ruby_smb 2.0.7 → 2.0.11

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (53) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/.github/workflows/verify.yml +57 -0
  4. data/README.md +0 -1
  5. data/examples/auth_capture.rb +71 -0
  6. data/lib/ruby_smb/client/negotiation.rb +11 -13
  7. data/lib/ruby_smb/client.rb +32 -27
  8. data/lib/ruby_smb/compression/lznt1.rb +164 -0
  9. data/lib/ruby_smb/compression.rb +7 -0
  10. data/lib/ruby_smb/dialect.rb +45 -0
  11. data/lib/ruby_smb/dispatcher/base.rb +1 -1
  12. data/lib/ruby_smb/dispatcher/socket.rb +1 -1
  13. data/lib/ruby_smb/gss/provider/authenticator.rb +42 -0
  14. data/lib/ruby_smb/gss/provider/ntlm.rb +303 -0
  15. data/lib/ruby_smb/gss/provider.rb +35 -0
  16. data/lib/ruby_smb/gss.rb +56 -63
  17. data/lib/ruby_smb/ntlm.rb +45 -0
  18. data/lib/ruby_smb/server/server_client/negotiation.rb +155 -0
  19. data/lib/ruby_smb/server/server_client/session_setup.rb +82 -0
  20. data/lib/ruby_smb/server/server_client.rb +163 -0
  21. data/lib/ruby_smb/server.rb +54 -0
  22. data/lib/ruby_smb/signing.rb +59 -0
  23. data/lib/ruby_smb/smb1/packet/negotiate_response.rb +11 -11
  24. data/lib/ruby_smb/smb1/packet/negotiate_response_extended.rb +1 -1
  25. data/lib/ruby_smb/smb1/packet/session_setup_request.rb +1 -1
  26. data/lib/ruby_smb/smb1/tree.rb +1 -1
  27. data/lib/ruby_smb/smb2/negotiate_context.rb +18 -2
  28. data/lib/ruby_smb/smb2/packet/compression_transform_header.rb +4 -0
  29. data/lib/ruby_smb/smb2/packet/negotiate_request.rb +9 -0
  30. data/lib/ruby_smb/smb2/packet/negotiate_response.rb +0 -1
  31. data/lib/ruby_smb/smb2/packet/session_setup_response.rb +2 -2
  32. data/lib/ruby_smb/smb2/packet/tree_connect_request.rb +1 -1
  33. data/lib/ruby_smb/smb2/tree.rb +1 -1
  34. data/lib/ruby_smb/smb2.rb +3 -1
  35. data/lib/ruby_smb/version.rb +1 -1
  36. data/lib/ruby_smb.rb +5 -3
  37. data/spec/lib/ruby_smb/client_spec.rb +24 -16
  38. data/spec/lib/ruby_smb/compression/lznt1_spec.rb +32 -0
  39. data/spec/lib/ruby_smb/gss/provider/ntlm/account_spec.rb +32 -0
  40. data/spec/lib/ruby_smb/gss/provider/ntlm/authenticator_spec.rb +101 -0
  41. data/spec/lib/ruby_smb/gss/provider/ntlm/os_version_spec.rb +32 -0
  42. data/spec/lib/ruby_smb/gss/provider/ntlm_spec.rb +113 -0
  43. data/spec/lib/ruby_smb/server/server_client_spec.rb +156 -0
  44. data/spec/lib/ruby_smb/server_spec.rb +32 -0
  45. data/spec/lib/ruby_smb/smb1/tree_spec.rb +4 -4
  46. data/spec/lib/ruby_smb/smb2/negotiate_context_spec.rb +2 -2
  47. data/spec/lib/ruby_smb/smb2/tree_spec.rb +5 -5
  48. data/spec/spec_helper.rb +1 -1
  49. data.tar.gz.sig +3 -1
  50. metadata +30 -4
  51. metadata.gz.sig +0 -0
  52. data/.travis.yml +0 -6
  53. data/lib/ruby_smb/client/signing.rb +0 -64
@@ -501,16 +501,16 @@ RSpec.describe RubySMB::SMB1::Tree do
501
501
  it 'calls #open_file with the provided options' do
502
502
  opts[:filename] ='\\test'
503
503
  expect(tree).to receive(:open_file).with(opts)
504
- tree.open_pipe(opts)
504
+ tree.open_pipe(**opts)
505
505
  end
506
506
 
507
507
  it 'prepends the filename with \\ if needed' do
508
- expect(tree).to receive(:open_file).with( { filename: '\\test', write: true } )
509
- tree.open_pipe(opts)
508
+ expect(tree).to receive(:open_file).with(filename: '\\test', write: true)
509
+ tree.open_pipe(**opts)
510
510
  end
511
511
 
512
512
  it 'does not modify the original option hash' do
513
- tree.open_pipe(opts)
513
+ tree.open_pipe(**opts)
514
514
  expect(opts).to eq( { filename: 'test', write: true } )
515
515
  end
516
516
  end
@@ -162,7 +162,7 @@ RSpec.describe RubySMB::SMB2::CompressionCapabilities do
162
162
  end
163
163
  end
164
164
 
165
- RSpec.describe RubySMB::SMB2::NetnameNegotiateContextId do
165
+ RSpec.describe RubySMB::SMB2::NetnameNegotiateContextId do
166
166
  subject(:capability) { described_class.new }
167
167
 
168
168
  it { is_expected.to respond_to :net_name }
@@ -173,7 +173,7 @@ RSpec.describe RubySMB::SMB2::NetnameNegotiateContextId do
173
173
 
174
174
  describe '#net_name' do
175
175
  it 'is a unicode string' do
176
- expect(capability.net_name).to be_a RubySMB::Field::Stringz16
176
+ expect(capability.net_name).to be_a RubySMB::Field::String16
177
177
  end
178
178
  end
179
179
 
@@ -540,17 +540,17 @@ RSpec.describe RubySMB::SMB2::Tree do
540
540
 
541
541
  it 'calls #open_file with the provided options' do
542
542
  opts[:filename] ='test'
543
- expect(tree).to receive(:open_file).with(opts)
544
- tree.open_pipe(opts)
543
+ expect(tree).to receive(:open_file).with(**opts)
544
+ tree.open_pipe(**opts)
545
545
  end
546
546
 
547
547
  it 'remove the leading \\ from the filename if needed' do
548
- expect(tree).to receive(:open_file).with( { filename: 'test', write: true } )
549
- tree.open_pipe(opts)
548
+ expect(tree).to receive(:open_file).with(filename: 'test', write: true)
549
+ tree.open_pipe(**opts)
550
550
  end
551
551
 
552
552
  it 'does not modify the original option hash' do
553
- tree.open_pipe(opts)
553
+ tree.open_pipe(**opts)
554
554
  expect(opts).to eq( { filename: '\\test', write: true } )
555
555
  end
556
556
  end
data/spec/spec_helper.rb CHANGED
@@ -7,7 +7,7 @@ end
7
7
  require 'coveralls'
8
8
  require 'ruby_smb'
9
9
 
10
- if ENV['TRAVIS'] == 'true'
10
+ if ENV['CI'] == 'true'
11
11
  # don't generate local report as it is inaccessible on travis-ci, which is
12
12
  # why coveralls is being used.
13
13
  SimpleCov.formatter = Coveralls::SimpleCov::Formatter
data.tar.gz.sig CHANGED
@@ -1 +1,3 @@
1
- l]@@�g���ښ����r2�ƥ�(N:⋚𐻨����t���S���³R+r���(M[y�� =����3�g�j83��R�_r@Ѡ@m×ޘ�<��m��`c�@rk��Ȗ�������Ç蚌�YHW��[�wQ�1Ac�U�}���AW���A=��*�u|�q���J���*��py�o�׬|x0�)��*��o���
1
+ )��3PIco�!�r
2
+ �.6� �;�D�H��r�� �Ɔ��#L�0�l��ǀ�ҫ��������p3����¡� ڥ P!�ˢA��b�$"�h�h<�Z\L�ӕ@��@E��oJ�U��[E�v{E=-���l���'~����\^�g? ���ǰQ���5l�:�� [Г��|��oy����`��Y�&[�!�jI���c6��<�Gec
3
+ nMj
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_smb
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.7
4
+ version: 2.0.11
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -97,7 +97,7 @@ cert_chain:
97
97
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
98
98
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
99
99
  -----END CERTIFICATE-----
100
- date: 2020-11-19 00:00:00.000000000 Z
100
+ date: 2021-08-25 00:00:00.000000000 Z
101
101
  dependencies:
102
102
  - !ruby/object:Gem::Dependency
103
103
  name: redcarpet
@@ -246,10 +246,10 @@ executables: []
246
246
  extensions: []
247
247
  extra_rdoc_files: []
248
248
  files:
249
+ - ".github/workflows/verify.yml"
249
250
  - ".gitignore"
250
251
  - ".rspec"
251
252
  - ".simplecov"
252
- - ".travis.yml"
253
253
  - ".yardopts"
254
254
  - CONTRIBUTING.md
255
255
  - Gemfile
@@ -258,6 +258,7 @@ files:
258
258
  - Rakefile
259
259
  - examples/anonymous_auth.rb
260
260
  - examples/append_file.rb
261
+ - examples/auth_capture.rb
261
262
  - examples/authenticate.rb
262
263
  - examples/delete_file.rb
263
264
  - examples/enum_registry_key.rb
@@ -280,10 +281,11 @@ files:
280
281
  - lib/ruby_smb/client/echo.rb
281
282
  - lib/ruby_smb/client/encryption.rb
282
283
  - lib/ruby_smb/client/negotiation.rb
283
- - lib/ruby_smb/client/signing.rb
284
284
  - lib/ruby_smb/client/tree_connect.rb
285
285
  - lib/ruby_smb/client/utils.rb
286
286
  - lib/ruby_smb/client/winreg.rb
287
+ - lib/ruby_smb/compression.rb
288
+ - lib/ruby_smb/compression/lznt1.rb
287
289
  - lib/ruby_smb/crypto.rb
288
290
  - lib/ruby_smb/dcerpc.rb
289
291
  - lib/ruby_smb/dcerpc/bind.rb
@@ -345,6 +347,7 @@ files:
345
347
  - lib/ruby_smb/dcerpc/winreg/regsam.rb
346
348
  - lib/ruby_smb/dcerpc/winreg/save_key_request.rb
347
349
  - lib/ruby_smb/dcerpc/winreg/save_key_response.rb
350
+ - lib/ruby_smb/dialect.rb
348
351
  - lib/ruby_smb/dispatcher.rb
349
352
  - lib/ruby_smb/dispatcher/base.rb
350
353
  - lib/ruby_smb/dispatcher/socket.rb
@@ -379,12 +382,21 @@ files:
379
382
  - lib/ruby_smb/fscc/file_information/file_rename_information.rb
380
383
  - lib/ruby_smb/generic_packet.rb
381
384
  - lib/ruby_smb/gss.rb
385
+ - lib/ruby_smb/gss/provider.rb
386
+ - lib/ruby_smb/gss/provider/authenticator.rb
387
+ - lib/ruby_smb/gss/provider/ntlm.rb
382
388
  - lib/ruby_smb/impersonation_levels.rb
383
389
