RubyGems - ruby_smb - Versions diffs - 2.0.12 → 2.0.13 - Mend

ruby_smb 2.0.12 → 2.0.13

Files changed (194) hide show

data/lib/ruby_smb/field/string16.rb CHANGED Viewed

@@ -3,12 +3,16 @@ module RubySMB
     # Represents a String in UTF-16LE
     class String16 < BinData::String
       def assign(val)
-        super(val.encode('utf-16le'))
+        super(val.to_s.encode('utf-16le')).force_encoding('utf-16le')
       end
       def snapshot
         super.force_encoding('utf-16le')
       end
+      def read_and_return_value(io)
+        super.force_encoding('utf-16le')
+      end
     end
   end
 end

data/lib/ruby_smb/ntlm.rb CHANGED Viewed

@@ -28,13 +28,29 @@ module RubySMB
       :KEY56                    => 1 << 31
     }.freeze
+    DEFAULT_CLIENT_FLAGS =
+      NEGOTIATE_FLAGS[:UNICODE] |
+      NEGOTIATE_FLAGS[:SIGN] |
+      NEGOTIATE_FLAGS[:SEAL] |
+      NEGOTIATE_FLAGS[:REQUEST_TARGET] |
+      NEGOTIATE_FLAGS[:NTLM] |
+      NEGOTIATE_FLAGS[:ALWAYS_SIGN] |
+      NEGOTIATE_FLAGS[:EXTENDED_SECURITY] |
+      NEGOTIATE_FLAGS[:KEY128] |
+      NEGOTIATE_FLAGS[:KEY_EXCHANGE] |
+      NEGOTIATE_FLAGS[:KEY56] |
+      NEGOTIATE_FLAGS[:TARGET_INFO] |
+      NEGOTIATE_FLAGS[:VERSION_INFO]
+    # [[MS-NLMP] 2.2.2.10 VERSION](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/b1a6ceb2-f8ad-462b-b5af-f18527c48175)
     class OSVersion < BinData::Record
-      endian :big
+      endian :little
       uint8  :major
       uint8  :minor
       uint16 :build
-      uint32 :ntlm_revision, initial_value: 15
+      uint24 :reserved
+      uint8  :ntlm_revision, initial_value: 15
       def to_s
         "Version #{major}.#{minor} (Build #{build}); NTLM Current Revision #{ntlm_revision}"

data/lib/ruby_smb/smb1/pipe.rb CHANGED Viewed

@@ -24,6 +24,10 @@ module RubySMB
           extend RubySMB::Dcerpc::Svcctl
         when 'winreg', '\\winreg'
           extend RubySMB::Dcerpc::Winreg
+        when 'samr', '\\samr'
+          extend RubySMB::Dcerpc::Samr
+        when 'wkssvc', '\\wkssvc'
+          extend RubySMB::Dcerpc::Wkssvc
         end
         super(tree: tree, response: response, name: name)
       end

data/lib/ruby_smb/smb2/pipe.rb CHANGED Viewed

@@ -21,6 +21,10 @@ module RubySMB
           extend RubySMB::Dcerpc::Svcctl
         when 'winreg', '\\winreg'
           extend RubySMB::Dcerpc::Winreg
+        when 'samr', '\\samr'
+          extend RubySMB::Dcerpc::Samr
+        when 'wkssvc', '\\wkssvc'
+          extend RubySMB::Dcerpc::Wkssvc
         end
         super(tree: tree, response: response, name: name)
       end

data/lib/ruby_smb/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '2.0.12'.freeze
+  VERSION = '2.0.13'.freeze
 end

data/spec/lib/ruby_smb/client_spec.rb CHANGED Viewed

@@ -126,8 +126,7 @@ RSpec.describe RubySMB::Client do
         expect(password).to eq(password)
         expect(opt[:workstation]).to eq(local_workstation)
         expect(opt[:domain]).to eq(domain)
-        flags = Net::NTLM::Client::DEFAULT_FLAGS |
-          Net::NTLM::FLAGS[:TARGET_INFO] | 0x02000000 ^ Net::NTLM::FLAGS[:OEM]
+        flags = RubySMB::NTLM::DEFAULT_CLIENT_FLAGS
         expect(opt[:flags]).to eq(flags)
       end

data/spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb CHANGED Viewed

@@ -7,7 +7,8 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
   it { is_expected.to respond_to :assoc_group_id }
   it { is_expected.to respond_to :sec_addr }
   it { is_expected.to respond_to :p_result_list }
-  it { is_expected.to respond_to :auth_verifier }
+  it { is_expected.to respond_to :sec_trailer }
+  it { is_expected.to respond_to :auth_value }
   it 'is little endian' do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
@@ -26,8 +27,8 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
   end
   describe '#max_xmit_frag' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.max_xmit_frag).to be_a BinData::Uint16le
+    it 'should be a NdrUint16' do
+      expect(packet.max_xmit_frag).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
     it 'should have a default value of 0xFFFF' do
@@ -36,8 +37,8 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
   end
   describe '#max_recv_frag' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.max_recv_frag).to be_a BinData::Uint16le
+    it 'should be a NdrUint16' do
+      expect(packet.max_recv_frag).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
     it 'should have a default value of 0xFFFF' do
@@ -46,15 +47,8 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
   end
   describe '#assoc_group_id' do
-    it 'should be a 32-bit unsigned integer' do
-      expect(packet.assoc_group_id).to be_a BinData::Uint32le
-    end
-  end
-  describe '#pad' do
-    it 'should keep #p_result_list 4-byte aligned' do
-      packet.sec_addr.port_spec = "test"
-      expect(packet.p_result_list.abs_offset % 4).to eq 0
+    it 'should be a NdrUint32' do
+      expect(packet.assoc_group_id).to be_a RubySMB::Dcerpc::Ndr::NdrUint32
     end
   end
@@ -64,45 +58,49 @@ RSpec.describe RubySMB::Dcerpc::BindAck do
     end
   end
-  describe '#auth_verifier' do
-    it 'should be a string' do
-      expect(packet.auth_verifier).to be_a BinData::String
+  describe '#sec_trailer' do
+    it 'should be a SecTrailer structure' do
+      expect(packet.sec_trailer).to be_a RubySMB::Dcerpc::SecTrailer
     end
     it 'should not exist if the #auth_length PDU header field is 0' do
       packet.pdu_header.auth_length = 0
-      expect(packet.auth_verifier?).to be false
+      expect(packet.sec_trailer?).to be false
     end
     it 'should exist only if the #auth_length PDU header field is greater than 0' do
       packet.pdu_header.auth_length = 10
-      expect(packet.auth_verifier?).to be true
+      expect(packet.sec_trailer?).to be true
     end
+  end
-    it 'reads #auth_length bytes' do
-      auth_verifier = '12345678'
-      packet.pdu_header.auth_length = 6
-      packet.auth_verifier.read(auth_verifier)
-      expect(packet.auth_verifier).to eq(auth_verifier[0,6])
+  describe '#auth_value' do
+    it 'should be a string' do
+      expect(packet.auth_value).to be_a BinData::String
     end
-  end
-  describe '#pad_length' do
-    it 'returns 0 when #p_result_list is already 4-byte aligned' do
-      packet.sec_addr.port_spec = 'align'
-      expect(packet.pad_length).to eq 0
+    it 'should not exist if the #auth_length PDU header field is 0' do
+      packet.pdu_header.auth_length = 0
+      expect(packet.auth_value?).to be false
     end
-    it 'returns 2 when #p_result_list is only 2-byte aligned' do
-      packet.sec_addr.port_spec = 'align' + 'AA'
-      expect(packet.pad_length).to eq 2
+    it 'should exist only if the #auth_length PDU header field is greater than 0' do
+      packet.pdu_header.auth_length = 10
+      expect(packet.auth_value?).to be true
+    end
+    it 'reads #auth_length bytes' do
+      auth_value = '12345678'
+      packet.pdu_header.auth_length = 6
+      packet.auth_value.read(auth_value)
+      expect(packet.auth_value).to eq(auth_value[0,6])
     end
   end
   it 'reads its own binary representation and output the same packet' do
     packet.sec_addr.port_spec = "port spec"
     packet.p_result_list.n_results = 2
-    packet.auth_verifier = '123456'
+    packet.auth_value = '123456'
     packet.pdu_header.auth_length = 6
     binary = packet.to_binary_s
     expect(described_class.read(binary)).to eq(packet)
@@ -119,9 +117,13 @@ RSpec.describe RubySMB::Dcerpc::PortAnyT do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
   end
+  it 'has a default alignment of 2 bytes' do
+    expect(described_class.default_parameters[:byte_align]).to eq 2
+  end
   describe '#str_length' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.str_length).to be_a BinData::Uint16le
+    it 'should be a NdrUint16' do
+      expect(packet.str_length).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
     it 'should be the size of #port_spec string, including the NULL terminator' do
@@ -148,15 +150,33 @@ RSpec.describe RubySMB::Dcerpc::PResultListT do
   subject(:packet) { described_class.new }
   it { is_expected.to respond_to :n_results }
+  it { is_expected.to respond_to :reserved }
+  it { is_expected.to respond_to :reserved2 }
   it { is_expected.to respond_to :p_results }
   it 'is little endian' do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
   end
+  it 'has a default alignment of 4 bytes' do
+    expect(described_class.default_parameters[:byte_align]).to eq 4
+  end
   describe '#n_results' do
-    it 'should be a 8-bit unsigned integer' do
-      expect(packet.n_results).to be_a BinData::Uint8
+    it 'should be a NdrUint8' do
+      expect(packet.n_results).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+  end
+  describe '#reserved' do
+    it 'should be a NdrUint8' do
+      expect(packet.reserved).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+  end
+  describe '#reserved2' do
+    it 'should be a NdrUint16' do
+      expect(packet.reserved2).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
   end
@@ -172,6 +192,10 @@ RSpec.describe RubySMB::Dcerpc::PResultListT do
       packet.n_results = n_elements
       expect(packet.p_results.size).to eq n_elements
     end
+    it 'has a default alignment of 4 bytes' do
+      expect(packet.p_results.get_parameter(:byte_align)).to eq 4
+    end
   end
   it 'reads its own binary representation and output the same packet' do
@@ -192,15 +216,19 @@ RSpec.describe RubySMB::Dcerpc::PResultT do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
   end
+  it 'has a default alignment of 4 bytes' do
+    expect(described_class.default_parameters[:byte_align]).to eq 4
+  end
   describe '#result' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.result).to be_a BinData::Uint16le
+    it 'should be a NdrUint16' do
+      expect(packet.result).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
   end
   describe '#reason' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.reason).to be_a BinData::Uint16le
+    it 'should be a NdrUint16' do
+      expect(packet.reason).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
   end

data/spec/lib/ruby_smb/dcerpc/bind_spec.rb CHANGED Viewed

@@ -17,7 +17,8 @@ RSpec.describe RubySMB::Dcerpc::Bind do
   it { is_expected.to respond_to :max_recv_frag }
   it { is_expected.to respond_to :assoc_group_id }
   it { is_expected.to respond_to :p_context_list }
-  it { is_expected.to respond_to :auth_verifier }
+  it { is_expected.to respond_to :sec_trailer }
+  it { is_expected.to respond_to :auth_value }
   it 'is little endian' do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
@@ -36,8 +37,8 @@ RSpec.describe RubySMB::Dcerpc::Bind do
   end
   describe '#max_xmit_frag' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.max_xmit_frag).to be_a BinData::Uint16le
+    it 'should be NdrUint16' do
+      expect(packet.max_xmit_frag).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
     it 'should have a default value of 0xFFFF' do
@@ -46,8 +47,8 @@ RSpec.describe RubySMB::Dcerpc::Bind do
   end
   describe '#max_recv_frag' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.max_recv_frag).to be_a BinData::Uint16le
+    it 'should be NdrUint16' do
+      expect(packet.max_recv_frag).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
     it 'should have a default value of 0xFFFF' do
@@ -56,8 +57,8 @@ RSpec.describe RubySMB::Dcerpc::Bind do
   end
   describe '#assoc_group_id' do
-    it 'should be a 32-bit unsigned integer' do
-      expect(packet.assoc_group_id).to be_a BinData::Uint32le
+    it 'should be NdrUint32' do
+      expect(packet.assoc_group_id).to be_a RubySMB::Dcerpc::Ndr::NdrUint32
     end
   end
@@ -71,32 +72,48 @@ RSpec.describe RubySMB::Dcerpc::Bind do
     end
   end
-  describe '#auth_verifier' do
+  describe '#sec_trailer' do
+    it 'should be SecTrailer structure' do
+      expect(packet.sec_trailer).to be_a RubySMB::Dcerpc::SecTrailer
+    end
+    it 'should not exist if the #auth_length PDU header field is 0' do
+      packet.pdu_header.auth_length = 0
+      expect(packet.sec_trailer?).to be false
+    end
+    it 'should exist only if the #auth_length PDU header field is greater than 0' do
+      packet.pdu_header.auth_length = 10
+      expect(packet.sec_trailer?).to be true
+    end
+  end
+  describe '#auth_value' do
     it 'should be a string' do
-      expect(packet.auth_verifier).to be_a BinData::String
+      expect(packet.auth_value).to be_a BinData::String
     end
     it 'should not exist if the #auth_length PDU header field is 0' do
       packet.pdu_header.auth_length = 0
-      expect(packet.auth_verifier?).to be false
+      expect(packet.auth_value?).to be false
     end
     it 'should exist only if the #auth_length PDU header field is greater than 0' do
       packet.pdu_header.auth_length = 10
-      expect(packet.auth_verifier?).to be true
+      expect(packet.auth_value?).to be true
     end
     it 'reads #auth_length bytes' do
-      auth_verifier = '12345678'
+      auth_value = '12345678'
       packet.pdu_header.auth_length = 6
-      packet.auth_verifier.read(auth_verifier)
-      expect(packet.auth_verifier).to eq(auth_verifier[0,6])
+      packet.auth_value.read(auth_value)
+      expect(packet.auth_value).to eq(auth_value[0,6])
     end
   end
   it 'reads its own binary representation and output the same packet' do
     packet = described_class.new(endpoint: endpoint)
-    packet.auth_verifier = '123456'
+    packet.auth_value = '123456'
     packet.pdu_header.auth_length = 6
     binary = packet.to_binary_s
     expect(described_class.read(binary)).to eq(packet)
@@ -118,15 +135,21 @@ RSpec.describe RubySMB::Dcerpc::PContListT do
   subject(:packet) { described_class.new }
   it { is_expected.to respond_to :n_context_elem }
