ruby_smb 2.0.7 → 2.0.8

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c1e0d11d506c513f94ddc1efedf51d0e65b5a5f888f8d176cd93ffb960837ba9
-  data.tar.gz: b971db16ef47093b1d94ff9197b3cf5d222cbd475d9fda693bb0909341605072
+  metadata.gz: e3cfb7914736c49c84c366382e133ea0c2e9a5ecb6f0a3badceb498652bbaa76
+  data.tar.gz: 6f47a0ad156545a259d0496f9e1c59d50b6327889600b6acda0e93ec5c835963
 SHA512:
-  metadata.gz: cb50b51053a49ad9d06109b882eaad4288329f58609626630b4cb3b77cf88acf9fa51243778741d1fac514904bee5cb46ccb97af211aee3983b2ef03a93b47a8
-  data.tar.gz: c57b3002a49e2a001fd17b1e088ad74dd8b1b465c6d393611817be2ae71217bde1f86fe579025a0af23b8d6e8d894a1ae24f376fda8dc24d5e2a2f274c65ae9f
+  metadata.gz: 90c181090093eeb71d4ef508a2b1e7b75ccb31b7e40cdee973397f7554af1085e8b39a518f43e9e4e3eba5fd12d0677d1f059ed614eab8dfb5b0db74a956236a
+  data.tar.gz: 443e97e78383d44deb155c0d6e3ca8bc3923c49b2561fa41670e09d7916cdfaa7223143a29b24697699e7470cdcaf6f71a2e0e4167d8c19a7b80b2fc56b2a555

data.tar.gz.sig

@@ -1 +1 @@
-l]@@�g���ښ����r2�ƥ�(N:⋚𐻨����t���S���³R+r���(M[y��	=����3�g�j83��R�_r@Ѡ@m×ޘ�<��m��`c�@rk��Ȗ�������Ç蚌�YHW��[�wQ�1Ac�U�}���AW���A=��*�u|�q���J���*��py�o�׬|x0�)��*��o���
+�Ss�.�倮�����;�ͦ��c7-ȡ��.�84����R�Q�.]��^�_��w� =r��ܖhu9r(�9��0�D@�˫"c��z�N{-��F~U�3����@/��
nD~,O���B��^tƯ�F>�Ż��4��tתp@ҫw�,B������j9��
 ��J�t��&kk��94��*��GTL9p�C

data/.github/workflows/verify.yml

@@ -0,0 +1,56 @@
+name: Verify
+
+on:
+  push:
+    branches:
+      - '*'
+  pull_request:
+    branches:
+      - '*'
+
+jobs:
+  test:
+    runs-on: ubuntu-16.04
+    timeout-minutes: 40
+
+    strategy:
+      fail-fast: true
+      matrix:
+        ruby:
+          - 2.5
+          - 2.6
+          - 2.7
+        test_cmd:
+          - bundle exec rspec
+
+    env:
+      RAILS_ENV: test
+
+    name: Ruby ${{ matrix.ruby }} - ${{ matrix.test_cmd }}
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - uses: actions/setup-ruby@v1
+        with:
+          ruby-version: ${{ matrix.ruby }}
+
+      - name: Setup bundler
+        run: |
+          gem install bundler
+      - uses: actions/cache@v2
+        with:
+          path: vendor/bundle
+          key: ${{ runner.os }}-gems-${{ hashFiles('**/Gemfile.lock') }}
+          restore-keys: |
+            ${{ runner.os }}-gems-
+      - name: Bundle install
+        run: |
+          bundle config path vendor/bundle
+          bundle install --jobs 4 --retry 3
+      - name: ${{ matrix.test_cmd }}
+        run: |
+          echo "${CMD}"
+          bash -c "${CMD}"
+        env:
+          CMD: ${{ matrix.test_cmd }}

data/README.md

@@ -1,6 +1,5 @@
 # RubySMB
 
-[![Build Status](https://travis-ci.org/rapid7/ruby_smb.svg?branch=master)](https://travis-ci.org/rapid7/ruby_smb)
 [![Code Climate](https://codeclimate.com/github/rapid7/ruby_smb.png)](https://codeclimate.com/github/rapid7/ruby_smb)
 [![Coverage Status](https://coveralls.io/repos/github/rapid7/ruby_smb/badge.svg?branch=master)](https://coveralls.io/github/rapid7/ruby_smb?branch=master)
 

