mstypes

package
v5.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 5, 2018 License: Apache-2.0 Imports: 5 Imported by: 6

Documentation

Overview

Package mstypes implements representations of Microsoft types for PAC processing.

Index

Constants

View Source
const (
	CompressionFormatNone       = 0
	CompressionFormatLZNT1      = 2
	CompressionFormatXPress     = 3
	CompressionFormatXPressHuff = 4
)

Compression format assigned numbers.

View Source
const (
	SEGroupMandatory        = 31
	SEGroupEnabledByDefault = 30
	SEGroupEnabled          = 29
	SEGroupOwner            = 28
	SEGroupResource         = 2
)

Attributes of a security group membership and can be combined by using the bitwise OR operation. They are used by an access check mechanism to specify whether the membership is to be used in an access check decision.

Variables

This section is empty.

Functions

func SetFlag

func SetFlag(a *uint32, i uint)

SetFlag sets a flag in a uint32 attribute value.

Types

type ClaimsSetMetadata

type ClaimsSetMetadata struct {
	ULClaimsSetSize             uint32
	ClaimsSet                   []byte
	USCompressionFormat         uint32 // Enum see constants below for options
	ULUncompressedClaimsSetSize uint32
	USReservedType              uint16
	ULReservedFieldSize         uint32
	ReservedField               []byte
}

ClaimsSetMetadata implements https://msdn.microsoft.com/en-us/library/hh554073.aspx

func ReadClaimsSetMetadata

func ReadClaimsSetMetadata(b *[]byte, p *int, e *binary.ByteOrder) ClaimsSetMetadata

ReadClaimsSetMetadata reads a ClaimsSetMetadata from the bytes slice.

type CypherBlock

type CypherBlock struct {
	Data []byte // size = 8
}

CypherBlock implements https://msdn.microsoft.com/en-us/library/cc237040.aspx

type DomainGroupMembership

type DomainGroupMembership struct {
	DomainID   RPCSID
	GroupCount uint32
	GroupIDs   []GroupMembership // Size is value of GroupCount
}

DomainGroupMembership implements https://msdn.microsoft.com/en-us/library/hh536344.aspx DomainId: A SID structure that contains the SID for the domain.This member is used in conjunction with the GroupIds members to create group SIDs for the device. GroupCount: A 32-bit unsigned integer that contains the number of groups within the domain to which the account belongs. GroupIds: A pointer to a list of GROUP_MEMBERSHIP structures that contain the groups to which the account belongs in the domain. The number of groups in this list MUST be equal to GroupCount.

func ReadDomainGroupMembership

func ReadDomainGroupMembership(b *[]byte, p *int, e *binary.ByteOrder) (DomainGroupMembership, error)

ReadDomainGroupMembership reads a DomainGroupMembership from the bytes slice.

type FileTime

type FileTime struct {
	LowDateTime  uint32
	HighDateTime uint32
}

FileTime implements the Microsoft FILETIME type https://msdn.microsoft.com/en-us/library/cc230324.aspx

func GetFileTime

func GetFileTime(t time.Time) FileTime

GetFileTime returns a FileTime type from the provided Golang Time type.

func ReadFileTime

func ReadFileTime(b *[]byte, p *int, e *binary.ByteOrder) FileTime

ReadFileTime reads a FileTime from the bytes slice.

func (FileTime) MSEpoch

func (ft FileTime) MSEpoch() int64

MSEpoch returns the FileTime as a Microsoft epoch, the number of 100 nano second periods elapsed from January 1, 1601 UTC.

func (FileTime) Time

func (ft FileTime) Time() time.Time

Time return a golang Time type from the FileTime

func (FileTime) Unix

func (ft FileTime) Unix() int64

Unix returns the FileTime as a Unix time, the number of seconds elapsed since January 1, 1970 UTC.

type GroupMembership

type GroupMembership struct {
	RelativeID uint32
	Attributes uint32
}

GroupMembership implements https://msdn.microsoft.com/en-us/library/cc237945.aspx RelativeID : A 32-bit unsigned integer that contains the RID of a particular group. The possible values for the Attributes flags are identical to those specified in KERB_SID_AND_ATTRIBUTES

func ReadGroupMembership

func ReadGroupMembership(b *[]byte, p *int, e *binary.ByteOrder) GroupMembership

ReadGroupMembership reads a GroupMembership from the bytes slice.

