From 1e1c2ec93c204e6fd3ebba6dfb11e4fbc136e10c Mon Sep 17 00:00:00 2001 From: Luke Leighton Date: Tue, 10 Nov 1998 19:05:00 +0000 Subject: rpcclient registry commands. (This used to be commit 36fcb4a6e643a05d06a2a273d74318fee7f2c647) --- source3/include/includes.h | 4 + source3/include/ntdomain.h | 3 + source3/include/proto.h | 140 +++++++++++++++++++++-- source3/include/rpc_dce.h | 1 + source3/include/rpc_lsa.h | 19 ++-- source3/include/rpc_misc.h | 40 +++++-- source3/include/rpc_reg.h | 268 ++++++++++++++++++++++++++++++++++++++++++-- source3/include/rpcclient.h | 9 +- source3/include/smb.h | 3 +- 9 files changed, 446 insertions(+), 41 deletions(-) (limited to 'source3/include') diff --git a/source3/include/includes.h b/source3/include/includes.h index 56ab47cecc..6c7a67afef 100644 --- a/source3/include/includes.h +++ b/source3/include/includes.h @@ -99,9 +99,13 @@ #include #endif +#ifdef MEM_MAN +#include "../mem_man/mem_man.h" +#else #ifdef HAVE_MALLOC_H #include #endif +#endif #ifdef HAVE_FCNTL_H #include diff --git a/source3/include/ntdomain.h b/source3/include/ntdomain.h index 97122c8169..5b53834efe 100644 --- a/source3/include/ntdomain.h +++ b/source3/include/ntdomain.h @@ -31,6 +31,9 @@ /* miscellaneous structures / defines */ #include "rpc_misc.h" +/* security descriptor structures */ +#include "rpc_secdes.h" + /* different dce/rpc pipes */ #include "rpc_lsa.h" #include "rpc_netlogon.h" diff --git a/source3/include/proto.h b/source3/include/proto.h index ccbf919ebb..143f397e0a 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -178,8 +178,9 @@ void GetTimeOfDay(struct timeval *tval); void TimeInit(void); int TimeDiff(time_t t); struct tm *LocalTime(time_t *t); -time_t interpret_nt_time(NTTIME *t); +time_t nt_time_to_unix(NTTIME *nt); time_t interpret_long_date(char *p); +void unix_to_nt_time(NTTIME *nt, time_t t); void put_long_date(char *p,time_t t); BOOL null_mtime(time_t mtime); void put_dos_date(char *buf,int offset,time_t unixdate); @@ -351,6 +352,7 @@ char *safe_strcat(char *dest, char *src, int maxlength); char *StrCpy(char *dest,char *src); char *StrnCpy(char *dest,char *src,int n); char *strncpyn(char *dest, char *src,int n, char c); +int strhex_to_str(char *p, int len, const char *strhex); BOOL in_list(char *s,char *list,BOOL casesensitive); BOOL string_init(char **dest,char *src); void string_free(char **s); @@ -364,6 +366,9 @@ char *skip_unicode_string(char *buf,int n); char *unistrn2(uint16 *buf, int len); char *unistr2(uint16 *buf); char *unistr2_to_str(UNISTR2 *str); +uint32 buffer2_to_uint32(BUFFER2 *str); +char *buffer2_to_str(BUFFER2 *str); +char *buffer2_to_multistr(BUFFER2 *str); int struni2(uint16 *p, char *buf); char *unistr(char *buf); int unistrcpy(char *dst, char *src); @@ -1206,7 +1211,6 @@ struct passdb_ops *file_initialize_password_db(void); /*The following definitions come from passdb/smbpassfile.c */ -BOOL do_file_lock(int fd, int waitsecs, int type); BOOL pw_file_lock(int fd, int type, int secs, int *plock_depth); BOOL pw_file_unlock(int fd, int *plock_depth); BOOL trust_password_lock( char *domain, char *name, BOOL update); @@ -1288,6 +1292,42 @@ void cli_nt_set_ntlmssp_flgs(struct cli_state *cli, uint32 ntlmssp_flgs); BOOL cli_nt_session_open(struct cli_state *cli, char *pipe_name); void cli_nt_session_close(struct cli_state *cli); +/*The following definitions come from rpc_client/cli_reg.c */ + +BOOL do_reg_open_policy(struct cli_state *cli, uint16 unknown_0, uint32 level, + POLICY_HND *hnd); +BOOL do_reg_open_unk_4(struct cli_state *cli, uint16 unknown_0, uint32 level, + POLICY_HND *hnd); +BOOL do_reg_query_key(struct cli_state *cli, POLICY_HND *hnd, + char *class, uint32 *class_len, + uint32 *num_subkeys, uint32 *max_subkeylen, + uint32 *max_subkeysize, uint32 *num_values, + uint32 *max_valnamelen, uint32 *max_valbufsize, + uint32 *sec_desc, NTTIME *mod_time); +BOOL do_reg_unknown_1a(struct cli_state *cli, POLICY_HND *hnd, uint32 *unk); +BOOL do_reg_query_info(struct cli_state *cli, POLICY_HND *hnd, + char *type, uint32 *unk_0, uint32 *unk_1); +BOOL do_reg_get_key_sec(struct cli_state *cli, POLICY_HND *hnd, + uint32 *sec_buf_size, SEC_DESC_BUF *sec_buf); +BOOL do_reg_create_key(struct cli_state *cli, POLICY_HND *hnd, + char *key_name, char *key_class, + SEC_INFO *sam_access, + POLICY_HND *key); +BOOL do_reg_enum_key(struct cli_state *cli, POLICY_HND *hnd, + int key_index, char *key_name, + uint32 *unk_1, uint32 *unk_2, + time_t *mod_time); +BOOL do_reg_create_val(struct cli_state *cli, POLICY_HND *hnd, + char *val_name, uint32 type, BUFFER3 *data); +BOOL do_reg_enum_val(struct cli_state *cli, POLICY_HND *hnd, + int val_index, int max_valnamelen, int max_valbufsize, + fstring val_name, + uint32 *val_type, BUFFER2 *value); +BOOL do_reg_open_entry(struct cli_state *cli, POLICY_HND *hnd, + char *key_name, uint32 unk_0, + POLICY_HND *key_hnd); +BOOL do_reg_close(struct cli_state *cli, POLICY_HND *hnd); + /*The following definitions come from rpc_client/cli_samr.c */ BOOL get_samr_query_usergroups(struct cli_state *cli, @@ -1414,21 +1454,28 @@ void make_str_hdr(STRHDR *hdr, int max_len, int len, uint32 buffer); void smb_io_strhdr(char *desc, STRHDR *hdr, prs_struct *ps, int depth); void make_uni_hdr(UNIHDR *hdr, int max_len, int len, uint32 buffer); void smb_io_unihdr(char *desc, UNIHDR *hdr, prs_struct *ps, int depth); +void make_buf_hdr(BUFHDR *hdr, int max_len, int len); +void smb_io_hdrbuf(char *desc, BUFHDR *hdr, prs_struct *ps, int depth); void make_uni_hdr2(UNIHDR2 *hdr, int max_len, int len, uint16 terminate); void smb_io_unihdr2(char *desc, UNIHDR2 *hdr2, prs_struct *ps, int depth); void make_unistr(UNISTR *str, char *buf); void smb_io_unistr(char *desc, UNISTR *uni, prs_struct *ps, int depth); -void make_uninotstr2(UNINOTSTR2 *str, char *buf, int len); -void smb_io_uninotstr2(char *desc, UNINOTSTR2 *uni2, uint32 buffer, prs_struct *ps, int depth); +void make_buffer3_uint32(BUFFER3 *str, uint32 val); +void make_buffer3_str(BUFFER3 *str, char *buf, int len); +void make_buffer3_hex(BUFFER3 *str, char *buf); +void make_buffer3_bytes(BUFFER3 *str, uint8 *buf, int len); +void smb_io_buffer3(char *desc, BUFFER3 *buf3, prs_struct *ps, int depth); +void make_buffer2(BUFFER2 *str, uint8 *buf, int len); +void smb_io_buffer2(char *desc, BUFFER2 *buf2, uint32 buffer, prs_struct *ps, int depth); void make_buf_unistr2(UNISTR2 *str, uint32 *ptr, char *buf); void copy_unistr2(UNISTR2 *str, UNISTR2 *from); void make_string2(STRING2 *str, char *buf, int len); void smb_io_string2(char *desc, STRING2 *str2, uint32 buffer, prs_struct *ps, int depth); void make_unistr2(UNISTR2 *str, char *buf, int len); void smb_io_unistr2(char *desc, UNISTR2 *uni2, uint32 buffer, prs_struct *ps, int depth); -void make_dom_rid2(DOM_RID2 *rid2, uint32 rid); +void make_dom_rid2(DOM_RID2 *rid2, uint32 rid, uint8 type); void smb_io_dom_rid2(char *desc, DOM_RID2 *rid2, prs_struct *ps, int depth); -void make_dom_rid3(DOM_RID3 *rid3, uint32 rid); +void