ruby_smb 0.0.22 → 0.0.23

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: d4cb624aedd613aa9611d226c2b8c65016407191
-  data.tar.gz: 8e5ccd06364177fb5250ecb18d54b3e10c8f860b
+  metadata.gz: 59b2f5a2d37d1e42e0bd674e58841e7209e9877f
+  data.tar.gz: 6cad39d8512753e877e9abf458ceaa21cfb201b9
 SHA512:
-  metadata.gz: 54aa6c64d27071a61c523a9e78e4cf041b9d562b6337f04e7249e6cd13c756dbc2469dfc6dc0fc637d9f71dad83c4c36bcbb422c9c3065790b67ace8e8233384
-  data.tar.gz: 253fc4162a39697d3ffd237d6e4a33b222573df2195973c5c2f5fa3f602a3ee3f98ee20e32dbaa28424ddd923336b3ad37c196888f3b97eaecd36af6ce650e10
+  metadata.gz: cbff69d36da828c531c8cf8d62ce6ad98cd0966cf9cae2b20c65cc649ca37f3ec08fac85a346b65caeaaa0f65cf0d24c9dc2218992fabe70965082df456ec58c
+  data.tar.gz: b0ea5ea13caeb32f0b787c280062f87f6d87c20179cd4e446f28f94290350f2710eef62b089f75c6bcdb215db07e75ae1f4d84ec3c905f20abacf3ac9f2f95af

data/lib/ruby_smb/client.rb

@@ -381,16 +381,7 @@ module RubySMB
     # @return [TrueClass] if session request is granted
     # @raise [RubySMB::Error::NetBiosSessionService] if session request is refused
     def session_request(name = '*SMBSERVER')
-      encoded_called_name = nb_name_encode("#{name.upcase.ljust(15)}\x20")
-      encoded_calling_name = nb_name_encode("#{''.ljust(15)}\x00")
-
-      session_request = RubySMB::Nbss::SessionRequest.new
-      session_request.session_header.session_packet_type = RubySMB::Nbss::SESSION_REQUEST
-      session_request.called_name  = "\x20#{encoded_called_name}\x00"
-      session_request.calling_name = "\x20#{encoded_calling_name}\x00"
-      session_request.session_header.packet_length =
-        session_request.num_bytes - session_request.session_header.num_bytes
-
+      session_request = session_request_packet(name)
       dispatcher.send_packet(session_request, nbss_header: false)
       raw_response = dispatcher.recv_packet(full_response: true)
       session_header =  RubySMB::Nbss::SessionHeader.read(raw_response)
@@ -402,15 +393,22 @@ module RubySMB
       return true
     end
 
-    def nb_name_encode(name)
-      encoded_name = ''
-      name.each_byte do |char|
-        first_half = (char >> 4) + 'A'.ord
-        second_half = (char & 0xF) + 'A'.ord
-        encoded_name << first_half.chr
-        encoded_name << second_half.chr
-      end
-      encoded_name
+    # Crafts the NetBIOS SessionRequest packet to be sent for session request operations.
+    #
+    # @param name [String] the NetBIOS name to request
+    # @return [RubySMB::Nbss::SessionRequest] the SessionRequest packet
+    def session_request_packet(name = '*SMBSERVER')
+      called_name = "#{name.upcase.ljust(15)}\x20"
+      calling_name = "#{''.ljust(15)}\x00"
+
+      session_request = RubySMB::Nbss::SessionRequest.new
+      session_request.session_header.session_packet_type = RubySMB::Nbss::SESSION_REQUEST
+      session_request.called_name  = called_name
+      session_request.calling_name = calling_name
+      session_request.session_header.packet_length =
+        session_request.num_bytes - session_request.session_header.num_bytes
+      session_request
     end
+
   end
 end

data/lib/ruby_smb/client/authentication.rb

@@ -83,7 +83,7 @@ module RubySMB
         @session_key = @ntlm_client.session_key
         challenge_message = @ntlm_client.session.challenge_message
         store_target_info(challenge_message.target_info) if challenge_message.has_flag?(:TARGET_INFO)
-        @os_version = extract_os_version(challenge_message.os_version.to_s)
+        @os_version = extract_os_version(challenge_message.os_version.to_s) unless challenge_message.os_version.empty?
 
