Merge pull request #20926 from cgranleese-r7/renames-windows-file-system-methods

adfoster-r7 · web-flow · commit 36a240a07eca · 2026-02-03T21:03:07.000Z
Renames Windows File System namespaces
diff --git a/lib/msf/core/post/windows/file_system.rb b/lib/msf/core/post/windows/file_system.rb
@@ -28,7 +28,18 @@ def initialize(info = {})
           )
         end
 
-        class UnicodeString < BinData::Record
+        class WindowsFileSystemString16 < BinData::String
+          def assign(val)
+            super(val.encode('utf-16le'))
+          end
+
+          def snapshot
+            super.force_encoding('utf-16le')
+          end
+        end
+
+        class WindowsFileSystemUnicodeString < BinData::Record
+          search_prefix :windows_file_system
           endian :little
 
           uint16 :str_length
@@ -40,7 +51,8 @@ class UnicodeString < BinData::Record
           end
         end
 
-        class ObjectAttributes < BinData::Record
+        class WindowsFileSystemObjectAttributes < BinData::Record
+          search_prefix :windows_file_system
           #
           # Valid values for the Attributes field
           OBJ_INHERIT                       = 0x00000002
@@ -79,7 +91,7 @@ class ObjectAttributes < BinData::Record
           end
         end
 
-        class Guid < BinData::Record
+        class WindowsFileSystemGuid < BinData::Record
           endian :little
 
           uint32 :data1, initial_value: 0
@@ -88,7 +100,8 @@ class Guid < BinData::Record
           string :data4, length: 8, initial_value: "\x00\x00\x00\x00\x00\x00\x00\x00"
         end
 
-        class ReparseGuidDataBuffer < BinData::Record
+        class WindowsFileSystemReparseGuidDataBuffer < BinData::Record
+          search_prefix :windows_file_system
           endian :little
 
           uint32 :reparse_tag
@@ -98,8 +111,11 @@ class ReparseGuidDataBuffer < BinData::Record
           string :reparse_data
         end
 
-        class ReparseDataBuffer < BinData::Record
-          class ReparseBuffer < BinData::Record
+        class WindowsFileSystemReparseDataBuffer < BinData::Record
+          search_prefix :windows_file_system
+
+          class WindowsFileSystemReparseBuffer < BinData::Record
+            search_prefix :windows_file_system
             endian :little
 
             uint16 :substitute_name_offset
@@ -108,14 +124,14 @@ class ReparseBuffer < BinData::Record
             uint16 :print_name_length
           end
 
-          class SymbolicLinkReparseBuffer < ReparseBuffer
+          class WindowsFileSystemSymbolicLinkReparseBuffer < WindowsFileSystemReparseBuffer
             endian :little
 
             uint32   :flags
             string16 :path_buffer
           end
 
-          class MountPointReparseBuffer < ReparseBuffer
+          class WindowsFileSystemMountPointReparseBuffer < WindowsFileSystemReparseBuffer
             endian :little
 
             string16 :path_buffer
@@ -130,8 +146,8 @@ class MountPointReparseBuffer < ReparseBuffer
           uint16 :reparse_data_length
           uint16 :reserved, initial_value: 0
           choice :reparse_data, selection: -> { @obj.parent.get_parameter(:type) || -1 } do
-            symbolic_link_reparse_buffer SYMBOLIC_LINK
-            mount_point_reparse_buffer   MOUNT_POINT
+            windows_file_system_symbolic_link_reparse_buffer SYMBOLIC_LINK
+            windows_file_system_mount_point_reparse_buffer   MOUNT_POINT
             string :default
           end
         end
@@ -346,19 +362,19 @@ def write_to_memory(process, str)
         end
 
         def build_object_attributes(p_unicode_buf)
-          object_attributes = ObjectAttributes.new(
+          object_attributes = WindowsFileSystemObjectAttributes.new(
             arch: client.native_arch
           )
           object_attributes.p_root_directory = 0 # root argument is nil, otherwise, we need to get a valid handle to root (TODO later)
-          object_attributes.attributes = ObjectAttributes::OBJ_CASE_INSENSITIVE
+          object_attributes.attributes = WindowsFileSystemObjectAttributes::OBJ_CASE_INSENSITIVE
           object_attributes.p_security_descriptor = 0
           object_attributes.p_security_quality_of_service = 0
           object_attributes.p_object_name = p_unicode_buf
           object_attributes
         end
 
         def build_reparse_data_buffer(target, print_name)
-          buffer = ReparseDataBuffer.new(type: ReparseDataBuffer::MOUNT_POINT)
+          buffer = WindowsFileSystemReparseDataBuffer.new(type: WindowsFileSystemReparseDataBuffer::MOUNT_POINT)
           target_byte_size = target.size * 2
           print_name_byte_size = print_name.size * 2
           path_buffer_size = target_byte_size + print_name_byte_size + 8 + 4
@@ -374,7 +390,7 @@ def build_reparse_data_buffer(target, print_name)
         end
 
         def build_unicode_string(str_byte_size, p_buffer)
-          unicode_str = UnicodeString.new(
+          unicode_str = WindowsFileSystemUnicodeString.new(
             arch: client.native_arch
           )
           unicode_str.str_length = str_byte_size - 2
