFlags2) LONG_NAMESEASSMB_SECURITY_SIGNATURE COMPRESSEDSMB_SECURITY_SIGNATURE_REQUIREDr IS_LONG_NAMErrr REPARSE_PATHEXTENDED_SECURITYDFS PAGING_IO NT_STATUSUNICODEPIDHighSecuritySignaturelengthReservedTIDPIDLowUIDMIDc|s(tt||St|dd}|jdkr-|jjr|jjrtStStS|jdkr|dkrtS|jjr4|dkrtS|dkrtS|jjrtStS|dkrtS|dkrt S|jjrtSt S|jd kr4|jjr|d krt"St$S|d krt"St&Stt||S) Nr.rrrr4r2rDrFrlrN)superrguess_payload_classordrrrrr'SMBNegotiate_Response_Extended_SecuritySMBNegotiate_Response_SecuritySMBNegotiate_RequestSMBSession_Null0SMBSession_Setup_AndX_Response_Extended_SecuritySMBSession_Setup_AndX_Response/SMBSession_Setup_AndX_Request_Extended_SecuritySMBSession_Setup_AndX_RequestSMBMailslot_WriteSMBTransaction_ResponseSMBTransaction_Request)selfpayload WordCount __class__s T/mounts/lovelace/software/anaconda3/lib/python3.11/site-packages/scapy/layers/smb.pyrzSMB_Header.guess_payload_classs} HT**>>wGG G $$ <4  z ,;0:BB99++ \T ! !A~~&&z 9$$KK$&&99;0:KK99$$JJ$&&88;09JJ88 \T ! !z 2$$,,22$$,,11Z&&::7CCCrct|vSN)r)rpkts ranswerszSMB_Header.answerss S  r)__name__ __module__ __qualname__namerrSMB_COMrr+r r fields_descrr __classcell__rs@rrrsQ *D*a00 iw//xL11                   .  Y'',c!<<< Z%% UA Xq!! UA UAa1Kf-D-D-D-D-D^!!!!!!!rrcHeZdZdZeddeddgZdZdS) SMB_Dialectz SMB Dialect BufferFormatr0 DialectStringz NT LM 0.12ctjSrr padding_layerrrs rdefault_payload_classz!SMB_Dialect.default_payload_class  !!rN)rrrrrrrrrrr r sM D .$'' _l33K """""rr cveZdZdZeddedddedeged gZdS) rzSMB Negotiate Requestrr ByteCountNDialects length_ofc|jSrrrs rzSMBNegotiate_Request.sCMr length_from) rrrrrrrr rrrrrrsh "D +q!! TZ@@@  []]O 11     KKKrr)rcfd}tt|||fgt||S)zb Returns a StrNullField that is either normal or UTF-16 depending on the SMB headers. ct|ds%|jr|j}t|ds|jt|do |jjS)Nr)hasattr underlayerrrrs r_isUTF16z"_SMBStrNullField.._isUTF16(s[#x(( !S^ !.C#x(( !S^ !sH%%<#**<s!c#-&8&8"8rradjustrc|jSrrers rrz)SMBNegotiate_Response_NoSecurity. C$7rr WORKGROUP)rrrrrrr r_SMB_ServerCapabilitiesrrr rr!rrrrrr4r4ws| 6D +s## ^Q''         ]B'' ]A&& ?E** <'' <(( '6MNN  '''      %tIFFF  !       "88      77    \;//]/KKKrr4)rrc eZdZdZdZejddeddddejd ed dej e dde d gzZdS)rz.SMB Negotiate Extended Security Response (SMB)rNNrDr SecurityBlobc |dzSNrLr)_rks rrz0SMBNegotiate_Response_Extended_Security.s QQSVrrlrFGUIDuuid_fmtc|jdz Srvrrks rrz0SMBNegotiate_Response_Extended_Security.sQ[SUEUrr) rrrrrr4rrr FORMAT_LErr*rrrrrs ;DI2>ssC @S@S    )4R8 &$)<=== D+;U;U   G KKKrri)rrrceZdZdZdZejddedddded d d e dd e ddgzZdS)rz2SMB Negotiate Non-Extended Security Response (SMB)rNNrDrrhcP|dzt|dzt|dzS)Nr0rf ServerName)r-rjs rrz'SMBNegotiate_Response_Security.s4!