Change byte count in tree_connect_andx_request

[Notre1]

I got this from comparing the packet capture from metasploit vs this python version. With the previous version, it returned "Unable to detect if this host is vulnerable" more often for hosts, and this one will catch more of the vulnerable/unpatched hosts.

[nixawk]

Thanks @Notre1. It's better to calc byte count because of dynamic IPC string. I'll fix it later.

 -      '\x1C\x00',          # Byte Count
 +      '\x1A\x00',          # Byte Count
        '\x00',              # Password
        ipc.encode(),        # \\xxx.xxx.xxx.xxx\IPC$
        '\x3f\x3f\x3f\x3f\x3f\x00'   # Service

Byte Count = Service.length + ipc.encode().length + Password.length

[Notre1]

Sure @nixawk. I uploaded them to my Dropbox here:

https://www.dropbox.com/s/bs5ujtqaagjwg7g/MS17_010_xpsp3_smb_expoit_python_byte_count_patch.zip?dl=0

[nixawk]

@Notre1 I test your fix, and it works against my lab. Could I put your packets into labs/MS17_010/ directory ?

[Notre1]

@nixawk Yes, you can add the packets to the repo/directory.