RubyGems - ruby_smb - Versions diffs - 1.1.0 → 2.0.4 - Mend

ruby_smb 1.1.0 → 2.0.4

Files changed (163) hide show

checksums.yaml +5 -5
checksums.yaml.gz.sig +0 -0
data.tar.gz.sig +0 -0
data/.travis.yml +3 -5
data/Gemfile +6 -2
data/examples/anonymous_auth.rb +3 -3
data/examples/append_file.rb +10 -8
data/examples/authenticate.rb +9 -5
data/examples/delete_file.rb +8 -6
data/examples/enum_registry_key.rb +5 -4
data/examples/enum_registry_values.rb +5 -4
data/examples/list_directory.rb +8 -6
data/examples/negotiate.rb +51 -8
data/examples/negotiate_with_netbios_service.rb +9 -5
data/examples/net_share_enum_all.rb +6 -4
data/examples/pipes.rb +11 -12
data/examples/query_service_status.rb +64 -0
data/examples/read_file.rb +8 -6
data/examples/read_file_encryption.rb +56 -0
data/examples/read_registry_key_value.rb +6 -5
data/examples/rename_file.rb +9 -7
data/examples/tree_connect.rb +7 -5
data/examples/write_file.rb +9 -7
data/lib/ruby_smb.rb +4 -0
data/lib/ruby_smb/client.rb +246 -26
data/lib/ruby_smb/client/authentication.rb +32 -18
data/lib/ruby_smb/client/echo.rb +2 -4
data/lib/ruby_smb/client/encryption.rb +62 -0
data/lib/ruby_smb/client/negotiation.rb +156 -16
data/lib/ruby_smb/client/signing.rb +19 -0
data/lib/ruby_smb/client/tree_connect.rb +6 -8
data/lib/ruby_smb/client/utils.rb +24 -17
data/lib/ruby_smb/client/winreg.rb +1 -1
data/lib/ruby_smb/crypto.rb +30 -0
data/lib/ruby_smb/dcerpc.rb +2 -0
data/lib/ruby_smb/dcerpc/error.rb +3 -0
data/lib/ruby_smb/dcerpc/ndr.rb +209 -44
data/lib/ruby_smb/dcerpc/request.rb +13 -0
data/lib/ruby_smb/dcerpc/rpc_security_attributes.rb +34 -0
data/lib/ruby_smb/dcerpc/rrp_unicode_string.rb +9 -6
data/lib/ruby_smb/dcerpc/svcctl.rb +479 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request.rb +48 -0
data/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_request.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/control_service_response.rb +26 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request.rb +35 -0
data/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_request.rb +31 -0
data/lib/ruby_smb/dcerpc/svcctl/open_service_w_response.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response.rb +44 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_request.rb +23 -0
data/lib/ruby_smb/dcerpc/svcctl/query_service_status_response.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/service_status.rb +25 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_request.rb +27 -0
data/lib/ruby_smb/dcerpc/svcctl/start_service_w_response.rb +25 -0
data/lib/ruby_smb/dcerpc/winreg.rb +98 -17
data/lib/ruby_smb/dcerpc/winreg/create_key_request.rb +73 -0
data/lib/ruby_smb/dcerpc/winreg/create_key_response.rb +36 -0
data/lib/ruby_smb/dcerpc/winreg/enum_key_request.rb +1 -1
data/lib/ruby_smb/dcerpc/winreg/enum_value_request.rb +1 -1
data/lib/ruby_smb/dcerpc/winreg/enum_value_response.rb +1 -1
data/lib/ruby_smb/dcerpc/winreg/open_root_key_request.rb +4 -4
data/lib/ruby_smb/dcerpc/winreg/query_info_key_request.rb +1 -1
data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb +7 -6
data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb +10 -10
data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb +37 -0
data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb +23 -0
data/lib/ruby_smb/dispatcher/base.rb +1 -1
data/lib/ruby_smb/dispatcher/socket.rb +5 -4
data/lib/ruby_smb/error.rb +49 -6
data/lib/ruby_smb/field/stringz16.rb +17 -1
data/lib/ruby_smb/generic_packet.rb +11 -1
data/lib/ruby_smb/nbss/session_header.rb +4 -4
data/lib/ruby_smb/smb1/commands.rb +1 -1
data/lib/ruby_smb/smb1/file.rb +13 -28
data/lib/ruby_smb/smb1/packet/session_setup_legacy_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_legacy_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/session_setup_request.rb +1 -1
data/lib/ruby_smb/smb1/packet/session_setup_response.rb +2 -2
data/lib/ruby_smb/smb1/packet/write_andx_request.rb +1 -1
data/lib/ruby_smb/smb1/pipe.rb +8 -8
data/lib/ruby_smb/smb1/tree.rb +25 -12
data/lib/ruby_smb/smb2/bit_field/session_flags.rb +2 -1
data/lib/ruby_smb/smb2/bit_field/share_flags.rb +6 -4
data/lib/ruby_smb/smb2/file.rb +59 -77
data/lib/ruby_smb/smb2/negotiate_context.rb +108 -0
data/lib/ruby_smb/smb2/packet.rb +2 -0
data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +41 -0
data/lib/ruby_smb/smb2/packet/negotiate_request.rb +51 -14
data/lib/ruby_smb/smb2/packet/negotiate_response.rb +50 -4
data/lib/ruby_smb/smb2/packet/transform_header.rb +84 -0
data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +92 -6
data/lib/ruby_smb/smb2/packet/tree_connect_response.rb +8 -26
data/lib/ruby_smb/smb2/pipe.rb +8 -20
data/lib/ruby_smb/smb2/smb2_header.rb +1 -1
data/lib/ruby_smb/smb2/tree.rb +44 -28
data/lib/ruby_smb/version.rb +1 -1
data/ruby_smb.gemspec +3 -1
data/spec/lib/ruby_smb/client_spec.rb +1408 -70
data/spec/lib/ruby_smb/crypto_spec.rb +25 -0
data/spec/lib/ruby_smb/dcerpc/ndr_spec.rb +1396 -77
data/spec/lib/ruby_smb/dcerpc/rpc_security_attributes_spec.rb +161 -0
data/spec/lib/ruby_smb/dcerpc/rrp_unicode_string_spec.rb +49 -12
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_request_spec.rb +191 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/change_service_config_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/close_service_handle_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_request_spec.rb +39 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/control_service_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_request_spec.rb +78 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_sc_manager_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_request_spec.rb +59 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/open_service_w_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_request_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_config_w_response_spec.rb +152 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_request_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/query_service_status_response_spec.rb +38 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/service_status_spec.rb +72 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_request_spec.rb +46 -0
data/spec/lib/ruby_smb/dcerpc/svcctl/start_service_w_response_spec.rb +30 -0
data/spec/lib/ruby_smb/dcerpc/svcctl_spec.rb +512 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_request_spec.rb +110 -0
data/spec/lib/ruby_smb/dcerpc/winreg/create_key_response_spec.rb +44 -0
data/spec/lib/ruby_smb/dcerpc/winreg/enum_key_request_spec.rb +0 -4
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_request_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/winreg/enum_value_response_spec.rb +2 -2
data/spec/lib/ruby_smb/dcerpc/winreg/open_root_key_request_spec.rb +9 -4
data/spec/lib/ruby_smb/dcerpc/winreg/query_info_key_request_spec.rb +0 -4
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_request_spec.rb +17 -17
data/spec/lib/ruby_smb/dcerpc/winreg/query_value_response_spec.rb +11 -23
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_request_spec.rb +57 -0
data/spec/lib/ruby_smb/dcerpc/winreg/save_key_response_spec.rb +22 -0
data/spec/lib/ruby_smb/dcerpc/winreg_spec.rb +227 -41
data/spec/lib/ruby_smb/dispatcher/socket_spec.rb +12 -12
data/spec/lib/ruby_smb/error_spec.rb +88 -0
data/spec/lib/ruby_smb/field/stringz16_spec.rb +12 -0
data/spec/lib/ruby_smb/generic_packet_spec.rb +7 -0
data/spec/lib/ruby_smb/nbss/session_header_spec.rb +4 -11
data/spec/lib/ruby_smb/smb1/file_spec.rb +1 -3
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_legacy_response_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_request_spec.rb +2 -2
data/spec/lib/ruby_smb/smb1/packet/session_setup_response_spec.rb +1 -1
data/spec/lib/ruby_smb/smb1/pipe_spec.rb +30 -5
data/spec/lib/ruby_smb/smb1/tree_spec.rb +22 -0
data/spec/lib/ruby_smb/smb2/bit_field/session_flags_spec.rb +9 -0
data/spec/lib/ruby_smb/smb2/bit_field/share_flags_spec.rb +27 -0
data/spec/lib/ruby_smb/smb2/file_spec.rb +147 -71
data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +332 -0
data/spec/lib/ruby_smb/smb2/packet/compression_transform_header_spec.rb +108 -0
data/spec/lib/ruby_smb/smb2/packet/negotiate_request_spec.rb +138 -3
data/spec/lib/ruby_smb/smb2/packet/negotiate_response_spec.rb +120 -2
data/spec/lib/ruby_smb/smb2/packet/transform_header_spec.rb +220 -0
data/spec/lib/ruby_smb/smb2/packet/tree_connect_request_spec.rb +339 -9
data/spec/lib/ruby_smb/smb2/packet/tree_connect_response_spec.rb +3 -30
data/spec/lib/ruby_smb/smb2/pipe_spec.rb +9 -45
data/spec/lib/ruby_smb/smb2/smb2_header_spec.rb +2 -2
data/spec/lib/ruby_smb/smb2/tree_spec.rb +111 -9
metadata +194 -75
metadata.gz.sig +2 -1