         raw = smb1_ntlmssp_authenticate(type3_message, user_id)
         response = smb1_ntlmssp_final_packet(raw)
@@ -201,7 +201,7 @@ module RubySMB
         @session_key = @ntlm_client.session_key
         challenge_message = ntlm_client.session.challenge_message
         store_target_info(challenge_message.target_info) if challenge_message.has_flag?(:TARGET_INFO)
-        @os_version = extract_os_version(challenge_message.os_version.to_s)
+        @os_version = extract_os_version(challenge_message.os_version.to_s) unless challenge_message.os_version.empty?
 
         raw = smb2_ntlmssp_authenticate(type3_message, @session_id)
         response = smb2_ntlmssp_final_packet(raw)

data/lib/ruby_smb/nbss.rb

@@ -9,6 +9,7 @@ module RubySMB
     RETARGET_SESSION_RESPONSE = 0x84
     SESSION_KEEP_ALIVE        = 0x85
 
+    require 'ruby_smb/nbss/netbios_name'
     require 'ruby_smb/nbss/session_header'
     require 'ruby_smb/nbss/session_request'
     require 'ruby_smb/nbss/negative_session_response'

data/lib/ruby_smb/nbss/netbios_name.rb

@@ -0,0 +1,48 @@
+module RubySMB
+  module Nbss
+    # Representation of the NetBIOS Name as defined in
+    # [4.1. NAME FORMAT](https://tools.ietf.org/html/rfc1002#section-4.1) and
+    # [14. REPRESENTATION OF NETBIOS NAMES](https://tools.ietf.org/html/rfc1001#section-14) and
+    # [Domain name representation and compression](https://tools.ietf.org/html/rfc883#page-31)
+    class NetbiosName < BinData::Primitive
+      endian :big
+
+      bit1   :flag1, initial_value: 0
+      bit1   :flag2, initial_value: 0
+      bit6   :label_length
+      string :label, read_length: -> { label_length }
+      string :null_label, read_length: 1, value: "\x00"
+
+      def nb_name_encode(name)
+        encoded_name = ''
+        name.each_byte do |char|
+          first_half = (char >> 4) + 'A'.ord
+          second_half = (char & 0xF) + 'A'.ord
+          encoded_name << first_half.chr
+          encoded_name << second_half.chr
+        end
+        encoded_name
+      end
+
+      def nb_name_decode(encoded_name)
+        name = encoded_name.scan(/../).map do |char_pair|
+          first_half = char_pair[0];
+          second_half = char_pair[1]
+          char = ((first_half.ord - 'A'.ord) << 4) + (second_half.ord - 'A'.ord)
+          char.chr
+        end
+        name.join
+      end
+
+      def get
+        nb_name_decode(label)
+      end
+
+      def set(label)
+        self.label = nb_name_encode(label)
+        self.label_length = self.label.length
+      end
+    end
+
+  end
+end

data/lib/ruby_smb/nbss/session_request.rb

@@ -6,8 +6,8 @@ module RubySMB
       endian :big
 
       session_header :session_header
-      string         :called_name,  label: 'Called Name'
-      string         :calling_name, label: 'Calling Name'
+      netbios_name   :called_name,  label: 'Called Name'
+      netbios_name   :calling_name, label: 'Calling Name'
     end
   end
 end

data/lib/ruby_smb/smb2/dcerpc.rb

@@ -13,9 +13,11 @@ module RubySMB
 
       def bind(options={})
         bind_req = RubySMB::Dcerpc::Bind.new(options)
-        ioctl_response = ioctl_send_recv(bind_req, options)
+        write(data: bind_req.to_binary_s)
+        @size = 1024
+        dcerpc_raw_response = read()
         begin
-          dcerpc_response = RubySMB::Dcerpc::BindAck.read(ioctl_response.output_data)
+          dcerpc_response = RubySMB::Dcerpc::BindAck.read(dcerpc_raw_response)
         rescue IOError
           raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
         end

