ruby_smb 1.0.5 → 1.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +0 -0
- data/.travis.yml +4 -1
- data/README.md +35 -47
- data/examples/enum_registry_key.rb +28 -0
- data/examples/enum_registry_values.rb +30 -0
- data/examples/pipes.rb +2 -1
- data/examples/read_registry_key_value.rb +32 -0
- data/lib/ruby_smb.rb +0 -1
- data/lib/ruby_smb/client.rb +2 -0
- data/lib/ruby_smb/client/winreg.rb +46 -0
- data/lib/ruby_smb/dcerpc.rb +38 -0
- data/lib/ruby_smb/dcerpc/bind.rb +2 -2
- data/lib/ruby_smb/dcerpc/bind_ack.rb +2 -2
- data/lib/ruby_smb/dcerpc/error.rb +3 -0
- data/lib/ruby_smb/dcerpc/ndr.rb +95 -16
- data/lib/ruby_smb/dcerpc/pdu_header.rb +1 -1
- data/lib/ruby_smb/dcerpc/request.rb +28 -9
- data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +35 -0
- data/lib/ruby_smb/dcerpc/srvsvc.rb +10 -0
- data/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb +9 -0
- data/lib/ruby_smb/dcerpc/winreg.rb +340 -0
- data/lib/ruby_smb/dcerpc/winreg/close_key_request.rb +24 -0
- data/lib/ruby_smb/dcerpc/winreg/close_key_response.rb +27 -0
- data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +45 -0
- data/lib/ruby_smb/dcerpc/winreg/enum_key_response.rb +42 -0
- data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +39 -0
- data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +36 -0
- data/lib/ruby_smb/dcerpc/winreg/open_key_request.rb +34 -0
- data/lib/ruby_smb/dcerpc/winreg/open_key_response.rb +25 -0
- data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +43 -0
- data/lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb +35 -0
- data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +27 -0
- data/lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb +40 -0
- data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +39 -0
- data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +57 -0
- data/lib/ruby_smb/dcerpc/winreg/regsam.rb +40 -0
- data/lib/ruby_smb/smb1/file.rb +2 -0
- data/lib/ruby_smb/smb1/pipe.rb +78 -2
- data/lib/ruby_smb/smb2/packet/error_packet.rb +2 -4
- data/lib/ruby_smb/smb2/pipe.rb +89 -2
- data/lib/ruby_smb/version.rb +1 -1
- data/ruby_smb.gemspec +3 -3
- data/spec/lib/ruby_smb/client_spec.rb +148 -0
- data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/bind_spec.rb +2 -2
- data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +410 -0
- data/spec/lib/ruby_smb/dcerpc/request_spec.rb +50 -7
- data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +98 -0
- data/spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb +13 -0
- data/spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb +60 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb +28 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb +36 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +108 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb +97 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +94 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +82 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb +74 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb +35 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +90 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb +38 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +39 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb +113 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +88 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +150 -0
- data/spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb +32 -0
