msrrp

package
v0.3.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 10, 2023 License: MIT Imports: 9 Imported by: 1

Documentation

Overview

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

MIT License

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Index

Constants

View Source
const (
	PermKeyQueryValue       uint32 = 0x00000001
	PermKeySetValue         uint32 = 0x00000002
	PermKeyCreateSubKey     uint32 = 0x00000004
	PermKeyEnumerateSubKeys uint32 = 0x00000008
	PermKeyCreateLink       uint32 = 0x00000020
	PermKeyWow6464Key       uint32 = 0x00000100
	PermKeyWow6432Key       uint32 = 0x00000200
)

MS-RRP Section 2.2.3 REGSAM

View Source
const (
	PermGenericRead          uint32 = 0x80000000
	PermGenericWrite         uint32 = 0x40000000
	PermGenericExecute       uint32 = 0x20000000
	PermGenericAll           uint32 = 0x10000000
	PermMaximumAllowed       uint32 = 0x02000000
	PermAccessSystemSecurity uint32 = 0x01000000
	PermSynchronize          uint32 = 0x00100000
	PermWriteOwner           uint32 = 0x00080000
	PermWriteDacl            uint32 = 0x00040000
	PermReadControl          uint32 = 0x00020000
	PermDelete               uint32 = 0x00010000
)

MS-DTYP Section 2.4.3 ACCESS_MASK

View Source
const (
	RegBinary            uint32 = 3
	RegDword             uint32 = 4
	RegDwordLittleEndian uint32 = 4
	RegDwordBigEndian    uint32 = 5
	RegExpandSz          uint32 = 2
	RegLink              uint32 = 6
	RegMultiSz           uint32 = 7
	RegNone              uint32 = 0
	RegQword             uint32 = 11
	RegQwordLittleEndian uint32 = 11
	RegSz                uint32 = 1
)

MS-RRP Section 2.2.5 RVALENT ve_type

View Source
const (
	ErrorSuccess            uint32 = 0x00000000 // Error success
	ErrorFileNotFound       uint32 = 0x00000002
	ErrorAccessDenied       uint32 = 0x00000005 // Access is denied.
	ErrorOutOfMemory        uint32 = 0x0000000E // Not enough storage available to complete the operation
	ErrorWriteProtect       uint32 = 0x00000013 // A read or write operation was attempted on the volume after it was dismounted.
	ErrorNotReady           uint32 = 0x00000015 // The service is not ready. Calls can be repeated at a later time.
	ErrorInvalidParameter   uint32 = 0x00000057 // The parameter is incorrect.
	ErrorCallNotImplemented uint32 = 0x00000078 // The method is not valid.
	ErrorBusy               uint32 = 0x000000AA // The requested resource is busy.
	ErrorAlreadyExists      uint32 = 0x000000B7 // File already exists.
	ErrorMoreData           uint32 = 0x000000EA // The size of the buffer is not large enough to hold the requested data.
	WaitTimeout             uint32 = 0x00000102 // The wait operation timed out.
	ErrorNoMoreItems        uint32 = 0x00000103 // No more data is available
	ErrorKeyDeleted         uint32 = 0x000003FA // An illegal operation was attempted on a registry key that is pending delete.
)

MS-RRP Section 2.2.6 Common Error Codes

View Source
const (
	OwnerSecurityInformation uint32 = 0x00000001 // If set, specifies the security identifier (SID) (LSAPR_SID) of the object's owner.
	GroupSecurityInformation uint32 = 0x00000002 // If set, specifies the security identifier (SID) (LSAPR_SID) of the object's primary group.
	DACLSecurityInformation  uint32 = 0x00000004 // If set, the security descriptor MUST include the object's discretionary access control list (DACL).
	SACLSecurityInformation  uint32 = 0x00000008 // If set, the security descriptor MUST include the object's system access control list (SACL).
)