data/lib/ruby_smb/smb2/packet/ioctl_request.rb

@@ -16,7 +16,7 @@ module RubySMB
         uint32        :max_input_response,  label: 'Max Input Response'
         uint32        :output_offset,       label: 'Output Offset',       initial_value: -> { input_offset + output_count }
         uint32        :output_count,        label: 'Output Count'
-        uint32        :max_output_response, label: 'Max Output response', initial_value: 65536
+        uint32        :max_output_response, label: 'Max Output response', initial_value: 1024
 
         struct :flags do
           bit7  :reserved1, label: 'Reserved Space'

data/lib/ruby_smb/version.rb

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '0.0.22'.freeze
+  VERSION = '0.0.23'.freeze
 end

data/ruby_smb.gemspec

@@ -6,8 +6,8 @@ require 'ruby_smb/version'
 Gem::Specification.new do |spec|
   spec.name          = 'ruby_smb'
   spec.version       = RubySMB::VERSION
-  spec.authors       = ['David Maloney', 'James Lee']
-  spec.email         = ['DMaloney@rapid7.com', 'egypt@metasploit.com']
+  spec.authors       = ['David Maloney', 'James Lee', 'Dev Mohanty', 'Christophe De La Fuente']
+  spec.email         = ['DMaloney@rapid7.com', 'egypt@metasploit.com', 'dev_mohanty@rapid7.com', 'paristvinternet-github@yahoo.com']
   spec.summary       = 'A pure Ruby implementation of the SMB Protocol Family'
   spec.description   = ''
   spec.homepage      = 'https://github.com/rapid7/ruby_smb'

data/spec/lib/ruby_smb/client_spec.rb

@@ -155,8 +155,6 @@ RSpec.describe RubySMB::Client do
 
   context 'NetBIOS Session Service' do
     describe '#session_request' do
-      let(:called_name)     { '*SMBSERVER      ' }
-      let(:calling_name)    { "               \x00" }
       let(:session_header)  { RubySMB::Nbss::SessionHeader.new }
       let(:session_request) { RubySMB::Nbss::SessionRequest.new }
 
@@ -166,46 +164,10 @@ RSpec.describe RubySMB::Client do
         allow(dispatcher).to receive(:recv_packet).and_return(session_header.to_binary_s)
       end
 
-      it 'requests a session for *SMBSERVER by default' do
-        expect(client).to receive(:nb_name_encode).with(called_name).once
-        expect(client).to receive(:nb_name_encode).with(calling_name).once
-        client.session_request
-      end
-
-      it 'requests a session for the provided name and the expected calling name' do
-        name = 'NBNAME'
-        called_name  = "#{name}          "
-
-        expect(client).to receive(:nb_name_encode).with(called_name).once
-        expect(client).to receive(:nb_name_encode).with(calling_name).once
-        client.session_request(name)
-      end
-
-      it 'makes NetBIOS name uppercase' do
-        name = 'nbNamE'
-        called_name = "#{name.upcase}          "
-
-        expect(client).to receive(:nb_name_encode).with(called_name).once
-        expect(client).to receive(:nb_name_encode).with(calling_name).once
-        client.session_request(name)
-      end
-
-      it 'creates a SessionRequest packet' do
-        expect(RubySMB::Nbss::SessionRequest).to receive(:new).and_return(session_request)
-        client.session_request
-      end
-
-      it 'sets the expected fields of the SessionRequest packet' do
-        encoded_called_name = "\x20#{client.nb_name_encode(called_name)}\x00"
-        encoded_calling_name = "\x20#{client.nb_name_encode(calling_name)}\x00"
-        allow(dispatcher).to receive(:send_packet) do |packet, _opts|
-          expect(packet).to be_a(RubySMB::Nbss::SessionRequest)
-          expect(packet.session_header.session_packet_type).to eq RubySMB::Nbss::SESSION_REQUEST
-          expect(packet.called_name).to eq encoded_called_name
-          expect(packet.calling_name).to eq encoded_calling_name
-          expect(packet.session_header.packet_length).to eq (encoded_called_name.size + encoded_calling_name.size)
-        end
-        client.session_request
+      it 'calls #session_request_packet' do
+        called_name = 'SPECNAME'
+        expect(client).to receive(:session_request_packet).with(called_name)
+        client.session_request(called_name)
       end
 