data/lib/ruby_smb/dcerpc/winreg/query_value_request.rb CHANGED

@@ -13,9 +13,10 @@ module RubySMB
         rpc_hkey           :hkey
         rrp_unicode_string :lp_value_name
-        string             :pad, length: -> { pad_length }
+        string             :pad1, length: -> { pad_length(self.lp_value_name) }
         ndr_lp_dword       :lp_type
-        ndr_lp_byte        :lp_data
+        ndr_lp_byte_array  :lp_data
+        string             :pad2, length: -> { pad_length(self.lp_data) }
         ndr_lp_dword       :lpcb_data
         ndr_lp_dword       :lpcb_len
@@ -24,10 +25,10 @@ module RubySMB
           @opnum = REG_QUERY_VALUE
         end
-        # Determines the correct length for the padding in front of
-        # #lp_type. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_value_name.abs_offset + lp_value_name.to_binary_s.length) % 4
+        # Determines the correct length for the padding, so that the next
+        # field is 4-byte aligned.
+        def pad_length(prev_element)
+          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
           (4 - offset) % 4
         end
       end

data/lib/ruby_smb/dcerpc/winreg/query_value_response.rb CHANGED

@@ -9,22 +9,22 @@ module RubySMB
         endian :little
-        ndr_lp_dword :lp_type
-        ndr_lp_byte  :lp_data
-        string       :pad, length: -> { pad_length }
-        ndr_lp_dword :lpcb_data
-        ndr_lp_dword :lpcb_len
-        uint32       :error_status
+        ndr_lp_dword      :lp_type
+        ndr_lp_byte_array :lp_data
+        string            :pad, length: -> { pad_length(self.lp_data) }
+        ndr_lp_dword      :lpcb_data
+        ndr_lp_dword      :lpcb_len
+        uint32            :error_status
         def initialize_instance
           super
           @opnum = REG_QUERY_VALUE
         end
-        # Determines the correct length for the padding in front of
-        # #lpcb_data. It should always force a 4-byte alignment.
-        def pad_length
-          offset = (lp_data.abs_offset + lp_data.to_binary_s.length) % 4
+        # Determines the correct length for the padding, so that the next
+        # field is 4-byte aligned.
+        def pad_length(prev_element)
+          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
           (4 - offset) % 4
         end

data/lib/ruby_smb/dcerpc/winreg/save_key_request.rb ADDED

@@ -0,0 +1,37 @@
+module RubySMB
+  module Dcerpc
+    module Winreg
+      class RpcHkey < Ndr::NdrContextHandle; end
+      # This class represents a BaseRegSaveKey Request Packet as defined in
+      # [3.1.5.20 BaseRegSaveKey (Opnum 20)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/f022247d-6ef1-4f46-b195-7f60654f4a0d)
+      class SaveKeyRequest < BinData::Record
+        attr_reader :opnum
+        endian :little
+        rpc_hkey                 :hkey
+        rrp_unicode_string       :lp_file
+        string                   :pad, length: -> { pad_length(self.lp_file) }
+        prpc_security_attributes :lp_security_attributes
+        def initialize_instance
+          super
+          @opnum = REG_SAVE_KEY
+        end
+        # Determines the correct length for the padding, so that the next
+        # field is 4-byte aligned.
+        def pad_length(prev_element)
+          offset = (prev_element.abs_offset + prev_element.to_binary_s.length) % 4
+          (4 - offset) % 4
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/winreg/save_key_response.rb ADDED

@@ -0,0 +1,23 @@
+module RubySMB
+  module Dcerpc
+    module Winreg
+      # This class represents a BaseRegSaveKey Response Packet as defined in
+      # [3.1.5.20 BaseRegSaveKey (Opnum 20)](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-rrp/f022247d-6ef1-4f46-b195-7f60654f4a0d)
+      class SaveKeyResponse < BinData::Record
+        attr_reader :opnum
+        endian :little
+        uint32       :error_status
+        def initialize_instance
+          super
+          @opnum = REG_CREATE_KEY
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dispatcher/base.rb CHANGED

@@ -9,7 +9,7 @@ module RubySMB
       def nbss(packet)
         nbss = RubySMB::Nbss::SessionHeader.new
         nbss.session_packet_type = RubySMB::Nbss::SESSION_MESSAGE
-        nbss.packet_length       = packet.do_num_bytes
+        nbss.stream_protocol_length = packet.do_num_bytes
         nbss.to_binary_s
       end

data/lib/ruby_smb/dispatcher/socket.rb CHANGED

@@ -48,7 +48,7 @@ module RubySMB
           end
         rescue IOError, Errno::ECONNABORTED, Errno::ECONNRESET => e
-          raise RubySMB::Error::CommunicationError, "An error occured writing to the Socket: #{e.message}"
+          raise RubySMB::Error::CommunicationError, "An error occurred writing to the Socket: #{e.message}"
         end
         nil
       end
@@ -61,19 +61,20 @@ module RubySMB
       #   which are assumed to be the NetBiosSessionService header.
       # @raise [RubySMB::Error::CommunicationError] if the read timeout expires or an error occurs when reading the socket
       def recv_packet(full_response: false)
+        raise RubySMB::Error::CommunicationError, 'Connection has already been closed' if @tcp_socket.closed?
         if IO.select([@tcp_socket], nil, nil, @read_timeout).nil?
           raise RubySMB::Error::CommunicationError, "Read timeout expired when reading from the Socket (timeout=#{@read_timeout})"
         end
         begin
           nbss_data = @tcp_socket.read(4)
-          raise IOError if nbss_data.nil?
+          raise RubySMB::Error::CommunicationError, 'Socket read returned nil' if nbss_data.nil?
           nbss_header = RubySMB::Nbss::SessionHeader.read(nbss_data)
         rescue IOError
           raise ::RubySMB::Error::NetBiosSessionService, 'NBSS Header is missing'
         end
-        length = nbss_header.packet_length
+        length = nbss_header.stream_protocol_length
         data = full_response ? nbss_header.to_binary_s : ''
         if length > 0
           if IO.select([@tcp_socket], nil, nil, @read_timeout).nil?
@@ -84,7 +85,7 @@ module RubySMB
         end
         data
       rescue Errno::EINVAL, Errno::ECONNABORTED, Errno::ECONNRESET, TypeError, NoMethodError => e
-        raise RubySMB::Error::CommunicationError, "An error occured reading from the Socket #{e.message}"
+        raise RubySMB::Error::CommunicationError, "An error occurred reading from the Socket #{e.message}"
       end
     end
   end