MS-RRP Section 2.2.9 Security information

View Source
const (
	OpenClassesRoot             uint16 = 0  // Called by the client. In response, the server opens the HKEYClassesRoot predefined key and returns a handle to the HKEYClassesRoot key.
	OpenCurrentUser             uint16 = 1  // Called by the client. In response, the server opens the HKEYCurrentUser predefined key and returns a handle to the HKEYCurrentUser key.
	OpenLocalMachine            uint16 = 2  // Called by the client. In response, the server opens the HKEYLocalMachine predefined key and returns a handle to the HKEYLocalMachine key.
	OpenPerformanceData         uint16 = 3  // Called by the client. In response, the server opens the HKEYPerformanceData predefined key and returns a handle to the HKEYPerformanceData key.
	OpenUsers                   uint16 = 4  // Called by the client. In response, the server opens the HKEYUsers predefined key and returns a handle to the HKEYUsers key.
	BaseRegCloseKey             uint16 = 5  // Called by the client. In response, the server releases a handle to the specified registry key.
	BaseRegCreateKey            uint16 = 6  // Called by the client. In response, the server creates the specified registry key. If the key already exists in the registry, the function opens it.
	BaseRegDeleteKey            uint16 = 7  // Called by the client. In response, the server deletes the specified subkey.
	BaseRegDeleteValue          uint16 = 8  // Called by the client. In response, the server removes a named value from the specified registry key.
	BaseRegEnumKey              uint16 = 9  // Called by the client. In response, the server returns the requested subkey.
	BaseRegEnumValue            uint16 = 10 // Called by the client. In response, the server enumerates the values for the specified open registry key.
	BaseRegFlushKey             uint16 = 11 // Called by the client. In response, the server writes all the attributes of the specified open registry key into the registry.
	BaseRegGetKeySecurity       uint16 = 12 // Called by the client. In response, the server returns a copy of the security descriptor that protects the specified open registry key.
	BaseRegLoadKey              uint16 = 13 // Called by the client. In response, the server creates a subkey under HKEYUsers or HKEYLocalMachine and stores registration information from a specified file in that subkey.
	BaseRegOpenKey              uint16 = 15 // Called by the client. In response, the server opens the specified key for access, returning a handle to it.
	BaseRegQueryInfoKey         uint16 = 16 // Called by the client. In response, the server returns relevant information about the key that corresponds to the specified key handle.
	BaseRegQueryValue           uint16 = 17 // Called by the client. In response, the server returns the data that is associated with the default value of a specified registry open key.
	BaseRegReplaceKey           uint16 = 18 // Called by the client. In response, the server MUST read the registry information from the specified file and replace the specified key with the content of the file, so that when the system is restarted, the key and subkeys have the same values as those in the specified file.
	BaseRegRestoreKey           uint16 = 19 // Called by the client. In response, the server reads the registry information in a specified file and copies it over the specified key. The registry information can take the form of a key and multiple levels of subkeys.
	BaseRegSaveKey              uint16 = 20 // Called by the client. In response, the server saves the specified key and all its subkeys and values to a new file.
	BaseRegSetKeySecurity       uint16 = 21 // Called by the client. In response, the server sets the security descriptor that protects the specified open registry key.
	BaseRegSetValue             uint16 = 22 // Called by the client. In response, the server sets the data for the default value of a specified registry key. The data MUST be a text string.
	BaseRegUnLoadKey            uint16 = 23 // Called by the client. In response, the server removes the specified discrete body of keys, subkeys, and values that are rooted at the top of the registry hierarchy.
	BaseRegGetVersion           uint16 = 26 // Called by the client. In response, the server returns the version to which a registry key is connected.
	OpenCurrentConfig           uint16 = 27 // Called by the client. In response, the server attempts to open the HKEY_CURRENT_CONFIG predefined key and returns a handle to the HKEY_CURRENT_CONFIG key.
	BaseRegQueryMultipleValues  uint16 = 29 // Called by the client. In response, the server returns the type and data for a list of value names that are associated with the specified registry key.
	BaseRegSaveKeyEx            uint16 = 31 // Called by the client. In response, the server saves the specified key and all its subkeys and values to a new file.
	OpenPerformanceText         uint16 = 32 // Called by the client. In response, the server opens the HKEY_PERFORMANCE_TEXT predefined key and returns a handle to the HKEY_PERFORMANCE_TEXT key.
	OpenPerformanceNlsText      uint16 = 33 // Called by the client. In response, the server opens the HKEY_PERFORMANCE_NLSTEXT predefined key and returns a handle to the HKEY_PERFORMANCE_NLSTEXT key.
	BaseRegQueryMultipleValues2 uint16 = 34 // Called by the client. In response, the server returns the type and data for a list of value names that are associated with the specified registry key.
	BaseRegDeleteKeyEx          uint16 = 35 // Called by the client. In response, the server deletes the specified subkey. This function differs from BaseRegDeleteKey in that either 32-bit or 64-bit keys can be deleted, regardless of what kind of application is running.
)

