# README
MS-RPC IDL Parser/Codegen for Go / MS-RPC/DCOM Client
The IDL parser for the Microsoft Extension of the C706: DCE/RPC 1.1.
The client stub generator for many MSRPC / DCOM services including (but not limited to - see complete list below) Netlogon, Windows Registry, Eventlog, DCOM (OXID resolver), WMI (query and method exec) support.
Usage
See examples and dcerpc package documentation.
Examples rely on following environment variables:
| Name | Description | Example |
|---|---|---|
| USERNAME | The Domain\Username | "MSAD2.COM\User" |
| PASSWORD | The password | "password" |
| PASSWORD_MD4 | The password hash (use go run examples/helpers/nt_hash.go -d $PASSWORD to generate the hash) | "f077ca4b7d73486a45e75dcdd74cd5bd" |
| WORKSTATION | The workstation name | "Ubuntu" |
| SERVER | The server FQDN or IP | "192.168.0.22" |
| SERVER_NAME | The server NetBIOS name | "WIN2019" |
| SERVER_HOST | The server FQDN | "my-server.win2019.com" |
| SAM_USERNAME | The machine account name (see examples/netlogon_sec_channel.go) | "COMPUTER$" |
| SAM_PASSWORD | The machine account password (see examples/netlogon_sec_channel.go) | "password" |
| SAM_WORKSTATION | The machine account workstation name | "COMPUTER" |
| TARGET | The target name (SPN) for kerberos. | "host/my-server.win2019.com" |
| KRB5_CONFIG | The kerberos config path. | "/path/to/krb5.conf" |
For codegeneration, run make all to regenerate all sources, or make nrpc.go.
Features
Connection-oriented DCE/RPC v5 client implementation
The library implements the CO RPC v5 (dcerpc package) with following features:
-
Connection Multiplexing: multiple clients over single connection
-
Multiple Connection per Association Group: ability to use context handles from one connection on another, flexibility in arranging the clients-per-connection-per-association
-
Verification Trailer: ability to add verification trailer to the request payload
-
Kerberos, Netlogon, NTLM, SPNEGO Authentication
-
Endpoint mapper / string binding support
-
DCOM basic support
-
Eventlog BinXML parser
-
WMIO object unmarshaler / marshaler.
MS-RPCE Extensions
The library implements some of the extensions defined in MS-RPCE document:
-
Security Context Multiplexing: ability to create multiple security contexts over the same logical connection.
-
Bind-time Feature Negotiation: (actually not a feature).
-
Header Signing: (legacy thing,
GSS-API / SSP Client Side
The library contains the GSS-API interface definitions. (ssp/gssapi)
The library contains the ssp package which has an implementation for the
various security service providers, like Kerberos, NTLM, Netlogon (Secure Channel),
SPNEGO.
-
GSSAPI interface implementation including Ex-methods defined in Microsoft documentation
-
Kerberos:
-
Supported Enc Types: RC4-HMAC, AES128-CTS-HMAC-SHA1, AES256-CTS-HMAC-SHA1
-
DCE and non-DCE APReq/APRep style
-
-
NTLM
- Supported Versions: NTLMv1, NTLMv2
-
Netlogon:
- Supported Encryption Types: RC4-HMAC, AES-SHA2
-
SPNEGO:
-
Supported Mech List MIC
-
Supported NegTokenInit2
-
Generated Stubs
| Code | Description | Package |
|---|---|---|
| MS-ADTS | Active Directory Technical Specification: Claims | github.com/oiweiwei/go-msrpc/msrpc/adts |
