RubyGems - packetgen-plugin-smb - Versions diffs - 0.6.1 → 0.6.2 - Mend

packetgen-plugin-smb 0.6.1 → 0.6.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (55) hide show

checksums.yaml +4 -4
data/.github/workflows/specs.yml +28 -0
data/.rubocop.yml +6 -0
data/Gemfile +15 -0
data/README.md +50 -12
data/Rakefile +10 -4
data/lib/packetgen-plugin-smb.rb +2 -2
data/lib/packetgen/plugin/gssapi.rb +4 -2
data/lib/packetgen/plugin/llmnr.rb +4 -4
data/lib/packetgen/plugin/netbios.rb +2 -0
data/lib/packetgen/plugin/netbios/datagram.rb +3 -3
data/lib/packetgen/plugin/netbios/name.rb +4 -4
data/lib/packetgen/plugin/netbios/session.rb +5 -5
data/lib/packetgen/plugin/ntlm.rb +3 -3
data/lib/packetgen/plugin/ntlm/authenticate.rb +2 -2
data/lib/packetgen/plugin/ntlm/av_pair.rb +3 -5
data/lib/packetgen/plugin/ntlm/challenge.rb +2 -2
data/lib/packetgen/plugin/ntlm/negotiate.rb +2 -2
data/lib/packetgen/plugin/ntlm/ntlmv2_response.rb +2 -2
data/lib/packetgen/plugin/smb.rb +12 -12
data/lib/packetgen/plugin/smb/blocks.rb +2 -2
data/lib/packetgen/plugin/smb/browser.rb +2 -2
data/lib/packetgen/plugin/smb/browser/domain_announcement.rb +2 -2
data/lib/packetgen/plugin/smb/browser/host_announcement.rb +2 -2
data/lib/packetgen/plugin/smb/browser/local_master_announcement.rb +2 -2
data/lib/packetgen/plugin/smb/close.rb +2 -2
data/lib/packetgen/plugin/smb/close/request.rb +2 -2
data/lib/packetgen/plugin/smb/close/response.rb +2 -2
data/lib/packetgen/plugin/smb/filetime.rb +4 -2
data/lib/packetgen/plugin/smb/negotiate.rb +2 -2
data/lib/packetgen/plugin/smb/negotiate/dialect.rb +7 -0
data/lib/packetgen/plugin/smb/negotiate/request.rb +7 -0
data/lib/packetgen/plugin/smb/negotiate/response.rb +8 -2
data/lib/packetgen/plugin/smb/nt_create_and_x.rb +2 -2
data/lib/packetgen/plugin/smb/ntcreateandx/request.rb +4 -4
data/lib/packetgen/plugin/smb/ntcreateandx/response.rb +2 -2
data/lib/packetgen/plugin/smb/string.rb +40 -28
data/lib/packetgen/plugin/smb/trans.rb +2 -2
data/lib/packetgen/plugin/smb/trans/request.rb +3 -3
data/lib/packetgen/plugin/smb/trans/response.rb +2 -2
data/lib/packetgen/plugin/smb2.rb +3 -3
data/lib/packetgen/plugin/smb2/base.rb +3 -3
data/lib/packetgen/plugin/smb2/error.rb +3 -4
data/lib/packetgen/plugin/smb2/guid.rb +4 -3
data/lib/packetgen/plugin/smb2/negotiate.rb +2 -2
data/lib/packetgen/plugin/smb2/negotiate/context.rb +3 -3
data/lib/packetgen/plugin/smb2/negotiate/request.rb +3 -5
data/lib/packetgen/plugin/smb2/negotiate/response.rb +4 -6
data/lib/packetgen/plugin/smb2/session_setup.rb +2 -2
data/lib/packetgen/plugin/smb2/session_setup/request.rb +4 -4
data/lib/packetgen/plugin/smb2/session_setup/response.rb +5 -5
data/lib/packetgen/plugin/smb_version.rb +3 -1
data/packetgen-plugin-smb.gemspec +4 -11
metadata +6 -82
data/.travis.yml +0 -12

