scapy.layers.smb

SMB 1.0 (Server Message Block), also known as CIFS.

Note

You will find more complete documentation for this layer over at SMB

Specs:

[MS-CIFS] (base)
[MS-SMB] (extension of CIFS - SMB v1)

class scapy.layers.smb.BRWS(_pkt, /, *, OpCode=0)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.BRWS'>, <class 'scapy.packet.Packet'>]

default_payload_class(payload)[source]

classmethod dispatch_hook(_pkt=None, *args, **kargs)[source]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (BRWS,BRWS_HostAnnouncement,BRWS_BecomeBackup,BRWS_LocalMasterAnnouncement).OpCode>]

mysummary()[source]

classmethod register_variant()[source]

registered_opcodes = {0: <class 'scapy.layers.smb.BRWS'>, 1: <class 'scapy.layers.smb.BRWS_HostAnnouncement'>, 11: <class 'scapy.layers.smb.BRWS_BecomeBackup'>, 15: <class 'scapy.layers.smb.BRWS_LocalMasterAnnouncement'>}

class scapy.layers.smb.BRWS_BecomeBackup(_pkt, /, *, OpCode=11, BrowserToPromote=b'')[source]

Bases: BRWS

aliastypes = [<class 'scapy.layers.smb.BRWS_BecomeBackup'>, <class 'scapy.layers.smb.BRWS'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (BRWS,BRWS_HostAnnouncement,BRWS_BecomeBackup,BRWS_LocalMasterAnnouncement).OpCode>, <StrNullField (BRWS_BecomeBackup).BrowserToPromote>]

mysummary()[source]

class scapy.layers.smb.BRWS_HostAnnouncement(_pkt, /, *, OpCode=1, UpdateCount=0, Periodicity=128000, ServerName=b'', OSVersionMajor=6, OSVersionMinor=1, ServerType=<Flag 4611 (SV_TYPE_WORKSTATION+SV_TYPE_SERVER+SV_TYPE_PRINTQ_SERVER+SV_TYPE_NT)>, BrowserConfigVersionMajor=21, BrowserConfigVersionMinor=1, Signature=43605, Comment=b'')[source]

Bases: BRWS

aliastypes = [<class 'scapy.layers.smb.BRWS_HostAnnouncement'>, <class 'scapy.layers.smb.BRWS'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (BRWS,BRWS_HostAnnouncement,BRWS_BecomeBackup,BRWS_LocalMasterAnnouncement).OpCode>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).UpdateCount>, <LEIntField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Periodicity>, <StrFixedLenField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).ServerName>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).OSVersionMajor>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).OSVersionMinor>, <FlagsField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).ServerType>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).BrowserConfigVersionMajor>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).BrowserConfigVersionMinor>, <XLEShortField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Signature>, <StrNullField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Comment>]

mysummary()[source]

class scapy.layers.smb.BRWS_LocalMasterAnnouncement(_pkt, /, *, OpCode=15, UpdateCount=0, Periodicity=128000, ServerName=b'', OSVersionMajor=6, OSVersionMinor=1, ServerType=<Flag 4611 (SV_TYPE_WORKSTATION+SV_TYPE_SERVER+SV_TYPE_PRINTQ_SERVER+SV_TYPE_NT)>, BrowserConfigVersionMajor=21, BrowserConfigVersionMinor=1, Signature=43605, Comment=b'')[source]

Bases: BRWS_HostAnnouncement

aliastypes = [<class 'scapy.layers.smb.BRWS_LocalMasterAnnouncement'>, <class 'scapy.layers.smb.BRWS_HostAnnouncement'>, <class 'scapy.layers.smb.BRWS'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteEnumField (BRWS,BRWS_HostAnnouncement,BRWS_BecomeBackup,BRWS_LocalMasterAnnouncement).OpCode>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).UpdateCount>, <LEIntField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Periodicity>, <StrFixedLenField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).ServerName>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).OSVersionMajor>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).OSVersionMinor>, <FlagsField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).ServerType>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).BrowserConfigVersionMajor>, <ByteField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).BrowserConfigVersionMinor>, <XLEShortField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Signature>, <StrNullField (BRWS_HostAnnouncement,BRWS_LocalMasterAnnouncement).Comment>]

