ruby_smb 1.0.3 → 2.0.1

data/lib/ruby_smb/smb2/packet.rb

@@ -30,6 +30,8 @@ module RubySMB
       require 'ruby_smb/smb2/packet/write_response'
       require 'ruby_smb/smb2/packet/ioctl_request'
       require 'ruby_smb/smb2/packet/ioctl_response'
+      require 'ruby_smb/smb2/packet/transform_header'
+      require 'ruby_smb/smb2/packet/compression_transform_header'
     end
   end
 end

data/lib/ruby_smb/smb2/packet/close_request.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Close Request Packet as defined in
       # [2.2.15 SMB2 CLOSE Request](https://msdn.microsoft.com/en-us/library/cc246523.aspx)
       class CloseRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::CLOSE
+
         endian :little
 
         smb2_header           :smb2_header
@@ -12,10 +14,6 @@ module RubySMB
         uint32                :reserved,              label: 'Reserved Space'
         smb2_fileid           :file_id,               label: 'File ID'
 
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::CLOSE
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/close_response.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Close Response Packet as defined in
       # [2.2.16 SMB2 CLOSE Response](https://msdn.microsoft.com/en-us/library/cc246524.aspx)
       class CloseResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::CLOSE
+
         endian :little
 
         smb2_header      :smb2_header
@@ -20,7 +22,6 @@ module RubySMB
 
         def initialize_instance
           super
-          smb2_header.command     = RubySMB::SMB2::Commands::CLOSE
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/compression_transform_header.rb

@@ -0,0 +1,41 @@
+module RubySMB
+  module SMB2
+    module Packet
+      # An SMB2 COMPRESSION_TRANSFORM_HEADER Packet as defined in
+      # [2.2.42 SMB2 COMPRESSION_TRANSFORM_HEADER](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/1d435f21-9a21-4f4c-828e-624a176cf2a0)
+      class CompressionTransformHeader < BinData::Record
+        endian :little
+
+        bit32            :protocol,                         label: 'Protocol ID Field',      initial_value: 0xFC534D42
+        uint32           :original_compressed_segment_size, label: 'Original Compressed Segment Size'
+        uint16           :compression_algorithm,            label: 'Compression Algorithm'
+        uint16           :flags,                            label: 'Flags'
+        uint32           :offset,                           label: 'Offset / Length'
+      end
+
+      # An SMB2 SMB2_COMPRESSION_TRANSFORM_HEADER_PAYLOAD Packet as defined in
+      # [2.2.42.1 SMB2_COMPRESSION_TRANSFORM_HEADER_PAYLOAD](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/8898e8e7-f1b2-47f5-a525-2ce5bad6db64)
+      class Smb2CompressionPayloadHeader < BinData::Record
+        endian :little
+        hide   :reserved
+
+        uint16           :algorithm_id,                     label: 'Algorithm ID'
+        uint16           :reserved
+        uint32           :payload_length,                   label: 'Compressed Payload Length'
+      end
+
+      # An SMB2 SMB2_COMPRESSION_PATTERN_PAYLOAD_V1 Packet as defined in
+      # [2.2.42.2 SMB2_COMPRESSION_PATTERN_PAYLOAD_V1](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/f6859837-395a-4d0a-8971-1fc3919e2d09)
+      class Smb2CompressionPatternPayloadV1 < BinData::Record
+        endian :little
+        hide   :reserved1, :reserved2
+
+        uint8            :pattern,                          label: 'Pattern'
+        uint8            :reserved1
+        uint16           :reserved2
+        uint32           :repetitions,                      label: 'Repetitions'
+      end
+    end
+  end
+end
+

data/lib/ruby_smb/smb2/packet/create_request.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Create Request Packet as defined in
       # [2.2.13 SMB2 CREATE Request](https://msdn.microsoft.com/en-us/library/cc246502.aspx)
       class CreateRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::CREATE
+
         require 'ruby_smb/smb1/bit_field/create_options'
 
         endian :little
@@ -44,10 +46,6 @@ module RubySMB
 
         array :context, label: 'Contexts', type: :create_context, read_until: :eof
 
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::CREATE
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/create_response.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Create Response Packet as defined in
       # [2.2.14 SMB2 CREATE Response](https://msdn.microsoft.com/en-us/library/cc246512.aspx)
       class CreateResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::CREATE
+
         endian :little
         smb2_header           :smb2_header
         uint16                :structure_size,       label: 'Structure Size', initial_value: 89
@@ -26,7 +28,6 @@ module RubySMB
 