data/lib/ruby_smb/error.rb CHANGED

@@ -16,23 +16,26 @@ module RubySMB
     # Raised when trying to parse raw binary into a Packet and the data
     # is invalid.
     class InvalidPacket < RubySMBError
+      attr_reader :status_code
       def initialize(args = nil)
         if args.nil?
           super
         elsif args.is_a? String
           super(args)
         elsif args.is_a? Hash
-          expected_proto = args[:expected_proto] ? translate_protocol(args[:expected_proto]) : "???"
-          expected_cmd = args[:expected_cmd] || "???"
-          received_proto = args[:received_proto] ? translate_protocol(args[:received_proto]) : "???"
-          received_cmd = args[:received_cmd] || "???"
+          expected_proto = args[:expected_proto] ? translate_protocol(args[:expected_proto]) : '???'
+          expected_cmd = args[:expected_cmd] || '???'
+          received_proto = args[:packet]&.packet_smb_version || '???'
+          received_cmd = get_cmd(args[:packet]) || '???'
+          @status_code = args[:packet]&.status_code
           super(
             "Expecting #{expected_proto} protocol "\
             "with command=#{expected_cmd}"\
             "#{(" (" + args[:expected_custom] + ")") if args[:expected_custom]}, "\
             "got #{received_proto} protocol "\
             "with command=#{received_cmd}"\
-            "#{(" (" + args[:received_custom] + ")") if args[:received_custom]}"
+            "#{(" (" + args[:received_custom] + ")") if args[:received_custom]}"\
+            "#{(", Status: #{@status_code}") if @status_code}"
           )
         else
           raise ArgumentError, "InvalidPacket expects a String or a Hash, got a #{args.class}"
@@ -50,10 +53,44 @@ module RubySMB
         end
       end
       private :translate_protocol
+      def get_cmd(packet)
+        return nil unless packet
+        case packet.packet_smb_version
+        when 'SMB1'
+          packet.smb_header.command
+        when 'SMB2'
+          packet.smb2_header.command
+        else
+          nil
+        end
+      end
+      private :get_cmd
     end
     # Raised when a response packet has a NTStatus code that was unexpected.
-    class UnexpectedStatusCode < RubySMBError; end
+    class UnexpectedStatusCode < RubySMBError
+      attr_reader :status_code
+      def initialize(status_code)
+        case status_code
+        when WindowsError::ErrorCode
+          @status_code = status_code
+        when Integer
+          @status_code = WindowsError::NTStatus.find_by_retval(status_code).first
+          if @status_code.nil?
+            @status_code = WindowsError::ErrorCode.new("0x#{status_code.to_s(16)}", status_code, "Unknown 0x#{status_code.to_s(16)}")
+          end
+        else
+          raise ArgumentError, "Status code must be a WindowsError::ErrorCode or an Integer, got #{status_code.class}"
+        end
+        super
+      end
+      def to_s
+        "The server responded with an unexpected status code: #{status_code.name}"
+      end
+    end
     # Raised when an error occurs with the underlying socket.
     class CommunicationError < RubySMBError; end
@@ -65,5 +102,11 @@ module RubySMB
     # Raised when trying to parse raw binary into a BitField and the data
     # is invalid.
     class InvalidBitField < RubySMBError; end
+    # Raised when an encryption operation fails
+    class EncryptionError < RubySMBError; end
+    # Raised when an signing operation fails
+    class SigningError < RubySMBError; end
   end
 end