#3 $$#%3 %%#&rrlrfrc|jSrrors rrz'SMBNegotiate_Response_Security.rprrrqrRMFF1) rrrrrr4rrr!r&rrrrrs ?DI2>ssC  "&&       77   {33w//!GKKKrrceZdZdZeddeddeeddedd ed d ed d eddedde dd de dd dedde ddde edd e ddde ddde eddd d!ed"d#ed$d%ed&d%gZd'Zd S)(rz!Session Setup AndX Request (CIFS)rrF AndXCommandr AndXReservedr AndXOffsetNrWrX MaxMPXCountrVCNumberr[OEMPasswordLength OEMPasswordrUnicodePasswordLengthUnicodePasswordrr\r6r]rPassc|jSr)rr|s rrz&SMBSession_Setup_AndX_Request.s !BUrrc|jSr)rr|s rrz&SMBSession_Setup_AndX_Request.s Q=Tr AccountNameGUESTr0 PrimaryDomainNativeOS Windows 4.0 NativeLanManc|jF|jdkr;|ddtjdt |dzz|ddz}|j;|ddtjdt |dz z|ddz}|jrbt|jdrM|rK|ddtjdt |t |zdzz|ddz}||zS) Nrr2r1rbr6rXr\r)rrr2packr)rrr"rrpays r post_buildz(SMBSession_Setup_AndX_Request.post_builds ? "t'74'?'?bqb'FKc#hhm<< !crc(V[s3xx"}===BCCHC < RGDL,?? RC Rbqb'FKc#hhS.AB.FGGG#abb'QCSyr)rrrrrrrrrrr rrr!rr&rrrrrrrs .D +t$$ mT733 .!$$ \4(( _e,, ]B'' Z## <##+T]KKK/ARSSS :q!! 's4KLL [$'' ]F8U8UVVV v3T3T    ((@@!UKK"--]3377+K0rrc eZdZdZdZejddedddgdeddd d e d de d d de e ddde ddgzZdZdS)SMBTree_Connect_AndXzSession Tree Connect AndXr4Nrrr)DISCONNECT_TIDr2EXTENDED_SIGNATURESEXTENDED_RESPONSEPasswordLengthPasswordr1rgrrc|jSr)rrs rrzSMBTree_Connect_AndX.s c>PrrPathz \\WIN2K\IPC$r0Servicez?????c||z }|j;|ddtjdt|dz z|ddz}|SNr>r1rBrr2rr)rs rrzSMBTree_Connect_AndX.post_build"sM s  > !bqb'FKc#hhm<<>s a&:rrrrr0rrc|j;|ddtjdt|dz z|ddz}||zS)Nr1rXrrs rrz:SMBSession_Setup_AndX_Request_Extended_Security.post_buildIsI > !crc(V[s3xx"}===BCCHCSyr)rrrrrrrrrrr*rr&rrrrrr/s ?DI%1"1"5 O0$. Q Q Q   ( 3BrE :  ; Ld + + N::     O  ];;    ^] ; ;  .rr)rrceZdZdZeddeddeeddedd ed dd d d dedde dde dde ddeddeddeeddeddeddedde dd e d!dgZ d"Z d S)#rz"Session Setup AndX Response (CIFS)rr2rrrrrNActionrSMB_SETUP_GUESTSMB_SETUP_USE_LANMAN_KEYr.r0rrrrrrr WordCount2 AndXCommand2 Reserved3 AndXOffset2POptionalSupportr. ByteCount2r6rIPCNativeFileSystemc|j;|ddtjdt|dzz|ddz}||zS)Nr2r1rbr6)rr2rr)rs rrz)SMBSession_Setup_AndX_Response.post_build{sI ? "bqb'FKc#hhm<< !bqb'FKc#hhm<<eZdZeddeddgZdS)rrrrN)rrrrrrrrrrrs09[!,,ll;.J.JKKKKrrLen BufferOffsetceZdZdZdS)_SMB_TransactionRequest_Datac|jdkrt|S|jdks |jdkrt|St j|S)Ns\MAILSLOT\NET\NETLOGONs\MAILSLOT\BROWSEs\MAILSLOT\LANMAN)NameNETLOGONrBRWSr raw_layer)rrms rm2iz _SMB_TransactionRequest_Data.m2isR 83 3 3A;;  X. . .#(>S2S2S77N~a   rN)rrrrrrrrrs#!!!!!rrc` tt||S#t$rYdSwxYwNr)r)getattrAttributeErrorrjs r_optlenrs?73??