checksums.yaml CHANGED

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: aa4ced67494f74b0d29b87e1f37e872ae96d39362317aeb9b5ae5a61d780ba0d
-  data.tar.gz: bbb29b0fae6de210a9c36aef771566b741c59ae633271d32704e78db49f66077
+  metadata.gz: 4b63382e5580528b23ba059cd370db53203efec6cd6273388f88b15976b9343d
+  data.tar.gz: 425f63395bdc0c38e1288f0690fd8cc51c944645b5fc017e2c6289ba9c54b78d
 SHA512:
-  metadata.gz: e418ab51abca304c9d735feb636222581dbacd86a76eb7aa2060755bc2ed975e9b9d598f72c445c087e9b614289d6dc54bfcba3aa5e429a483f4b6255a79f953
-  data.tar.gz: baf6dacfb460e6d0365e7398e4d1ec119bce98a5efebd5147f75587ea286974e6d57c64fb778982dba5e1a07c4ce0c0ed187d20b1416a4d1ebbdd5f6de81ed93
+  metadata.gz: '08a4a6e817ff3ae8c7c341c6af64722fcdf09331767627adf04c36a6f442dcc6ea7dfb21cd76f2ec3c1f9818b5b3e565806b5391d041130c189de9fc89eacaf6'
+  data.tar.gz: b537ad94930b18a5ab93a219a66090384c84f0cfae44426b42304732c0f31e41c9903e9cf8eb41778e82661eb5803d33cdca640104b7a0e5db37df2497320af9

data/.github/workflows/specs.yml ADDED

@@ -0,0 +1,28 @@
+name: Specs
+on:
+  push:
+    branches: [ master ]
+  pull_request:
+    branches: [ master ]
+jobs:
+  test:
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        ruby: [2.4, 2.5, 2.6, 2.7]
+    runs-on: ${{ matrix.os }}
+    steps:
+    - uses: actions/checkout@v2
+    - name: Install dependencies
+      run: sudo apt-get update -qq && sudo apt-get install libpcap-dev -qq
+    - name: Set up Ruby
+      uses: ruby/setup-ruby@v1
+      with:
+        ruby-version: ${{ matrix.ruby }}
+    - name: Run tests
+      run: |
+        bundle config set path 'vendor/bundle'
+        bundle config set --local without noci
+        bundle install
+        bundle exec rake

data/.rubocop.yml CHANGED

@@ -1,3 +1,7 @@
+require:
+  - rubocop-performance
+Layout/LineLength:
+  Max: 150
 Layout/SpaceAroundEqualsInParameterDefault:
   EnforcedStyle: no_space
 Lint/EmptyWhen:
@@ -6,6 +10,8 @@ Lint/Void:
   Enabled: false
 Metrics:
   Enabled: false
+Style/AccessModifierDeclarations:
+  Enabled: false
 Style/AsciiComments:
   Enabled: false
 Style/ClassAndModuleChildren:

data/Gemfile CHANGED

@@ -1,3 +1,18 @@
+# frozen_string_literal: true
 source 'https://rubygems.org'
 gemspec
+gem 'bundler', '>=1.17', '<3'
+gem 'rake', '~> 12.3'
+gem 'rspec', '~> 3.10'
+group :noci do
+  gem 'debase', '~>0.2'
+  gem 'rubocop', '~> 1.6.0'
+  gem 'rubocop-performance', '~> 1.9'
+  gem 'ruby-debug-ide', '~> 0.7'
+  gem 'simplecov', '~> 0.18'
+  gem 'yard', '~> 0.9'
+end