data/lib/ruby_smb/field/stringz16.rb CHANGED

@@ -25,12 +25,17 @@ module RubySMB
       # @see BinData::Stringz
       def read_and_return_value(io)
         max_length = eval_parameter(:max_length)
+        if max_length && max_length % 2 != 0
+          raise ArgumentError, "[Stringz16] #max_length should be a multiple of "\
+            "two, since it is Unicode (got #{max_length})"
+        end
         str = ''
         i = 0
         ch = nil
         # read until double NULL-byte or we have read in the max number of bytes
-        while (ch != "\0\0") && (i != max_length)
+        loop do
+          break if ch == "\0\0" || (max_length && i == max_length)
           ch = io.readbytes(2)
           str << ch
           i += 2
@@ -46,6 +51,17 @@ module RubySMB
       def truncate_after_first_zero_byte!(str)
         str.sub!(/([^\0]*\0\0\0).*/, '\1')
       end
+      def trim_to!(str, max_length = nil)
+        if max_length
+          max_length = 2 if max_length < 2
+          str.slice!(max_length..-1)
+          if str.length == max_length && str[-2, 2] != "\0\0"
+            str[-2, 2] = "\0\0"
+          end
+        end
+      end
     end
   end
 end

data/lib/ruby_smb/generic_packet.rb CHANGED

@@ -49,7 +49,17 @@ module RubySMB
           when /SMB1/
             packet = RubySMB::SMB1::Packet::EmptyPacket.read(val)
           when /SMB2/
-            packet = RubySMB::SMB2::Packet::ErrorPacket.read(val)
+            begin
+              packet = RubySMB::SMB2::Packet::ErrorPacket.read(val)
+            rescue RubySMB::Error::InvalidPacket
+              # Handle the case where an SMB2 error packet is expected, but the
+              # server sent an SMB1 empty packet instead. This behavior has been
+              # observed with older versions of Samba when something goes wrong
+              # on the server side. We just want to give it a chance and try to
+              # parse it as an SMB1 empty packet to keep information and avoid
+              # failing as much as possible.
+              packet = RubySMB::SMB1::Packet::EmptyPacket.read(val)
+            end
           else
             raise RubySMB::Error::InvalidPacket, 'Not a valid SMB packet'
         end

data/lib/ruby_smb/nbss/session_header.rb CHANGED

@@ -1,13 +1,13 @@
 module RubySMB
   module Nbss
     # Representation of the NetBIOS Session Service Header as defined in
-    # [4.3.1 GENERAL FORMAT OF SESSION PACKETS](https://tools.ietf.org/html/rfc1002)
+    # SMB: [2.1 Transport](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/f906c680-330c-43ae-9a71-f854e24aeee6)
+    # SMB2: [2.1 Transport](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/1dfacde4-b5c7-4494-8a14-a09d3ab4cc83)
     class SessionHeader < BinData::Record
       endian :big
-      uint8 :session_packet_type,  label: 'Session Packet Type'
-      bit7  :flags,                label: 'Flags',              initial_value: 0
-      bit17 :packet_length,        label: 'Packet Length'
+      uint8  :session_packet_type,    label: 'Session Packet Type', initial_value: 0
+      uint24 :stream_protocol_length, label: 'Stream Protocol Length'
     end
   end
 end

data/lib/ruby_smb/smb1/commands.rb CHANGED

@@ -10,7 +10,7 @@ module RubySMB
       SMB_COM_TRANSACTION2_SECONDARY  = 0x33
       SMB_COM_TREE_DISCONNECT         = 0x71
       SMB_COM_NEGOTIATE               = 0x72
-      SMB_COM_SESSION_SETUP           = 0x73
+      SMB_COM_SESSION_SETUP_ANDX      = 0x73
       SMB_COM_LOGOFF                  = 0x74
       SMB_COM_TREE_CONNECT            = 0x75
       SMB_COM_NT_TRANSACT             = 0xA0

data/lib/ruby_smb/smb1/file.rb CHANGED

@@ -86,12 +86,11 @@ module RubySMB
           raise RubySMB::Error::InvalidPacket.new(
             expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
             expected_cmd:   RubySMB::SMB1::Packet::CloseResponse::COMMAND,
-            received_proto: response.smb_header.protocol,
-            received_cmd:   response.smb_header.command
+            packet:         response
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.status_code
       end
@@ -106,11 +105,7 @@ module RubySMB
       # @raise [RubySMB::Error::InvalidPacket] if the response packet is not valid
       # @raise [RubySMB::Error::UnexpectedStatusCode] if the response NTStatus is not STATUS_SUCCESS
       def read(bytes: @size, offset: 0)
-        atomic_read_size = if bytes > @tree.client.max_buffer_size
-                             @tree.client.max_buffer_size
-                           else
-                             bytes
-                           end
+        atomic_read_size = [bytes, @tree.client.max_buffer_size].min
         remaining_bytes = bytes
         data = ''
@@ -122,12 +117,11 @@ module RubySMB
             raise RubySMB::Error::InvalidPacket.new(
               expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
               expected_cmd:   RubySMB::SMB1::Packet::ReadAndxResponse::COMMAND,
-              received_proto: response.smb_header.protocol,
-              received_cmd:   response.smb_header.command
+              packet:         response
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
           if response.is_a?(RubySMB::SMB1::Packet::ReadAndxResponse)
@@ -171,12 +165,11 @@ module RubySMB
           raise RubySMB::Error::InvalidPacket.new(
             expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
             expected_cmd:   RubySMB::SMB1::Packet::ReadAndxResponse::COMMAND,
-            received_proto: response.smb_header.protocol,
-            received_cmd:   response.smb_header.command
+            packet:         response
           )
         end
         unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-          raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+          raise RubySMB::Error::UnexpectedStatusCode, response.status_code
         end
         response.data_block.data.to_binary_s
@@ -193,8 +186,7 @@ module RubySMB
           raise RubySMB::Error::InvalidPacket.new(
             expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
             expected_cmd:   RubySMB::SMB1::Packet::Trans2::SetFileInformationResponse::COMMAND,
-            received_proto: response.smb_header.protocol,
-            received_cmd:   response.smb_header.command
+            packet:         response
           )
         end
         response.status_code
@@ -227,11 +219,7 @@ module RubySMB
         total_bytes_written = 0
         loop do
-          atomic_write_size = if bytes > @tree.client.max_buffer_size
-                               @tree.client.max_buffer_size
-                              else
-                                bytes
-                              end
+          atomic_write_size = [bytes, @tree.client.max_buffer_size].min
           write_request = write_packet(data: buffer.slice!(0, atomic_write_size), offset: offset)
           raw_response = @tree.client.send_recv(write_request)
           response = RubySMB::SMB1::Packet::WriteAndxResponse.read(raw_response)
@@ -239,12 +227,11 @@ module RubySMB
             raise RubySMB::Error::InvalidPacket.new(
               expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
               expected_cmd:   RubySMB::SMB1::Packet::WriteAndxResponse::COMMAND,
-              received_proto: response.smb_header.protocol,
-              received_cmd:   response.smb_header.command
+              packet:         response
             )
           end
           unless response.status_code == WindowsError::NTStatus::STATUS_SUCCESS
-            raise RubySMB::Error::UnexpectedStatusCode, response.status_code.name
+            raise RubySMB::Error::UnexpectedStatusCode, response.status_code
           end
           bytes_written = response.parameter_block.count_low + (response.parameter_block.count_high << 16)
           total_bytes_written += bytes_written
@@ -279,8 +266,7 @@ module RubySMB
           raise RubySMB::Error::InvalidPacket.new(
             expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
             expected_cmd:   RubySMB::SMB1::Packet::WriteAndxResponse::COMMAND,
-            received_proto: response.smb_header.protocol,
-            received_cmd:   response.smb_header.command
+            packet:         response
           )
         end
         response.parameter_block.count_low
@@ -298,8 +284,7 @@ module RubySMB
           raise RubySMB::Error::InvalidPacket.new(
             expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
             expected_cmd:   RubySMB::SMB1::Packet::Trans2::SetFileInformationResponse::COMMAND,
-            received_proto: response.smb_header.protocol,
-            received_cmd:   response.smb_header.command
+            packet:         response
           )
         end
         response.status_code