type KerbSidAndAttributes

type KerbSidAndAttributes struct {
	SID        RPCSID // A pointer to an RPC_SID structure.
	Attributes uint32
}

KerbSidAndAttributes implements https://msdn.microsoft.com/en-us/library/cc237947.aspx

func ReadKerbSidAndAttributes

func ReadKerbSidAndAttributes(b *[]byte, p *int, e *binary.ByteOrder) (KerbSidAndAttributes, error)

ReadKerbSidAndAttributes reads a KerbSidAndAttribute from the bytes slice.

type RPCSID

type RPCSID struct {
	Revision            uint8                     // An 8-bit unsigned integer that specifies the revision level of the SID. This value MUST be set to 0x01.
	SubAuthorityCount   uint8                     // An 8-bit unsigned integer that specifies the number of elements in the SubAuthority array. The maximum number of elements allowed is 15.
	IdentifierAuthority RPCSIDIdentifierAuthority // An RPC_SID_IDENTIFIER_AUTHORITY structure that indicates the authority under which the SID was created. It describes the entity that created the SID. The Identifier Authority value {0,0,0,0,0,5} denotes SIDs created by the NT SID authority.
	SubAuthority        []uint32                  // A variable length array of unsigned 32-bit integers that uniquely identifies a principal relative to the IdentifierAuthority. Its length is determined by SubAuthorityCount.
}

RPCSID implements https://msdn.microsoft.com/en-us/library/cc230364.aspx

func ReadRPCSID

func ReadRPCSID(b *[]byte, p *int, e *binary.ByteOrder) (RPCSID, error)

ReadRPCSID reads a RPC_SID from the bytes slice.

func (*RPCSID) ToString

func (s *RPCSID) ToString() string

ToString returns the string representation of the RPC_SID.

type RPCSIDIdentifierAuthority

type RPCSIDIdentifierAuthority struct {
	Value []byte // 6 bytes
}

RPCSIDIdentifierAuthority implements https://msdn.microsoft.com/en-us/library/cc230372.aspx

func ReadRPCSIDIdentifierAuthority

func ReadRPCSIDIdentifierAuthority(b *[]byte, p *int, e *binary.ByteOrder) RPCSIDIdentifierAuthority

ReadRPCSIDIdentifierAuthority reads a RPC_SIDIdentifierAuthority from the bytes slice.

type RPCUnicodeString

type RPCUnicodeString struct {
	Length        uint16 // The length, in bytes, of the string pointed to by the Buffer member, not including the terminating null character if any. The length MUST be a multiple of 2. The length SHOULD equal the entire size of the Buffer, in which case there is no terminating null character. Any method that accesses this structure MUST use the Length specified instead of relying on the presence or absence of a null character.
	MaximumLength uint16 // The maximum size, in bytes, of the string pointed to by Buffer. The size MUST be a multiple of 2. If not, the size MUST be decremented by 1 prior to use. This value MUST not be less than Length.
	BufferPrt     uint32 // A pointer to a string buffer. If MaximumLength is greater than zero, the buffer MUST contain a non-null value.
	Value         string
}

RPCUnicodeString implements https://msdn.microsoft.com/en-us/library/cc230365.aspx

func ReadRPCUnicodeString

func ReadRPCUnicodeString(b *[]byte, p *int, e *binary.ByteOrder) (RPCUnicodeString, error)

ReadRPCUnicodeString reads a RPCUnicodeString from the bytes slice.

func (*RPCUnicodeString) UnmarshalString

func (s *RPCUnicodeString) UnmarshalString(b *[]byte, p *int, e *binary.ByteOrder) (err error)

UnmarshalString populates a golang string into the RPCUnicodeString struct.

type UserSessionKey

type UserSessionKey struct {
	Data []CypherBlock // size = 2
}

UserSessionKey implements https://msdn.microsoft.com/en-us/library/cc237080.aspx

func ReadUserSessionKey

func ReadUserSessionKey(b *[]byte, p *int, e *binary.ByteOrder) UserSessionKey

ReadUserSessionKey reads a UserSessionKey from the bytes slice.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL