ruby_smb 0.0.18 → 0.0.19

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 6d2fbdf3236d278f2f5aa3aaab501f54af77825a
-  data.tar.gz: 343846b15a2d19332d87f1d15e87285f922dea23
+  metadata.gz: 8937795d135978de5a71c04da91bdd44ac2d44ce
+  data.tar.gz: 37563d2e539ae97ae98a9fc5df32eeb4d51a408e
 SHA512:
-  metadata.gz: 1a413b93e68d6ba6b1c17e8f78d815265757c173a6420fcc6a1faab6871f7bd7d009b65a1304439cf7463ee088bc903c1ac8262bfbd84ea6010a025e6658369d
-  data.tar.gz: f8de75f184d0242dd36f0cec9fb0f0c23778eceba43ff5e91f06501d610380eb8f50ca3debcf495093ce6ea6e724c4c916338944e4f9a66fc389b2d57c1868d9
+  metadata.gz: 106b8d06d0d2a269d18cb1c92234cc8f885d4c869cb2893fa4ec945045a95decb6b8a1b597c3c20341dac3e22c649d6da06480e75413cdea10988ec4b8c7a481
+  data.tar.gz: 74c2e0a872f71a60b297c42b34c1abf3c15d33377f23b86ba4491c91251970d7b21febb93003ecfbb0a931313610207e8b389f2f5b21c37344399cb6e346171c

data/README.md

@@ -4,16 +4,17 @@
 [![Code Climate](https://codeclimate.com/github/rapid7/ruby_smb.png)](https://codeclimate.com/github/rapid7/ruby_smb)
 [![Coverage Status](https://coveralls.io/repos/github/rapid7/ruby_smb/badge.svg?branch=master)](https://coveralls.io/github/rapid7/ruby_smb?branch=master)
 
-A packet parsing and manipulation library for the SMB family of protocols.
+A native Ruby implementation of the SMB Protocol Family. It currently supports
+ 1. [[MS-SMB]](https://msdn.microsoft.com/en-us/library/cc246231.aspx)
+ 1. [[MS-SMB2]](http://msdn.microsoft.com/en-us/library/cc246482.aspx)
 
-See Microsoft's [[MS-SMB2]](http://msdn.microsoft.com/en-us/library/cc246482.aspx)
+This library currently include both a Client level, and Packet level support. A user can aprse and manipulate raw
+SMB packets, or simply use the simple client to perform SMB operations.
 
-It supports authentication via NTLM using the [ruby ntlm gem](https://rubygems.org/gems/rubyntlm)
+See the Wiki for more information on this porject's long-term goals, style guide, and developer tips.
 
 ## Installation
 
-This gem has not yet been released, but when it is, do this:
-
 Add this line to your application's Gemfile:
 
 ```ruby
@@ -30,7 +31,246 @@ Or install it yourself as:
 
 ## Usage
 
-Updated Usage Docs coming soon
+### Defining a packet
+
+All packets are done in a declarative style with BinData. Nested data structures are used where appropriate to give users
+the easiest method of adjusting data, all the way down to the bit level in case of bit masks.
+
+#### SMB1
+SMB1 Packets are made up of three basic components:
+ 1. **The SMB Header** - This is a standard SMB Header. All SMB1 packets use the same SMB header.
+ 1. **The Parameter Block** - This is where function parameters are passed across the wire in the packet. Parameter Blocks will always 
+ have a 'Word Count' field that gives the size of the Parameter Block in words(2-bytes)
+ 1. **The Data Block** - This is the data section of the packet. the Data Block will always have a 'byte count' field that gives the size of
+ the Data block in bytes.
+  
+The SMB Header can always just be declared as a field in the BinData DSL for the packet class, because its structure never changes.
+For the ParameterBlock and DataBlocks, we always define subclasses for this particular packet. They inherit the 'Word Count' and
+'Byte Count' fields, along with the auto-calculation routines for those fields, from their ancestors. Any other fields are then 
+defined in our subclass before we start the DSL declarations for the packet.