MS-RRP Section 3.1.5. OP Codes

View Source
const (
	SecurityDescriptorFlagOD uint16 = 0x0001 // Owner Default
	SecurityDescriptorFlagGD uint16 = 0x0002 // Group Default
	SecurityDescriptorFlagDP uint16 = 0x0004 // DACL Present
	SecurityDescriptorFlagDD uint16 = 0x0008 // DACL Defaulted
	SecurityDescriptorFlagSP uint16 = 0x0010 // SACL Present
	SecurityDescriptorFlagSD uint16 = 0x0020 // SACL Defaulted
	SecurityDescriptorFlagDT uint16 = 0x0040 // DACL Trusted
	SecurityDescriptorFlagSS uint16 = 0x0080 // Server Security
	SecurityDescriptorFlagDC uint16 = 0x0100 // DACL Computed Inheritance Required
	SecurityDescriptorFlagSC uint16 = 0x0200 // SACL Computed Inheritance Required
	SecurityDescriptorFlagDI uint16 = 0x0400 // DACL Auto-Inherited
	SecurityDescriptorFlagSI uint16 = 0x0800 // SACL Auto-Inherited
	SecurityDescriptorFlagPD uint16 = 0x1000 // DACL Protected
	SecurityDescriptorFlagPS uint16 = 0x2000 // SACL Protected
	SecurityDescriptorFlagPM uint16 = 0x4000 // RM Control Valid
	SecurityDescriptorFlagSR uint16 = 0x8000 // Self-Relative
)

MS-DTYP Section 2.4.6 Security_Descriptor Control Flag

View Source
const (
	AccessAllowedAceType               byte = 0x00
	AccessDeniedAceType                byte = 0x01
	SystemAuditAceType                 byte = 0x02
	SystemAlarmAceType                 byte = 0x03
	AccessAllowedCompoundAceType       byte = 0x04
	AccessAllowedObjectAceType         byte = 0x05
	AccessDeniedObjectAceType          byte = 0x06
	SystemAuditObjectAceType           byte = 0x07
	SystemAlarmObjectAceType           byte = 0x08
	AccessAllowedCallbackAceType       byte = 0x09
	AccessDeniedCallbackAceType        byte = 0x0a
	AccessAllowedCallbackObjectAceType byte = 0x0b
	AccessDeniedCallbackObjectAceType  byte = 0x0c
	SystemAuditCallbackAceType         byte = 0x0d
	SystemAlarmCallbackAceType         byte = 0x0e
	SystemAuditCallbackObjectAceType   byte = 0x0f
	SystemAlarmCallbackObjectAceType   byte = 0x10
	SystemMandatoryLabelAceType        byte = 0x11
	SystemResourceAttribyteAceType     byte = 0x12
	SystemScopedPolicyIdAceType        byte = 0x13
)

