scapy.contrib.dce_rpc¶
A basic dissector for DCE/RPC. Isn’t reliable for all packets and for building
-
class
scapy.contrib.dce_rpc.DceRpc¶ Bases:
scapy.packet.PacketDCE/RPC packet
-
aliastypes¶
-
fields_desc¶ DceRpc fields¶ version
4type
0flags1
FlagsField(8 bits)<Flag 0 ()>flags2
FlagsField(8 bits)<Flag 0 ()>endianness
BitEnumField(4 bits)0encoding
BitEnumField(4 bits)0float
0DataRepr_reserved
0serial_high
0object_uuid
Noneinterface_uuid
Noneactivity
Noneboot_time
0interface_version
1sequence_num
0opnum
0interface_hint
65535activity_hint
65535frag_len
Nonefrag_num
0auth
0serial_low
0
-
payload_guess¶ Possible sublayers:
DceRpcPayload
-
-
class
scapy.contrib.dce_rpc.DceRpcPayload¶ Bases:
scapy.packet.PacketDummy class which use the dispatch_hook to find the payload class
-
aliastypes¶
-
classmethod
dispatch_hook(_pkt, _underlayer=None, *args, **kargs)¶ dispatch_hook to choose among different registered payloads
-
classmethod
register_possible_payload(pay)¶ Method to call from possible DCE/RPC endpoint to register it as possible payload
-
-
class
scapy.contrib.dce_rpc.EndiannessField(fld, endianess_from)¶ Bases:
objectField which change the endianness of a sub-field
-
addfield(pkt, buf, val)¶ add the field with endianness to the buffer
-
endianess_from¶
-
fld¶
-
getfield(pkt, buf)¶ retrieve the field with endianness
-
set_endianess(pkt)¶ Add the endianness to the format
-
-
scapy.contrib.dce_rpc.dce_rpc_endianess(pkt)¶ Determine the right endianness sign for a given DCE/RPC packet