+
+Example:
+
+```ruby
+module RubySMB
+  module SMB1
+    module Packet
+
+      # This class represents an SMB1 TreeConnect Request Packet as defined in
+      # [2.2.4.7.1 Client Request Extensions](https://msdn.microsoft.com/en-us/library/cc246330.aspx)
+      class TreeConnectRequest < RubySMB::GenericPacket
+
+        # A SMB1 Parameter Block as defined by the {TreeConnectRequest}
+        class ParameterBlock < RubySMB::SMB1::ParameterBlock
+          and_x_block          :andx_block
+          tree_connect_flags   :flags
+          uint16               :password_length, label: 'Password Length', initial_value: 0x01
+        end
+
+        class DataBlock < RubySMB::SMB1::DataBlock
+          stringz  :password, label: 'Password Field', initial_value: '',    length: lambda { self.parent.parameter_block.password_length }
+          stringz  :path,     label: 'Resource Path'
+          stringz  :service,  label: 'Resource Type',  initial_value: '?????'
+        end
+
+        smb_header        :smb_header
+        parameter_block   :parameter_block
+        data_block        :data_block
+
+        def initialize_instance
+          super
+          smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TREE_CONNECT
+        end
+
+      end
+    end
+  end
+end
+```
+
+#### SMB2
+
+SMB2 Packets are far simpler than their older SMB1 counterparts. We still abstract out the SMB2 header since it is the same
+structure used for every packet. Beyond that, the SMB2 packet is relatively flat in comparison to SMB1.
+
+Example:
+```ruby
+module RubySMB
+  module SMB2
+    module Packet
+
+      # An SMB2 TreeConnectRequest Packet as defined in
+      # [2.2.9 SMB2 TREE_CONNECT Request](https://msdn.microsoft.com/en-us/library/cc246567.aspx)
+      class TreeConnectRequest < RubySMB::GenericPacket
+        endian       :little
+        smb2_header  :smb2_header
+        uint16       :structure_size, label: 'Structure Size', initial_value: 9
+        uint16       :flags,          label: 'Flags',          initial_value: 0x00
+        uint16       :path_offset,    label: 'Path Offset',    initial_value: 0x48
+        uint16       :path_length,    label: 'Path Length',    initial_value: lambda { self.path.length }
+        string       :path,           label: 'Path Buffer'
+
+        def initialize_instance
+          super
+          smb2_header.command = RubySMB::SMB2::Commands::TREE_CONNECT
+        end
+
+        def encode_path(path)
+          self.path = path.encode("utf-16le")
+        end
+      end
+    end
+  end
+end
+```
+
+### Using a Packet class
+
+#### Manually
+You can instantiate an instance of a particular packet class, and then reach into the data structure to set or read explicit
+values in a fairly straightforward manner.
+
+Example:
+```ruby
+2.3.3 :001 > packet = RubySMB::SMB1::Packet::TreeConnectRequest.new
+ => {:smb_header=>{:protocol=>4283649346, :command=>117, :nt_status=>0, :flags=>{:reply=>0, :opbatch=>0, :oplock=>0, :canonicalized_paths=>1, :case_insensitive=>1, :reserved=>0, :buf_avail=>0, :lock_and_read_ok=>0}, :flags2=>{:reserved1=>0, :is_long_name=>0, :reserved2=>0, :signature_required=>0, :compressed=>0, :security_signature=>0, :eas=>0, :long_names=>1, :unicode=>0, :nt_status=>1, :paging_io=>1, :dfs=>0, :extended_security=>0, :reparse_path=>0}, :pid_high=>0, :security_features=>"\x00\x00\x00\x00\x00\x00\x00\x00", :reserved=>0, :tid=>0, :pid_low=>0, :uid=>0, :mid=>0}, :parameter_block=>{:word_count=>4, :andx_block=>{:andx_command=>255, :andx_reserved=>0, :andx_offset=>0}, :flags=>{:reserved=>0, :extended_response=>1, :extended_signature=>0, :reserved2=>0, :disconnect=>0, :reserved3=>0, :reserved4=>0}, :password_length=>1}, :data_block=>{:byte_count=>8, :password=>"", :path=>"", :service=>"?????"}}