- data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +710 -0
- data/spec/lib/ruby_smb/dcerpc_spec.rb +81 -0
- data/spec/lib/ruby_smb/smb1/file_spec.rb +9 -1
- data/spec/lib/ruby_smb/smb1/pipe_spec.rb +210 -148
- data/spec/lib/ruby_smb/smb2/packet/error_packet_spec.rb +3 -24
- data/spec/lib/ruby_smb/smb2/pipe_spec.rb +256 -145
- metadata +66 -9
- metadata.gz.sig +0 -0
- data/lib/ruby_smb/smb1/dcerpc.rb +0 -72
- data/lib/ruby_smb/smb2/dcerpc.rb +0 -75
metadata
CHANGED
|
@@ -1,9 +1,10 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_smb
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.0
|
|
4
|
+
version: 1.1.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
|
+
- Metasploit Hackers
|
|
7
8
|
- David Maloney
|
|
8
9
|
- James Lee
|
|
9
10
|
- Dev Mohanty
|
|
@@ -91,7 +92,7 @@ cert_chain:
|
|
|
91
92
|
G+Hmcg1v810agasPdoydE0RTVZgEOOMoQ07qu7JFXVWZ9ZQpHT7qJATWL/b2csFG
|
|
92
93
|
8mVuTXnyJOKRJA==
|
|
93
94
|
-----END CERTIFICATE-----
|
|
94
|
-
date:
|
|
95
|
+
date: 2019-06-27 00:00:00.000000000 Z
|
|
95
96
|
dependencies:
|
|
96
97
|
- !ruby/object:Gem::Dependency
|
|
97
98
|
name: redcarpet
|
|
@@ -207,10 +208,7 @@ dependencies:
|
|
|
207
208
|
version: '0'
|
|
208
209
|
description: ''
|
|
209
210
|
email:
|
|
210
|
-
-
|
|
211
|
-
- egypt@metasploit.com
|
|
212
|
-
- dev_mohanty@rapid7.com
|
|
213
|
-
- paristvinternet-github@yahoo.com
|
|
211
|
+
- msfdev@metasploit.com
|
|
214
212
|
executables: []
|
|
215
213
|
extensions: []
|
|
216
214
|
extra_rdoc_files: []
|
|
@@ -229,12 +227,15 @@ files:
|
|
|
229
227
|
- examples/append_file.rb
|
|
230
228
|
- examples/authenticate.rb
|
|
231
229
|
- examples/delete_file.rb
|
|
230
|
+
- examples/enum_registry_key.rb
|
|
231
|
+
- examples/enum_registry_values.rb
|
|
232
232
|
- examples/list_directory.rb
|
|
233
233
|
- examples/negotiate.rb
|
|
234
234
|
- examples/negotiate_with_netbios_service.rb
|
|
235
235
|
- examples/net_share_enum_all.rb
|
|
236
236
|
- examples/pipes.rb
|
|
237
237
|
- examples/read_file.rb
|
|
238
|
+
- examples/read_registry_key_value.rb
|
|
238
239
|
- examples/rename_file.rb
|
|
239
240
|
- examples/tree_connect.rb
|
|
240
241
|
- examples/write_file.rb
|
|
@@ -246,6 +247,7 @@ files:
|
|
|
246
247
|
- lib/ruby_smb/client/signing.rb
|
|
247
248
|
- lib/ruby_smb/client/tree_connect.rb
|
|
248
249
|
- lib/ruby_smb/client/utils.rb
|
|
250
|
+
- lib/ruby_smb/client/winreg.rb
|
|
249
251
|
- lib/ruby_smb/dcerpc.rb
|
|
250
252
|
- lib/ruby_smb/dcerpc/bind.rb
|
|
251
253
|
- lib/ruby_smb/dcerpc/bind_ack.rb
|
|
@@ -256,9 +258,26 @@ files:
|
|
|
256
258
|
- lib/ruby_smb/dcerpc/ptypes.rb
|
|
257
259
|
- lib/ruby_smb/dcerpc/request.rb
|
|
258
260
|
- lib/ruby_smb/dcerpc/response.rb
|
|
261
|
+
- lib/ruby_smb/dcerpc/rrp_unicode_string.rb
|
|
259
262
|
- lib/ruby_smb/dcerpc/srvsvc.rb
|
|
260
263
|
- lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb
|
|
261
264
|
- lib/ruby_smb/dcerpc/uuid.rb
|
|
265
|
+
- lib/ruby_smb/dcerpc/winreg.rb
|
|
266
|
+
- lib/ruby_smb/dcerpc/winreg/close_key_request.rb
|
|
267
|
+
- lib/ruby_smb/dcerpc/winreg/close_key_response.rb
|
|
268
|
+
- lib/ruby_smb/dcerpc/winreg/enum_key_request.rb
|
|
269
|
+
- lib/ruby_smb/dcerpc/winreg/enum_key_response.rb
|
|
270
|
+
- lib/ruby_smb/dcerpc/winreg/enum_value_request.rb
|
|
271
|
+
- lib/ruby_smb/dcerpc/winreg/enum_value_response.rb
|
|
272
|
+
- lib/ruby_smb/dcerpc/winreg/open_key_request.rb
|
|
273
|
+
- lib/ruby_smb/dcerpc/winreg/open_key_response.rb
|
|
274
|
+
- lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb
|
|
275
|
+
- lib/ruby_smb/dcerpc/winreg/open_root_key_response.rb
|
|
276
|
+
- lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb
|
|
277
|
+
- lib/ruby_smb/dcerpc/winreg/query_info_key_response.rb
|
|
278
|
+
- lib/ruby_smb/dcerpc/winreg/query_value_request.rb
|
|
279
|
+
- lib/ruby_smb/dcerpc/winreg/query_value_response.rb
|
|
280
|
+
- lib/ruby_smb/dcerpc/winreg/regsam.rb
|
|
262
281
|
- lib/ruby_smb/dispatcher.rb
|
|
263
282
|
- lib/ruby_smb/dispatcher/base.rb
|
|
264
283
|
- lib/ruby_smb/dispatcher/socket.rb
|
|
@@ -324,7 +343,6 @@ files:
|
|
|
324
343
|
- lib/ruby_smb/smb1/commands.rb
|
|
325
344
|
- lib/ruby_smb/smb1/create_actions.rb
|
|
326
345
|
- lib/ruby_smb/smb1/data_block.rb
|
|
327
|
-
- lib/ruby_smb/smb1/dcerpc.rb
|
|
328
346
|
- lib/ruby_smb/smb1/dialect.rb
|
|
329
347
|
- lib/ruby_smb/smb1/file.rb
|
|
330
348
|
- lib/ruby_smb/smb1/oplock_levels.rb
|
|
@@ -402,7 +420,6 @@ files:
|
|
|
402
420
|
- lib/ruby_smb/smb2/bit_field/smb2_security_mode_single.rb
|
|
403
421
|
- lib/ruby_smb/smb2/commands.rb
|
|
404
422
|
- lib/ruby_smb/smb2/create_context.rb
|
|
405
|
-
- lib/ruby_smb/smb2/dcerpc.rb
|
|
406
423
|
- lib/ruby_smb/smb2/file.rb
|
|
407
424
|
- lib/ruby_smb/smb2/info_type.rb
|
|
408
425
|
- lib/ruby_smb/smb2/packet.rb
|
|
@@ -441,12 +458,32 @@ files:
|
|
|
441
458
|
- spec/lib/ruby_smb/client_spec.rb
|
|
442
459
|
- spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
|
|
443
460
|
- spec/lib/ruby_smb/dcerpc/bind_spec.rb
|
|
461
|
+
- spec/lib/ruby_smb/dcerpc/ndr_spec.rb
|
|
444
462
|
- spec/lib/ruby_smb/dcerpc/p_syntax_id_t_spec.rb
|
|
445
463
|
- spec/lib/ruby_smb/dcerpc/pdu_header_spec.rb
|
|
446
464
|
- spec/lib/ruby_smb/dcerpc/request_spec.rb
|
|
447
465
|
- spec/lib/ruby_smb/dcerpc/response_spec.rb
|
|
466
|
+
- spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb
|
|
448
467
|
- spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb
|
|
468
|
+
- spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb
|
|
449
469
|
- spec/lib/ruby_smb/dcerpc/uuid_spec.rb
|
|
470
|
+
- spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb
|
|
471
|
+
- spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb
|
|
472
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb
|
|
473
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb
|
|
474
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb
|
|
475
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb
|
|
476
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb
|
|
477
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb
|
|
478
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb
|
|
479
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb
|
|
480
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb
|
|
481
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb
|
|
482
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb
|
|
483
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb
|
|
484
|
+
- spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb
|
|
485
|
+
- spec/lib/ruby_smb/dcerpc/winreg_spec.rb
|
|
486
|
+
- spec/lib/ruby_smb/dcerpc_spec.rb
|
|
450
487
|
- spec/lib/ruby_smb/dispatcher/base_spec.rb
|
|
451
488
|
- spec/lib/ruby_smb/dispatcher/socket_spec.rb
|
|
452
489
|
- spec/lib/ruby_smb/field/extended_attribute_flag_spec.rb
|
|
@@ -605,7 +642,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
|
|
|
605
642
|
requirements:
|
|
606
643
|
- - ">="
|
|
607
644
|
- !ruby/object:Gem::Version
|
|
608
|
-
version: 2.