       it 'sends the SessionRequest packet without adding additional NetBIOS Session Header' do
@@ -237,11 +199,36 @@ RSpec.describe RubySMB::Client do
       end
     end
 
-    describe '#nb_name_encode' do
-      it 'encodes as expected' do
-        input = 'TESTNB          '
-        output = 'FEEFFDFEEOECCACACACACACACACACACA'
-        expect(client.nb_name_encode(input)).to eq output
+    describe '#session_request_packet' do
+      it 'creates a SessionRequest packet' do
+        session_request = RubySMB::Nbss::SessionRequest.new
+        expect(RubySMB::Nbss::SessionRequest).to receive(:new).and_return(session_request)
+        client.session_request_packet
+      end
+
+      it 'sets the expected fields of the SessionRequest packet' do
+        name         = 'NBNAMESPEC'
+        called_name  = 'NBNAMESPEC      '
+        calling_name = "               \x00"
+
+        session_packet = client.session_request_packet(name)
+        expect(session_packet).to be_a(RubySMB::Nbss::SessionRequest)
+        expect(session_packet.session_header.session_packet_type).to eq RubySMB::Nbss::SESSION_REQUEST
+        expect(session_packet.called_name).to eq called_name
+        expect(session_packet.calling_name).to eq calling_name
+        expect(session_packet.session_header.packet_length).to eq(
+          session_packet.called_name.to_binary_s.size + session_packet.calling_name.to_binary_s.size
+        )
+      end
+
+      it 'converts the called name to upperase' do
+        name = 'myname'
+        session_packet = client.session_request_packet(name)
+        expect(session_packet.called_name).to eq("#{name.upcase.ljust(15)}\x20")
+      end
+
+      it 'returns a session packet with *SMBSERVER by default' do
+        expect(client.session_request_packet.called_name).to eq('*SMBSERVER      ')
       end
     end
   end