### qqs  --c~eZdZdZdZeddddded ddd d ed ddd d eddeddeddeddedddddde dde ddeddeddeddeddedd d!d"ed#de d!gd$ed%dd&'ed(dd)d d* e d)d+e dd,ed-d.d/0ed1dejd20ggZd3Zd4ZdS)5rzSMB COM Transaction RequestBufferrN SetupCountc |dzS)NrHrrjs rrzSMBTransaction_Request. !d(rBrrmr_TotalParamCountr1c"t|dSN Parameterrrrws rrzSMBTransaction_Request.'#{";";rrr_rmTotalDataCountc"t|dSNDatarrs rrzSMBTransaction_Request.'#v"6"6r MaxParamCountr MaxDataCount MaxSetupCount Reserved1rrr NO_RESPONSErTimeouti Reserved2 ParameterLenParameterBufferOffsetDataLenDataBufferOffsetr2Setupcount_ofr_rr.r.r0rc|jSrrrs rrzSMBTransaction_Request.3>r count_fromrrcJ|t|dzt|dzSNrrrrjs rrzSMBTransaction_Request.s$!gc;&?&?"?'#vBVBV"Vrz\MAILSLOT\NET\NETLOGONcfdt|jdzzt|jzdzS)N?r0r.)r)rrrs rrzSMBTransaction_Request.s*#ci..1"44s38}}DqHrrrc|jSrrrs rrzSMBTransaction_Request. c>Nrrrc|jSrrrs rrzSMBTransaction_Request.s#+rct||dt|jdzzt|jzdzdddt|zS)Nrr0r.rRrrconfig)r'r)rr _SMB_CONFIGrs rrz!SMBTransaction_Request.post_buildsg #dj//A--DI>B!##     rct|dd/|d|jzS|dS)Nrz Tran %Name% z Tran %Name%)rsprintfr mysummaryrs rr z SMBTransaction_Request.mysummarysK 4 & & 2<<//$)2E2E2G2GG G||M***r)rrrr_NTLM_PAYLOAD_FIELD_NAMEr rrr rrr rr%r!rrrrrr rrrrrsi (D'   "**       ;;       66      _a(( ^Q'' /1%% +q!! 7As*:$O$OPP 9d## ;"" ^T** ,d33 Y%% '.. lASAAA +q!!  II LQ  11       VV      V899  H H 2N2N-,D$.>U>U   e>K@   +++++rrceZdZdZdS)rrNN)rrrrrrrrrsIIIrrceZdZdZdZeddddded ddd d ed ddd d eddeddeddeddeddeddeddeddddeddedgdedddedddd d e dd!e d"d#d$%e d&d#d'%ggZ d(Z dS))rzSMB COM Transaction ResponserrNrc |dzS)Nr@rrjs rrz SMBTransaction_Response..rrrrrr1c"t|dSrrrs rrz SMBTransaction_Response.6rrrrc"t|dSrrrs rrz SMBTransaction_Response.=rrrrrParameterDisplacementrrrDataDisplacementr2rrrrrc|jSrrrs rrz SMBTransaction_Response.LrrrrcDt|dt|dzSrrrjs rrz SMBTransaction_Response.Ts'#{";";gc6>R>R"Rrc6dt|jdzzS)N6r0)r)rrs rrz SMBTransaction_Response.Xs#ci..1"44rrrc|jSrrrs rrz SMBTransaction_Response.[rrrrc|jSrrrs rrz SMBTransaction_Response.]s#+rcpt||dt|jdzzdddt|zS)Nrr0r:rFrr)r'r)rrrs rrz"SMBTransaction_Response.post_buildbsU #dj//A--!"#     r) rrrrr r rrr r%r!rrrrrrr&s )D'  "**       ;;       66      [$'' ^T** ,d33 ,a00 Y%% '.. '++ lASAAA +q!!  