| 911 | |
| 912 | |
| 913 | class NETLOGON(Packet): |
| 914 | @classmethod |
| 915 | def dispatch_hook(cls, _pkt=None, *args, **kargs): |
| 916 | if _pkt: |
| 917 | if _pkt[0] == 0x07: # LOGON_PRIMARY_QUERY |
| 918 | return NETLOGON_LOGON_QUERY |
| 919 | elif _pkt[0] == 0x12: # LOGON_SAM_LOGON_REQUEST |
| 920 | return NETLOGON_SAM_LOGON_REQUEST |
| 921 | elif _pkt[0] == 0x13: # LOGON_SAM_USER_RESPONSE |
| 922 | try: |
| 923 | i = _pkt.index(b"\xff\xff\xff\xff") |
| 924 | NtVersion = NETLOGON_SAM_LOGON_RESPONSE_NT40.fields_desc[ |
| 925 | -3 |
| 926 | ].getfield(None, _pkt[i - 4 : i])[1] |
| 927 | if NtVersion.V1 and not NtVersion.V5: |
| 928 | return NETLOGON_SAM_LOGON_RESPONSE_NT40 |
| 929 | except Exception: |
| 930 | pass |
| 931 | return NETLOGON_SAM_LOGON_RESPONSE |
| 932 | elif _pkt[0] == 0x15: # LOGON_SAM_USER_UNKNOWN |
| 933 | return NETLOGON_SAM_LOGON_RESPONSE |
| 934 | elif _pkt[0] == 0x17: # LOGON_SAM_LOGON_RESPONSE_EX |
| 935 | return NETLOGON_SAM_LOGON_RESPONSE_EX |
| 936 | elif _pkt[0] == 0x19: # LOGON_SAM_USER_UNKNOWN_EX |
| 937 | return NETLOGON_SAM_LOGON_RESPONSE |
| 938 | return cls |
| 939 | |
| 940 | |
| 941 | class NETLOGON_LOGON_QUERY(NETLOGON): |