data/spec/lib/ruby_smb/nbss/netbios_name_spec.rb

@@ -0,0 +1,95 @@
+RSpec.describe RubySMB::Nbss::NetbiosName do
+  subject(:netbios_name) { described_class.new }
+
+  it { is_expected.to respond_to :flag1 }
+  it { is_expected.to respond_to :flag2 }
+  it { is_expected.to respond_to :label_length }
+  it { is_expected.to respond_to :label }
+  it { is_expected.to respond_to :null_label }
+
+  it 'is big endian' do
+    expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :big
+  end
+
+  describe '#flag1' do
+    it 'is a 1-bit field' do
+      expect(netbios_name.flag1).to be_a BinData::Bit1
+    end
+
+    it 'is set to 0 by default' do
+      expect(netbios_name.flag1).to eq 0
+    end
+  end
+
+  describe '#flag2' do
+    it 'is a 1-bit field' do
+      expect(netbios_name.flag2).to be_a BinData::Bit1
+    end
+
+    it 'is set to 0 by default' do
+      expect(netbios_name.flag2).to eq 0
+    end
+  end
+
+  describe '#label_length' do
+    it 'is a 6-bit field' do
+      expect(netbios_name.label_length).to be_a BinData::Bit6
+    end
+  end
+
+  describe '#label' do
+    it 'is a string' do
+      expect(netbios_name.label).to be_a BinData::String
+    end
+
+    it 'reads #label_length bytes' do
+      str = 'ABCDEFGHIJ'
+      netbios_name.label_length = 4
+      expect(netbios_name.label.read(str)).to eq(str[0,4])
+    end
+  end
+
+  describe '#null_label' do
+    it 'is a string' do
+      expect(netbios_name.null_label).to be_a BinData::String
+    end
+
+    it 'is always a NULL byte' do
+      str = 'ABCD'
+      expect(netbios_name.null_label.read(str)).to eq("\x00")
+    end
+  end
+
+  describe '#nb_name_encode' do
+    it 'encodes as expected' do
+      input = 'TESTNB          '
+      output = 'FEEFFDFEEOECCACACACACACACACACACA'
+      expect(netbios_name.nb_name_encode(input)).to eq output
+    end
+  end
+
+  describe '#nb_name_encode' do
+    it 'decodes as expected' do
+      input = 'FEEFFDFEEOECCACACACACACACACACACA'
+      output = 'TESTNB          '
+      expect(netbios_name.nb_name_decode(input)).to eq output
+    end
+  end
+
+  describe '#get' do
+    it 'returns the expected label' do
+      label = 'TESTNB          '
+      expect(netbios_name.assign(label)).to eq(label)
+    end
+  end
+
+  describe '#set' do
+    it 'sets the expected label and the label_length fields' do
+      label = 'TESTNB          '
+      netbios_name.assign(label)
+      expect(netbios_name.label).to eq(netbios_name.nb_name_encode(label))
+      expect(netbios_name.label_length).to eq(netbios_name.nb_name_encode(label).length)
+    end
+  end
+end
+

data/spec/lib/ruby_smb/nbss/session_request_spec.rb

@@ -17,13 +17,13 @@ RSpec.describe RubySMB::Nbss::SessionRequest do
 
   describe '#called_name' do
     it 'is a string' do
-      expect(session_request.called_name).to be_a BinData::String
+      expect(session_request.called_name).to be_a RubySMB::Nbss::NetbiosName
     end
   end
 
   describe '#calling_name' do
     it 'is a string' do
-      expect(session_request.calling_name).to be_a BinData::String
+      expect(session_request.calling_name).to be_a RubySMB::Nbss::NetbiosName
     end
   end
 end

data/spec/lib/ruby_smb/smb2/pipe_spec.rb

@@ -43,7 +43,7 @@ RSpec.describe RubySMB::SMB2::Pipe do
       expect(pipe.peek_available).to eq(0x40302010)
     end
   end
-  
+
   describe '#peek_state' do
     it 'reads the correct state of the pipe' do
       allow(pipe).to receive(:peek) { ioctl_response }
@@ -111,12 +111,12 @@ RSpec.describe RubySMB::SMB2::Pipe do
     describe '#bind' do
       let(:options) { { endpoint: RubySMB::Dcerpc::Srvsvc } }
       let(:bind_packet) { RubySMB::Dcerpc::Bind.new(options) }
-      let(:ioctl_response) { RubySMB::SMB2::Packet::IoctlResponse.new }
       let(:bind_ack_packet) { RubySMB::Dcerpc::BindAck.new }
 
       before :example do
         allow(RubySMB::Dcerpc::Bind).to receive(:new).and_return(bind_packet)
-        allow(pipe).to receive(:ioctl_send_recv).and_return(ioctl_response)
+        allow(pipe).to receive(:write)
+        allow(pipe).to receive(:read)
         bind_ack_packet.p_result_list.n_results = 1
         bind_ack_packet.p_result_list.p_results[0].result = RubySMB::Dcerpc::BindAck::ACCEPTANCE
         allow(RubySMB::Dcerpc::BindAck).to receive(:read).and_return(bind_ack_packet)
@@ -127,13 +127,20 @@ RSpec.describe RubySMB::SMB2::Pipe do
         pipe.bind(options)
       end
 