+2.3.3 :002 > packet.parameter_block
+ => {:word_count=>4, :andx_block=>{:andx_command=>255, :andx_reserved=>0, :andx_offset=>0}, :flags=>{:reserved=>0, :extended_response=>1, :extended_signature=>0, :reserved2=>0, :disconnect=>0, :reserved3=>0, :reserved4=>0}, :password_length=>1}
+2.3.3 :003 > packet.parameter_block.flags
+ => {:reserved=>0, :extended_response=>1, :extended_signature=>0, :reserved2=>0, :disconnect=>0, :reserved3=>0, :reserved4=>0}
+2.3.3 :004 > packet.parameter_block.flags.extended_signature = 1
+ => 1
+2.3.3 :005 > packet.parameter_block.flags
+ => {:reserved=>0, :extended_response=>1, :extended_signature=>1, :reserved2=>0, :disconnect=>0, :reserved3=>0, :reserved4=>0}
+2.3.3 :006 >
+2.3.3 :006 > packet.data_block.password = 'guest'
+ => "guest"
+2.3.3 :007 > packet.data_block.password
+ => "guest"
+2.3.3 :008 > packet.data_block
+ => {:byte_count=>13, :password=>"guest", :path=>"", :service=>"?????"}
+2.3.3 :009 >
+```
+
+You can also pass field/value pairs into the packet constructor as arguments, prefilling out certain fields
+if you wish.
+
+Example:
+```ruby
+2.3.3 :017 > packet = RubySMB::SMB2::Packet::TreeConnectRequest.new(path:'test')
+ => {:smb2_header=>{:protocol=>4266872130, :structure_size=>64, :credit_charge=>0, :nt_status=>0, :command=>0, :credits=>0, :flags=>{:reserved3=>0, :signed=>0, :related_operations=>0, :async_command=>0, :reply=>0, :reserved2=>0, :reserved1=>0, :replay_operation=>0, :dfs_operation=>0}, :next_command=>0, :message_id=>0, :process_id=>65279, :tree_id=>0, :session_id=>0, :signature=>"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"}, :structure_size=>9, :flags=>0, :path_offset=>72, :path_length=>4, :path=>"test"}
+2.3.3 :018 > packet.path
+ => "test"
+```
+
+#### Reading from a Binary Blob
+
+Sometimes you need to read a binary blob and apply one of the packet structures to it. 
+For example, when you are reading a response packet off of the wire, you will need to read the raw response
+string into an actual packet class. This is done using the #read class method.
+
+```ruby
+2.3.3 :014 > blob = "\xFFSMB+\x00\x00\x00\x00\x98\x01`\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00"
+ => "\xFFSMB+\u0000\u0000\u0000\u0000\x98\u0001`\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0000\u0001\u0000\u0000\u0000\u0000"
+2.3.3 :015 > packet = RubySMB::SMB1::Packet::EchoResponse.read(blob)
+ => {:smb_header=>{:protocol=>4283649346, :command=>43, :nt_status=>0, :flags=>{:reply=>1, :opbatch=>0, :oplock=>0, :canonicalized_paths=>1, :case_insensitive=>1, :reserved=>0, :buf_avail=>0, :lock_and_read_ok=>0}, :flags2=>{:reserved1=>0, :is_long_name=>0, :reserved2=>0, :signature_required=>0, :compressed=>0, :security_signature=>0, :eas=>0, :long_names=>1, :unicode=>0, :nt_status=>1, :paging_io=>1, :dfs=>0, :extended_security=>0, :reparse_path=>0}, :pid_high=>0, :security_features=>"\x00\x00\x00\x00\x00\x00\x00\x00", :reserved=>0, :tid=>0, :pid_low=>0, :uid=>0, :mid=>0}, :parameter_block=>{:word_count=>1, :sequence_number=>0}, :data_block=>{:byte_count=>0, :data=>""}}
+2.3.3 :016 >
+```
+
+#### Outputting to a Binary Blob
+Any structure or packet in rubySMB can also be output back into a binary blob using
+BinData's #to_binary_s method.
