Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add GetKeySecurity and SetKeySecurity MS-RRP structures (DCERPC) #265

Merged
merged 2 commits into from
Apr 30, 2024
Merged

Add GetKeySecurity and SetKeySecurity MS-RRP structures (DCERPC) #265

merged 2 commits into from
Apr 30, 2024

Conversation

cdelafuente-r7
Copy link
Contributor

@cdelafuente-r7 cdelafuente-r7 commented Apr 2, 2024
edited
Loading

This adds two new operations to the [MS-RRP]: Windows Remote Registry Protocol DCERPC implementation.

This also includes a fix when passing an empty string to DCERPC requests, via RPC unicode strings or standard strings. This was causing NDR fault errors.
Now, it ensures at least one character (the string terminator) is counted. This follows the NDR protocol (see https://pubs.opengroup.org/onlinepubs/9629399/chap14.htm#tagcjh_19_03_04): the NDR String must contain at least one element, the terminator.

As a side note, it makes me wonder if the non-null-terminated NDR structures are relevant. NDR strings seems to always include the terminator. We might want to remove these structures and keep their null-terminated variant (same name but ending with z): NdrVarString, NdrVarWideString, NdrConfVarString and NdrConfVarWideString. Thta being said, it is too much changes for this PR and should be part of another PR.

Testing

This includes a new example script examples/registry_key_security_descriptor.rb and can be used to test (it is documented in the script itself).

@cdelafuente-r7 cdelafuente-r7 mentioned this pull request Apr 2, 2024
Merged
8 tasks
@smcintyre-r7 smcintyre-r7 self-assigned this Apr 2, 2024
@smcintyre-r7 smcintyre-r7 added the DCERPC DCERPC related label Apr 2, 2024
@cdelafuente-r7 cdelafuente-r7 force-pushed the feat/dcerpc/key_security branch from f10e7e8 to ba59d05 Compare April 19, 2024 13:03
@cdelafuente-r7 cdelafuente-r7 force-pushed the feat/dcerpc/key_security branch from ba59d05 to 9ba051e Compare April 19, 2024 13:09
@cdelafuente-r7 cdelafuente-r7 marked this pull request as ready for review April 19, 2024 13:23
smcintyre-r7
smcintyre-r7 requested changes Apr 19, 2024
View reviewed changes
lib/ruby_smb/dcerpc/winreg/query_value_response.rb Outdated Show resolved Hide resolved
lib/ruby_smb/dcerpc/winreg.rb Outdated Show resolved Hide resolved
@cdelafuente-r7 cdelafuente-r7 force-pushed the feat/dcerpc/key_security branch from ca72a8b to eba0250 Compare April 24, 2024 10:06
@smcintyre-r7 smcintyre-r7 merged commit 7339b0d into rapid7:master Apr 30, 2024
6 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@smcintyre-r7 smcintyre-r7 smcintyre-r7 approved these changes

Assignees

@smcintyre-r7 smcintyre-r7

Labels
DCERPC DCERPC related
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cdelafuente-r7 @smcintyre-r7