II LQ  11       RR       4 4 2N2N VS6M6MNNN   [7Kr     rrLOGON_PRIMARY_QUERYLOGON_SAM_LOGON_REQUESTLOGON_SAM_LOGON_RESPONSELOGON_SAM_USER_UNKNOWNLOGON_SAM_LOGON_RESPONSE_EXLOGON_SAM_USER_UNKNOWN_EX)r:rPrRrrV1V5V5EX V5EX_WITH_IPV5EX_WITH_CLOSEST_SITE AVOID_NT4EMULPDCIPLOCALGC) r.r0r4r<rLii @c&eZdZeddZdS)rNc|r|ddkrtS|ddkrtS|ddkrz |d}tjdd||dz |d}|jr|jstSn#t$rYnwxYwtS|dd krtS|dd krtS|dd krtS|S) Nrr:rPrRr4r.r"rr) NETLOGON_LOGON_QUERYNETLOGON_SAM_LOGON_REQUESTindex NETLOGON_SAM_LOGON_RESPONSE_NT40rgetfieldr#r$ ExceptionNETLOGON_SAM_LOGON_RESPONSENETLOGON_SAM_LOGON_RESPONSE_EX)r5r6r7r8i NtVersions rr:zNETLOGON.dispatch_hooks  3Aw$++aD11aD  #677A8DRHQQ $q1uQw- !|@IL@?? D22aD22aD55aD22 sA B B%$B%rr;rrrrrs2[rrc eZdZeddeeddeddeddeddd ee d d e d d gZ d S)r4OpCoder: ComputerNamer MailslotNameUnicodeComputerNamer=rBr] LmNtToken Lm20TokenN) rrrr_NETLOGON_opcodesrrr _NV_VERSIONr rrrrr4r4s3(9:: ^R(( ^R((/44 ;S+66 k6** k6**KKKrr4ceZdZeddeeddeddeddedd ed de d d d de ddde ddde e dde ddg Zd S)r5r?rP RequestCountrrBrUnicodeUserNamerAz\MAILSLOT\NET\GETDC701253F9AllowableAccountControlBits DomainSidSizeNzs s?Prrr=rBr]rCrDrE)rrrrrFrrrrr r!r rGr rrrrr5r5s4):;; ^Q''/44+R00 ^%EFF 0!44 otMMM [#3P3PQQQ ;S+66 k6** k6** KKKrr5c eZdZeddeeddeddeddeddd eed d ed d gZ d S)r7r?rRUnicodeLogonServerrrJUnicodeDomainNamer=r.r]rCrDrEN) rrrrrFrr rGr rrrrr7r7s4):;;.33+R00-r22 ;S+66 k6** k6**KKKrr7LDAPDCKDC@TIMESERVCLOSESTRODCi GOOD_TIMESERViNCSELECT_SECRET_DOMAIN_6iFULL_SECRET_DOMAIN_6i WSi@DS_8iDS_9rZDS_10iDS_11DNS_CONTROLLER DNS_DOMAIN DNS_FOREST)r-r.r/creZdZeddeeddeddeddeddej ed dej ed ded ded de dde ddde e ddde e dde ddgZdZdS)r:r?rrPrrJrQ DomainGuidNryNullGuid DnsForestName DnsDomainName DnsHostName DcIpAddressz0.0.0.0rrr]r=r.rCrDrEc|jSroriginalr s rget_fullz$NETLOGON_SAM_LOGON_RESPONSE.get_full  }r)rrrrrFrrr}r"r r _NETLOGON_FLAGSrGr rrprrrr:r:s4):;;.33+R00-r22 ,y/BCCC *dY-@AAA OR(( OR(( M2&& y)) 7AsO44 ;S+66 k6** k6**K"rr:cpeZdZeddeddeddeddgZdZdS) DcSockAddr sin_familyr0sin_portrsin_addrNsin_zeroctjSrrrs rrz DcSockAddr.default_payload_classrr)rrrrr rrrrrrrtrtsf \1%% Z## D!! J"" K"""""rrtceZdZeddeeddedddeeddej e d d e d d e d d e dd e dd e dd e dde dde e ddde e deede e dd dedddeeddeddgZd Zd!ZdS)"r;r?rSbzrrr]rgNryrirrjrkNetbiosDomainNameNetbiosComputerNameUserName DcSiteNamezDefault-First-Site-NameClientSiteNameDcSockAddrSizerLc|jjSrr=r&rs rrz'NETLOGON_SAM_LOGON_RESPONSE_EX.-  2rrtc|jjSrrrs rrz'NETLOGON_SAM_LOGON_RESPONSE_EX.1rrNextClosestSiteNamec|jjSr)r=r'rs rrz'NETLOGON_SAM_LOGON_RESPONSE_EX.5s  <rr=rBrCrDrEc |d}|jd|||dz |d|jd<n#t$r d|_YnwxYw|S)Nr2r3r4r.r=rB)r6rr8fieldsr9r=)rsr<s r pre_dissectz*NETLOGON_SAM_LOGON_RESPONSE_EX.pre_dissect<s !+,,A'+'7';'D'D!a%' (((DK $ $ ! ! ! DNNN !sAAA&%A&c|jSrrnr s rrpz'NETLOGON_SAM_LOGON_RESPONSE_EX.get_fullGrqr)rrrrrFrr rrrr}r"r rrrtrGr rrrprrrr;r;s4):;; UA 7AsO44 ,y/BCCC OR(( OR(( M2&& ',, )2.. J## L";<< $&?