| MS-EVEN6-BINXML | BinXml encodes an XML document so that the original XML text can be correctly reproduced from the encoding. | github.com/oiweiwei/msrpc/binxml |
| MS-BKRP | BackupKey Remote Protocol | github.com/oiweiwei/msrpc/bkrp |
| MS-BPAU | Background Intelligent Transfer Service (BITS) Peer-Caching: Peer Authentication Protocol | github.com/oiweiwei/msrpc/bpau |
| MS-BRWSA | Common Internet File System (CIFS) Browser Auxiliary Protocol | github.com/oiweiwei/msrpc/brwsa |
| MS-CAPR | Central Access Policy Identifier (ID) Retrieval Protocol | github.com/oiweiwei/msrpc/capr |
| MS-CMPO | MSDTC Connection Manager: OleTx Transports Protocol | github.com/oiweiwei/msrpc/cmpo |
| MS-CMRP | Failover Cluster: Management API (ClusAPI) Protocol | github.com/oiweiwei/msrpc/cmrp |
| MS-DFSNM | Distributed File System (DFS): Namespace Management Protocol | github.com/oiweiwei/msrpc/dfsnm |
| MS-DHCPM | Microsoft Dynamic Host Configuration Protocol (DHCP) Server Management Protocol | github.com/oiweiwei/msrpc/dhcpm |
| MS-DLTM | Distributed Link Tracking: Central Manager Protocol | github.com/oiweiwei/msrpc/dltm |
| MS-DLTW | Distributed Link Tracking: Workstation Protocol | github.com/oiweiwei/msrpc/dltw |
| MS-DNSP | Domain Name Service (DNS) Server Management ProtocolDomain Name Service (DNS) Server Management Protocol | github.com/oiweiwei/msrpc/dnsp |
| MS-DRSR | Directory Replication Service (DRS) Remote Protocol | github.com/oiweiwei/msrpc/drsr |
| MS-DSSP | Directory Services Setup Remote Protocol | github.com/oiweiwei/msrpc/dssp |
| MS-DTYP | Windows Data Types | github.com/oiweiwei/msrpc/dtyp |
| MS-EERR | ExtendedError Remote Data Structure | github.com/oiweiwei/msrpc/eerr |
| MS-RPCE-EPM C706-EPM | Endpoint Mapper | github.com/oiweiwei/msrpc/epm |
| MS-ERREF | Windows Error Codes | github.com/oiweiwei/msrpc/erref |
| MS-EVEN | EventLog Remoting Protocol | github.com/oiweiwei/msrpc/even |
| MS-EVEN6 | EventLog Remoting Protocol Version 6.0 | github.com/oiweiwei/msrpc/even6 |
| MS-FASP | Firewall and Advanced Security Protocol | github.com/oiweiwei/msrpc/fasp |
| MS-FAX | Fax Server and Client Remote Protocol | github.com/oiweiwei/msrpc/fax |
| MS-ICPR | ICertPassage Remote Protocol | github.com/oiweiwei/msrpc/icpr |
| MS-IRP | Internet Information Services (IIS) Inetinfo Remote Protocol | github.com/oiweiwei/msrpc/irp |
| MS-LREC | Live Remote Event Capture (LREC) Protocol | github.com/oiweiwei/msrpc/lrec |
| MS-LSAD | Local Security Authority (Domain Policy) Remote Protocol | github.com/oiweiwei/msrpc/lsad |
| MS-LSAT | Local Security Authority (Translation Methods) Remote Protocol | github.com/oiweiwei/msrpc/lsat |
| MS-MQDS | Message Queuing (MSMQ): Directory Service Protocol | github.com/oiweiwei/msrpc/mqds |
| MS-MQMP | Message Queuing (MSMQ): Queue Manager Client Protocol | github.com/oiweiwei/msrpc/mqmp |
| MS-MQMQ | Message Queuing (MSMQ): Data Structures | github.com/oiweiwei/msrpc/mqmq |
| MS-MQMR | Message Queuing (MSMQ): Queue Manager Management Protocol | github.com/oiweiwei/msrpc/mqmr |
| MS-MQQP | Message Queuing (MSMQ): Queue Manager to Queue Manager Protocol | github.com/oiweiwei/msrpc/mqqp |
| MS-MQRR | Message Queuing (MSMQ): Queue Manager Remote Read Protocol | github.com/oiweiwei/msrpc/mqrr |
| MS-MSRP | Messenger Service Remote Protocol | github.com/oiweiwei/msrpc/msrp |