class scapy.layers.smb.DcSockAddr(_pkt, /, *, sin_family=2, sin_port=0, sin_addr=None, sin_zero=0)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.DcSockAddr'>, <class 'scapy.packet.Packet'>]

default_payload_class(payload)[source]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortField (DcSockAddr).sin_family>, <LEShortField (DcSockAddr).sin_port>, <IPField (DcSockAddr).sin_addr>, <LELongField (DcSockAddr).sin_zero>]

class scapy.layers.smb.NETLOGON(_pkt, /)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

classmethod dispatch_hook(_pkt=None, *args, **kargs)[source]

class scapy.layers.smb.NETLOGON_LOGON_QUERY(_pkt, /, *, OpCode=7, ComputerName=b'', MailslotName=b'', UnicodeComputerName=b'', NtVersion=<Flag 11 (V1+V5+V5EX_WITH_IP)>, LmNtToken=65535, Lm20Token=65535)[source]

Bases: NETLOGON

aliastypes = [<class 'scapy.layers.smb.NETLOGON_LOGON_QUERY'>, <class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortEnumField (NETLOGON_LOGON_QUERY).OpCode>, <StrNullField (NETLOGON_LOGON_QUERY).ComputerName>, <StrNullField (NETLOGON_LOGON_QUERY).MailslotName>, <scapy.fields.ReversePadField object>, <FlagsField (NETLOGON_LOGON_QUERY).NtVersion>, <XLEShortField (NETLOGON_LOGON_QUERY).LmNtToken>, <XLEShortField (NETLOGON_LOGON_QUERY).Lm20Token>]

class scapy.layers.smb.NETLOGON_SAM_LOGON_REQUEST(_pkt, /, *, OpCode=18, RequestCount=0, UnicodeComputerName=b'', UnicodeUserName=b'', MailslotName=b'\\MAILSLOT\\NET\\GETDC701253F9', AllowableAccountControlBits=0, DomainSidSize=None, DomainSid=b'', NtVersion=<Flag 11 (V1+V5+V5EX_WITH_IP)>, LmNtToken=65535, Lm20Token=65535)[source]

Bases: NETLOGON

aliastypes = [<class 'scapy.layers.smb.NETLOGON_SAM_LOGON_REQUEST'>, <class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortEnumField (NETLOGON_SAM_LOGON_REQUEST).OpCode>, <LEShortField (NETLOGON_SAM_LOGON_REQUEST).RequestCount>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_REQUEST).UnicodeComputerName>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_REQUEST).UnicodeUserName>, <StrNullField (NETLOGON_SAM_LOGON_REQUEST).MailslotName>, <LEIntField (NETLOGON_SAM_LOGON_REQUEST).AllowableAccountControlBits>, <FieldLenField (NETLOGON_SAM_LOGON_REQUEST).DomainSidSize>, <XStrLenField (NETLOGON_SAM_LOGON_REQUEST).DomainSid>, <FlagsField (NETLOGON_SAM_LOGON_REQUEST).NtVersion>, <XLEShortField (NETLOGON_SAM_LOGON_REQUEST).LmNtToken>, <XLEShortField (NETLOGON_SAM_LOGON_REQUEST).Lm20Token>]

class scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE(_pkt, /, *, OpCode=23, UnicodeLogonServer=b'', UnicodeUserName=b'', UnicodeDomainName=b'', DomainGuid=None, NullGuid=None, DnsForestName=b'.', DnsDomainName=b'.', DnsHostName=b'.', DcIpAddress='0.0.0.0', Flags=<Flag 0 ()>, NtVersion=<Flag 1 (V1)>, LmNtToken=65535, Lm20Token=65535)[source]