make_dom_rid3(DOM_RID3 *rid3, uint32 rid, uint8 type); void smb_io_dom_rid3(char *desc, DOM_RID3 *rid3, prs_struct *ps, int depth); void make_dom_rid4(DOM_RID4 *rid4, uint16 unknown, uint16 attr, uint32 rid); void make_log_info(DOM_LOG_INFO *log, char *logon_srv, char *acct_name, @@ -1453,7 +1500,7 @@ void smb_io_gid(char *desc, DOM_GID *gid, prs_struct *ps, int depth); void smb_io_pol_hnd(char *desc, POLICY_HND *pol, prs_struct *ps, int depth); void smb_io_dom_query_3(char *desc, DOM_QUERY_3 *d_q, prs_struct *ps, int depth); void smb_io_dom_query_5(char *desc, DOM_QUERY_3 *d_q, prs_struct *ps, int depth); -void smb_io_dom_name(char *desc, DOM_NAME *name, prs_struct *ps, int depth); +void smb_io_unistr3(char *desc, UNISTR3 *name, prs_struct *ps, int depth); /*The following definitions come from rpc_parse/parse_net.c */ @@ -1547,24 +1594,71 @@ BOOL prs_uint16(char *name, prs_struct *ps, int depth, uint16 *data16); BOOL prs_uint32(char *name, prs_struct *ps, int depth, uint32 *data32); BOOL prs_uint8s(BOOL charmode, char *name, prs_struct *ps, int depth, uint8 *data8s, int len); BOOL prs_uint32s(BOOL charmode, char *name, prs_struct *ps, int depth, uint32 *data32s, int len); -BOOL prs_uninotstr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNINOTSTR2 *str); +BOOL prs_buffer2(BOOL charmode, char *name, prs_struct *ps, int depth, BUFFER2 *str); BOOL prs_string2(BOOL charmode, char *name, prs_struct *ps, int depth, STRING2 *str); BOOL prs_unistr2(BOOL charmode, char *name, prs_struct *ps, int depth, UNISTR2 *str); +BOOL prs_unistr3(BOOL charmode, char *name, UNISTR3 *str, prs_struct *ps, int depth); BOOL prs_unistr(char *name, prs_struct *ps, int depth, UNISTR *str); BOOL prs_string(char *name, prs_struct *ps, int depth, char *str, uint16 len, uint16 max_buf_size); +BOOL prs_uint16_pre(char *name, prs_struct *ps, int depth, uint16 *data16, uint32 *off_ptr); +BOOL prs_uint16_post(char *name, prs_struct *ps, int depth, + uint32 ptr_uint16, uint32 start_offset); /*The following definitions come from rpc_parse/parse_reg.c */ +void make_reg_q_open_pol(REG_Q_OPEN_POLICY *q_o, + uint16 unknown_0, uint32 level); void reg_io_q_open_policy(char *desc, REG_Q_OPEN_POLICY *r_q, prs_struct *ps, int depth); void reg_io_r_open_policy(char *desc, REG_R_OPEN_POLICY *r_r, prs_struct *ps, int depth); +void make_reg_q_create_key(REG_Q_CREATE_KEY *q_c, POLICY_HND *hnd, + char *name, char *class, + SEC_INFO *sam_access); +void reg_io_q_create_key(char *desc, REG_Q_CREATE_KEY *r_q, prs_struct *ps, int depth); +void reg_io_r_create_key(char *desc, REG_R_CREATE_KEY *r_r, prs_struct *ps, int depth); +void make_reg_q_query_key(REG_Q_QUERY_KEY *q_o, POLICY_HND *hnd, + uint32 max_class_len); +void reg_io_q_query_key(char *desc, REG_Q_QUERY_KEY *r_q, prs_struct *ps, int depth); +void reg_io_r_query_key(char *desc, REG_R_QUERY_KEY *r_r, prs_struct *ps, int depth); +void make_reg_q_unk_1a(REG_Q_UNK_1A *q_o, POLICY_HND *hnd); +void reg_io_q_unk_1a(char *desc, REG_Q_UNK_1A *r_q, prs_struct *ps, int depth); +void reg_io_r_unk_1a(char *desc, REG_R_UNK_1A *r_r, prs_struct *ps, int depth); +void make_reg_q_open_unk_4(REG_Q_OPEN_UNK_4 *q_o, + uint16 unknown_0, uint32 level); +void reg_io_q_open_unk_4(char *desc, REG_Q_OPEN_UNK_4 *r_q, prs_struct *ps, int depth); +void reg_io_r_open_unk_4(char *desc, REG_R_OPEN_UNK_4 *r_r, prs_struct *ps, int depth); +void make_reg_q_close(REG_Q_CLOSE *q_c, POLICY_HND *hnd); void reg_io_q_close(char *desc, REG_Q_CLOSE *q_u, prs_struct *ps, int depth); void