NAME

SMB::DCERPC - Minimal support for DCE/RPC protocol (over SMB)

SYNOPSIS

        use SMB::DCERPC;

        # in server

        # on Create request (file srvsvc)
        $openfile->{dcerpc} = SMB::DCERPC->new(name => 'srvsvc');

        # on Write request (when $openfile->{dcerpc} set)
        $status = $openfile->dcerpc->process_bind_request($request->buffer);

        # on Read request (when $openfile->{dcerpc} set)
        ($payload, $status) = $openfile->dcerpc->generate_bind_ack_response;

        # on Ioctl request (when $openfile->{dcerpc} set)
        $openfile->dcerpc->process_rpc_request($request->buffer);
        ($payload, $status) = $openfile->dcerpc->generate_rpc_response;


        # in client

        # when sending Create request (file srvsvc)
        $dcerpc = SMB::DCERPC->new(name => 'srvsvc');

        # before sending Write request
        ($payload, $status) = $dcerpc->generate_bind_request;

        # after sending Read request
        $dcerpc->process_bind_ack_response($response->buffer)
                if $response->status == SMB::STATUS_SUCCESS;

        # when sending Ioctl request
        ($payload, $status) = $dcerpc->generate_rpc_request('NetShareGetInfo', share_name => 'users');
        $dcerpc->process_rpc_response($response->buffer, $rethash);

ABSTRACT

DCE/RPC is Distributed Computing Environment / Remote Procedure Call. Used in particular in Windows environment to obtain server or workstation service information.

SMB may be used as transport for DCE/RPC.

In SMB2, special files srvsvc (for server service) and wkssvc (for workstation service) are used in special IPC trees to make the calls. The flow is usually like this:

        Create request (srvsvc)
        Create response
        Write request
                Bind
        Write response
        Read request
        Read response
                Bind_ack
        Ioctl request
                Operation NetShareGetInfo: input
        Ioctl response
                Operation NetShareGetInfo: output
        Close request
        Close response

DESCRIPTION

This class implement basic DCE/RPC protocol for SMB client and server.

This is implemented as a state machine. A client must call:

        generate_bind_request
        process_bind_ack_response

        generate_rpc_request
        process_rpc_response
        ...

or just:

        generate_packet
        process_packet
        ...

A server must call:

        process_bind_request
        generate_bind_ack_response

        process_rpc_request
        generate_rpc_response
        ...

or just:

        process_packet
        generate_packet
        ...

The state is at any moment one of:

        INITIAL
        BIND
        BIND_ACK
        REQUEST
        RESPONSE

This class inherits from SMB, so msg, err, mem, dump, auto-created field accessor and other methods are available as well.

METHODS

new

Class constructor. Creates an instance of SMB::DCERPC.

generate_bind_request

For client side. Returns DCERPC buffer for payload.

process_bind_request dcerpc_buffer

For server side.

generate_bind_ack_response

For server side. Returns DCERPC buffer for payload.

process_bind_ack_response dcerpc_buffer

For client side.

generate_rpc_request opnum params

For client side. Returns DCERPC buffer for payload.

process_rpc_request dcerpc_buffer

For server side.

generate_rpc_response [opnum params]

For server side. Returns DCERPC buffer for payload.

process_rpc_response dcerpc_buffer rethash

For client side.

generate_packet dcerpc_buffer [params]

This is a dispatcher (depending on the current state) to one of:

 generate_bind_request
 generate_bind_ack_response
 generate_rpc_request
 generate_rpc_response

process_packet [params]

This is a dispatcher (depending on the current state) to one of:

 process_bind_request
 process_bind_ack_request
 process_rpc_request
 process_rpc_response

INTERNAL METHODS

none: None

FUNCTIONS

No functions are exported, they may be called as SMB::DCERPC::FUNC_NAME.

none: None

AUTHOR

Mikhael Goikhman <migo@cpan.org>

To install SMB, copy and paste the appropriate command in to your terminal.

cpanm

cpanm SMB

CPAN shell

perl -MCPAN -e shell
install SMB

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)