MS-DTYP Section 2.4.4.1 ACE_HEADER AceType

View Source
const (
	ObjectInheritAce        byte = 0x01
	ContainerInheritAce     byte = 0x02
	NoPropagateInheritAce   byte = 0x04
	InheritOnlyAce          byte = 0x08
	InheritedAce            byte = 0x10
	SuccessfulAccessAceFlag byte = 0x40
	FailedAccessAceFlag     byte = 0x80
	DefaultAceFlag          byte = 0x02 // ContainerInheritAce
)

AceFlags

View Source
const (
	HKEYClassesRoot byte = iota
	HKEYCurrentUser
	HKEYLocalMachine
	HKEYPerformanceData
	HKEYUsers
)

Enum of base keys

View Source
const PermKeyNotify uint32 = 0x00000010

Variables

View Source
var (
	MSRRPUuid                = "338CD001-2244-31F1-AAAA-900038001003"
	MSRRPPipe                = "winreg"
	MSRRPMajorVersion uint16 = 1
	MSRRPMinorVersion uint16 = 0
	NDRUuid                  = "8a885d04-1ceb-11c9-9fe8-08002b104860"

	ContextItemLen    = 44
	ContextResItemLen = 24
)
View Source
var PermMap = map[uint32]string{
	PermKeyQueryValue:        "KEY_QUERY_VALUE",
	PermKeySetValue:          "KEY_SET_VALUE",
	PermKeyCreateSubKey:      "KEY_CREATE_SUB_KEY",
	PermKeyEnumerateSubKeys:  "KEY_ENUMERATE_SUB_KEYS",
	PermKeyNotify:            "KEY_NOTIFY",
	PermKeyCreateLink:        "KEY_CREATE_LINK",
	PermKeyWow6464Key:        "KEY_WOW64_64KEY",
	PermKeyWow6432Key:        "KEY_WOW64_32KEY",
	PermGenericRead:          "GENERIC_READ",
	PermGenericWrite:         "GENERIC_WRITE",
	PermGenericExecute:       "GENERIC_EXECUTE",
	PermGenericAll:           "GENERIC_ALL",
	PermMaximumAllowed:       "MAXIMUM_ALLOW",
	PermAccessSystemSecurity: "ACCESS_SYSTEM_SECURITY",
	PermSynchronize:          "SYNCHRONIZE",
	PermWriteOwner:           "WRITE_OWNER",
	PermWriteDacl:            "WRITE_DACL",
	PermReadControl:          "READ_CONTROL",
	PermDelete:               "DELETE",
}
View Source
var ReturnCodeMap = map[uint32]error{
	ErrorSuccess:            fmt.Errorf("ERROR_SUCCESS"),
	ErrorFileNotFound:       fmt.Errorf("ERROR_FILE_NOT_FOUND"),
	ErrorAccessDenied:       fmt.Errorf("ERROR_ACCESS_DENIED"),
	ErrorOutOfMemory:        fmt.Errorf("ERROR_OUT_OF_MEMORY"),
	ErrorWriteProtect:       fmt.Errorf("ERROR_WRITE_PROCTED"),
	ErrorNotReady:           fmt.Errorf("ERROR_NOT_READY"),
	ErrorInvalidParameter:   fmt.Errorf("ERROR_INVALID_PARAMETER"),
	ErrorCallNotImplemented: fmt.Errorf("ERROR_CALL_NOT_IMPLEMENTED"),
	ErrorBusy:               fmt.Errorf("ERROR_BUSY"),
	ErrorAlreadyExists:      fmt.Errorf("ERROR_ALREADY_EXISTS"),
	ErrorMoreData:           fmt.Errorf("ERROR_MORE_DATA"),
	WaitTimeout:             fmt.Errorf("WAIT_TIMEOUT"),
	ErrorNoMoreItems:        fmt.Errorf("ERROR_NO_MORE_ITEMS"),
	ErrorKeyDeleted:         fmt.Errorf("ERROR_KEY_DELETED"),
}