Bases: NETLOGON, DNSCompressedPacket

aliastypes = [<class 'scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE'>, <class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortEnumField (NETLOGON_SAM_LOGON_RESPONSE).OpCode>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE).UnicodeLogonServer>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE).UnicodeUserName>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE).UnicodeDomainName>, <UUIDField (NETLOGON_SAM_LOGON_RESPONSE).DomainGuid>, <UUIDField (NETLOGON_SAM_LOGON_RESPONSE).NullGuid>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE).DnsForestName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE).DnsDomainName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE).DnsHostName>, <IPField (NETLOGON_SAM_LOGON_RESPONSE).DcIpAddress>, <FlagsField (NETLOGON_SAM_LOGON_RESPONSE).Flags>, <FlagsField (NETLOGON_SAM_LOGON_RESPONSE).NtVersion>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE).LmNtToken>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE).Lm20Token>]

get_full()[source]

class scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE_EX(_pkt, /, *, OpCode=23, Sbz=0, Flags=<Flag 0 ()>, DomainGuid=None, DnsForestName=b'.', DnsDomainName=b'.', DnsHostName=b'.', NetbiosDomainName=b'.', NetbiosComputerName=b'.', UserName=b'.', DcSiteName=b'Default-First-Site-Name.', ClientSiteName=b'Default-First-Site-Name.', DcSockAddrSize=16, DcSockAddr=<DcSockAddr |>, NextClosestSiteName=b'.', NtVersion=<Flag 11 (V1+V5+V5EX_WITH_IP)>, LmNtToken=65535, Lm20Token=65535)[source]

Bases: NETLOGON, DNSCompressedPacket

aliastypes = [<class 'scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE_EX'>, <class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortEnumField (NETLOGON_SAM_LOGON_RESPONSE_EX).OpCode>, <LEShortField (NETLOGON_SAM_LOGON_RESPONSE_EX).Sbz>, <FlagsField (NETLOGON_SAM_LOGON_RESPONSE_EX).Flags>, <UUIDField (NETLOGON_SAM_LOGON_RESPONSE_EX).DomainGuid>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).DnsForestName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).DnsDomainName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).DnsHostName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).NetbiosDomainName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).NetbiosComputerName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).UserName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).DcSiteName>, <DNSStrField (NETLOGON_SAM_LOGON_RESPONSE_EX).ClientSiteName>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <scapy.fields.ConditionalField object>, <FlagsField (NETLOGON_SAM_LOGON_RESPONSE_EX).NtVersion>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE_EX).LmNtToken>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE_EX).Lm20Token>]

get_full()[source]

pre_dissect(s)[source]

class scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE_NT40(_pkt, /, *, OpCode=19, UnicodeLogonServer=b'', UnicodeUserName=b'', UnicodeDomainName=b'', NtVersion=<Flag 1 (V1)>, LmNtToken=65535, Lm20Token=65535)[source]

Bases: NETLOGON

aliastypes = [<class 'scapy.layers.smb.NETLOGON_SAM_LOGON_RESPONSE_NT40'>, <class 'scapy.layers.smb.NETLOGON'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<LEShortEnumField (NETLOGON_SAM_LOGON_RESPONSE_NT40).OpCode>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE_NT40).UnicodeLogonServer>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE_NT40).UnicodeUserName>, <StrNullFieldUtf16 (NETLOGON_SAM_LOGON_RESPONSE_NT40).UnicodeDomainName>, <FlagsField (NETLOGON_SAM_LOGON_RESPONSE_NT40).NtVersion>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE_NT40).LmNtToken>, <XLEShortField (NETLOGON_SAM_LOGON_RESPONSE_NT40).Lm20Token>]

class scapy.layers.smb.SMBMailslot_Write(_pkt, /, *, WordCount=17, TotalParamCount=None, TotalDataCount=None, MaxParamCount=0, MaxDataCount=0, MaxSetupCount=0, Reserved1=0, Flags=<Flag 0 ()>, Timeout=1000, Reserved2=0, ParameterLen=None, ParameterBufferOffset=None, DataLen=None, DataBufferOffset=None, SetupCount=3, Reserved3=0, Setup=[1, 1, 2], ByteCount=None, Name=b'\\MAILSLOT\\NET\\NETLOGON', Buffer=[])[source]