reg_io_r_close(char *desc, REG_R_CLOSE *r_u, prs_struct *ps, int depth); +void make_reg_q_get_key_sec(REG_Q_GET_KEY_SEC *q_i, POLICY_HND *pol, + uint32 buf_len, SEC_DESC_BUF *sec_buf); +void reg_io_q_get_key_sec(char *desc, REG_Q_GET_KEY_SEC *r_q, prs_struct *ps, int depth); +void make_reg_r_get_key_sec(REG_R_GET_KEY_SEC *r_i, POLICY_HND *pol, + uint32 buf_len, uint8 *buf, + uint32 status); +void reg_io_r_get_key_sec(char *desc, REG_R_GET_KEY_SEC *r_q, prs_struct *ps, int depth); +void make_reg_q_info(REG_Q_INFO *q_i, POLICY_HND *pol, char *product_type, + time_t unix_time, uint8 major, uint8 minor); void reg_io_q_info(char *desc, REG_Q_INFO *r_q, prs_struct *ps, int depth); void make_reg_r_info(REG_R_INFO *r_r, uint32 level, char *os_type, uint32 unknown_0, uint32 unknown_1, uint32 status); -void reg_io_r_info(char *desc, REG_R_INFO *r_r, prs_struct *ps, int depth); +void reg_io_r_info(char *desc, REG_R_INFO *r_r, prs_struct *ps, int depth); +void make_reg_q_enum_val(REG_Q_ENUM_VALUE *q_i, POLICY_HND *pol, + uint32 val_idx, uint32 max_val_len, + uint32 max_buf_len); +void reg_io_q_enum_val(char *desc, REG_Q_ENUM_VALUE *q_q, prs_struct *ps, int depth); +void reg_io_r_enum_val(char *desc, REG_R_ENUM_VALUE *r_q, prs_struct *ps, int depth); +void make_reg_q_create_val(REG_Q_CREATE_VALUE *q_i, POLICY_HND *pol, + char *val_name, uint32 type, + BUFFER3 *val); +void reg_io_q_create_val(char *desc, REG_Q_CREATE_VALUE *q_q, prs_struct *ps, int depth); +void reg_io_r_create_val(char *desc, REG_R_CREATE_VALUE *r_q, prs_struct *ps, int depth); +void make_reg_q_enum_key(REG_Q_ENUM_KEY *q_i, POLICY_HND *pol, uint32 key_idx); +void reg_io_q_enum_key(char *desc, REG_Q_ENUM_KEY *q_q, prs_struct *ps, int depth); +void reg_io_r_enum_key(char *desc, REG_R_ENUM_KEY *r_q, prs_struct *ps, int depth); +void make_reg_q_open_entry(REG_Q_OPEN_ENTRY *r_q, POLICY_HND *pol, + char *key_name, uint32 unk); void reg_io_q_open_entry(char *desc, REG_Q_OPEN_ENTRY *r_q, prs_struct *ps, int depth); void make_reg_r_open_entry(REG_R_OPEN_ENTRY *r_r, POLICY_HND *pol, uint32 status); @@ -1803,6 +1897,15 @@ void samr_io_q_chgpasswd_user(char *desc, SAMR_Q_CHGPASSWD_USER *q_u, prs_struct void make_samr_r_chgpasswd_user(SAMR_R_CHGPASSWD_USER *r_u, uint32 status); void samr_io_r_chgpasswd_user(char *desc, SAMR_R_CHGPASSWD_USER *r_u, prs_struct *ps, int depth); +/*The following definitions come from rpc_parse/parse_sec.c */ + +void sec_io_info(char *desc, SEC_INFO *t, prs_struct *ps, int depth); +void sec_io_ace(char *desc, SEC_ACE *t, prs_struct *ps, int depth); +void sec_io_acl(char *desc, SEC_ACL *t, prs_struct *ps, int depth); +void sec_io_desc(char *desc, SEC_DESC *t, prs_struct *ps, int depth); +void make_sec_desc_buf(SEC_DESC_BUF *buf, int len, uint32 buf_ptr); +void sec_io_desc_buf(char *desc, SEC_DESC_BUF *sec, prs_struct *ps, int depth); + /*The following definitions come from rpc_parse/parse_srv.c */ void make_srv_share_info1_str(SH_INFO_1_STR *sh1, char *net_name, char *remark); @@ -1970,6 +2073,15 @@ void cmd_lsa_lookup_sids(struct client_info *info); void cmd_netlogon_login_test(struct client_info *info); +/*The following definitions come from rpcclient/cmd_reg.c */ + +void cmd_reg_enum(struct client_info *info); +void cmd_reg_query_key(struct client_info *info); +void cmd_reg_test2(struct client_info *info); +void cmd_reg_create_val(struct client_info *info); +void cmd_reg_create_key(struct client_info *info); +void cmd_reg_get_key_sec(struct client_info *info); + /*The following definitions come from rpcclient/cmd_samr.c */ void cmd_sam_ntchange_pwd(struct client_info *info); @@ -2042,6 +2154,16 @@ void display_group_rid_info(FILE *out_hnd, enum action_type action, void display_alias_name_info(FILE *out_hnd, enum action_type action, uint32 num_aliases, fstring *alias_name, uint32 *num_als_usrs); void display_sam_user_info_21(FILE *out_hnd, enum action_type action, SAM_USER_INFO_21 *usr); +char *get_sec_perms_str(uint32 type); +void display_sec_info(FILE *out_hnd, enum action_type action, SEC_INFO *info); +void display_sec_ace(FILE *out_hnd, enum action_type action, SEC_ACE *ace); +void display_sec_acl(FILE *out_hnd, enum action_type action, SEC_ACL *acl); +void display_sec_desc(FILE *out_hnd, enum action_type action, SEC_DESC *sec); +char *get_reg_val_type_str(uint32 type); +void display_reg_value_info(FILE *out_hnd, enum action_type action, + char *val_name, uint32 val_type, BUFFER2 *value); +void display_reg_key_info(FILE *out_hnd, enum action_type action, + char *key_name, time_t key_mod_time); /*The following definitions come from rpcclient/rpcclient.c */ diff --git a/source3/include/rpc_dce.h b/source3/include/rpc_dce.h index c6499853d6..70eb1b4e20 100644 --- a/source3/include/rpc_dce.h +++ b/source3/include/rpc_dce.h @@ -33,6 +33,7 @@ enum RPC_PKT_TYPE { RPC_REQUEST = 0x00, RPC_RESPONSE = 0x02, + RPC_FAULT = 0x03, RPC_BIND = 0x0B, RPC_BINDACK = 0x0C, RPC_BINDRESP = 0x10 /* not the real name! this is undocumented! */ diff --git a/source3/include/rpc_lsa.h b/source3/include/rpc_lsa.h index 44758936ae..b8aaa562f0 100644 --- a/source3/include/rpc_lsa.h +++ b/source3/include/rpc_lsa.h @@ -28,9 +28,14 @@ enum SID_NAME_USE { - SID_NAME_USER = 1, + SID_NAME_USER = 1, /* user */ SID_NAME_DOM_GRP = 2, /* domain group */ - SID_NAME_WKN_GRP = 5 /* well-known group */ + SID_NAME_DOMAIN = 3, /* domain: don't know what this is */ + SID_NAME_ALIAS = 4, /* local group */ + SID_NAME_WKN_GRP = 5, /* well-known group */ + SID_NAME_DELETED = 6, /* deleted account: needed for c2 rating */ + SID_NAME_INVALID = 7, /* invalid account */ + SID_NAME_UNKNOWN = 8 /* oops. */ }; /* ntlsa pipe */ @@ -284,14 +289,6 @@ typedef struct lsa_r_lookup_sids } LSA_R_LOOKUP_SIDS; -/* DOM_NAME - XXXX not sure about this structure */ -typedef struct dom_name_info -{ - uint32 uni_str_len; - UNISTR str; - -} DOM_NAME; - #define UNKNOWN_LEN 1 @@ -303,7 +300,7 @@ typedef struct lsa_q_lookup_rids uint32 num_entries2; uint32 buffer_dom_sid; /* undocumented domain SID buffer pointer */ uint32 buffer_dom_name; /* undocumented domain name buffer pointer */ - DOM_NAME lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */ + UNISTR3 lookup_name[MAX_LOOKUP_SIDS]; /* names to be looked up */ uint8 undoc[UNKNOWN_LEN]; /* completely undocumented bytes of unknown length */ } LSA_Q_LOOKUP_RIDS; diff --git a/source3/include/rpc_misc.h b/source3/include/rpc_misc.h index 50daf27dfc..e984a4842b 100644 --- a/source3/include/rpc_misc.h +++ b/source3/include/rpc_misc.h @@ -91,8 +91,8 @@ typedef struct sid_info_2 /* STRHDR - string header */ typedef struct header_info { - uint16 str_max_len; uint16 str_str_len; + uint16 str_max_len; uint32 buffer; /* non-zero */ } STRHDR; @@ -100,8 +100,8 @@ typedef struct header_info /* UNIHDR - unicode string header */ typedef struct unihdr_info { - uint16 uni_max_len; uint16 uni_str_len; + uint16 uni_max_len; uint32 buffer; /* usually has a value of 4 */ } UNIHDR; @@ -117,6 +117,7 @@ typedef struct unihdr2_info /* clueless as to what maximum length should be */ #define MAX_UNISTRLEN 256 #define MAX_STRINGLEN 256 +#define MAX_BUFFERLEN 512 /* UNISTR - unicode string size and buffer */ typedef struct unistr_info @@ -125,17 +126,34 @@ typedef struct unistr_info } UNISTR; -/* UNINOTSTR2 - unicode string, size (in uint8 ascii chars) and buffer */ +/* BUFHDR - buffer header */ +typedef struct bufhdr_info +{ + uint32 buf_max_len; + uint32 buf_len; + +} BUFHDR; + +/* BUFFER2 - unicode string, size (in uint8 ascii chars) and buffer */ /* pathetic. some stupid team of \PIPE\winreg writers got the concept */ /* of a unicode string different from the other \PIPE\ writers */ -typedef struct uninotstr2_info +typedef struct buffer2_info { - uint32 uni_max_len; + uint32 buf_max_len; uint32 undoc; - uint32 uni_buf_len; + uint32 buf_len; uint16 buffer[MAX_UNISTRLEN]; /* unicode characters. **NOT** necessarily null-terminated */ -} UNINOTSTR2; +} BUFFER2; + +/* BUFFER3 */ +typedef struct buffer3_info +{ + uint32 buf_max_len; + uint8 buffer[MAX_BUFFERLEN]; /* data */ + uint32 buf_len; + +} BUFFER3; /* UNISTR2 - unicode string size (in uint16 unicode chars) and buffer */ typedef struct unistr2_info @@ -157,6 +175,14 @@ typedef struct string2_info } STRING2; +/* UNISTR3 - XXXX not sure about this structure */ +typedef struct unistr3_info +{ + uint32 uni_str_len; + UNISTR str; + +} UNISTR3; + /* DOM_RID2 - domain RID structure for ntlsa pipe */ typedef struct domrid2_info diff --git a/source3/include/rpc_reg.h b/source3/include/rpc_reg.h index 28d11710cd..9334810866 100644 --- a/source3/include/rpc_reg.h +++ b/source3/include/rpc_reg.h @@ -27,29 +27,231 @@ /* winreg pipe defines */ #define REG_OPEN_POLICY 0x02 +#define REG_OPEN_UNK_4 0x04 +#define REG_UNK_1A 0x1a +#define REG_QUERY_KEY 0x10 +#define REG_ENUM_KEY 0x09 +#define REG_CREATE_KEY 0x06 +#define REG_CREATE_VALUE 0x16 +#define REG_GET_KEY_SEC 0x0c +#define REG_ENUM_VALUE 0x0a #define REG_OPEN_ENTRY 0x0f #define REG_INFO 0x11 #define REG_CLOSE 0x05 + /* REG_Q_OPEN_POLICY */ typedef struct q_reg_open_policy_info { uint32 ptr; - uint16 unknown_0; /* 0x5da0 - 16 bit unknown */ - uint32 level; /* 0x0000 0001 - 32 bit unknown */ - uint16 unknown_1; /* 0x0200 - 16 bit unknown */ + uint16 unknown_0; /* 0xE084 - 16 bit unknown */ + uint16 unknown_1; /* random. changes */ + uint32 level; /* 0x0000 0002 - 32 bit unknown */ } REG_Q_OPEN_POLICY; /* REG_R_OPEN_POLICY */ typedef struct r_reg_open_policy_info { - POLICY_HND pol; /* policy handle */ + POLICY_HND pol; /* policy handle */ uint32 status; /* return status */ } REG_R_OPEN_POLICY; +/* REG_Q_OPEN_UNK_4 */ +typedef struct q_reg_open_unk4_info +{ + uint32 ptr; + uint16 unknown_0; /* 0xE084 - 16 bit unknown */ + uint16 unknown_1; /* random. changes */ + uint32 level; /* 0x0000 0002 - 32 bit unknown */ + +} REG_Q_OPEN_UNK_4; + +/* REG_R_OPEN_UNK_4 */ +typedef struct r_reg_open_unk4_info +{ + POLICY_HND pol; /* policy handle */ + uint32 status; /* return status */ + +} REG_R_OPEN_UNK_4; + + +/* REG_Q_GET_KEY_SEC */ +typedef struct q_reg_get_key_sec_info +{ + POLICY_HND pol; /* policy handle */ + + uint32 unknown; /* 0x0000 0007 */ + + uint32 ptr; /* pointer */ + BUFHDR hdr_sec; /* header for security data */ + SEC_DESC_BUF *data; /* security data */ + +} REG_Q_GET_KEY_SEC; + +/* REG_R_GET_KEY_SEC */ +typedef struct r_reg_get_key_sec_info +{ + uint32 unknown; /* 0x0000 0007 */ + + uint32 ptr; /* pointer */ + BUFHDR hdr_sec; /* header for security data */ + SEC_DESC_BUF *data; /* security data */ + + uint32 status; + +} REG_R_GET_KEY_SEC; + +/* REG_Q_CREATE_VALUE */ +typedef struct q_reg_create_value_info +{ + POLICY_HND pol; /* policy handle */ + + UNIHDR hdr_name; /* name of value */ + UNISTR2 uni_name; + + uint32 type; /* 1 = UNISTR, 3 = BYTES, 4 = DWORD, 7 = MULTI_UNISTR */ + + BUFFER3 *buf_value; /* value, in byte buffer */ + +} REG_Q_CREATE_VALUE; + +/* REG_R_CREATE_VALUE */ +typedef struct r_reg_create_value_info +{ + uint32 status; /* return status */ + +} REG_R_CREATE_VALUE; + +/* REG_Q_ENUM_VALUE */ +typedef struct q_reg_query_value_info +{ + POLICY_HND pol; /* policy handle */ + + uint32 val_index; /* index */ + + UNIHDR hdr_name; /* name of value */ + UNISTR2 uni_name; + + uint32 ptr_type; /* pointer */ + uint32 type; /* 1 = UNISTR, 3 = BYTES, 4 = DWORD, 7 = MULTI_UNISTR */ + + uint32 ptr_value; /* pointer */ + BUFFER2 buf_value; /* value, in byte buffer */ + + uint32 ptr1; /* pointer */ + uint32 len_value1; /* */ + + uint32 ptr2; /* pointer */ + uint32 len_value2; /* */ + +} REG_Q_ENUM_VALUE; + +/* REG_R_ENUM_VALUE */ +typedef struct r_reg_enum_value_info +{ + UNIHDR hdr_name; /* name of value */ + UNISTR2 uni_name; + + uint32 ptr_type; /* pointer */ + uint32 type; /* 1 = UNISTR, 3 = BYTES, 4 = DWORD, 7 = MULTI_UNISTR */ + + uint32 ptr_value; /* pointer */ + BUFFER2 *buf_value; /* value, in byte buffer */ + + uint32 ptr1; /* pointer */ + uint32 len_value1; /* */ + + uint32 ptr2; /* pointer */ + uint32 len_value2; /* */ + + uint32 status; /* return status */ + +} REG_R_ENUM_VALUE; + +/* REG_Q_CREATE_KEY */ +typedef struct q_reg_create_key_info +{ + POLICY_HND pnt_pol; /* parent key policy handle */ + + UNIHDR hdr_name; + UNISTR2 uni_name; + + UNIHDR hdr_class; + UNISTR2 uni_class; + + uint32 reserved; /* 0x0000 0000 */ + SEC_INFO sam_access; /* access rights flags, see rpc_secdes.h */ + + uint32 ptr1; + uint32 unknown_0; /* 0x0000 000C */ + + uint32 ptr2; + uint32 unk_len1; /* 0x0000 0014 */ + uint32 unk_len2; /* 0x0000 0014 */ + uint32 unknown_1; /* 0x0002 0000 */ + BUFFER2 buf_unk; /* 01 00 00 80 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 */ + + uint32 unknown_2; /* 0x0000 0000 */ +} REG_Q_CREATE_KEY; + +/* REG_R_CREATE_KEY */ +typedef struct r_reg_create_key_info +{ + POLICY_HND key_pol; /* policy handle */ + uint32 unknown; /* 0x0000 0000 */ + + uint32 status; /* return status */ + +} REG_R_CREATE_KEY; + +/* REG_Q_QUERY_KEY */ +typedef struct q_reg_query_info +{ + POLICY_HND pol; /* policy handle */ + UNIHDR hdr_class; + UNISTR2 uni_class; + +} REG_Q_QUERY_KEY; + +/* REG_R_QUERY_KEY */ +typedef struct r_reg_query_key_info +{ + UNIHDR hdr_class; + UNISTR2 uni_class; + + uint32 num_subkeys; + uint32 max_subkeylen; + uint32 max_subkeysize; /* 0x0000 0000 */ + uint32 num_values; + uint32 max_valnamelen; + uint32 max_valbufsize; + uint32 sec_desc; /* 0x0000 0078 */ + NTTIME mod_time; /* modified time */ + + uint32 status; /* return status */ + +} REG_R_QUERY_KEY; + + +/* REG_Q_UNK_1A */ +typedef struct q_reg_unk_1a_info +{ + POLICY_HND pol; /* policy handle */ + +} REG_Q_UNK_1A; + +/* REG_R_UNK_1A */ +typedef struct r_reg_unk_1a_info +{ + uint32 unknown; /* 0x0500 0000 */ + uint32 status; /* return status */ + +} REG_R_UNK_1A; + + /* REG_Q_CLOSE */ typedef struct reg_q_close_info { @@ -67,10 +269,55 @@ typedef struct reg_r_close_info } REG_R_CLOSE; +/* REG_Q_ENUM_KEY */ +typedef struct q_reg_enum_value_info +{ + POLICY_HND pol; /* policy handle */ + + uint32 key_index; + + uint16 