Functions

func NullTerminate

func NullTerminate(s string) string

Types

type ACE

type ACE struct {
	Header ACEHeader
	Mask   uint32
	Sid    SID //Must be multiple of 4
}

func NewAce

func NewAce(sidStr string, mask uint32, aceType, aceFlags byte) (ace *ACE, err error)

type ACEHeader

type ACEHeader struct {
	Type  byte
	Flags byte
	Size  uint16 //Includes header size?
}

MS-DTYP Section 2.4.4.1 ACE_HEADER

type BaseRegCloseKeyReq

type BaseRegCloseKeyReq struct {
	HKey []byte
}

Opnum 5

func (*BaseRegCloseKeyReq) MarshalBinary

func (self *BaseRegCloseKeyReq) MarshalBinary() ([]byte, error)

Opnum 5

func (*BaseRegCloseKeyReq) UnmarshalBinary

func (self *BaseRegCloseKeyReq) UnmarshalBinary(buf []byte) error

type BaseRegEnumKeyReq

type BaseRegEnumKeyReq struct {
	HKey          []byte
	Index         uint32
	NameIn        PRRPUnicodeStr2
	ClassIn       PRRPUnicodeStr2
	LastWriteTime *PFiletime
}

Opnum 9

func (*BaseRegEnumKeyReq) MarshalBinary

func (self *BaseRegEnumKeyReq) MarshalBinary() ([]byte, error)

Opnum 9

func (*BaseRegEnumKeyReq) UnmarshalBinary

func (self *BaseRegEnumKeyReq) UnmarshalBinary(buf []byte) error

type BaseRegEnumKeyRes

type BaseRegEnumKeyRes struct {
	NameOut       PRRPUnicodeStr2
	ClassOut      PRRPUnicodeStr2
	LastWriteTime PFiletime
	ReturnCode    uint32
}

func (*BaseRegEnumKeyRes) MarshalBinary

func (self *BaseRegEnumKeyRes) MarshalBinary() ([]byte, error)

func (*BaseRegEnumKeyRes) UnmarshalBinary

func (self *BaseRegEnumKeyRes) UnmarshalBinary(buf []byte) error

type BaseRegEnumValueReq

type BaseRegEnumValueReq struct {
	HKey    []byte
	Index   uint32
	NameIn  PRRPUnicodeStr2
	Type    uint32
	Data    []byte
	MaxLen  uint32 // How many bytes are allocated .e.g., ActualSize or ActualCount
	DataLen uint32 // How many bytes are transmitted in Data. E.g., ActualSize
}

Opnum 10

func (*BaseRegEnumValueReq) MarshalBinary

func (self *BaseRegEnumValueReq) MarshalBinary() ([]byte, error)

Opnum 10

func (*BaseRegEnumValueReq) UnmarshalBinary

func (self *BaseRegEnumValueReq) UnmarshalBinary(buf []byte) error

type BaseRegEnumValueRes

type BaseRegEnumValueRes struct {
	NameOut    PRRPUnicodeStr2
	Type       uint32
	Data       []byte
	DataLen    uint32
	MaxLen     uint32
	ReturnCode uint32
}

func (*BaseRegEnumValueRes) MarshalBinary

func (self *BaseRegEnumValueRes) MarshalBinary() ([]byte, error)

func (*BaseRegEnumValueRes) UnmarshalBinary

func (self *BaseRegEnumValueRes) UnmarshalBinary(buf []byte) error

type BaseRegGetKeySecurityReq

type BaseRegGetKeySecurityReq struct {
	HKey                 []byte
	SecurityInformation  uint32
	SecurityDescriptorIn SecurityData // Size of a security descriptor. Data is irrelevant
}

Opnum 12

func (*BaseRegGetKeySecurityReq) MarshalBinary

func (self *BaseRegGetKeySecurityReq) MarshalBinary() ([]byte, error)