data/lib/ruby_smb.rb

@@ -8,8 +8,8 @@ require 'windows_error'
 require 'windows_error/nt_status'
 # A packet parsing and manipulation library for the SMB1 and SMB2 protocols
 #
-# [[MS-SMB] Server Mesage Block (SMB) Protocol Version 1](https://msdn.microsoft.com/en-us/library/cc246482.aspx)
-# [[MS-SMB2] Server Mesage Block (SMB) Protocol Versions 2 and 3](https://msdn.microsoft.com/en-us/library/cc246482.aspx)
+# [[MS-SMB] Server Message Block (SMB) Protocol Version 1](https://msdn.microsoft.com/en-us/library/cc246482.aspx)
+# [[MS-SMB2] Server Message Block (SMB) Protocol Versions 2 and 3](https://msdn.microsoft.com/en-us/library/cc246482.aspx)
 module RubySMB
   require 'ruby_smb/error'
   require 'ruby_smb/dispositions'
@@ -26,4 +26,5 @@ module RubySMB
   require 'ruby_smb/smb1'
   require 'ruby_smb/client'
   require 'ruby_smb/crypto'
+  require 'ruby_smb/compression'
 end

data/lib/ruby_smb/client.rb

@@ -296,7 +296,7 @@ module RubySMB
       @smb3              = smb3
       @username          = username.encode('utf-8') || ''.encode('utf-8')
       @max_buffer_size   = MAX_BUFFER_SIZE
-      # These sizes will be modifed during negotiation
+      # These sizes will be modified during negotiation
       @server_max_buffer_size = SERVER_MAX_BUFFER_SIZE
       @server_max_read_size   = RubySMB::SMB2::File::MAX_PACKET_SIZE
       @server_max_write_size  = RubySMB::SMB2::File::MAX_PACKET_SIZE
@@ -431,7 +431,7 @@ module RubySMB
     end
 
     # Sends a packet and receives the raw response through the Dispatcher.
-    # It will also sign the packet if neccessary.
+    # It will also sign the packet if necessary.
     #
     # @param packet [RubySMB::GenericPacket] the request to be sent
     # @param encrypt [Boolean] true if encryption has to be enabled for this transaction

data/lib/ruby_smb/client/negotiation.rb

@@ -275,8 +275,8 @@ module RubySMB
             context_type: RubySMB::SMB2::NegotiateContext::SMB2_COMPRESSION_CAPABILITIES
           )
           # Adding all possible compression algorithm even if we don't support
-          # them yet. This will force the server to disclose the support
-          # algorithms in the repsonse.
+          # them yet. This will force the server to disclose the supported
+          # algorithms in the response.
           nc.data.compression_algorithms << RubySMB::SMB2::CompressionCapabilities::LZNT1
           nc.data.compression_algorithms << RubySMB::SMB2::CompressionCapabilities::LZ77
           nc.data.compression_algorithms << RubySMB::SMB2::CompressionCapabilities::LZ77_Huffman

data/lib/ruby_smb/compression.rb

@@ -0,0 +1,7 @@
+module RubySMB
+  module Compression
+
+    require 'ruby_smb/compression/lznt1'
+
+  end
+end

data/lib/ruby_smb/compression/lznt1.rb

@@ -0,0 +1,164 @@
+module RubySMB
+  module Compression
+    module LZNT1
+      def self.compress(buf, chunk_size: 0x1000)
+        out = ''
+        until buf.empty?
+          chunk = buf[0...chunk_size]
+          compressed = compress_chunk(chunk)
+          # chunk is compressed
+          if compressed.length < chunk.length
+            out << [0xb000 | (compressed.length - 1)].pack('v')
+            out << compressed
+          else
+            out << [0x3000 | (chunk.length - 1)].pack('v')
+            out << chunk
+          end
+          buf = buf[chunk_size..-1]
+          break if buf.nil?
+        end
+
+        out
+      end
+
+      def self.compress_chunk(chunk)
+        blob = chunk
+        out = ''
+        pow2 = 0x10
+        l_mask3 = 0x1002
+        o_shift = 12
+        until blob.empty?
+          bits = 0
+          tmp = ''
+          i = -1
+          loop do
+            i += 1
+            bits >>= 1
+            while pow2 < (chunk.length - blob.length)
+              pow2 <<= 1
+              l_mask3 = (l_mask3 >> 1) + 1
+              o_shift -= 1
+            end
+
+            max_len = [blob.length, l_mask3].min
+            offset, length = find(chunk[0...(chunk.length - blob.length)], blob, max_len)
+
+            # try to find more compressed pattern
+            _offset2, length2 = find(chunk[0...chunk.length - blob.length + 1], blob[1..-1], max_len)
+
+            length = 0 if length < length2
+
+            if length > 0
+              symbol = ((offset - 1) << o_shift) | (length - 3)
+              tmp << [symbol].pack('v')
+              # set the highest bit
+              bits |= 0x80
+              blob = blob[length..-1]
+            else
+              tmp += blob[0]
+              blob = blob[1..-1]
+            end
+
+            break if blob.empty? || i == 7
+          end
+
+          out << [bits >> (7 - i)].pack('C')
+          out << tmp
+        end
+
+        out
+      end
+
+      def self.decompress(buf, length_check: true)
+        out = ''
+        until buf.empty?
+          header = buf.unpack1('v')
+          length = (header & 0xfff) + 1
+          raise EncodingError, 'invalid chunk length' if length_check && length > (buf.length - 2)
+
+          chunk = buf[2...length + 2]
+          out << if header & 0x8000 == 0
+                   chunk
+                 else
+                   decompress_chunk(chunk)
+                 end
+          buf = buf[length + 2..-1]
+        end
+
+        out
+      end
+
+      def self.decompress_chunk(chunk)
+        out = ''
+        until chunk.empty?
+          flags = chunk[0].unpack1('C')
+          chunk = chunk[1..-1]
+          8.times do |i|
+            if (flags >> i & 1) == 0
+              out << chunk[0]
+              chunk = chunk[1..-1]
+            else
+              flag = chunk.unpack1('v')
+              pos = out.length - 1
+              l_mask = 0xfff
+              o_shift = 12
+              while pos >= 0x10
+                l_mask >>= 1
+                o_shift -= 1
+                pos >>= 1
+              end
+
+              length = (flag & l_mask) + 3
+              offset = (flag >> o_shift) + 1
+
+              if length >= offset
+                out_offset = out[-offset..-1]
+                tmp = out_offset * (0xfff / out_offset.length + 1)
+                out << tmp[0...length]
+              else
+                out << out[-offset..-offset + length - 1]
+              end
+              chunk = chunk[2..-1]
+            end
+            break if chunk.empty?
+          end
+        end
+
+        out
+      end
+
+      class << self
+        private
+
+        def find(src, target, max_len)
+          result_offset = 0
+          result_length = 0
+          1.upto(max_len - 1) do |i|
+            offset = src.rindex(target[0...i])
+            next if offset.nil?
+
+            tmp_offset = src.length - offset
+            tmp_length = i
+            if tmp_offset == tmp_length
+              src_offset = src[offset..-1]
+              tmp = src_offset * (0xfff / src_offset.length + 1)
+              i.upto(max_len) do |j|
+                offset = tmp.rindex(target[0...j])
+                break if offset.nil?
+
+                tmp_length = j
+              end
+            end
+
+            if tmp_length > result_length
+              result_offset = tmp_offset
+              result_length = tmp_length
+            end
+          end
+
+          result_length < 3 ? [0, 0] : [result_offset, result_length]
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dispatcher/socket.rb

@@ -55,7 +55,7 @@ module RubySMB
 
       # Read a packet off the wire and parse it into a string
       #
-      # @param full_response [Boolean] whether to include the NetBios Session Service header in the repsonse
+      # @param full_response [Boolean] whether to include the NetBios Session Service header in the response
       # @return [String] the raw response (including the NetBios Session Service header if full_response is true)
       # @raise [RubySMB::Error::NetBiosSessionService] if there's an error reading the first 4 bytes,
       #   which are assumed to be the NetBiosSessionService header.

data/lib/ruby_smb/smb2/packet/compression_transform_header.rb

@@ -3,6 +3,9 @@ module RubySMB
     module Packet
       # An SMB2 COMPRESSION_TRANSFORM_HEADER Packet as defined in
       # [2.2.42 SMB2 COMPRESSION_TRANSFORM_HEADER](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/1d435f21-9a21-4f4c-828e-624a176cf2a0)
+      # NOTE: On 2021-04-06 the official documentation split the definition of COMPRESSION_TRANSFORM_HEADER into the following two variants:
+      #   * SMB2_COMPRESSION_TRANSFORM_HEADER_CHAINED
+      #   * SMB2_COMPRESSION_TRANSFORM_HEADER_UNCHAINED
       class CompressionTransformHeader < BinData::Record
         endian :little
 