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::CREATE
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/echo_request.rb

@@ -4,15 +4,13 @@ module RubySMB
       # An SMB2 Echo Request Packet as defined in
       # [2.2.28 SMB2 ECHO Request](https://msdn.microsoft.com/en-us/library/cc246540.aspx)
       class EchoRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::ECHO
+
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
         uint16       :reserved
 
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::ECHO
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/echo_response.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Echo response Packet as defined in
       # [2.2.29 SMB2 ECHO Response](https://msdn.microsoft.com/en-us/library/cc246541.aspx)
       class EchoResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::ECHO
+
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
@@ -11,7 +13,6 @@ module RubySMB
 
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::ECHO
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/error_packet.rb

@@ -1,12 +1,24 @@
 module RubySMB
   module SMB2
     module Packet
-      # An SMB2 Error packet for when an incomplete response comes back
+      # This class represents an SMB2 Error Response Packet as defined in
+      # [2.2.2 SMB2 ERROR Response](https://msdn.microsoft.com/en-us/library/cc246530.aspx)
       class ErrorPacket < RubySMB::GenericPacket
+        attr_accessor :original_command
+
         endian       :little
         smb2_header  :smb2_header
-        uint16       :structure_size, label: 'Structure Size', initial_value: 4
-        uint8        :error_data
+        uint16       :structure_size,      label: 'Structure Size', initial_value: 9
+        uint8        :error_context_count, label: 'ErrorContextCount'
+        uint8        :reserved
+        uint32       :byte_count,          label: 'Byte Count of ErrorData'
+        string       :error_data,          label: 'Error Data', read_length: -> { byte_count }
+
+        def valid?
+          return smb2_header.protocol == RubySMB::SMB2::SMB2_PROTOCOL_ID &&
+                 smb2_header.command == @original_command &&
+                 structure_size == 9
+        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/ioctl_request.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Ioctl Request Packet as defined in
       # [2.2.31 SMB2 IOCTL Request](https://msdn.microsoft.com/en-us/library/cc246545.aspx)
       class IoctlRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::IOCTL
+
         endian :little
 
         smb2_header   :smb2_header
@@ -30,11 +32,6 @@ module RubySMB
         uint32  :reserved2, label: 'Reserved Space'
         string  :buffer,    label: 'Input Buffer', read_length: -> { input_count + output_count }
 
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::IOCTL
-        end
-
         # Calculates the value for the input_offset field.
         # If the input buffer is empty then this should be set to 0,
         # otherwise it should return the absolute offset of the input buffer.

data/lib/ruby_smb/smb2/packet/ioctl_response.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Ioctl Response Packet as defined in
       # [2.2.32 SMB2 IOCTL Response](https://msdn.microsoft.com/en-us/library/cc246548.aspx)
       class IoctlResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::IOCTL
+
         endian :little
 
         smb2_header   :smb2_header
@@ -22,7 +24,6 @@ module RubySMB
         def initialize_instance
           super
           smb2_header.flags.reply = 1
-          smb2_header.command     = RubySMB::SMB2::Commands::IOCTL
         end
 
         def input_data

data/lib/ruby_smb/smb2/packet/logoff_request.rb

@@ -4,15 +4,13 @@ module RubySMB
       # An SMB2 LOGOFF Request Packet as defined in
       # [2.2.7 SMB2 LOGOFF Request](https://msdn.microsoft.com/en-us/library/cc246565.aspx)
       class LogoffRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::LOGOFF
+
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
         uint16       :reserved,       label: 'Reserved Space'
 
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::LOGOFF
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/logoff_response.rb

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 LOGOFF Response Packet as defined in
       # [2.2.8 SMB2 LOGOFF Response](https://msdn.microsoft.com/en-us/library/cc246566.aspx)
       class LogoffResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::LOGOFF
+
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
@@ -11,7 +13,6 @@ module RubySMB
 
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::LOGOFF
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/negotiate_request.rb

@@ -1,33 +1,39 @@
+require 'ruby_smb/smb2/negotiate_context'
+
 module RubySMB
   module SMB2
     module Packet
       # An SMB2 NEGOTIATE Request packet as defined by
       # [2.2.3 SMB2 NEGOTIATE Request](https://msdn.microsoft.com/en-us/library/cc246543.aspx)
       class NegotiateRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::NEGOTIATE
+
         endian              :little
         smb2_header         :smb2_header
-        uint16              :structure_size,      label: 'Structure Size', initial_value: 36
-        uint16              :dialect_count,       label: 'Dialect Count'
-        smb2_security_mode  :security_mode
-        uint16              :reserved1, label: 'Reserved', initial_value: 0
-        smb2_capabilities   :capabilities
-        string              :client_guid,         label: 'Client GUID',        length: 16
-        file_time           :client_start_time,   label: 'Client Start Time',  initial_value: 0
-        array               :dialects,            label: 'Dialects',           type: :uint16, read_until: :eof
-
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::NEGOTIATE
+        uint16              :structure_size,           label: 'Structure Size', initial_value: 36
+        uint16              :dialect_count,            label: 'Dialect Count', initial_value: -> { dialects.size }
+        smb2_security_mode  :security_mode,            label: 'Security Mode'
+        uint16              :reserved1,                label: 'Reserved', initial_value: 0
+        smb2_capabilities   :capabilities,             label: 'Capabilities'
+        string              :client_guid,              label: 'Client GUID', length: 16
+        struct              :negotiate_context_info,   label: 'Negotiate Context Info', onlyif: -> { has_negotiate_context? } do
+          uint32            :negotiate_context_offset, label: 'Negotiate Context Offset', initial_value: -> { negotiate_context_list.abs_offset }
+          uint16            :negotiate_context_count,  label: 'Negotiate Context Count', initial_value: -> { negotiate_context_list.size }
+          uint16            :reserved2,                label: 'Reserved', initial_value: 0
         end
+        file_time           :client_start_time,        label: 'Client Start Time', initial_value: 0, onlyif: -> { !has_negotiate_context? }
+        array               :dialects,                 label: 'Dialects', type: :uint16, initial_length: -> { dialect_count }
+        string              :pad,                      label: 'Padding', length: -> { pad_length(self.dialects) }, onlyif: -> { has_negotiate_context? }
+        array               :negotiate_context_list,   label: 'Negotiate Context List', type: :negotiate_context, onlyif: -> { has_negotiate_context? }, read_until: :eof
 
-        # Adds a dialect to the Dialects array and increments the dialect count
+        # Adds a dialect to the Dialects array
         #
         # @param [Fixnum] the numeric code for the dialect you wish to add
         # @return [Array<Fixnum>] the array of all currently selected dialects
+        # @raise [ArgumentError] if the dialect is not an Integer
         def add_dialect(dialect)
-          return ArgumentError, 'Must be a number' unless dialect.is_a? Integer
-          self.dialect_count += 1
-          dialects << dialect
+          raise ArgumentError, 'Must be a number' unless dialect.is_a? Integer
+          self.dialects << dialect
         end
 
         # Takes an array of dialects and sets it on the packet. Also updates
@@ -38,12 +44,40 @@ module RubySMB
         # @return [Array<Fixnum>] the current value of the dialects array
         def set_dialects(add_dialects = [])
           self.dialects = []
-          self.dialect_count = 0
           add_dialects.each do |dialect|
             add_dialect(dialect)
           end
           dialects
         end
+
+        # Adds a Negotiate Context to the #negotiate_context_list
+        #
+        # @param [NegotiateContext] the Negotiate Context structure you wish to add
+        # @return [Array<Fixnum>] the array of all currently added Negotiate Contexts
+        # @raise [ArgumentError] if the dialect is not a NegotiateContext structure
+        def add_negotiate_context(nc)
+          raise ArgumentError, 'Must be a NegotiateContext' unless nc.is_a? NegotiateContext
+          previous_element = negotiate_context_list.last || negotiate_context_list
+          pad_length = pad_length(previous_element)
+          self.negotiate_context_list << nc
+          self.negotiate_context_list.last.pad = "\x00" * pad_length
+          self.negotiate_context_list
+        end
+
+
+        private
+
+        # Determines the correct length for the padding, so that the next
+        # field is 8-byte aligned.
+        def pad_length(prev_element)
+          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 8
+          (8 - offset) % 8
+        end
+
+        # Return true if the dialect version requires Negotiate Contexts
+        def has_negotiate_context?
+          dialects.any? { |dialect| dialect.to_i == 0x0311 }
+        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/negotiate_response.rb

@@ -1,16 +1,21 @@
+require 'ruby_smb/smb2/negotiate_context'
+
 module RubySMB
   module SMB2
     module Packet
       # An SMB2 NEGOTIATE Response packet as defined by
       # [2.2.4 SMB2 NEGOTIATE Response](https://msdn.microsoft.com/en-us/library/cc246561.aspx)
       class NegotiateResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::NEGOTIATE
+
         endian              :little
         smb2_header         :smb2_header
-        uint16              :structure_size, label: 'Structure Size', initial_value: 65
+        uint16              :structure_size,            label: 'Structure Size', initial_value: 65
         smb2_security_mode  :security_mode
         uint16              :dialect_revision,          label: 'Dialect Revision'
-        uint16              :negotiate_context_count,   label: 'Negotiate Context Count',      initial_value: 0
-        string              :server_guid,               label: 'Server GUID',                  length: 16
+        uint16              :negotiate_context_count,   label: 'Negotiate Context Count', initial_value: -> { negotiate_context_list.size }, onlyif: -> { has_negotiate_context? }
+        uint16              :reserved1,                 label: 'Reserved', initial_value: 0, onlyif: -> { !has_negotiate_context? }
+        string              :server_guid,               label: 'Server GUID', length: 16
         smb2_capabilities   :capabilities
         uint32              :max_transact_size,         label: 'Max Transaction Size'
         uint32              :max_read_size,             label: 'Max Read Size'
@@ -19,14 +24,56 @@ module RubySMB
         file_time           :server_start_time,         label: 'Server Start Time'
         uint16              :security_buffer_offset,    label: 'Offset to Security Buffer'
         uint16              :security_buffer_length,    label: 'Security Buffer Length', initial_value: -> { security_buffer.length }
-        uint32              :negotiate_context_offset,  label: 'Offset to Negotiate Context'
+        uint32              :negotiate_context_offset,  label: 'Offset to Negotiate Context', onlyif: -> { has_negotiate_context? }
+        uint32              :reserved2,                 label: 'Reserved', initial_value: 0, onlyif: -> { !has_negotiate_context? }
         string              :security_buffer,           label: 'Security Buffer', read_length: :security_buffer_length
+        string              :pad,                       label: 'Padding', length: -> { pad_length(self.security_buffer) }, onlyif: -> { has_negotiate_context? }
+        array               :negotiate_context_list,    label: 'Negotiate Context List', initial_length: -> { negotiate_context_count }, type: :negotiate_context, onlyif: -> { has_negotiate_context? }
 
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::NEGOTIATE
           smb2_header.flags.reply = 1
         end
+
+        # Find the first Negotiate Context structure that matches the given
+        # context type
+        #
+        # @param [Integer] the Negotiate Context structure you wish to add
+        # @return [NegotiateContext] the Negotiate Context structure or nil if
+        # not found
+        def find_negotiate_context(type)
+          negotiate_context_list.find { |nc| nc.context_type == type }
+        end
+
+        # Adds a Negotiate Context to the #negotiate_context_list
+        #
+        # @param [NegotiateContext] the Negotiate Context structure you wish to add
+        # @return [Array<Fixnum>] the array of all currently added Negotiate Contexts
+        # @raise [ArgumentError] if the dialect is not a NegotiateContext structure
+        def add_negotiate_context(nc)
+          raise ArgumentError, 'Must be a NegotiateContext' unless nc.is_a? NegotiateContext
+          previous_element = negotiate_context_list.last || negotiate_context_list
+          pad_length = pad_length(previous_element)
+          self.negotiate_context_list << nc
+          self.negotiate_context_list.last.pad = "\x00" * pad_length
+          self.negotiate_context_list
+        end
+
+
+        private
+
+        # Determines the correct length for the padding, so that the next
+        # field is 8-byte aligned.
+        def pad_length(prev_element)
+          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 8
+          (8 - offset) % 8
+        end
+
+        # Return true if the dialect version requires Negotiate Contexts
+        def has_negotiate_context?
+          dialect_revision == 0x0311
+        end
+
       end
     end
   end