Bases: SMBTransaction_Request

aliastypes = [<class 'scapy.layers.smb.SMBMailslot_Write'>, <class 'scapy.layers.smb.SMBTransaction_Request'>, <class 'scapy.layers.ntlm._NTLMPayloadPacket'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<FieldLenField (SMBTransaction_Request,SMBMailslot_Write).WordCount>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).TotalParamCount>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).TotalDataCount>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).MaxParamCount>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).MaxDataCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).MaxSetupCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).Reserved1>, <FlagsField (SMBTransaction_Request,SMBMailslot_Write).Flags>, <LEIntField (SMBTransaction_Request,SMBMailslot_Write).Timeout>, <ShortField (SMBTransaction_Request,SMBMailslot_Write).Reserved2>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).ParameterLen>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).ParameterBufferOffset>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).DataLen>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).DataBufferOffset>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).SetupCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).Reserved3>, <FieldListField (SMBTransaction_Request,SMBMailslot_Write).Setup>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).ByteCount>, <StrNullField (SMBTransaction_Request,SMBMailslot_Write).Name>, <_NTLMPayloadField (SMBTransaction_Request,SMBMailslot_Write).Buffer>]

class scapy.layers.smb.SMBNegotiate_Request(_pkt, /, *, WordCount=0, ByteCount=None, Dialects=[<SMB_Dialect |>])[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBNegotiate_Request'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBNegotiate_Request).WordCount>, <LEFieldLenField (SMBNegotiate_Request).ByteCount>, <PacketListField (SMBNegotiate_Request).Dialects>]

class scapy.layers.smb.SMBNegotiate_Response_Extended_Security(_pkt, /, *, WordCount=17, DialectIndex=7, SecurityMode=<Flag 3 (USER_SECURITY+ENCRYPT_PASSWORDS)>, MaxMpxCount=50, MaxNumberVC=1, MaxBufferSize=16144, MaxRawSize=65536, SessionKey=0, ServerCapabilities=<Flag 62457 (RAW_MODE+LARGE_FILES+NT_SMBS+RPC_REMOTE_APIS+STATUS32+LEVEL_II_OPLOCKS+LOCK_AND_READ+NT_FIND+DFS+INFOLEVEL_PASSTHRU+LARGE_READX+LARGE_WRITEX)>, ServerTime=None, ServerTimeZone=60, ChallengeLength=None, ByteCount=None, Challenge=b'', GUID=None, SecurityBlob=None)[source]

Bases: _SMBNegotiate_Response

aliastypes = [<class 'scapy.layers.smb.SMBNegotiate_Response_Extended_Security'>, <class 'scapy.layers.smb._SMBNegotiate_Response'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).WordCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).DialectIndex>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SecurityMode>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxMpxCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxNumberVC>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxBufferSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxRawSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SessionKey>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerCapabilities>, <UTCTimeField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTime>, <ScalingField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTimeZone>, <FieldLenField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ChallengeLength>, <LEFieldLenField (SMBNegotiate_Response_Extended_Security).ByteCount>, <XStrLenField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security).Challenge>, <UUIDField (SMBNegotiate_Response_Extended_Security).GUID>, <PacketLenField (SMBNegotiate_Response_Extended_Security).SecurityBlob>]

class scapy.layers.smb.SMBNegotiate_Response_NoSecurity(_pkt, /, *, WordCount=1, DialectIndex=7, SecurityMode=<Flag 3 (USER_SECURITY+ENCRYPT_PASSWORDS)>, MaxMpxCount=50, MaxNumberVC=1, MaxBufferSize=16144, MaxRawSize=65536, SessionKey=0, ServerCapabilities=<Flag 62457 (RAW_MODE+LARGE_FILES+NT_SMBS+RPC_REMOTE_APIS+STATUS32+LEVEL_II_OPLOCKS+LOCK_AND_READ+NT_FIND+DFS+INFOLEVEL_PASSTHRU+LARGE_READX+LARGE_WRITEX)>, ServerTime=None, ServerTimeZone=60, ChallengeLength=None, ByteCount=None, Challenge=b'', DomainName=b'WORKGROUP')[source]