| MS-NEGOEX | SPNEGO Extended Negotiation (NEGOEX) Security Mechanism | github.com/oiweiwei/msrpc/negoex |
| MS-NRPC | Netlogon Remote Protocol | github.com/oiweiwei/msrpc/nrpc |
| MS-NRPC-SECCHANNEL | Secure Channel Establishment and Maintenance | github.com/oiweiwei/msrpc/nrpc |
| MS-NSPI | Name Service Provider Interface (NSPI) Protocol | github.com/oiweiwei/msrpc/nspi |
| MS-OXABREF | Address Book Name Service Provider Interface (NSPI) Referral Protocol | |
| MS-OXCRPC | Wire Format Protocol | github.com/oiweiwei/msrpc/oxcrpc |
| MS-PAC | Privilege Attribute Certificate Data Structure | github.com/oiweiwei/msrpc/pac |
| MS-PAN | Print System Asynchronous Notification Protocol | github.com/oiweiwei/msrpc/pan |
| MS-PAR | Print System Asynchronous Remote Protocol | github.com/oiweiwei/msrpc/par |
| MS-PCQ | Performance Counter Query Protocol | github.com/oiweiwei/msrpc/pcq |
| MS-RAA | Remote Authorization API Protocol | github.com/oiweiwei/msrpc/raa |
| MS-RAIW | Remote Administrative Interface: WINS | github.com/oiweiwei/msrpc/raiw |
| MS-RPCL | Remote Procedure Call Location Services Extensions | github.com/oiweiwei/msrpc/rpcl |
| MS-RPRN | Print System Remote Protocol | github.com/oiweiwei/msrpc/rprn |
| MS-RRP | Windows Remote Registry Protocol | github.com/oiweiwei/msrpc/rrp |
| MS-RSP | Remote Shutdown Protocol | github.com/oiweiwei/msrpc/rsp |
| MS-SAMR | Security Account Manager (SAM) Remote Protocol (Client-to-Server) | github.com/oiweiwei/msrpc/samr |
| MS-SCH | Task Scheduler Service Remoting Protocol | github.com/oiweiwei/msrpc/sch |
| MS-SCMR | Service Control Manager Remote Protocol | github.com/oiweiwei/msrpc/scmr |
| MS-SRVS | Server Service Remote Protocol | github.com/oiweiwei/msrpc/srvs |
| MS-SSP | Single Sign-On Protocol | github.com/oiweiwei/msrpc/ssp |
| MS-SWN | Service Witness Protocol | github.com/oiweiwei/msrpc/swn |
| MS-TRP | Telephony Remote Protocol | github.com/oiweiwei/msrpc/trp |
| MS-TSCH | Task Scheduler Service Remoting Protocol | github.com/oiweiwei/msrpc/tsch |
| MS-TSGU | Terminal Services Gateway Server Protocol | github.com/oiweiwei/msrpc/tsgu |
| MS-W32T | W32Time Remote Protocol | github.com/oiweiwei/msrpc/w32t |
| MS-WDSC | Windows Deployment Services Control Protocol | github.com/oiweiwei/msrpc/wdsc |
| MS-WKST | Workstation Service Remote Protocol | github.com/oiweiwei/msrpc/wkst |
Generated DCOM Stubs
| Code | Description | Package |
|---|---|---|
| MS-DCOM | Distributed Component Object Model (DCOM) Remote Protocol | github.com/oiweiwei/msrpc/dcom |
| MS-ADTG | Remote Data Services (RDS) Transport Protocol | github.com/oiweiwei/msrpc/adtg |
| MC-CCFG | Server Cluster: Configuration (ClusCfg) Protocol | github.com/oiweiwei/msrpc/ccfg |
| MS-COM | Component Object Model Plus (COM+) Protocol | github.com/oiweiwei/msrpc/com |
| MS-COMA | Component Object Model Plus (COM+) Remote Administration Protocol | github.com/oiweiwei/msrpc/coma |
| MS-COMEV | Component Object Model Plus (COM+) Event System Protocol | github.com/oiweiwei/msrpc/comev |
| MS-COMT | Component Object Model Plus (COM+) Tracker Service Protocol | github.com/oiweiwei/msrpc/comt |
| MS-CSRA | Certificate Services Remote Administration Protocol | github.com/oiweiwei/msrpc/csra |