+
+Example:
+```ruby
+2.3.3 :012 > packet = RubySMB::SMB1::Packet::EchoResponse.new
+ => {:smb_header=>{:protocol=>4283649346, :command=>43, :nt_status=>0, :flags=>{:reply=>1, :opbatch=>0, :oplock=>0, :canonicalized_paths=>1, :case_insensitive=>1, :reserved=>0, :buf_avail=>0, :lock_and_read_ok=>0}, :flags2=>{:reserved1=>0, :is_long_name=>0, :reserved2=>0, :signature_required=>0, :compressed=>0, :security_signature=>0, :eas=>0, :long_names=>1, :unicode=>0, :nt_status=>1, :paging_io=>1, :dfs=>0, :extended_security=>0, :reparse_path=>0}, :pid_high=>0, :security_features=>"\x00\x00\x00\x00\x00\x00\x00\x00", :reserved=>0, :tid=>0, :pid_low=>0, :uid=>0, :mid=>0}, :parameter_block=>{:word_count=>1, :sequence_number=>0}, :data_block=>{:byte_count=>0, :data=>""}}
+2.3.3 :013 > packet.to_binary_s
+ => "\xFFSMB+\x00\x00\x00\x00\x98\x01`\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x00\x00\x00"
+```
+### Using the Client
+
+Sitting on top of the packet layer in RubySMB is the RubySMB::Client. This is the level msot users will interact with.
+It provides fairly simple conveience methods for performing SMB actions. It handles the creation, sending and receiving of packets
+for the user, relying on reasonable defaults in many cases.
+
+#### Negotiation
+
+The RubySMB Client is capabale of multi-protocol negotiation. The user simply specifies whether SMB1 and/or SMB2 should be supported, and
+the client will negotiate the propper protocol and dialect behind the scenes.
+
+In the below example, we tell the client that both SMb1 and SMB2 should be supported. The Client will then Negotiate with the
+server on which version should be used. The user does not have to ever worry about which version was negotiated.
+Example:
+```ruby
+  sock = TCPSocket.new address, 445
+  dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+  client = RubySMB::Client.new(dispatcher, smb1: true, smb2: false, username: 'msfadmin', password: 'msfadmin')
+  client.negotiate
+```
+
+#### Authentication
+
+Authentication is achieved via the [ruby ntlm gem](https://rubygems.org/gems/rubyntlm). While the client
+will not currently attempt older basic authentication on its own, it will attempt an anonymous login, if no
+user credentials are supplied:
+
+Authenticated Example:
+```ruby
+  sock = TCPSocket.new address, 445
+  dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+  client = RubySMB::Client.new(dispatcher, smb1: true, smb2: false, username: 'msfadmin', password: 'msfadmin')
+  client.negotiate
+  client.authenticate
+```
+
+Anonymous Example:
+```ruby
+      sock = TCPSocket.new address, 445
+      dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+    
+      client = RubySMB::Client.new(dispatcher, smb1: true, smb2: false, username: '', password: '')
+      client.negotiate
+      client.authenticate
+```
+
+#### Connecting to a Tree
+
+While there is one Client, that has branching code-paths for SMB1 and SMB2, once you connect to a 
+Tree you will be given a protocol specific Tree object. This Tree object will be responsible for all file operations
+that are to be conducted on that Tree.
+
+In the below example we see a simple script to connect to a remote Tree, and list all files in a given sub-directory.
+Example:
+```ruby
+      sock = TCPSocket.new address, 445
+      dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+    
+      client = RubySMB::Client.new(dispatcher, smb1: true, smb2: false, username: 'msfadmin', password: 'msfadmin')
+      client.negotiate
+      client.authenticate
+      
+      begin
+        tree = client.tree_connect('TEST_SHARE')
+        puts "Connected to #{path} successfully!"