Bases: _SMBNegotiate_Response

aliastypes = [<class 'scapy.layers.smb.SMBNegotiate_Response_NoSecurity'>, <class 'scapy.layers.smb._SMBNegotiate_Response'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).WordCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).DialectIndex>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SecurityMode>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxMpxCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxNumberVC>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxBufferSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxRawSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SessionKey>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerCapabilities>, <UTCTimeField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTime>, <ScalingField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTimeZone>, <FieldLenField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ChallengeLength>, <LEFieldLenField (SMBNegotiate_Response_NoSecurity).ByteCount>, <XStrLenField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security).Challenge>, <StrNullField (SMBNegotiate_Response_NoSecurity).DomainName>]

class scapy.layers.smb.SMBNegotiate_Response_Security(_pkt, /, *, WordCount=17, DialectIndex=7, SecurityMode=<Flag 3 (USER_SECURITY+ENCRYPT_PASSWORDS)>, MaxMpxCount=50, MaxNumberVC=1, MaxBufferSize=16144, MaxRawSize=65536, SessionKey=0, ServerCapabilities=<Flag 62457 (RAW_MODE+LARGE_FILES+NT_SMBS+RPC_REMOTE_APIS+STATUS32+LEVEL_II_OPLOCKS+LOCK_AND_READ+NT_FIND+DFS+INFOLEVEL_PASSTHRU+LARGE_READX+LARGE_WRITEX)>, ServerTime=None, ServerTimeZone=60, ChallengeLength=None, ByteCount=None, Challenge=b'', DomainName=None, ServerName=None)[source]

Bases: _SMBNegotiate_Response

aliastypes = [<class 'scapy.layers.smb.SMBNegotiate_Response_Security'>, <class 'scapy.layers.smb._SMBNegotiate_Response'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).WordCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).DialectIndex>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SecurityMode>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxMpxCount>, <LEShortField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxNumberVC>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxBufferSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).MaxRawSize>, <LEIntField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).SessionKey>, <FlagsField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerCapabilities>, <UTCTimeField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTime>, <ScalingField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ServerTimeZone>, <FieldLenField (SMBNegotiate_Response_NoSecurity,SMBNegotiate_Response_Extended_Security,SMBNegotiate_Response_Security).ChallengeLength>, <LEFieldLenField (SMBNegotiate_Response_Security).ByteCount>, <XStrLenField (SMBNegotiate_Response_Security).Challenge>, <scapy.fields.MultipleTypeField object>, <scapy.fields.MultipleTypeField object>]

class scapy.layers.smb.SMBSession_Null(_pkt, /, *, WordCount=0, ByteCount=0)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBSession_Null'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Null).WordCount>, <LEShortField (SMBSession_Null).ByteCount>]

class scapy.layers.smb.SMBSession_Setup_AndX_Request(_pkt, /, *, WordCount=13, AndXCommand=255, AndXReserved=0, AndXOffset=None, MaxBufferSize=16144, MaxMPXCount=50, VCNumber=0, SessionKey=0, OEMPasswordLength=None, UnicodePasswordLength=None, Reserved=0, ServerCapabilities=<Flag 5 (RAW_MODE+UNICODE)>, ByteCount=None, OEMPassword=b'Pass', UnicodePassword=b'Pass', AccountName=None, PrimaryDomain=None, NativeOS=None, NativeLanMan=None)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBSession_Setup_AndX_Request'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).WordCount>, <ByteEnumField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXCommand>, <ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXReserved>, <LEShortField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXOffset>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).MaxBufferSize>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).MaxMPXCount>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).VCNumber>, <LEIntField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).SessionKey>, <LEFieldLenField (SMBSession_Setup_AndX_Request).OEMPasswordLength>, <LEFieldLenField (SMBSession_Setup_AndX_Request).UnicodePasswordLength>, <LEIntField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).Reserved>, <FlagsField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).ServerCapabilities>, <LEShortField (SMBSession_Setup_AndX_Request).ByteCount>, <XStrLenField (SMBSession_Setup_AndX_Request).OEMPassword>, <XStrLenField (SMBSession_Setup_AndX_Request).UnicodePassword>, <scapy.fields.ReversePadField object>, <scapy.fields.MultipleTypeField object>, <scapy.fields.MultipleTypeField object>, <scapy.fields.MultipleTypeField object>]