|
|
645
|
+
version: 2.3.0
|
|
609
646
|
required_rubygems_version: !ruby/object:Gem::Requirement
|
|
610
647
|
requirements:
|
|
611
648
|
- - ">="
|
|
@@ -621,12 +658,32 @@ test_files:
|
|
|
621
658
|
- spec/lib/ruby_smb/client_spec.rb
|
|
622
659
|
- spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
|
|
623
660
|
- spec/lib/ruby_smb/dcerpc/bind_spec.rb
|
|
661
|
+
- spec/lib/ruby_smb/dcerpc/ndr_spec.rb
|
|
624
662
|
- spec/lib/ruby_smb/dcerpc/p_syntax_id_t_spec.rb
|
|
625
663
|
- spec/lib/ruby_smb/dcerpc/pdu_header_spec.rb
|
|
626
664
|
- spec/lib/ruby_smb/dcerpc/request_spec.rb
|
|
627
665
|
- spec/lib/ruby_smb/dcerpc/response_spec.rb
|
|
666
|
+
- spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb
|
|
628
667
|
- spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb
|
|
668
|
+
- spec/lib/ruby_smb/dcerpc/srvsvc_spec.rb
|
|
629
669
|
- spec/lib/ruby_smb/dcerpc/uuid_spec.rb
|
|
670
|
+
- spec/lib/ruby_smb/dcerpc/winreg/close_key_request_spec.rb
|
|
671
|
+
- spec/lib/ruby_smb/dcerpc/winreg/close_key_response_spec.rb
|
|
672
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb
|
|
673
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_key_response_spec.rb
|
|
674
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb
|
|
675
|
+
- spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb
|
|
676
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_key_request_spec.rb
|
|
677
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_key_response_spec.rb
|
|
678
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb
|
|
679
|
+
- spec/lib/ruby_smb/dcerpc/winreg/open_root_key_response_spec.rb
|
|
680
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb
|
|
681
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_info_key_response_spec.rb
|
|
682
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb
|
|
683
|
+
- spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb
|
|
684
|
+
- spec/lib/ruby_smb/dcerpc/winreg/regsam_spec.rb
|
|
685
|
+
- spec/lib/ruby_smb/dcerpc/winreg_spec.rb
|
|
686
|
+
- spec/lib/ruby_smb/dcerpc_spec.rb
|
|
630
687
|
- spec/lib/ruby_smb/dispatcher/base_spec.rb
|
|
631
688
|
- spec/lib/ruby_smb/dispatcher/socket_spec.rb
|
|
632
689
|
- spec/lib/ruby_smb/field/extended_attribute_flag_spec.rb
|
metadata.gz.sig
CHANGED
|
Binary file
|
data/lib/ruby_smb/smb1/dcerpc.rb
DELETED
|
@@ -1,72 +0,0 @@
|
|
|
1
|
-
module RubySMB
|
|
2
|
-
module SMB1
|
|
3
|
-
module Dcerpc
|
|
4
|
-
|
|
5
|
-
def net_share_enum_all(host)
|
|
6
|
-
bind(endpoint: RubySMB::Dcerpc::Srvsvc)
|
|
7
|
-
|
|
8
|
-
response = request(RubySMB::Dcerpc::Srvsvc::NET_SHARE_ENUM_ALL, host: host)
|
|
9
|
-
|
|
10
|
-
shares = RubySMB::Dcerpc::Srvsvc::NetShareEnumAll.parse_response(response.stub.to_binary_s)
|
|
11
|
-
shares.map{|s|{name: s[0], type: s[1], comment: s[2]}}
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def bind(options={})
|
|
15
|
-
bind_req = RubySMB::Dcerpc::Bind.new(options)