+      rescue StandardError => e
+        puts "Failed to connect to #{path}: #{e.message}"
+      end
+      
+      files = tree.list(directory: 'subdir1')
+      
+      files.each do |file|
+        create_time = file.create_time.to_datetime.to_s
+        access_time = file.last_access.to_datetime.to_s
+        change_time = file.last_change.to_datetime.to_s
+        file_name   = file.file_name.encode("UTF-8")
+      
+        puts "FILE: #{file_name}\n\tSIZE(BYTES):#{file.end_of_file}\n\tSIZE_ON_DISK(BYTES):#{file.allocation_size}\n\tCREATED:#{create_time}\n\tACCESSED:#{access_time}\n\tCHANGED:#{change_time}\n\n"
+      end
+```
+
 
 ## Developer tips
 You'll want to have Wireshark and perhaps a tool like Impacket (which provides a small SMB client in one of its examples) installed to help with your work:
@@ -57,7 +297,7 @@ You'll want to have Wireshark and perhaps a tool like Impacket (which provides a
 
 ## Contributing
 
-1. Fork it ( https://github.com/rapid7/smb2/fork )
+1. Fork it ( https://github.com/rapid7/ruby_smb/fork )
 2. Create your feature branch (`git checkout -b my-new-feature`)
 3. Commit your changes (`git commit -am 'Add some feature'`)
 4. Push to the branch (`git push origin my-new-feature`)

data/examples/anonymous_auth.rb

@@ -6,7 +6,6 @@
 require 'bundler/setup'
 require 'ruby_smb'
 
-
 def run_authentication(address, smb1, smb2, username, password)
   # Create our socket and add it to the dispatcher
   sock = TCPSocket.new address, 445
@@ -14,8 +13,13 @@ def run_authentication(address, smb1, smb2, username, password)
 
   client = RubySMB::Client.new(dispatcher, smb1: smb1, smb2: smb2, username: username, password: password)
   protocol = client.negotiate
-  status  = client.authenticate
+  status = client.authenticate
   puts "#{protocol} : #{status}"
+  if status.name == 'STATUS_SUCCESS'
+    puts "Native OS: #{client.peer_native_os}"
+    puts "Native LAN Manager: #{client.peer_native_lm}"
+    puts "Domain/Workgroup: #{client.primary_domain}"
+  end
 end
 
 address  = ARGV[0]
@@ -24,4 +28,3 @@ password = ''
 
 # Negotiate with only SMB1 enabled
 run_authentication(address, true, false, username, password)
-

data/examples/append_file.rb

@@ -0,0 +1,40 @@
+#!/usr/bin/ruby
+
+# This example script is used for testing the appending to a file.
+# It will attempt to connect to a specific share and then append to a specified file.
+# Example usage: ruby append_file.rb 192.168.172.138 msfadmin msfadmin TEST_SHARE test.txt "data to write"
+# This will try to connect to \\192.168.172.138\TEST_SHARE with the msfadmin:msfadmin credentials
+# and write "data to write" the end of the file test.txt
+
+require 'bundler/setup'
+require 'ruby_smb'
+
+address  = ARGV[0]
+username = ARGV[1]
+password = ARGV[2]
+share    = ARGV[3]
+file     = ARGV[4]
+data     = ARGV[5]
+path     = "\\\\#{address}\\#{share}"
+
+sock = TCPSocket.new address, 445
+dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+client = RubySMB::Client.new(dispatcher, smb1: true, smb2: true, username: username, password: password)
+protocol = client.negotiate
+status = client.authenticate
+
+puts "#{protocol} : #{status}"
+
+begin
+  tree = client.tree_connect(path)
+  puts "Connected to #{path} successfully!"