| MS-CSVP | Failover Cluster: Setup and Validation Protocol (ClusPrep) | github.com/oiweiwei/msrpc/csvp |
| MS-DFSRH | DFS Replication Helper Protocol | github.com/oiweiwei/msrpc/dfsrh |
| MS-DMRP | Disk Management Remote Protocol | github.com/oiweiwei/msrpc/dmrp |
| MS-FSRM | File Server Resource Manager Protocol | github.com/oiweiwei/msrpc/fsrm |
| MC-IISA | Internet Information Services (IIS) Application Host COM Protocol | github.com/oiweiwei/msrpc/iisa |
| MS-IISS | Internet Information Services (IIS) ServiceControl Protocol | github.com/oiweiwei/msrpc/iiss |
| MS-IMSA | Internet Information Services (IIS) IMSAdminBaseW Remote Protocol | github.com/oiweiwei/msrpc/imsa |
| MS-IOI | IManagedObject Interface Protocol | github.com/oiweiwei/msrpc/ioi |
| MS-OAUT | OLE Automation Protocol | github.com/oiweiwei/msrpc/oaut |
| MS-OCSPA | Microsoft OCSP Administration Protocol | github.com/oiweiwei/msrpc/ocspa |
| MS-PLA | Performance Logs and Alerts Protocol | github.com/oiweiwei/msrpc/pla |
| MS-RAI | Remote Assistance Initiation Protocol | github.com/oiweiwei/msrpc/rai |
| MS-RDPESC | Remote Desktop Protocol: Smart Card Virtual Channel Extension | github.com/oiweiwei/msrpc/rdpesc |
| MS-VDS | Virtual Disk Service (VDS) Protocol | github.com/oiweiwei/msrpc/vds |
| MS-WCCE | Windows Client Certificate Enrollment Protocol | github.com/oiweiwei/msrpc/wcce |
| MS-WMI | Windows Management Instrumentation Remote Protocol | github.com/oiweiwei/msrpc/wmi |
| MS-WMIO | Windows Management Instrumentation Encoding Version 1.0 Protocol | github.com/oiweiwei/msrpc/wmio |
Documentation
The codegen package also generates the documentation for the generated code pulled from the MSDN portal. (it can be quite inaccurate with determining general comment boundaries vs actual field descriptions, so inaccurate can be an HTML on MSDN side).
Naming
The codegen/go_names contains the ad-hoc naming engine, which sometimes
quite sucks (so does the overall naming convention in IDL documents, seriously,
how much time the average microsoft developer saves by writing para instead of param),
but for most of the situations, provide a way to generate the
names that comply with golang naming convention and give more intuition behind
this or that field.
Generated Stubs
MIDL Implementation Limitations
-
L.0001:
#definestatements are applicable only for constant declaration; -
L.0002:
cpp_quotecontents are limited only for constant declaration; -
L.0005:
int constdeclaration is not supported. -
L.0006:
wchar_t,status_error_tare predefined.
TODO
-
Testing (I don't have much time)
-
Handle reserved arguments/structure fields used for
switch_isandsize_isstatements. -
Derive the type from field name, like
^f[A-Z]->boolean. -
Pipes support
-
Callbacks Support / Server-Side Support
-
Static strings
-
Investigate: Association Group ID is not shared across several named pipe connections. (each NP requires dedicated connection).
-
Convenient way to combine SPNEGO and NTLM/KRB5 within connection option.
References
Without these projects, it would be absolutely impossible to implement go-msrpc.
Collaboration
Don't hesitate to raise an issues (and only then raise a PR), the project is quite raw, and I don't have much time, so, a lot of errors and issues are yet to discover.