|
|
16
|
-
write(data: bind_req.to_binary_s)
|
|
17
|
-
@size = 1024
|
|
18
|
-
dcerpc_raw_response = read()
|
|
19
|
-
begin
|
|
20
|
-
dcerpc_response = RubySMB::Dcerpc::BindAck.read(dcerpc_raw_response)
|
|
21
|
-
rescue IOError
|
|
22
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
|
|
23
|
-
end
|
|
24
|
-
unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::BIND_ACK
|
|
25
|
-
raise RubySMB::Dcerpc::Error::BindError, "Not a BindAck packet"
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
res_list = dcerpc_response.p_result_list
|
|
29
|
-
if res_list.n_results == 0 ||
|
|
30
|
-
res_list.p_results[0].result != RubySMB::Dcerpc::BindAck::ACCEPTANCE
|
|
31
|
-
raise RubySMB::Dcerpc::Error::BindError,
|
|
32
|
-
"Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
|
|
33
|
-
end
|
|
34
|
-
dcerpc_response
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def request(opnum, options={})
|
|
38
|
-
dcerpc_request = RubySMB::Dcerpc::Request.new({ :opnum => opnum }, options)
|
|
39
|
-
request = RubySMB::SMB1::Packet::Trans::TransactNmpipeRequest.new(options)
|
|
40
|
-
@tree.set_header_fields(request)
|
|
41
|
-
request.set_fid(@fid)
|
|
42
|
-
request.data_block.trans_data.write_data = dcerpc_request.to_binary_s
|
|
43
|
-
|
|
44
|
-
trans_nmpipe_raw_response = @tree.client.send_recv(request)
|
|
45
|
-
trans_nmpipe_response = RubySMB::SMB1::Packet::Trans::TransactNmpipeResponse.read(trans_nmpipe_raw_response)
|
|
46
|
-
unless trans_nmpipe_response.valid?
|
|
47
|
-
raise RubySMB::Error::InvalidPacket.new(
|
|
48
|
-
expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
|
|
49
|
-
expected_cmd: RubySMB::SMB1::Packet::Trans::TransactNmpipeResponse::COMMAND,
|
|
50
|
-
received_proto: trans_nmpipe_response.smb_header.protocol,
|
|
51
|
-
received_cmd: trans_nmpipe_response.smb_header.command
|
|
52
|
-
)
|
|
53
|
-
end
|
|
54
|
-
unless trans_nmpipe_response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
|
|
55
|
-
raise RubySMB::Error::UnexpectedStatusCode, trans_nmpipe_response.status_code.name
|
|
56
|
-
end
|
|
57
|
-
|
|
58
|
-
begin
|
|
59
|
-
dcerpc_response = RubySMB::Dcerpc::Response.read(trans_nmpipe_response.data_block.trans_data.read_data)
|
|
60
|
-
rescue IOError
|
|
61
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
|
|
62
|
-
end
|
|
63
|
-
unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::RESPONSE
|
|
64
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Not a Response packet"
|
|
65
|
-
end
|
|
66
|
-
dcerpc_response
|
|
67
|
-
end
|
|
68
|
-
|
|
69
|
-
end
|
|
70
|
-
end
|
|
71
|
-
end
|
|
72
|
-
|
data/lib/ruby_smb/smb2/dcerpc.rb
DELETED
|
@@ -1,75 +0,0 @@
|
|
|
1
|
-
module RubySMB
|
|
2
|
-
module SMB2
|
|
3
|
-
module Dcerpc
|
|
4
|
-
|
|
5
|
-
def net_share_enum_all(host)
|
|
6
|
-
bind(endpoint: RubySMB::Dcerpc::Srvsvc)
|
|
7
|
-
|
|
8
|
-
response = request(RubySMB::Dcerpc::Srvsvc::NET_SHARE_ENUM_ALL, host: host)
|
|
9
|
-
|
|