payload_guess: List[Tuple[Dict[str, Any], Type[Packet]]] = [({'AndXCommand': 117}, <class 'scapy.layers.smb.SMBTree_Connect_AndX'>)]

post_build(pkt, pay)[source]

class scapy.layers.smb.SMBSession_Setup_AndX_Request_Extended_Security(_pkt, /, *, WordCount=12, AndXCommand=255, AndXReserved=0, AndXOffset=None, MaxBufferSize=16144, MaxMPXCount=50, VCNumber=0, SessionKey=0, SecurityBlobLength=None, Reserved=0, ServerCapabilities=<Flag 5 (RAW_MODE+UNICODE)>, ByteCount=None, SecurityBlob=None, NativeOS=None, NativeLanMan=None)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBSession_Setup_AndX_Request_Extended_Security'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).WordCount>, <ByteEnumField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXCommand>, <ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXReserved>, <LEShortField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXOffset>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).MaxBufferSize>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).MaxMPXCount>, <LEShortField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).VCNumber>, <LEIntField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).SessionKey>, <LEFieldLenField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).SecurityBlobLength>, <LEIntField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).Reserved>, <FlagsField (SMBSession_Setup_AndX_Request,SMBSession_Setup_AndX_Request_Extended_Security).ServerCapabilities>, <LEShortField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).ByteCount>, <PacketLenField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).SecurityBlob>, <scapy.fields.ReversePadField object>, <scapy.fields.MultipleTypeField object>]

post_build(pkt, pay)[source]

class scapy.layers.smb.SMBSession_Setup_AndX_Response(_pkt, /, *, WordCount=3, AndXCommand=255, AndXReserved=0, AndXOffset=None, Action=<Flag 0 ()>, ByteCount=25, NativeOS=None, NativeLanMan=None, PrimaryDomain=None, WordCount2=3, AndXCommand2=255, Reserved3=0, AndXOffset2=80, OptionalSupport=1, ByteCount2=5, Service=b'IPC', NativeFileSystem=b'')[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBSession_Setup_AndX_Response'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).WordCount>, <ByteEnumField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXCommand>, <ByteField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXReserved>, <LEShortField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXOffset>, <FlagsField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).Action>, <LEShortField (SMBSession_Setup_AndX_Response).ByteCount>, <scapy.fields.MultipleTypeField object>, <scapy.fields.MultipleTypeField object>, <scapy.fields.MultipleTypeField object>, <ByteField (SMBSession_Setup_AndX_Response).WordCount2>, <ByteEnumField (SMBSession_Setup_AndX_Response).AndXCommand2>, <ByteField (SMBSession_Setup_AndX_Response).Reserved3>, <LEShortField (SMBSession_Setup_AndX_Response).AndXOffset2>, <LEShortField (SMBSession_Setup_AndX_Response).OptionalSupport>, <LEShortField (SMBSession_Setup_AndX_Response).ByteCount2>, <StrNullField (SMBSession_Setup_AndX_Response).Service>, <StrNullField (SMBSession_Setup_AndX_Response).NativeFileSystem>]

post_build(pkt, pay)[source]

class scapy.layers.smb.SMBSession_Setup_AndX_Response_Extended_Security(_pkt, /, *, WordCount=4, AndXCommand=255, AndXReserved=0, AndXOffset=None, Action=<Flag 0 ()>, SecurityBlobLength=None, ByteCount=None, SecurityBlob=None, NativeOS=None, NativeLanMan=None)[source]