@@ -11,6 +14,7 @@ module RubySMB
         uint16           :compression_algorithm,            label: 'Compression Algorithm'
         uint16           :flags,                            label: 'Flags'
         uint32           :offset,                           label: 'Offset / Length'
+        array            :compressed_data,                  label: 'Compressed Data', type: :uint8, read_until: :eof
       end
 
       # An SMB2 SMB2_COMPRESSION_TRANSFORM_HEADER_PAYLOAD Packet as defined in

data/lib/ruby_smb/version.rb

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '2.0.7'.freeze
+  VERSION = '2.0.8'.freeze
 end

data/spec/lib/ruby_smb/compression/lznt1_spec.rb

@@ -0,0 +1,32 @@
+require 'spec_helper'
+
+RSpec.describe RubySMB::Compression::LZNT1 do
+  describe '.compress' do
+    it 'generates an empty blob when provided an empty blob' do
+      expected = "".b
+      expect(described_class.compress('')).to eq(expected)
+    end
+
+    it 'generates a compressed blob when provided a string with non-reoccurring characters' do
+      expect(described_class.compress('RubySMB')).to eq("\x060RubySMB".b)
+    end
+
+    it 'generates a compressed blob when provided a string of reoccurring characters' do
+      expect(described_class.compress("\x01" * 0x200)).to eq("\x03\xB0\x02\x01\xFC\x01".b)
+    end
+  end
+
+  describe '.decompress' do
+    it 'generates a decompressed blob for a string with non-reoccurring characters' do
+      expect(described_class.decompress("\x060RubySMB".b)).to eq('RubySMB')
+    end
+
+    it 'generates a decompressed blob for a string of reoccurring characters' do
+      expect(described_class.decompress("\x03\xB0\x02\x01\xFC\x01".b)).to eq("\x01" * 0x200)
+    end
+
+    it 'raises an EncodingError when the length is invalid' do
+      expect { described_class.decompress("\x010".b) }.to raise_error(EncodingError)
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -7,7 +7,7 @@ end
 require 'coveralls'
 require 'ruby_smb'
 
-if ENV['TRAVIS'] == 'true'
+if ENV['CI'] == 'true'
   # don't generate local report as it is inaccessible on travis-ci, which is
   # why coveralls is being used.
   SimpleCov.formatter = Coveralls::SimpleCov::Formatter

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby_smb
 version: !ruby/object:Gem::Version
-  version: 2.0.7
+  version: 2.0.8
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -97,7 +97,7 @@ cert_chain:
   EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
   9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
   -----END CERTIFICATE-----
-date: 2020-11-19 00:00:00.000000000 Z
+date: 2021-04-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redcarpet
@@ -246,10 +246,10 @@ executables: []
 extensions: []
 extra_rdoc_files: []
 files:
+- ".github/workflows/verify.yml"
 - ".gitignore"
 - ".rspec"
 - ".simplecov"
-- ".travis.yml"
 - ".yardopts"
 - CONTRIBUTING.md
 - Gemfile
@@ -284,6 +284,8 @@ files:
 - lib/ruby_smb/client/tree_connect.rb
 - lib/ruby_smb/client/utils.rb
 - lib/ruby_smb/client/winreg.rb
+- lib/ruby_smb/compression.rb
+- lib/ruby_smb/compression/lznt1.rb
 - lib/ruby_smb/crypto.rb
 - lib/ruby_smb/dcerpc.rb
 - lib/ruby_smb/dcerpc/bind.rb
@@ -526,6 +528,7 @@ files:
 - lib/ruby_smb/version.rb
 - ruby_smb.gemspec
 - spec/lib/ruby_smb/client_spec.rb
+- spec/lib/ruby_smb/compression/lznt1_spec.rb
 - spec/lib/ruby_smb/crypto_spec.rb
 - spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
 - spec/lib/ruby_smb/dcerpc/bind_spec.rb
@@ -760,6 +763,7 @@ specification_version: 4
 summary: A pure Ruby implementation of the SMB Protocol Family
 test_files:
 - spec/lib/ruby_smb/client_spec.rb
+- spec/lib/ruby_smb/compression/lznt1_spec.rb
 - spec/lib/ruby_smb/crypto_spec.rb
 - spec/lib/ruby_smb/dcerpc/bind_ack_spec.rb
 - spec/lib/ruby_smb/dcerpc/bind_spec.rb

data/.travis.yml

@@ -1,6 +0,0 @@
-language: ruby
-sudo: false
-rvm:
-  - '2.5.8'
-  - '2.6.6'
-  - '2.7.0'