10
|
-
shares = RubySMB::Dcerpc::Srvsvc::NetShareEnumAll.parse_response(response.stub.to_binary_s)
|
|
11
|
-
shares.map{|s|{name: s[0], type: s[1], comment: s[2]}}
|
|
12
|
-
end
|
|
13
|
-
|
|
14
|
-
def bind(options={})
|
|
15
|
-
bind_req = RubySMB::Dcerpc::Bind.new(options)
|
|
16
|
-
write(data: bind_req.to_binary_s)
|
|
17
|
-
@size = 1024
|
|
18
|
-
dcerpc_raw_response = read()
|
|
19
|
-
begin
|
|
20
|
-
dcerpc_response = RubySMB::Dcerpc::BindAck.read(dcerpc_raw_response)
|
|
21
|
-
rescue IOError
|
|
22
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
|
|
23
|
-
end
|
|
24
|
-
unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::BIND_ACK
|
|
25
|
-
raise RubySMB::Dcerpc::Error::BindError, "Not a BindAck packet"
|
|
26
|
-
end
|
|
27
|
-
|
|
28
|
-
res_list = dcerpc_response.p_result_list
|
|
29
|
-
if res_list.n_results == 0 ||
|
|
30
|
-
res_list.p_results[0].result != RubySMB::Dcerpc::BindAck::ACCEPTANCE
|
|
31
|
-
raise RubySMB::Dcerpc::Error::BindError,
|
|
32
|
-
"Bind Failed (Result: #{res_list.p_results[0].result}, Reason: #{res_list.p_results[0].reason})"
|
|
33
|
-
end
|
|
34
|
-
dcerpc_response
|
|
35
|
-
end
|
|
36
|
-
|
|
37
|
-
def request(opnum, options={})
|
|
38
|
-
dcerpc_request = RubySMB::Dcerpc::Request.new({ :opnum => opnum }, options)
|
|
39
|
-
ioctl_response = ioctl_send_recv(dcerpc_request, options)
|
|
40
|
-
begin
|
|
41
|
-
dcerpc_response = RubySMB::Dcerpc::Response.read(ioctl_response.output_data)
|
|
42
|
-
rescue IOError
|
|
43
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Error reading the DCERPC response"
|
|
44
|
-
end
|
|
45
|
-
unless dcerpc_response.pdu_header.ptype == RubySMB::Dcerpc::PTypes::RESPONSE
|
|
46
|
-
raise RubySMB::Dcerpc::Error::InvalidPacket, "Not a Response packet"
|
|
47
|
-
end
|
|
48
|
-
dcerpc_response
|
|
49
|
-
end
|
|
50
|
-
|
|
51
|
-
def ioctl_send_recv(action, options={})
|
|
52
|
-
request = set_header_fields(RubySMB::SMB2::Packet::IoctlRequest.new(options))
|
|
53
|
-
request.ctl_code = 0x0011C017
|
|
54
|
-
request.flags.is_fsctl = 0x00000001
|
|
55
|
-
request.buffer = action.to_binary_s
|
|
56
|
-
ioctl_raw_response = @tree.client.send_recv(request)
|
|
57
|
-
ioctl_response = RubySMB::SMB2::Packet::IoctlResponse.read(ioctl_raw_response)
|
|
58
|
-
unless ioctl_response.valid?
|
|
59
|
-
raise RubySMB::Error::InvalidPacket.new(
|
|
60
|
-
expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
|
|
61
|
-
expected_cmd: RubySMB::SMB2::Packet::IoctlRequest::COMMAND,
|
|
62
|
-
received_proto: ioctl_response.smb2_header.protocol,
|
|
63
|
-
received_cmd: ioctl_response.smb2_header.command
|
|
64
|
-
)
|
|
65
|
-
end
|
|
66
|
-
unless ioctl_response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
|
|
67
|
-
raise RubySMB::Error::UnexpectedStatusCode, ioctl_response.status_code.name
|
|
68
|
-
end
|
|
69
|
-
ioctl_response
|
|
70
|
-
end
|
|
71
|
-
|
|
72
|
-
end
|
|
73
|
-
end
|
|
74
|
-
end
|
|
75
|
-
|