Bases: SMBSession_Setup_AndX_Response

aliastypes = [<class 'scapy.layers.smb.SMBSession_Setup_AndX_Response_Extended_Security'>, <class 'scapy.layers.smb.SMBSession_Setup_AndX_Response'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).WordCount>, <ByteEnumField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXCommand>, <ByteField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXReserved>, <LEShortField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).AndXOffset>, <FlagsField (SMBSession_Setup_AndX_Response,SMBSession_Setup_AndX_Response_Extended_Security).Action>, <LEFieldLenField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).SecurityBlobLength>, <LEShortField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).ByteCount>, <PacketLenField (SMBSession_Setup_AndX_Request_Extended_Security,SMBSession_Setup_AndX_Response_Extended_Security).SecurityBlob>, <scapy.fields.ReversePadField object>, <scapy.fields.MultipleTypeField object>]

post_build(pkt, pay)[source]

class scapy.layers.smb.SMBTransaction_Request(_pkt, /, *, WordCount=None, TotalParamCount=None, TotalDataCount=None, MaxParamCount=0, MaxDataCount=0, MaxSetupCount=0, Reserved1=0, Flags=<Flag 0 ()>, Timeout=1000, Reserved2=0, ParameterLen=None, ParameterBufferOffset=None, DataLen=None, DataBufferOffset=None, SetupCount=3, Reserved3=0, Setup=[1, 1, 2], ByteCount=None, Name=b'\\MAILSLOT\\NET\\NETLOGON', Buffer=[])[source]

Bases: _NTLMPayloadPacket

aliastypes = [<class 'scapy.layers.smb.SMBTransaction_Request'>, <class 'scapy.layers.ntlm._NTLMPayloadPacket'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<FieldLenField (SMBTransaction_Request,SMBMailslot_Write).WordCount>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).TotalParamCount>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).TotalDataCount>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).MaxParamCount>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).MaxDataCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).MaxSetupCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).Reserved1>, <FlagsField (SMBTransaction_Request,SMBMailslot_Write).Flags>, <LEIntField (SMBTransaction_Request,SMBMailslot_Write).Timeout>, <ShortField (SMBTransaction_Request,SMBMailslot_Write).Reserved2>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).ParameterLen>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).ParameterBufferOffset>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).DataLen>, <LEShortField (SMBTransaction_Request,SMBMailslot_Write).DataBufferOffset>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).SetupCount>, <ByteField (SMBTransaction_Request,SMBMailslot_Write).Reserved3>, <FieldListField (SMBTransaction_Request,SMBMailslot_Write).Setup>, <FieldLenField (SMBTransaction_Request,SMBMailslot_Write).ByteCount>, <StrNullField (SMBTransaction_Request,SMBMailslot_Write).Name>, <_NTLMPayloadField (SMBTransaction_Request,SMBMailslot_Write).Buffer>]

mysummary()[source]

post_build(pkt: bytes, pay: bytes) → bytes[source]

class scapy.layers.smb.SMBTransaction_Response(_pkt, /, *, WordCount=None, TotalParamCount=None, TotalDataCount=None, Reserved1=None, ParameterLen=None, ParameterBufferOffset=None, ParameterDisplacement=0, DataLen=None, DataBufferOffset=None, DataDisplacement=0, SetupCount=3, Reserved2=0, Setup=[1, 1, 2], ByteCount=None, Buffer=[])[source]