+  it { is_expected.to respond_to :reserved }
+  it { is_expected.to respond_to :reserved2 }
   it { is_expected.to respond_to :p_cont_elem }
   it 'is little endian' do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
   end
+  it 'has a default alignment of 4 bytes' do
+    expect(described_class.default_parameters[:byte_align]).to eq 4
+  end
   describe '#n_context_elem' do
-    it 'should be a 8-bit unsigned integer' do
-      expect(packet.n_context_elem).to be_a BinData::Uint8
+    it 'should be NdrUint8' do
+      expect(packet.n_context_elem).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
     end
     it 'should have the default value 1' do
@@ -134,6 +157,18 @@ RSpec.describe RubySMB::Dcerpc::PContListT do
     end
   end
+  describe '#reserved' do
+    it 'should be NdrUint8' do
+      expect(packet.reserved).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+  end
+  describe '#reserved2' do
+    it 'should be NdrUint16' do
+      expect(packet.reserved2).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
+    end
+  end
   describe '#p_cont_elem' do
     it 'should be an array of type PContElemT' do
       expect(packet.p_cont_elem).to be_a BinData::Array
@@ -150,6 +185,10 @@ RSpec.describe RubySMB::Dcerpc::PContListT do
     it 'should have an #endpoint parameter' do
       expect(packet.p_cont_elem.has_parameter?(:endpoint)).to be true
     end
+    it 'has a default alignment of 4 bytes' do
+      expect(packet.p_cont_elem.get_parameter(:byte_align)).to eq 4
+    end
   end
   it 'reads its own binary representation and output the same packet' do
@@ -175,6 +214,7 @@ RSpec.describe RubySMB::Dcerpc::PContElemT do
   it { is_expected.to respond_to :p_cont_id }
   it { is_expected.to respond_to :n_transfer_syn }
+  it { is_expected.to respond_to :reserved }
   it { is_expected.to respond_to :abstract_syntax }
   it { is_expected.to respond_to :transfer_syntaxes }
@@ -182,15 +222,19 @@ RSpec.describe RubySMB::Dcerpc::PContElemT do
     expect(described_class.fields.instance_variable_get(:@hints)[:endian]).to eq :little
   end
+  it 'has a default alignment of 4 bytes' do
+    expect(described_class.default_parameters[:byte_align]).to eq 4
+  end
   describe '#p_cont_id' do
-    it 'should be a 16-bit unsigned integer' do
-      expect(packet.p_cont_id).to be_a BinData::Uint16le
+    it 'should be NdrUint16' do
+      expect(packet.p_cont_id).to be_a RubySMB::Dcerpc::Ndr::NdrUint16
     end
   end
   describe '#n_transfer_syn' do
-    it 'should be a 8-bit unsigned integer' do
-      expect(packet.n_transfer_syn).to be_a BinData::Uint8
+    it 'should be NdrUint8' do
+      expect(packet.n_transfer_syn).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
     end
     it 'should have the default value 1' do
@@ -198,6 +242,12 @@ RSpec.describe RubySMB::Dcerpc::PContElemT do
     end
   end
+  describe '#reserved' do
+    it 'should be NdrUint8' do
+      expect(packet.reserved).to be_a RubySMB::Dcerpc::Ndr::NdrUint8
+    end
+  end
   describe '#abstract_syntax' do
     it 'should be a PSyntaxIdT structure' do
       expect(packet.abstract_syntax).to be_a RubySMB::Dcerpc::PSyntaxIdT
@@ -251,6 +301,10 @@ RSpec.describe RubySMB::Dcerpc::PContElemT do
       expect(packet.transfer_syntaxes[0].if_ver_major).to eq RubySMB::Dcerpc::Ndr::VER_MAJOR
       expect(packet.transfer_syntaxes[0].if_ver_minor).to eq RubySMB::Dcerpc::Ndr::VER_MINOR
     end
+    it 'has a default alignment of 4 bytes' do
+      expect(packet.transfer_syntaxes.get_parameter(:byte_align)).to eq 4
+    end
   end
   it 'reads its own binary representation and output the same packet' do