Opnum 10

func (*BaseRegGetKeySecurityReq) UnmarshalBinary

func (self *BaseRegGetKeySecurityReq) UnmarshalBinary(buf []byte) error

type BaseRegGetKeySecurityRes

type BaseRegGetKeySecurityRes struct {
	SecurityDescriptorOut SecurityData // Size of a security descriptor. Data is irrelevant
	ReturnCode
}

func (*BaseRegGetKeySecurityRes) MarshalBinary

func (self *BaseRegGetKeySecurityRes) MarshalBinary() ([]byte, error)

func (*BaseRegGetKeySecurityRes) UnmarshalBinary

func (self *BaseRegGetKeySecurityRes) UnmarshalBinary(buf []byte) error

type BaseRegOpenKeyReq

type BaseRegOpenKeyReq struct {
	HKey          []byte
	SubKey        PRRPUnicodeStr2
	Options       uint32
	DesiredAccess uint32 // REGSAM
}

Opnum 15

func (*BaseRegOpenKeyReq) MarshalBinary

func (self *BaseRegOpenKeyReq) MarshalBinary() ([]byte, error)

Opnum 15

func (*BaseRegOpenKeyReq) UnmarshalBinary

func (self *BaseRegOpenKeyReq) UnmarshalBinary(buf []byte) error

type BaseRegQueryInfoKeyReq

type BaseRegQueryInfoKeyReq struct {
	HKey    []byte
	ClassIn RRPUnicodeStr3 // Optional, can be null
}

Opnum 16

func (*BaseRegQueryInfoKeyReq) MarshalBinary

func (self *BaseRegQueryInfoKeyReq) MarshalBinary() ([]byte, error)

Opnum 16

func (*BaseRegQueryInfoKeyReq) UnmarshalBinary

func (self *BaseRegQueryInfoKeyReq) UnmarshalBinary(buf []byte) error

type BaseRegQueryInfoKeyRes

type BaseRegQueryInfoKeyRes struct {
	ClassOut           RRPUnicodeStr3
	SubKeys            uint32
	MaxSubKeyLen       uint32
	MaxClassLen        uint32
	Values             uint32
	MaxValueNameLen    uint32
	MaxValueLen        uint32
	SecurityDescriptor uint32
	LastWriteTime      Filetime
	ReturnCode         uint32
}

func (*BaseRegQueryInfoKeyRes) MarshalBinary

func (self *BaseRegQueryInfoKeyRes) MarshalBinary() ([]byte, error)

func (*BaseRegQueryInfoKeyRes) UnmarshalBinary

func (self *BaseRegQueryInfoKeyRes) UnmarshalBinary(buf []byte) error

type BaseRegQueryValueReq

type BaseRegQueryValueReq struct {
	HKey      []byte
	ValueName PRRPUnicodeStr2
	Type      uint32
	Data      []byte
	MaxLen    uint32 // How many bytes are allocated .e.g., ActualSize or ActualCount
	DataLen   uint32 // How many bytes are transmitted in Data. E.g., ActualSize
}

Opnum 17

func (*BaseRegQueryValueReq) MarshalBinary

func (self *BaseRegQueryValueReq) MarshalBinary() ([]byte, error)

Opnum 17

func (*BaseRegQueryValueReq) UnmarshalBinary

func (self *BaseRegQueryValueReq) UnmarshalBinary(buf []byte) error

type BaseRegQueryValueRes

type BaseRegQueryValueRes struct {
	Type       uint32
	Data       []byte
	DataLen    uint32
	MaxLen     uint32
	ReturnCode uint32
}

func (*BaseRegQueryValueRes) MarshalBinary

func (self *BaseRegQueryValueRes) MarshalBinary() ([]byte, error)

func (*BaseRegQueryValueRes) UnmarshalBinary

func (self *BaseRegQueryValueRes) UnmarshalBinary(buf []byte) error

type BaseRegSaveKeyReq

type BaseRegSaveKeyReq struct {
	HKey               []byte
	FileName           PRRPUnicodeStr2
	SecurityAttributes RpcSecurityAttributes
}