data/README.md CHANGED

@@ -1,23 +1,26 @@
 [![Gem Version](https://badge.fury.io/rb/packetgen-plugin-smb.svg)](https://badge.fury.io/rb/packetgen-plugin-smb)
-[![Build Status](https://travis-ci.com/sdaubert/packetgen-plugin-smb.svg?branch=master)](https://travis-ci.com/sdaubert/packetgen-plugin-smb)
 # Packetgen::Plugin::SMB
 This is a plugin for [PacketGen gem](https://github.com/sdaubert/packetgen). It adds some support for SMB protocol suite:
+* NetBIOS:
+  * Datagram service,
+  * Session service,
 * SMB:
-    * SMB common header,
-    * Close command,
-    * NtCreateAndX command,
-    * Trans command,
-    * Browser subprotocol,
+  * SMB common header,
+  * Negotiate command,
+  * Close command,
+  * NtCreateAndX command,
+  * Trans command,
+  * Browser subprotocol,
 * SMB2:
-    * SMB2 common header (support 2.x and 3.x dialects),
-    * Negotiate command,
-    * SessionSetup command,
+  * SMB2 common header (support 2.x and 3.x dialects),
+  * Negotiate command,
+  * SessionSetup command,
 * GSSAPI, used to transport negotiation over SMB2 commands,
-* NTLM, SMB authentication protocol.
+* NTLM, SMB authentication protocol,
+* LLMNR (_Link-Local Multicast Name Resolution_), resolution protocol used in SMB networks.
 ## Installation
@@ -37,7 +40,42 @@ Or install it yourself as:
 ## Usage
-TODO
+### SMB2 with NTLM negociation
+See [examples/smb-responder](/examples/smb-responder).
+### LLMNR
+LLMNR is a multicast protocol. Unless you want to have a fine control on UDP layer, the simplest way is to use it over a UDP ruby socket:
+```ruby
+require 'socket'
+require 'packetgen'
+require 'packetgen-plugin-smb'
+LLMNR_MCAST_ADDR = '224.0.0.252'
+LOCAL_IPADDR = 'x.x.x.x' # your IP
+# Open a UDP socket
+socket = UDPSocket.new
+# Bind it to receive LLMNR response packets
+socket.bind(LOCAL_IPADDR, 0)
+# Send a LLMNR query
+query = PacketGen.gen('LLMNR', id: 0x1234, opcode: 'query')
+query.llmnr.qd << { rtype: 'Question', name: 'example.local' }
+socket.send(query.to_s, 0, LLMNR_MCAST_ADDR, PacketGen::Plugin::LLMNR::UDP_PORT)
+# Get answer
+# data = socket.recv(1024)
+data, peer = socket.recvfrom(1024)
+answer = PacketGen.parse(data, first_header: 'LLMNR')
+example_local_ip = answer.llmnr.an.to_a
+                         .find { |an| an.is_a?(PacketGen::Header::DNS::RR) }.human_rdata
+puts example_local_ip
+```
+You have to manage multicast if you want to make a LLMNR responder. For further details, see [examples/llmnr-responder](/examples/llmnr-responder).
 ## See also

data/Rakefile CHANGED

@@ -1,13 +1,19 @@
+# frozen_string_literal: true
 require 'bundler/gem_tasks'
 require 'rspec/core/rake_task'
-require 'yard'
 task default: :spec
 RSpec::Core::RakeTask.new
-YARD::Rake::YardocTask.new do |t|
-  t.options = ['--no-private']
-  t.files = ['lib/**/*.rb', '-', 'LICENSE']
+begin
+  require 'yard'
+  YARD::Rake::YardocTask.new do |t|
+    t.options = ['--no-private']
+    t.files = ['lib/**/*.rb', '-', 'LICENSE']
+  end
+rescue LoadError
+  # no yard, so no yard task
 end

data/lib/packetgen-plugin-smb.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 require 'packetgen'
 require_relative 'packetgen/plugin/smb_version'
 require_relative 'packetgen/plugin/gssapi'

data/lib/packetgen/plugin/gssapi.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 require 'rasn1'
 module PacketGen::Plugin
@@ -113,6 +113,8 @@ module PacketGen::Plugin
     # @param [String] str
     # @return [self]
     def read(str)
+      return self if str.nil?
       parse!(str, ber: true)
       self
     end

data/lib/packetgen/plugin/llmnr.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   # Link-Local Multicast Name Resolution (LLMNR) header ({https://tools.ietf.org/html/rfc4795 RFC 4795}).
   # @author Sylvain Daubert
@@ -43,13 +43,13 @@ module PacketGen::Plugin
       ip.dst = dst unless dst.nil?
       ip.ttl = 1 if ip[:dst].mcast?
-      # rubocop:disable Lint/HandleExceptions
+      # rubocop:disable Lint/SuppressedException
       begin
         llh = ll_header(self)
         llh.dst = MAC_IPV4_MCAST if ip[:dst].mcast?
       rescue PacketGen::FormatError
       end
-      # rubocop:enable Lint/HandleExceptions
+      # rubocop:enable Lint/SuppressedException
     end
   end
   PacketGen::Header.add_class LLMNR

data/lib/packetgen/plugin/netbios.rb CHANGED

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
 # This file is part of PacketGen
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>