  - lib/ruby_smb/nbss.rb
384
390
  - lib/ruby_smb/nbss/negative_session_response.rb
385
391
  - lib/ruby_smb/nbss/netbios_name.rb
386
392
  - lib/ruby_smb/nbss/session_header.rb
387
393
  - lib/ruby_smb/nbss/session_request.rb
394
+ - lib/ruby_smb/ntlm.rb
395
+ - lib/ruby_smb/server.rb
396
+ - lib/ruby_smb/server/server_client.rb
397
+ - lib/ruby_smb/server/server_client/negotiation.rb
398
+ - lib/ruby_smb/server/server_client/session_setup.rb
399
+ - lib/ruby_smb/signing.rb
388
400
  - lib/ruby_smb/smb1.rb
389
401
  - lib/ruby_smb/smb1/andx_block.rb
390
402
  - lib/ruby_smb/smb1/bit_field.rb
@@ -526,6 +538,7 @@ files:
526
538
  - lib/ruby_smb/version.rb
527
539
  - ruby_smb.gemspec
528
540
  - spec/lib/ruby_smb/client_spec.rb
541
+ - spec/lib/ruby_smb/compression/lznt1_spec.rb
529
542
  - spec/lib/ruby_smb/crypto_spec.rb
530
543
  - spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
531
544
  - spec/lib/ruby_smb/dcerpc/bind_spec.rb
@@ -610,10 +623,16 @@ files:
610
623
  - spec/lib/ruby_smb/fscc/file_information/file_rename_information_spec.rb
611
624
  - spec/lib/ruby_smb/fscc/fscc_file_attributes_spec.rb
612
625
  - spec/lib/ruby_smb/generic_packet_spec.rb
626
+ - spec/lib/ruby_smb/gss/provider/ntlm/account_spec.rb
627
+ - spec/lib/ruby_smb/gss/provider/ntlm/authenticator_spec.rb
628
+ - spec/lib/ruby_smb/gss/provider/ntlm/os_version_spec.rb
629
+ - spec/lib/ruby_smb/gss/provider/ntlm_spec.rb
613
630
  - spec/lib/ruby_smb/nbss/negative_session_response_spec.rb
614
631
  - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
615
632
  - spec/lib/ruby_smb/nbss/session_header_spec.rb
616
633
  - spec/lib/ruby_smb/nbss/session_request_spec.rb
634
+ - spec/lib/ruby_smb/server/server_client_spec.rb
635
+ - spec/lib/ruby_smb/server_spec.rb
617
636
  - spec/lib/ruby_smb/smb1/andx_block_spec.rb
618
637
  - spec/lib/ruby_smb/smb1/bit_field/capabilities_spec.rb
619
638
  - spec/lib/ruby_smb/smb1/bit_field/create_options_spec.rb
@@ -760,6 +779,7 @@ specification_version: 4
760
779
  summary: A pure Ruby implementation of the SMB Protocol Family
761
780
  test_files:
762
781
  - spec/lib/ruby_smb/client_spec.rb
782
+ - spec/lib/ruby_smb/compression/lznt1_spec.rb
763
783
  - spec/lib/ruby_smb/crypto_spec.rb
764
784
  - spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
765
785
  - spec/lib/ruby_smb/dcerpc/bind_spec.rb
@@ -844,10 +864,16 @@ test_files:
844
864
  - spec/lib/ruby_smb/fscc/file_information/file_rename_information_spec.rb
845
865
  - spec/lib/ruby_smb/fscc/fscc_file_attributes_spec.rb
846
866
  - spec/lib/ruby_smb/generic_packet_spec.rb
867
+ - spec/lib/ruby_smb/gss/provider/ntlm/account_spec.rb
868
+ - spec/lib/ruby_smb/gss/provider/ntlm/authenticator_spec.rb
869
+ - spec/lib/ruby_smb/gss/provider/ntlm/os_version_spec.rb
870
+ - spec/lib/ruby_smb/gss/provider/ntlm_spec.rb
847
871
  - spec/lib/ruby_smb/nbss/negative_session_response_spec.rb
848
872
  - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
849
873
  - spec/lib/ruby_smb/nbss/session_header_spec.rb
850
874
  - spec/lib/ruby_smb/nbss/session_request_spec.rb
875
+ - spec/lib/ruby_smb/server/server_client_spec.rb
876
+ - spec/lib/ruby_smb/server_spec.rb
851
877
  - spec/lib/ruby_smb/smb1/andx_block_spec.rb
852
878
  - spec/lib/ruby_smb/smb1/bit_field/capabilities_spec.rb
853
879
  - spec/lib/ruby_smb/smb1/bit_field/create_options_spec.rb
metadata.gz.sig CHANGED
Binary file
data/.travis.yml DELETED
@@ -1,6 +0,0 @@
1
- language: ruby
2
- sudo: false
3
- rvm:
4
- - '2.5.8'
5
- - '2.6.6'
6
- - '2.7.0'
@@ -1,64 +0,0 @@
1
- module RubySMB
2
- class Client
3
- # Contains the methods for handling packet signing
4
- module Signing
5
- # The NTLM Session Key used for signing
6
- # @!attribute [rw] session_key
7
- # @return [String]
8
- attr_accessor :session_key
9
-
10
- # Take an SMB1 packet and checks to see if it should be signed.
11
- # If signing is enabled and we have a session key already, then
12
- # it will sign the packet appropriately.
13
- #
14
- # @param packet [RubySMB::GenericPacket] the packet to sign
15
- # @return [RubySMB::GenericPacket] the packet, signed if needed
16
- def smb1_sign(packet)
17
- if signing_required && !session_key.empty?
18
- # Pack the Sequence counter into a int64le
19
- packed_sequence_counter = [sequence_counter].pack('Q<')
20
- packet.smb_header.security_features = packed_sequence_counter
21
- signature = OpenSSL::Digest::MD5.digest(session_key + packet.to_binary_s)[0, 8]
22
- packet.smb_header.security_features = signature
23
- self.sequence_counter += 1
24
- end
25
- packet
26
- end
27
-
28
- # Take an SMB2 packet and checks to see if it should be signed.
29
- # If signing is enabled and we have a session key already, then
30
- # it will sign the packet appropriately.
31
- #
32
- # @param packet [RubySMB::GenericPacket] the packet to sign
33
- # @return [RubySMB::GenericPacket] the packet, signed if needed
34
- def smb2_sign(packet)
35
- if signing_required && !session_key.empty?
36
- packet.smb2_header.flags.signed = 1
37
- packet.smb2_header.signature = "\x00" * 16
38
- hmac = OpenSSL::HMAC.digest(OpenSSL::Digest::SHA256.new, session_key, packet.to_binary_s)
39
- packet.smb2_header.signature = hmac[0, 16]
40
- end
41
- packet
42
- end
43
-
44
- def smb3_sign(packet)
45
- if !session_key.empty? && (signing_required || packet.is_a?(RubySMB::SMB2::Packet::TreeConnectRequest))
46
- case @dialect
47
- when '0x0300', '0x0302'
48
- signing_key = RubySMB::Crypto::KDF.counter_mode(@session_key, "SMB2AESCMAC\x00", "SmbSign\x00")
49
- when '0x0311'
50
- signing_key = RubySMB::Crypto::KDF.counter_mode(@session_key, "SMBSigningKey\x00", @preauth_integrity_hash_value)
51
- else
52
- raise RubySMB::Error::SigningError.new('Dialect is incompatible with SMBv3 signing')
53
- end
54
-
55
- packet.smb2_header.flags.signed = 1
56
- packet.smb2_header.signature = "\x00" * 16
57
- hmac = OpenSSL::CMAC.digest('AES', signing_key, packet.to_binary_s)
58
- packet.smb2_header.signature = hmac[0, 16]
59
- end
60
- packet
61
- end
62
- end
63
- end
64
- end