Opnum 20

func (*BaseRegSaveKeyReq) MarshalBinary

func (self *BaseRegSaveKeyReq) MarshalBinary() ([]byte, error)

Opnum 20

func (*BaseRegSaveKeyReq) UnmarshalBinary

func (self *BaseRegSaveKeyReq) UnmarshalBinary(buf []byte) error

type BaseRegSetKeySecurityReq

type BaseRegSetKeySecurityReq struct {
	HKey                 []byte
	SecurityInformation  uint32
	SecurityDescriptorIn SecurityData
}

Opnum 21

func (*BaseRegSetKeySecurityReq) MarshalBinary

func (self *BaseRegSetKeySecurityReq) MarshalBinary() ([]byte, error)

Opnum 21

func (*BaseRegSetKeySecurityReq) UnmarshalBinary

func (self *BaseRegSetKeySecurityReq) UnmarshalBinary(buf []byte) error

type Filetime

type Filetime struct {
	LowDateTime  uint32
	HighDateTime uint32
}

MS-DTYP FILETIME

type KeyInfo

type KeyInfo struct {
	KeyName         []uint16
	ClassName       []uint16
	SubKeys         uint32
	MaxSubKeyLen    uint32
	MaxClassLen     uint32
	Values          uint32
	MaxValueNameLen uint32
	MaxValueLen     uint32
}

Share struct, not all fields are used for every response type

type OpenKeyRes

type OpenKeyRes struct {
	HKey       []byte
	ReturnCode uint32
}

func (*OpenKeyRes) MarshalBinary

func (self *OpenKeyRes) MarshalBinary() ([]byte, error)

func (*OpenKeyRes) UnmarshalBinary

func (self *OpenKeyRes) UnmarshalBinary(buf []byte) error

type OpenRootKeyReq

type OpenRootKeyReq struct {
	ServerName    uint32 // Should actually be pointer to array of WCHAR elements. But defined as always null.
	DesiredAccess uint32
}

Opnums 0-4

func (*OpenRootKeyReq) MarshalBinary

func (self *OpenRootKeyReq) MarshalBinary() ([]byte, error)

Opnums 0-4

func (*OpenRootKeyReq) UnmarshalBinary

func (self *OpenRootKeyReq) UnmarshalBinary(buf []byte) error

type PACL

type PACL struct {
	AclRevision uint16
	AclSize     uint16
	AceCount    uint32
	ACLS        []ACE
}

func NewACL

func NewACL(acls []ACE) (acl *PACL)

func (*PACL) MarshalBinary

func (self *PACL) MarshalBinary() ([]byte, error)

func (*PACL) UnmarshalBinary

func (self *PACL) UnmarshalBinary(buf []byte) error

type PFiletime

type PFiletime struct {
	LowDateTime  uint32
	HighDateTime uint32
}

type PRRPUnicodeStr2

type PRRPUnicodeStr2 struct {
	Length    uint16
	MaxLength uint16
	Buffer    []uint16
}

Temp until all are migrated to this new structure. Then rename it back to PRRPUnicodeStr

type RPCCon

type RPCCon struct {
	*dcerpc.ServiceBind
}

func NewRPCCon

func NewRPCCon(sb *dcerpc.ServiceBind) *RPCCon

func (*RPCCon) CloseKeyHandle

func (r *RPCCon) CloseKeyHandle(hKey []byte) (err error)

func (*RPCCon) EnumKey

func (r *RPCCon) EnumKey(hKey []byte, index uint32) (info *KeyInfo, err error)

Opnum 9

func (*RPCCon) EnumValue

func (r *RPCCon) EnumValue(hKey []byte, index uint32) (value *ValueInfo, err error)