data/lib/packetgen/plugin/netbios/datagram.rb CHANGED

@@ -1,15 +1,15 @@
+# frozen_string_literal: true
 # This file is part of PacketGen
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   # Module to group all NetBIOS headers
   # @author Sylvain Daubert
   module NetBIOS
-    # NetBIOS Session Service messages.
+    # NetBIOS Datagram Service messages.
     # @author Sylvain Daubert
     class Datagram < PacketGen::Header::Base
       # Give protocol name

data/lib/packetgen/plugin/netbios/name.rb CHANGED

@@ -1,13 +1,13 @@
+# frozen_string_literal: true
 # This file is part of PacketGen
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
-    # Module to group all NetBIOS headers
-    # @author Sylvain Daubert
+  # Module to group all NetBIOS headers
+  # @author Sylvain Daubert
   module NetBIOS
     # NetBIOS Name.
     # @author Sylvain Daubert

data/lib/packetgen/plugin/netbios/session.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of PacketGen
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2016 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   # Module to group all NetBIOS headers
   # @author Sylvain Daubert
@@ -25,12 +25,12 @@ module PacketGen::Plugin
       # Session packet types
       TYPES = {
-        'message'           => 0,
-        'request'           => 0x81,
+        'message' => 0,
+        'request' => 0x81,
         'positive_response' => 0x82,
         'negative_response' => 0x83,
         'retarget_response' => 0x84,
-        'keep_alive'        => 0x85,
+        'keep_alive' => 0x85,
       }.freeze
       # @!attribute type

data/lib/packetgen/plugin/ntlm.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   # Base class for NTLM authentication protocol.
   # @author Sylvain Daubert
@@ -159,7 +159,7 @@ module PacketGen::Plugin
                   else
                     type.new(options)
                   end
-        content.read(payload[offset_in_payload, length]) if length > 0
+        content.read(payload[offset_in_payload, length]) if length.positive?
         send(:"#{name}=", content)
       end

data/lib/packetgen/plugin/ntlm/authenticate.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   class NTLM
     # NTLM Challenge message

data/lib/packetgen/plugin/ntlm/av_pair.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   class NTLM
     # Known AvPair IDs
@@ -64,9 +64,7 @@ module PacketGen::Plugin
       # Get unicode property
       # @return [Boolean]
-      def unicode
-        @unicode
-      end
+      attr_reader :unicode
       alias unicode? unicode
       # Set unicode property

data/lib/packetgen/plugin/ntlm/challenge.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   class NTLM
     # NTLM Challenge message

data/lib/packetgen/plugin/ntlm/negotiate.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   class NTLM
     # NTLM Negotiate message

data/lib/packetgen/plugin/ntlm/ntlmv2_response.rb CHANGED

@@ -1,10 +1,10 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   class NTLM
     class Ntlmv2Response < PacketGen::Types::Fields

data/lib/packetgen/plugin/smb.rb CHANGED

@@ -1,26 +1,26 @@
+# frozen_string_literal: true
 # This file is part of packetgen-plugin-smb.
 # See https://github.com/sdaubert/packetgen-plugin-smb for more informations
 # Copyright (C) 2018 Sylvain Daubert <sylvain.daubert@laposte.net>
 # This program is published under MIT license.
-# frozen_string_literal: true
 module PacketGen::Plugin
   # Server Message Block (SMB) header.
   # @author Sylvain Daubert
   class SMB < PacketGen::Header::Base
     # Known commands
     COMMANDS = {
-      'delete_dir'     => 0x01,
-      'close'          => 0x04,
-      'delete'         => 0x06,
-      'query_info2'    => 0x23,
-      'trans'          => 0x25,
-      'echo'           => 0x2b,
-      'open_and_x'     => 0x2d,
-      'read_and_x'     => 0x2e,
-      'write_and_x'    => 0x2f,
-      'trans2'         => 0x32,
+      'delete_dir' => 0x01,
+      'close' => 0x04,
+      'delete' => 0x06,
+      'query_info2' => 0x23,
+      'trans' => 0x25,
+      'echo' => 0x2b,
+      'open_and_x' => 0x2d,
+      'read_and_x' => 0x2e,
+      'write_and_x' => 0x2f,
+      'trans2' => 0x32,
       'tree_disconnect' => 0x71,
       'negotiate' => 0x72,
       'session_setup_and_x' => 0x73,