key_name_len; /* 0x0000 */ + uint16 unknown_1; /* 0x0414 */ + + uint32 ptr1; /* pointer */ + uint32 unknown_2; /* 0x0000 020A */ + uint8 pad1[8]; /* padding - zeros */ + + uint32 ptr2; /* pointer */ + uint8 pad2[8]; /* padding - zeros */ + + uint32 ptr3; /* pointer */ + NTTIME time; /* current time? */ + +} REG_Q_ENUM_KEY; + +/* REG_R_ENUM_KEY */ +typedef struct r_reg_enum_key_info +{ + uint16 key_name_len; /* number of bytes in key name */ + uint16 unknown_1; /* 0x0414 - matches with query unknown_1 */ + + uint32 ptr1; /* pointer */ + uint32 unknown_2; /* 0x0000 020A */ + uint32 unknown_3; /* 0x0000 0000 */ + + UNISTR3 key_name; + + uint32 ptr2; /* pointer */ + uint8 pad2[8]; /* padding - zeros */ + + uint32 ptr3; /* pointer */ + NTTIME time; /* current time? */ + + uint32 status; /* return status */ + +} REG_R_ENUM_KEY; + + /* REG_Q_INFO */ typedef struct q_reg_info_info { - POLICY_HND pol; /* policy handle */ + POLICY_HND pol; /* policy handle */ UNIHDR hdr_type; /* unicode product type header */ UNISTR2 uni_type; /* unicode product type - "ProductType" */ @@ -97,8 +344,8 @@ typedef struct r_reg_info_info uint32 ptr1; /* buffer pointer */ uint32 level; /* 0x1 - info level? */ - uint32 ptr_type; /* pointer to o/s type */ - UNINOTSTR2 uni_type; /* unicode string o/s type - "LanmanNT" */ + uint32 ptr_type; /* pointer to o/s type */ + BUFFER2 uni_type; /* unicode string o/s type - "LanmanNT" */ uint32 ptr2; /* pointer to unknown_0 */ uint32 unknown_0; /* 0x12 */ @@ -114,14 +361,13 @@ typedef struct r_reg_info_info /* REG_Q_OPEN_ENTRY */ typedef struct q_reg_open_entry_info { - POLICY_HND pol; /* policy handle */ + POLICY_HND pol; /* policy handle */ UNIHDR hdr_name; /* unicode registry string header */ UNISTR2 uni_name; /* unicode registry string name */ uint32 unknown_0; /* 32 bit unknown - 0x0000 0000 */ - uint16 unknown_1; /* 16 bit unknown - 0x0000 */ - uint16 unknown_2; /* 16 bit unknown - 0x0200 */ + uint32 unknown_1; /* 32 bit unknown - 0x0200 0000 */ } REG_Q_OPEN_ENTRY; @@ -130,7 +376,7 @@ typedef struct q_reg_open_entry_info /* REG_R_OPEN_ENTRY */ typedef struct r_reg_open_entry_info { - POLICY_HND pol; /* policy handle */ + POLICY_HND pol; /* policy handle */ uint32 status; /* return status */ } REG_R_OPEN_ENTRY; diff --git a/source3/include/rpcclient.h b/source3/include/rpcclient.h index 1065b7c159..eab4d20703 100644 --- a/source3/include/rpcclient.h +++ b/source3/include/rpcclient.h @@ -57,17 +57,22 @@ struct nt_client_info NET_ID_INFO_CTR ctr; NET_USER_INFO_3 user_info3; + /************** \PIPE\winreg stuff ********************/ + + POLICY_HND reg_pol_connect; + POLICY_HND reg_pol_unk_4; + /************** \PIPE\lsarpc stuff ********************/ POLICY_HND lsa_info_pol; /* domain member */ - fstring level3_dom; fstring level3_sid; + fstring level5_sid; /* domain controller */ + fstring level3_dom; fstring level5_dom; - fstring level5_sid; /************** \PIPE\samr stuff ********************/ diff --git a/source3/include/smb.h b/source3/include/smb.h index a6566fb364..a8b0c745b2 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -337,10 +337,11 @@ implemented */ typedef char pstring[1024]; typedef char fstring[128]; -/* pipe strings */ +/* pipe string names */ #define PIPE_LANMAN "\\PIPE\\LANMAN" #define PIPE_SRVSVC "\\PIPE\\srvsvc" #define PIPE_SAMR "\\PIPE\\samr" +#define PIPE_WINREG "\\PIPE\\winreg" #define PIPE_WKSSVC "\\PIPE\\wkssvc" #define PIPE_NETLOGON "\\PIPE\\NETLOGON" #define PIPE_NTLSA "\\PIPE\\ntlsa" -- cgit