Class: PSRP::MessageDecoder

Inherits:
Message
  • Object
show all
Defined in:
lib/wsmv/psrp_message.rb

Constant Summary

Constants inherited from Message

PSRP::Message::BLOB_HEADER_LEN, PSRP::Message::BLOB_MAX_LEN, PSRP::Message::MESSAGE_TYPES

Instance Attribute Summary collapse

Instance Method Summary collapse

Methods inherited from Message

#uuid_to_windows_guid_bytes

Constructor Details

#initialize(raw_text) ⇒ MessageDecoder

Returns a new instance of MessageDecoder.


92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
 
# File 'lib/wsmv/psrp_message.rb', line 92

def initialize(raw_text)
  # Message ID - 8bytes
  # Fragment ID - 8bytes
  # reserved - 6bits
  # end fragment - 1bit
  # start fragment - 1bit
  # blob_length - 4bytes
  # destination - 4bytes
  # message_type - 4bytes
  # client runspace GUID - 16bytes
  # client PID GUID - 16bytes
  # BOM 3bytes
  # 
  # Data - blob_length - 43 bytes (40 blob bytes + BOM)
  unencoded = Base64.decode64(raw_text)
  fields = unencoded.unpack('Q>2CL>L<2h32h32C3A*')

  @message_id = fields[0]
  @fragment_id = fields[1]
  @fragment_flags = fields[2]
  @blob_length = fields[3]
  
  if is_start_fragment?
    @destination = fields[4]
    @message_type = fields[5]
    @client_runspace = fields[6]
    @client_pid = fields[7]
    @data = fields[11]
  else
    fields = unencoded.unpack('Q>2CL>A*')
    @destination = nil
    @message_type = nil
    @client_runspace = nil
    @client_pid = nil
    @data = fields[4]
  end
end

Instance Attribute Details

#blob_lengthObject (readonly)

Returns the value of attribute blob_length.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def blob_length
  @blob_length
end

#client_pidObject (readonly)

Returns the value of attribute client_pid.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def client_pid
  @client_pid
end

#client_runspaceObject (readonly)

Returns the value of attribute client_runspace.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def client_runspace
  @client_runspace
end

#dataObject (readonly)

Returns the value of attribute data.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def data
  @data
end

#destinationObject (readonly)

Returns the value of attribute destination.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def destination
  @destination
end

#fragment_flagsObject (readonly)

Returns the value of attribute fragment_flags.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def fragment_flags
  @fragment_flags
end

#fragment_idObject (readonly)

Returns the value of attribute fragment_id.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def fragment_id
  @fragment_id
end

#message_idObject (readonly)

Returns the value of attribute message_id.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def message_id
  @message_id
end

#message_typeObject (readonly)

Returns the value of attribute message_type.


90
91
92
 
# File 'lib/wsmv/psrp_message.rb', line 90

def message_type
  @message_type
end

Instance Method Details

#is_end_fragment?Boolean

Returns:

  • (Boolean) 

130
131
132
 
# File 'lib/wsmv/psrp_message.rb', line 130

def is_end_fragment?
  (@fragment_flags & 2) != 0
end

#is_start_fragment?Boolean

Returns:

  • (Boolean) 

134
135
136
 
# File 'lib/wsmv/psrp_message.rb', line 134

def is_start_fragment?
  (@fragment_flags & 1) != 0
end