Bases: _NTLMPayloadPacket

aliastypes = [<class 'scapy.layers.smb.SMBTransaction_Response'>, <class 'scapy.layers.ntlm._NTLMPayloadPacket'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<FieldLenField (SMBTransaction_Response).WordCount>, <FieldLenField (SMBTransaction_Response).TotalParamCount>, <FieldLenField (SMBTransaction_Response).TotalDataCount>, <LEShortField (SMBTransaction_Response).Reserved1>, <LEShortField (SMBTransaction_Response).ParameterLen>, <LEShortField (SMBTransaction_Response).ParameterBufferOffset>, <LEShortField (SMBTransaction_Response).ParameterDisplacement>, <LEShortField (SMBTransaction_Response).DataLen>, <LEShortField (SMBTransaction_Response).DataBufferOffset>, <LEShortField (SMBTransaction_Response).DataDisplacement>, <FieldLenField (SMBTransaction_Response).SetupCount>, <ByteField (SMBTransaction_Response).Reserved2>, <FieldListField (SMBTransaction_Response).Setup>, <FieldLenField (SMBTransaction_Response).ByteCount>, <_NTLMPayloadField (SMBTransaction_Response).Buffer>]

post_build(pkt: bytes, pay: bytes) → bytes[source]

class scapy.layers.smb.SMBTree_Connect_AndX(_pkt, /, *, WordCount=4, AndXCommand=255, AndXReserved=0, AndXOffset=None, Flags=<Flag 0 ()>, PasswordLength=None, ByteCount=None, Password=b'', Path=None, Service=b'?????')[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMBTree_Connect_AndX'>, <class 'scapy.packet.Packet'>]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).WordCount>, <ByteEnumField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXCommand>, <ByteField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXReserved>, <LEShortField (SMBSession_Setup_AndX_Request,SMBTree_Connect_AndX,SMBSession_Setup_AndX_Request_Extended_Security).AndXOffset>, <FlagsField (SMBTree_Connect_AndX).Flags>, <FieldLenField (SMBTree_Connect_AndX).PasswordLength>, <LEShortField (SMBTree_Connect_AndX).ByteCount>, <XStrLenField (SMBTree_Connect_AndX).Password>, <scapy.fields.ReversePadField object>, <StrNullField (SMBTree_Connect_AndX).Service>]

post_build(pkt, pay)[source]

class scapy.layers.smb.SMB_Dialect(_pkt, /, *, BufferFormat=2, DialectString=b'NT LM 0.12')[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMB_Dialect'>, <class 'scapy.packet.Packet'>]

default_payload_class(payload)[source]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<ByteField (SMB_Dialect).BufferFormat>, <StrNullField (SMB_Dialect).DialectString>]

class scapy.layers.smb.SMB_Header(_pkt, /, *, Start=b'\xffSMB', Command=114, Status=0, Flags=<Flag 24 (CASE_INSENSITIVE+CANONICALIZED_PATHS)>, Flags2=<Flag 0 ()>, PIDHigh=0, SecuritySignature=b'', Reserved=0, TID=0, PIDLow=0, UID=0, MID=0)[source]

Bases: Packet

aliastypes = [<class 'scapy.layers.smb.SMB_Header'>, <class 'scapy.packet.Packet'>]

answers(pkt)[source]

fields_desc: ClassVar[List[Field[Any, Any] | _FieldContainer]] = [<StrFixedLenField (SMB_Header).Start>, <ByteEnumField (SMB_Header).Command>, <LEIntEnumField (SMB_Header).Status>, <FlagsField (SMB_Header).Flags>, <FlagsField (SMB_Header).Flags2>, <LEShortField (SMB_Header).PIDHigh>, <StrFixedLenField (SMB_Header).SecuritySignature>, <LEShortField (SMB_Header).Reserved>, <LEShortField (SMB_Header).TID>, <LEShortField (SMB_Header).PIDLow>, <LEShortField (SMB_Header).UID>, <LEShortField (SMB_Header).MID>]

guess_payload_class(payload: bytes) → Packet[source]

payload_guess: List[Tuple[Dict[str, Any], Type[Packet]]] = [({'Command': 114}, <class 'scapy.layers.smb.SMBNegotiate_Request'>), ({'Command': 117}, <class 'scapy.layers.smb.SMBTree_Connect_AndX'>)]