Opnum 10

func (*RPCCon) GetKeySecurity

func (r *RPCCon) GetKeySecurity(hKey []byte) (sd *SecurityDescriptor, err error)

func (*RPCCon) GetSubKeyNames

func (r *RPCCon) GetSubKeyNames(hKey []byte, subkey string) (names []string, err error)

func (*RPCCon) GetValueNames

func (r *RPCCon) GetValueNames(hKey []byte) (names []string, err error)

func (*RPCCon) OpenBaseKey

func (r *RPCCon) OpenBaseKey(baseName byte) (handle []byte, err error)

func (*RPCCon) OpenSubKey

func (r *RPCCon) OpenSubKey(hKey []byte, subkey string) (handle []byte, err error)

func (*RPCCon) QueryKeyInfo

func (r *RPCCon) QueryKeyInfo(hKey []byte) (info *KeyInfo, err error)

func (*RPCCon) QueryValue

func (r *RPCCon) QueryValue(hKey []byte, name string) (result []byte, err error)

func (*RPCCon) QueryValueString

func (r *RPCCon) QueryValueString(hKey []byte, name string) (result string, err error)

func (*RPCCon) RegSaveKey

func (r *RPCCon) RegSaveKey(hKey []byte, filename string, owner string) (err error)

func (*RPCCon) SetKeySecurity

func (r *RPCCon) SetKeySecurity(hKey []byte, sd *SecurityDescriptor) (err error)

type RRPUnicodeStr3

type RRPUnicodeStr3 struct {
	Length    uint16
	MaxLength uint16
	Buffer    []uint16
}

Temp until all are migrated to this new structure. Then rename it back to RRPUnicodeStr The difference to PRRPUnicodeStr is that this one replaced empty keyNames with 4 null bytes, and PRRPUnicodeStr replaced a nil ptr with nothing.

type ReturnCode

type ReturnCode struct {
	// contains filtered or unexported fields
}

func (*ReturnCode) MarshalBinary

func (self *ReturnCode) MarshalBinary() ([]byte, error)

func (*ReturnCode) UnmarshalBinary

func (self *ReturnCode) UnmarshalBinary(buf []byte) error

type RpcSecurityAttributes

type RpcSecurityAttributes struct {
	Length             uint32
	SecurityDescriptor RpcSecurityDescriptor
	InheritHandle      byte
}

func (*RpcSecurityAttributes) MarshalBinary

func (self *RpcSecurityAttributes) MarshalBinary() ([]byte, error)

func (*RpcSecurityAttributes) UnmarshalBinary

func (self *RpcSecurityAttributes) UnmarshalBinary(buf []byte) error

type RpcSecurityDescriptor

type RpcSecurityDescriptor struct {
	SecurityDescriptor    SecurityDescriptor
	InSecurityDescriptor  uint32
	OutSecurityDescriptor uint32
}

type SID

type SID struct {
	Revision       byte
	NumAuth        byte
	Authority      []byte
	SubAuthorities []uint32
}

func (*SID) MarshalBinary

func (self *SID) MarshalBinary() ([]byte, error)

func (*SID) UnmarshalBinary

func (self *SID) UnmarshalBinary(buf []byte) error

type SecurityData

type SecurityData struct {
	Size            uint32
	Len             uint32
	KeySecurityData *SecurityDescriptor
}

type SecurityDescriptor

type SecurityDescriptor struct {
	Revision    uint16
	Control     uint16
	OffsetOwner uint32
	OffsetGroup uint32
	OffsetSacl  uint32 // From beginning of struct?
	OffsetDacl  uint32 // From beginning of struct?
	OwnerSid    *SID
	GroupSid    *SID
	Sacl        *PACL
	Dacl        *PACL
}

func NewSecurityDescriptor

func NewSecurityDescriptor(control uint16, owner, group *SID, dacl, sacl *PACL) (sd *SecurityDescriptor, err error)

func (*SecurityDescriptor) MarshalBinary

func (self *SecurityDescriptor) MarshalBinary() ([]byte, error)

func (*SecurityDescriptor) UnmarshalBinary

func (self *SecurityDescriptor) UnmarshalBinary(buf []byte) error

type ValueInfo

type ValueInfo struct {
	Name     []uint16
	Type     uint32
	ValueLen uint32
	Value    []byte
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL