RubyGems - ruby_smb - Versions diffs - 1.0.3 → 2.0.1 - Mend

ruby_smb 1.0.3 → 2.0.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (200) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -2
data/Gemfile +6 -2
data/README.md +35 -47
data/examples/enum_registry_key.rb +28 -0
data/examples/enum_registry_values.rb +30 -0
data/examples/negotiate.rb +51 -8
data/examples/pipes.rb +2 -1
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +32 -0
data/lib/ruby_smb.rb +4 -1
data/lib/ruby_smb/client.rb +233 -22
data/lib/ruby_smb/client/authentication.rb +70 -33
data/lib/ruby_smb/client/echo.rb +20 -2
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +172 -24
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +24 -18
data/lib/ruby_smb/client/utils.rb +8 -7
data/lib/ruby_smb/client/winreg.rb +46 -0
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +38 -0
data/lib/ruby_smb/dcerpc/bind.rb +2 -2
data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
data/lib/ruby_smb/dcerpc/error.rb +3 -0
data/lib/ruby_smb/dcerpc/ndr.rb +95 -16
data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
data/lib/ruby_smb/dcerpc/request.rb +28 -9
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +35 -0
data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
data/lib/ruby_smb/dcerpc/winreg.rb +340 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +39 -0
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
data/lib/ruby_smb/dispatcher/socket.rb +4 -3
data/lib/ruby_smb/error.rb +68 -2
data/lib/ruby_smb/generic_packet.rb +33 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +66 -15
data/lib/ruby_smb/smb1/packet/close_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/empty_packet.rb +10 -1
data/lib/ruby_smb/smb1/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/negotiate_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/negotiate_response.rb +3 -7
data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +4 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/create_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/nt_trans/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/nt_trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/read_andx_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/read_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_request.rb +0 -1
data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_response.rb +3 -2
data/lib/ruby_smb/smb1/packet/trans/request.rb +2 -5
data/lib/ruby_smb/smb1/packet/trans/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans/transact_nmpipe_response.rb +1 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_first2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/find_next2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/find_next2_response.rb +8 -2
data/lib/ruby_smb/smb1/packet/trans2/open2_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/open2_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/request.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/request_secondary.rb +2 -4
data/lib/ruby_smb/smb1/packet/trans2/response.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_request.rb +2 -1
data/lib/ruby_smb/smb1/packet/trans2/set_file_information_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/tree_connect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_connect_response.rb +13 -3
data/lib/ruby_smb/smb1/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb1/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +3 -6
data/lib/ruby_smb/smb1/packet/write_andx_response.rb +2 -1
data/lib/ruby_smb/smb1/pipe.rb +87 -6
data/lib/ruby_smb/smb1/tree.rb +50 -3
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +103 -25
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/close_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/close_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/create_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/create_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/echo_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/echo_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/error_packet.rb +15 -3
data/lib/ruby_smb/smb2/packet/ioctl_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/ioctl_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/logoff_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/logoff_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -17
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +52 -5
data/lib/ruby_smb/smb2/packet/query_directory_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/query_directory_response.rb +8 -2
data/lib/ruby_smb/smb2/packet/read_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/read_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/session_setup_request.rb +2 -5
data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/set_info_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/set_info_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +93 -10
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +10 -22
data/lib/ruby_smb/smb2/packet/tree_disconnect_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/tree_disconnect_response.rb +2 -1
data/lib/ruby_smb/smb2/packet/write_request.rb +2 -4
data/lib/ruby_smb/smb2/packet/write_response.rb +2 -1
data/lib/ruby_smb/smb2/pipe.rb +86 -12
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +65 -21
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +5 -3
data/spec/lib/ruby_smb/client_spec.rb +1612 -108
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +410 -0
data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +98 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +108 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +90 -0
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +150 -0
data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +710 -0
data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +2 -2
data/spec/lib/ruby_smb/error_spec.rb +59 -0
data/spec/lib/ruby_smb/generic_packet_spec.rb +52 -4
data/spec/lib/ruby_smb/smb1/file_spec.rb +191 -2
data/spec/lib/ruby_smb/smb1/packet/empty_packet_spec.rb +68 -0
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/packet/trans2/find_first2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/trans2/find_next2_response_spec.rb +11 -2
data/spec/lib/ruby_smb/smb1/packet/tree_connect_response_spec.rb +40 -0
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +272 -149
data/spec/lib/ruby_smb/smb1/tree_spec.rb +44 -7
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +323 -6
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +78 -0
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/query_directory_response_spec.rb +8 -0
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -22
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +286 -149
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +261 -2
metadata +191 -83
metadata.gz.sig +0 -0
data/lib/ruby_smb/smb1/dcerpc.rb +0 -67
data/lib/ruby_smb/smb2/dcerpc.rb +0 -70
data/spec/lib/ruby_smb/smb1/packet/error_packet_spec.rb +0 -37

data/lib/ruby_smb/smb2/packet/query_directory_request.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Query Directory Request Packet as defined in
       # [2.2.33 SMB2 QUERY_DIRECTORY Request](https://msdn.microsoft.com/en-us/library/cc246551.aspx)
       class QueryDirectoryRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::QUERY_DIRECTORY
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size,          label: 'Structure Size', initial_value: 33
@@ -25,10 +27,6 @@ module RubySMB
         uint32        :output_length, label: 'Output Buffer Length'
         string16      :name,          label: 'Name/Search Pattern'
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::QUERY_DIRECTORY
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/query_directory_response.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Query Directory Response Packet as defined in
       # [2.2.34 SMB2 QUERY_DIRECTORY Response](https://msdn.microsoft.com/en-us/library/cc246552.aspx)
       class QueryDirectoryResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::QUERY_DIRECTORY
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size,  label: 'Structure Size',       initial_value: 9
@@ -13,7 +15,6 @@ module RubySMB
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::QUERY_DIRECTORY
           smb2_header.flags.reply = 1
         end
@@ -23,6 +24,7 @@ module RubySMB
         #
         # @param klass [Class] the FileInformationClass class to read the data as
         # @return [array<BinData::Record>] An array of structs holding the requested information
+        # @raise [RubySMB::Error::InvalidPacket] if the string buffer is not a valid File Information
         def results(klass)
           information_classes = []
           blob = buffer.to_binary_s.dup
@@ -35,7 +37,11 @@ module RubySMB
                      blob.slice!(0, length)
                    end
-            information_classes << klass.read(data)
+            begin
+              information_classes << klass.read(data)
+            rescue IOError
+              raise RubySMB::Error::InvalidPacket, "Invalid #{klass} File Information in the string buffer"
+            end
           end
           information_classes
         end

data/lib/ruby_smb/smb2/packet/read_request.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Read Request Packet as defined in
       # [2.2.19 SMB2 READ Request](https://msdn.microsoft.com/en-us/library/cc246527.aspx)
       class ReadRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::READ
         endian :little
         smb2_header           :smb2_header
@@ -20,10 +22,6 @@ module RubySMB
         uint16                :channel_length,        label: 'Read Channel Info Length'
         string                :buffer,                label: 'Read Channel info Buffer', initial_value: 0x00
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::READ
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/read_response.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Read Response Packet as defined in
       # [2.2.20 SMB2 READ Response](https://msdn.microsoft.com/en-us/library/cc246531.aspx)
       class ReadResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::READ
         endian :little
         smb2_header   :smb2_header
@@ -17,7 +19,6 @@ module RubySMB
         def initialize_instance
           super
-          smb2_header.command     = RubySMB::SMB2::Commands::READ
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/session_setup_request.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 SessionSetupRequest Packet as defined in
       # [2.2.5 SMB2 SESSION_SETUP Request](https://msdn.microsoft.com/en-us/library/cc246563.aspx)
       class SessionSetupRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::SESSION_SETUP
         endian                     :little
         smb2_header                :smb2_header
         uint16                     :structure_size,          label: 'Structure Size',          initial_value: 25
@@ -16,11 +18,6 @@ module RubySMB
         uint64                     :previous_session_id,     label: 'Previous Session ID'
         string                     :buffer,                  label: 'Security Buffer', length: -> { security_buffer_length }
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::SESSION_SETUP
-        end
         # Takes a serialized NTLM Type 1 message and wraps it in the GSS ASN1 encoding
         # and inserts it into the {RubySMB::SMB2::Packet::SessionSetupRequest#buffer}
         # as well as updating the {RubySMB::SMB2::Packet::SessionSetupRequest#security_buffer_length}

data/lib/ruby_smb/smb2/packet/session_setup_response.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 SessionSetupResponse Packet as defined in
       # [2.2.6 SMB2 SESSION_SETUP Response](https://msdn.microsoft.com/en-us/library/cc246564.aspx)
       class SessionSetupResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::SESSION_SETUP
         endian :little
         smb2_header         :smb2_header
         uint16              :structure_size, label: 'Structure Size', initial_value: 9
@@ -14,7 +16,6 @@ module RubySMB
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::SESSION_SETUP
           smb2_header.flags.reply = 1
         end

data/lib/ruby_smb/smb2/packet/set_info_request.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Set Info Request Packet as defined in
       # [2.2.39 SMB2 SET_INFO Request](https://msdn.microsoft.com/en-us/library/cc246560.aspx)
       class SetInfoRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::SET_INFO
         include RubySMB::Fscc::FileInformation
         endian :little
@@ -48,10 +50,6 @@ module RubySMB
           file_id_full_directory_information FILE_ID_FULL_DIRECTORY_INFORMATION, label: 'File Id Full Directory Information'
         end
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::SET_INFO
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/set_info_response.rb CHANGED

@@ -4,6 +4,8 @@ module RubySMB
       # An SMB2 Read Response Packet as defined in
       # [2.2.40 SMB2 SET_INFO Response](https://msdn.microsoft.com/en-us/library/cc246562.aspx)
       class SetInfoResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::SET_INFO
         endian :little
         smb2_header   :smb2_header
@@ -11,7 +13,6 @@ module RubySMB
         def initialize_instance
           super
-          smb2_header.command     = RubySMB::SMB2::Commands::SET_INFO
           smb2_header.flags.reply = 1
         end
       end

data/lib/ruby_smb/smb2/packet/transform_header.rb ADDED

@@ -0,0 +1,84 @@
+module RubySMB
+  module SMB2
+    module Packet
+      # An SMB2 TRANSFORM_HEADER Packet as defined in
+      # [2.2.41 SMB2 TRANSFORM_HEADER](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/d6ce2327-a4c9-4793-be66-7b5bad2175fa)
+      class TransformHeader < BinData::Record
+        endian :little
+        hide   :reserved0
+        endian           :little
+        bit32            :protocol,              label: 'Protocol ID Field',      initial_value: 0xFD534D42
+        string           :signature,             label: 'Signature', length: 16
+        string           :nonce,                 label: 'Nonce',     length: 16
+        uint32           :original_message_size, label: 'Original Message Size'
+        uint16           :reserved0
+        uint16           :flags,                 label: 'Flags / Encryption Algorithm'
+        uint64           :session_id,            label: 'Session ID'
+        array            :encrypted_data,        label: 'Encrypted Data', type: :uint8, read_until: :eof
+        def decrypt(key, algorithm: 'AES-128-GCM')
+          auth_data = self.to_binary_s[20...52]
+          encrypted_data = self.encrypted_data.to_ary.pack('C*')
+          case algorithm
+          when 'AES-128-CCM'
+            cipher = OpenSSL::CCM.new('AES', key, 16)
+            unencrypted_data = cipher.decrypt(encrypted_data + self.signature, self.nonce[0...11], auth_data)
+            unless unencrypted_data.length > 0
+              raise OpenSSL::Cipher::CipherError  # raised for consistency with GCM mode
+            end
+          when 'AES-128-GCM'
+            cipher = OpenSSL::Cipher.new(algorithm).decrypt
+            cipher.key = key
+            cipher.iv = self.nonce[0...12]
+            cipher.auth_data = auth_data
+            cipher.auth_tag = self.signature
+            unencrypted_data = cipher.update(encrypted_data)
+            cipher.final # raises OpenSSL::Cipher::CipherError on signature failure
+          else
+            raise ArgumentError.new('Invalid algorithm, must be either AES-128-CCM or AES-128-GCM')
+          end
+          unencrypted_data[0...self.original_message_size]
+        rescue Exception => e
+          raise RubySMB::Error::EncryptionError, "Error while decrypting with '#{algorithm}' (#{e.class}: #{e})"
+        end
+        def encrypt(unencrypted_data, key, algorithm: 'AES-128-GCM')
+          if unencrypted_data.is_a? BinData::Record
+            unencrypted_data = unencrypted_data.to_binary_s
+          end
+          self.original_message_size.assign(unencrypted_data.length)
+          case algorithm
+          when 'AES-128-CCM'
+            cipher = OpenSSL::CCM.new('AES', key, 16)
+            random_iv = OpenSSL::Random.random_bytes(11)
+            self.nonce.assign(random_iv)
+            result = cipher.encrypt(unencrypted_data, random_iv, self.to_binary_s[20...52])
+            encrypted_data = result[0...-16]
+            auth_tag = result[-16..-1]
+          when 'AES-128-GCM'
+            cipher = OpenSSL::Cipher.new(algorithm).encrypt
+            cipher.iv_len = 12
+            cipher.key = key
+            self.nonce.assign(cipher.random_iv)
+            cipher.auth_data = self.to_binary_s[20...52]
+            encrypted_data = cipher.update(unencrypted_data) + cipher.final
+            auth_tag = cipher.auth_tag
+          else
+            raise ArgumentError.new('Invalid algorithm, must be either AES-128-CCM or AES-128-GCM')
+          end
+          self.encrypted_data.assign(encrypted_data.bytes)
+          self.signature.assign(auth_tag)
+          nil
+        rescue Exception => e
+          raise RubySMB::Error::EncryptionError, "Error while encrypting with '#{algorithm}' (#{e.class}: #{e})"
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb2/packet/tree_connect_request.rb CHANGED

@@ -1,25 +1,108 @@
 module RubySMB
   module SMB2
     module Packet
+      # An SMB2 RemotedIdentityTreeConnectContext Packet as defined in
+      # [2.2.9.2.1 SMB2_REMOTED_IDENTITY_TREE_CONNECT Context](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/ee7ff411-93e0-484f-9f73-31916fee4cb8)
+      # TODO: implement helper methods to add each Remote Identity element
+      class RemotedIdentityTreeConnectContext < BinData::Record
+        endian :little
+        uint16 :ticket_type,       label: 'Ticket Type', initial_value: 0x0001
+        uint16 :ticket_size,       label: 'Ticket Size', initial_value: -> { num_bytes }
+        uint16 :user,              label: 'User'
+        uint16 :user_name,         label: 'User Name'
+        uint16 :domain,            label: 'Domain'
+        uint16 :groups,            label: 'Groups'
+        uint16 :restricted_groups, label: 'Restricted Groups'
+        uint16 :privileges,        label: 'Privileges'
+        uint16 :primary_group,     label: 'Primary Group'
+        uint16 :owner,             label: 'Owner'
+        uint16 :default_dacl,      label: 'Default DACL'
+        uint16 :device_groups,     label: 'Device Groups'
+        uint16 :user_claims,       label: 'User Claims'
+        uint16 :device_claims,     label: 'Device Claims'
+        string :ticket_info,       label: 'Ticket Info', read_length: -> { ticket_size - ticket_info.rel_offset}
+      end
+      # An SMB2 TreeConnectContext Packet as defined in
+      # [2.2.9.2 SMB2 TREE_CONNECT_CONTEXT Request Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/06eaaabc-caca-4776-9daf-82439e90dacd)
+      class TreeConnectContext < BinData::Record
+        # Context Types
+        # This value is reserved.
+        SMB2_RESERVED_TREE_CONNECT_CONTEXT_ID = 0x0000
+        # The Data field contains remoted identity tree connect context data as
+        # specified in section [2.2.9.2.1](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/ee7ff411-93e0-484f-9f73-31916fee4cb8)
+        SMB2_REMOTED_IDENTITY_TREE_CONNECT_CONTEXT_ID = 0x0001
+        endian :little
+        uint16 :context_type, label: 'Context Type'
+        uint16 :data_length,  label: 'Data Length', initial_value: -> { data.to_binary_s.size }
+        uint32 :reserved,     label: 'Reserved'
+        choice :data,         label: 'Data', selection: -> { context_type } do
+          remoted_identity_tree_connect_context SMB2_REMOTED_IDENTITY_TREE_CONNECT_CONTEXT_ID, label: 'Remoted Identity Tree Connect Context'
+        end
+      end
+      # An SMB2 TreeConnectRequestExtension Packet as defined in
+      # [2.2.9.1 SMB2 TREE_CONNECT Request Extension](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9ca7328b-b6ca-41a7-9773-0fa237261b76)
+      class TreeConnectRequestExtension < BinData::Record
+        endian :little
+        uint32   :tree_connect_context_offset, label: 'Tree Connect Context Offset', initial_value: -> { tree_connect_contexts.rel_offset }
+        uint16   :tree_connect_context_count,  label: 'Tree Connect Context Count', initial_value: -> { tree_connect_contexts.size }
+        string   :reserved,                    label: 'Reserved', length: 10
+        string16 :path,                        label: 'Path Buffer'
+        array    :tree_connect_contexts,       label: 'Tree Connect Contexts', type: :tree_connect_context, initial_length: -> { tree_connect_context_count }
+      end
       # An SMB2 TreeConnectRequest Packet as defined in
       # [2.2.9 SMB2 TREE_CONNECT Request](https://msdn.microsoft.com/en-us/library/cc246567.aspx)
       class TreeConnectRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::TREE_CONNECT
+        # Flags (SMB 3.1.1 only)
+        # The client has previously connected to the specified cluster share
+        # using the SMB dialect of the connection on which the request is received.
+        SMB2_TREE_CONNECT_FLAG_CLUSTER_RECONNECT = 0x0001
+        # The client can handle synchronous share redirects via a Share Redirect
+        # error context response as specified in section [2.2.2.2.2](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/f3073a8b-9f0f-47c0-91e5-ec3be9a49f37).
+        SMB2_TREE_CONNECT_FLAG_REDIRECT_TO_OWNER = 0x0002
+        # A tree connect request extension, as specified in section
+        # [2.2.9.1](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9ca7328b-b6ca-41a7-9773-0fa237261b76),
+        # is present, starting at the Buffer field of this tree connect request.
+        SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT = 0x0003
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 9
+        # The flags field is only used by SMB 3.1.1, it must be 0 for other versions
         uint16       :flags,          label: 'Flags',          initial_value: 0x00
-        uint16       :path_offset,    label: 'Path Offset',    initial_value: 0x48
-        uint16       :path_length,    label: 'Path Length',    initial_value: -> { path.length }
-        string       :path,           label: 'Path Buffer'
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::TREE_CONNECT
+        # if SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT flag is set, #path_offset
+        # will have to be updated with the correct offset of the path name,
+        # which is located in the TreeConnect Context.
+        uint16       :path_offset,    label: 'Path Offset',    initial_value: -> do
+          if flags == SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT
+            tree_connect_request_extension.path.abs_offset
+          else
+            path.abs_offset
+          end
         end
-        def encode_path(path)
-          self.path = path.encode('utf-16le')
+        # if SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT flag is set, #path_length
+        # will have to be updated with the correct full share path name,
+        # which is located in the TreeConnect Context.
+        uint16       :path_length,    label: 'Path Length',    initial_value: -> do
+          if flags == SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT
+            tree_connect_request_extension.path.to_binary_s.length
+          else
+            path.to_binary_s.length
+          end
         end
+        string16     :path,           label: 'Path Buffer',    onlyif: -> { flags != SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT }
+        tree_connect_request_extension :tree_connect_request_extension, label: 'Tree Connect Request Extension', onlyif: -> { flags == SMB2_TREE_CONNECT_FLAG_EXTENSION_PRESENT }
       end
     end
   end

data/lib/ruby_smb/smb2/packet/tree_connect_response.rb CHANGED

@@ -4,6 +4,16 @@ module RubySMB
       # An SMB2 TreeConnectResponse Packet as defined in
       # [2.2.10 SMB2 TREE_CONNECT Response](https://msdn.microsoft.com/en-us/library/cc246499.aspx)
       class TreeConnectResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::TREE_CONNECT
+        # Share Types
+        # Physical disk share
+        SMB2_SHARE_TYPE_DISK  = 0x01
+        # Named pipe share
+        SMB2_SHARE_TYPE_PIPE  = 0x02
+        # Printer share
+        SMB2_SHARE_TYPE_PRINT = 0x03
         endian :little
         smb2_header           :smb2_header
         uint16                :structure_size, label: 'Structure Size', initial_value: 16
@@ -15,31 +25,9 @@ module RubySMB
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::TREE_CONNECT
           smb2_header.flags.reply = 1
         end
-        # Returns the ACCESS_MASK for the Maximal Share Access Rights. The packet
-        # defaults this to a {RubySMB::SMB2::BitField::DirectoryAccessMask}. If it is anything other than
-        # a directory that has been connected to, it will re-cast it as a {RubySMB::SMB2::BitField::FileAccessMask}
-        #
-        # @return [RubySMB::SMB2::BitField::DirectoryAccessMask] if a directory was connected to
-        # @return [RubySMB::SMB2::BitField::FileAccessMask] if anything else was connected to
-        def access_rights
-          if is_directory?
-            maximal_access
-          else
-            mask = maximal_access.to_binary_s
-            RubySMB::SMB2::BitField::FileAccessMask.read(mask)
-          end
-        end
-        # Checks if the remote Tree is a directory
-        #
-        # @return [Boolean]
-        def is_directory?
-          share_type == 0x01
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/tree_disconnect_request.rb CHANGED

@@ -4,15 +4,13 @@ module RubySMB
       # An SMB2 TreeDisconnectRequest Packet as defined in
       # [2.2.11 SMB2 TREE_DISCONNECT Request](https://msdn.microsoft.com/en-us/library/cc246500.aspx)
       class TreeDisconnectRequest < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::TREE_DISCONNECT
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
         uint16       :reserved, label: 'Reserved', initial_value: 0
-        def initialize_instance
-          super
-          smb2_header.command = RubySMB::SMB2::Commands::TREE_DISCONNECT
-        end
       end
     end
   end

data/lib/ruby_smb/smb2/packet/tree_disconnect_response.rb CHANGED

@@ -4,13 +4,14 @@ module RubySMB
       # An SMB2 TreeDisconnectResponse Packet as defined in
       # [2.2.12 SMB2 TREE_DISCONNECT Response](https://msdn.microsoft.com/en-us/library/cc246501.aspx)
       class TreeDisconnectResponse < RubySMB::GenericPacket
+        COMMAND = RubySMB::SMB2::Commands::TREE_DISCONNECT
         endian       :little
         smb2_header  :smb2_header
         uint16       :structure_size, label: 'Structure Size', initial_value: 4
         def initialize_instance
           super
-          smb2_header.command = RubySMB::SMB2::Commands::TREE_DISCONNECT
           smb2_header.flags.reply = 1
         end
       end