From ea1e97dc745a41bd8c2c8feccdca194b789f43ab Mon Sep 17 00:00:00 2001
From: Ashley Donaldson <smashery@gmail.com>
Date: Thu, 14 Nov 2024 17:56:25 +1100
Subject: [PATCH] New files

---
 .../samr/samr_get_members_in_group_request.rb | 23 +++++++++++++
 .../samr_get_members_in_group_response.rb     | 34 +++++++++++++++++++
 .../dcerpc/samr/samr_open_group_request.rb    | 26 ++++++++++++++
 .../dcerpc/samr/samr_open_group_response.rb   | 24 +++++++++++++
 4 files changed, 107 insertions(+)
 create mode 100755 lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_request.rb
 create mode 100755 lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_response.rb
 create mode 100755 lib/ruby_smb/dcerpc/samr/samr_open_group_request.rb
 create mode 100755 lib/ruby_smb/dcerpc/samr/samr_open_group_response.rb

diff --git a/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_request.rb b/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_request.rb
new file mode 100755
index 00000000..319cd1f2
--- /dev/null
+++ b/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_request.rb
@@ -0,0 +1,23 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+
+      # [3.1.5.8.3 SamrGetMembersInGroup (Opnum 25)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/3ed5030d-88a3-42ca-a6e0-8c12aa2fdfbd)
+      class SamrGetMembersInGroupRequest < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        sampr_handle :group_handle
+
+        def initialize_instance
+          super
+          @opnum = SAMR_GET_MEMBERS_IN_GROUP
+        end
+      end
+
+    end
+  end
+end
+
+
diff --git a/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_response.rb b/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_response.rb
new file mode 100755
index 00000000..003517f5
--- /dev/null
+++ b/lib/ruby_smb/dcerpc/samr/samr_get_members_in_group_response.rb
@@ -0,0 +1,34 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+      # [2.2.7.14 SAMPR_GET_MEMBERS_BUFFER](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/225147b1-45b7-4fde-a5bf-bf420e18fa08)
+      class SamprGetMembersBuffer < Ndr::NdrStruct
+        default_parameter byte_align: 4
+
+        ndr_uint32            :member_count
+        ndr_uint32_conf_array_ptr  :members,    type: :ndr_uint32
+        ndr_uint32_conf_array_ptr  :attributes, type: :ndr_uint32 
+      end
+
+      class PsamprGetMembersBuffer < SamprGetMembersBuffer
+        extend Ndr::PointerClassPlugin
+      end
+
+      # [2.1.5.8.3 SamrGetMembersInGroup (Opnum 25)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/a4adbf20-040f-4416-a960-e5b7917fdae7)
+      class SamrGetMembersInGroupResponse < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        psampr_get_members_buffer :members
+        ndr_uint32               :error_status
+
+        def initialize_instance
+          super
+          @opnum = SAMR_GET_GROUPS_FOR_USER
+        end
+      end
+    end
+  end
+end
+
diff --git a/lib/ruby_smb/dcerpc/samr/samr_open_group_request.rb b/lib/ruby_smb/dcerpc/samr/samr_open_group_request.rb
new file mode 100755
index 00000000..cd2f8180
--- /dev/null
+++ b/lib/ruby_smb/dcerpc/samr/samr_open_group_request.rb
@@ -0,0 +1,26 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+
+      # [3.1.5.1.7 SamrOpenGroup (Opnum 19)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/d396e6c9-d04a-4729-b0d8-f50f2748f3c8)
+      class SamrOpenGroupRequest < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        sampr_handle :domain_handle
+        # Access control on a server object: bitwise OR of common ACCESS_MASK
+        # and user ACCESS_MASK values (see lib/ruby_smb/dcerpc/samr.rb)
+        ndr_uint32   :desired_access
+        ndr_uint32   :group_id
+
+        def initialize_instance
+          super
+          @opnum = SAMR_OPEN_GROUP
+        end
+      end
+
+    end
+  end
+end
+
diff --git a/lib/ruby_smb/dcerpc/samr/samr_open_group_response.rb b/lib/ruby_smb/dcerpc/samr/samr_open_group_response.rb
new file mode 100755
index 00000000..f2f673ed
--- /dev/null
+++ b/lib/ruby_smb/dcerpc/samr/samr_open_group_response.rb
@@ -0,0 +1,24 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+
+      # [3.1.5.1.7 SamrOpenGroup (Opnum 19)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/d396e6c9-d04a-4729-b0d8-f50f2748f3c8)
+      class SamrOpenGroupResponse < BinData::Record
+        attr_reader :opnum
+
+        endian :little
+
+        sampr_handle :group_handle
+        ndr_uint32   :error_status
+
+        def initialize_instance
+          super
+          @opnum = SAMR_OPEN_GROUP
+        end
+      end
+
+    end
+  end
+end
+
+