@@ I& - - 2 2    K jjllJ ? ? 2 2    K-r 2 2 < <    ;S+66 k6** k6**7K<   rr;c~eZdZeddddddddd d d d d gZdZiZedZeddZ dZ dS)rr?rHostAnnouncementAnnouncementRequestRequestElectionGetBackupListRequestGetBackupListResponse BecomeBackupDomainAnnouncementMasterAnnouncementResetStateRequestLocalMasterAnnouncement) r.r0r<r>r@rBrDrFrHrJc,|dS)Nz%OpCode%r r s rr zBRWS.mysummary]s||J'''rc.||j|jj<dSr)registered_opcodesr?r%)r5s rregister_variantzBRWS.register_variantbs58sz1222rNcL|r!|j|d|S|Sr)rgetr5r6r7r8s rr:zBRWS.dispatch_hookfs,  <)--d1gs;; ; rctjSrrrs rrzBRWS.default_payload_classlrrr) rrrrrr rr<rr:rrrrrrMs h$'#() &&%+ ' '  K(((99[9[ """""rrceZdZdZeeddeddeddd ed d ed ded deddeddedde ddg Z dZ dS)BRWS_HostAnnouncementr. UpdateCountr PeriodicityirrrLrOSVersionMajorr8OSVersionMinor ServerTypeiBrowserConfigVersionMajorr"BrowserConfigVersionMinor SignatureiUCommentrc,|dS)Nz%OpCode% for %ServerName%rr s rr zBRWS_HostAnnouncement.mysummarys||7888rN) rrrr?rrrrr rrr rrrrrrs F  -## =&))s2666 "A&& "A&& <&& -r22 -q11 k6** Y## K99999rrc4eZdZdZeeddgZdZdS)BRWS_BecomeBackuprBBrowserToPromoterc,|dS)Nz %OpCode% from %BrowserToPromote%rr s rr zBRWS_BecomeBackup.mysummarys||>???rN)rrrr?rrrr rrrrrsG F  '--K @@@@@rrceZdZdZdS)BRWS_LocalMasterAnnouncementrJN)rrrr?rrrrrs FFFrrcFeZdZdZedddgZeddZdS) _SMBGenericzSMB Generic dispatcherrrr4Nc|r=t|dkr*|dddkrtS|dddkrtS|S)z Depending on the first 4 bytes of the packet, dispatch to the correct version of Header (either SMB or SMB2) r4NrsSMB)r)rr,rs rr:z_SMBGeneric.dispatch_hooksQ  #CIINNBQBx:%%!!BQBx:%%"" rr)rrrrrrr<r:rrrrrsN #D##GZ;;rs   ;;;;;;;;;;< 98888888 L  $L  $L  .L   L   / L   / L  L  L  %L  #L  .L  /L  #L  %L  $L   !L " ##L L $ %L & .'L ( !)L * $+L , -L . /L 0 &1L 2 3L 4 5L 6 '7L 8 "9L : ;L < $=L > &?L @ AL B CL D )EL L L F /GL H #IL J .KL L .ML N .OL P #QL R SL T UL V WL X !YL Z '[L \ ]L ^ *_L ` aL b %cL d eL f #gL L L h iL j &kL l mL n %oL p )qL r *sL t uL v .wL x yL z {L | }L ~ )L @ "AL B CL D EL F #GL H $IL L J % #   #  #WL L L ^e!e!e!e!e!e!e!e!V"""""&"""     6    J,d;;;; "***V*!!!N11111'=111h j:DPTUUUU     .D    +    %;. j8$dSSSS!!!!!F!!!H j7FFFF 60 J,d;;;; )+?TRRRR f@ 3   """""V"""J j8$dSSSS      "   & 4    LLLLLfLLL j/48888  JNZ&' !!!!!>!!!W+W+W+W+W+/W+W+W+t j0$????.J J J J J 0J J J Z j14tLLLL  # $ " ' % (   v<     8           &     x         (& !"#$!)4(,?2 " " " " " " " "+++++X/B+++` " " " " "6 " " "J99999D999,@@@@@@@@#8&& J $$$ K%%%%%r