+rescue StandardError => e
+  puts "Failed to connect to #{path}: #{e.message}"
+end
+
+file = tree.open_file(filename: file, write: true, disposition: RubySMB::Dispositions::FILE_OPEN_IF)
+
+result = file.append(data: data)
+puts result.to_s
+file.close

data/examples/authenticate.rb

@@ -6,7 +6,6 @@
 require 'bundler/setup'
 require 'ruby_smb'
 
-
 def run_authentication(address, smb1, smb2, username, password)
   # Create our socket and add it to the dispatcher
   sock = TCPSocket.new address, 445
@@ -14,13 +13,19 @@ def run_authentication(address, smb1, smb2, username, password)
 
   client = RubySMB::Client.new(dispatcher, smb1: smb1, smb2: smb2, username: username, password: password)
   protocol = client.negotiate
-  status  = client.authenticate
-  if client.peer_native_os
-    native_os = "(#{client.peer_native_os})"
-  else
-    native_os = ''
+  status = client.authenticate
+  puts "#{protocol} : #{status}"
+  if protocol == 'SMB1'
+    puts "Native OS: #{client.peer_native_os}"
+    puts "Native LAN Manager: #{client.peer_native_lm}"
   end
-  puts "#{protocol} : #{status} #{native_os}"
+  puts "Netbios Name: #{client.default_name}"
+  puts "Netbios Domain: #{client.default_domain}"
+  puts "FQDN of the computer: #{client.dns_host_name}"
+  puts "FQDN of the domain: #{client.dns_domain_name}"
+  puts "FQDN of the forest: #{client.dns_tree_name}"
+  puts "Dialect: #{client.dialect}"
+  puts "OS Version: #{client.os_version}"
 end
 
 address  = ARGV[0]

data/examples/delete_file.rb

@@ -0,0 +1,40 @@
+#!/usr/bin/ruby
+
+# This example script is used for testing the deleting of a file.
+# It will attempt to connect to a specific share and then delete a specified file.
+# Example usage: ruby delete_file.rb 192.168.172.138 msfadmin msfadmin TEST_SHARE short.txt
+# This will try to connect to \\192.168.172.138\TEST_SHARE with the msfadmin:msfadmin credentials
+# and delete the file short.txt
+
+require 'bundler/setup'
+require 'ruby_smb'
+
+address  = ARGV[0]
+username = ARGV[1]
+password = ARGV[2]
+share    = ARGV[3]
+file     = ARGV[4]
+path     = "\\\\#{address}\\#{share}"
+
+sock = TCPSocket.new address, 445
+dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+client = RubySMB::Client.new(dispatcher, smb1: true, smb2: true, username: username, password: password)
+
+protocol = client.negotiate
+status = client.authenticate
+
+puts "#{protocol} : #{status}"
+
+begin
+  tree = client.tree_connect(path)
+  puts "Connected to #{path} successfully!"
+rescue StandardError => e
+  puts "Failed to connect to #{path}: #{e.message}"
+end
+
+file = tree.open_file(filename: file, delete: true)
+
+data = file.delete
+puts data
+file.close

data/examples/list_directory.rb

@@ -0,0 +1,45 @@
+#!/usr/bin/ruby
+
+# This example script is used for testing directory listing functionality
+# It will attempt to connect to a specific share and then list all files in a
+#  specified directory..
+# Example usage: ruby list_directory.rb 192.168.172.138 msfadmin msfadmin TEST_SHARE subdir1
+# This will try to connect to \\192.168.172.138\TEST_SHARE with the msfadmin:msfadmin credentials,
+# and then list the contents of the directory 'subdir1'
+
+require 'bundler/setup'
+require 'ruby_smb'
+
+address  = ARGV[0]
+username = ARGV[1]
+password = ARGV[2]
+share    = ARGV[3]
+dir      = ARGV[4]
+path     = "\\\\#{address}\\#{share}"
+
+sock = TCPSocket.new address, 445
+dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+client = RubySMB::Client.new(dispatcher, smb1: true, smb2: true, username: username, password: password)
+protocol = client.negotiate
+status = client.authenticate
+
+puts "#{protocol} : #{status}"
+
+begin
+  tree = client.tree_connect(path)
+  puts "Connected to #{path} successfully!"
+rescue StandardError => e
+  puts "Failed to connect to #{path}: #{e.message}"
+end
+
+files = tree.list(directory: dir)
+
+files.each do |file|
+  create_time = file.create_time.to_datetime.to_s
+  access_time = file.last_access.to_datetime.to_s
+  change_time = file.last_change.to_datetime.to_s
+  file_name   = file.file_name.encode('UTF-8')
+
+  puts "FILE: #{file_name}\n\tSIZE(BYTES):#{file.end_of_file}\n\tSIZE_ON_DISK(BYTES):#{file.allocation_size}\n\tCREATED:#{create_time}\n\tACCESSED:#{access_time}\n\tCHANGED:#{change_time}\n\n"
+end