-      it 'calls #ioctl_send_recv' do
-        expect(pipe).to receive(:ioctl_send_recv).with(bind_packet, options)
+      it 'writes to the named pipe' do
+        expect(pipe).to receive(:write).with(data: bind_packet.to_binary_s)
+        pipe.bind(options)
+      end
+
+      it 'reads the socket' do
+        expect(pipe).to receive(:read)
         pipe.bind(options)
       end
 
       it 'creates a BindAck packet from the response' do
-        expect(RubySMB::Dcerpc::BindAck).to receive(:read).with(ioctl_response.output_data).and_return(bind_ack_packet)
+        raw_response = RubySMB::Dcerpc::BindAck.new.to_binary_s
+        allow(pipe).to receive(:read).and_return(raw_response)
+        expect(RubySMB::Dcerpc::BindAck).to receive(:read).with(raw_response).and_return(bind_ack_packet)
         pipe.bind(options)
       end
 
@@ -199,7 +206,7 @@ RSpec.describe RubySMB::SMB2::Pipe do
       it 'raises the expected exception when it is not a BindAck packet' do
         response = RubySMB::Dcerpc::Request.new
         allow(RubySMB::Dcerpc::Response).to receive(:read).and_return(response)
-        expect { pipe.bind(options) }.to raise_error(RubySMB::Dcerpc::Error::InvalidPacket)
+        expect { pipe.request(opnum, options) }.to raise_error(RubySMB::Dcerpc::Error::InvalidPacket)
       end
 
       it 'returns the expected DCERPC Response' do

metadata

@@ -1,11 +1,13 @@
 --- !ruby/object:Gem::Specification
 name: ruby_smb
 version: !ruby/object:Gem::Version
-  version: 0.0.22
+  version: 0.0.23
 platform: ruby
 authors:
 - David Maloney
 - James Lee
+- Dev Mohanty
+- Christophe De La Fuente
 autorequire: 
 bindir: bin
 cert_chain:
@@ -89,7 +91,7 @@ cert_chain:
   G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
   8mVuTXnyJOKRJA==
   -----END CERTIFICATE-----
-date: 2018-03-06 00:00:00.000000000 Z
+date: 2018-03-13 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redcarpet
@@ -207,6 +209,8 @@ description: ''
 email:
 - DMaloney@rapid7.com
 - egypt@metasploit.com
+- dev_mohanty@rapid7.com
+- paristvinternet-github@yahoo.com
 executables: []
 extensions: []
 extra_rdoc_files: []
@@ -292,6 +296,7 @@ files:
 - lib/ruby_smb/impersonation_levels.rb
 - lib/ruby_smb/nbss.rb
 - lib/ruby_smb/nbss/negative_session_response.rb
+- lib/ruby_smb/nbss/netbios_name.rb
 - lib/ruby_smb/nbss/session_header.rb
 - lib/ruby_smb/nbss/session_request.rb
 - lib/ruby_smb/smb1.rb
@@ -468,6 +473,7 @@ files:
 - spec/lib/ruby_smb/fscc/fscc_file_attributes_spec.rb
 - spec/lib/ruby_smb/generic_packet_spec.rb
 - spec/lib/ruby_smb/nbss/negative_session_response_spec.rb
+- spec/lib/ruby_smb/nbss/netbios_name_spec.rb
 - spec/lib/ruby_smb/nbss/session_header_spec.rb
 - spec/lib/ruby_smb/nbss/session_request_spec.rb
 - spec/lib/ruby_smb/smb1/andx_block_spec.rb
@@ -646,6 +652,7 @@ test_files:
 - spec/lib/ruby_smb/fscc/fscc_file_attributes_spec.rb
 - spec/lib/ruby_smb/generic_packet_spec.rb
 - spec/lib/ruby_smb/nbss/negative_session_response_spec.rb
+- spec/lib/ruby_smb/nbss/netbios_name_spec.rb
 - spec/lib/ruby_smb/nbss/session_header_spec.rb
 - spec/lib/ruby_smb/nbss/session_request_spec.rb
 - spec/lib/ruby_smb/smb1/andx_block_spec.rb