ruby_smb 3.1.2 → 3.1.5

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (54) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/examples/file_server.rb +6 -68
  4. data/examples/virtual_file_server.rb +10 -62
  5. data/lib/ruby_smb/client/authentication.rb +29 -4
  6. data/lib/ruby_smb/client/negotiation.rb +2 -0
  7. data/lib/ruby_smb/client.rb +18 -3
  8. data/lib/ruby_smb/dcerpc/error.rb +13 -0
  9. data/lib/ruby_smb/dcerpc/fault.rb +83 -0
  10. data/lib/ruby_smb/dcerpc/ndr.rb +19 -8
  11. data/lib/ruby_smb/dcerpc/request.rb +15 -10
  12. data/lib/ruby_smb/dcerpc/rrp_rpc_unicode_string.rb +5 -0
  13. data/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_request.rb +24 -0
  14. data/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_response.rb +24 -0
  15. data/lib/ruby_smb/dcerpc/samr/samr_delete_user_request.rb +21 -0
  16. data/lib/ruby_smb/dcerpc/samr/samr_delete_user_response.rb +22 -0
  17. data/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_request.rb +25 -0
  18. data/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_response.rb +25 -0
  19. data/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response.rb +0 -31
  20. data/lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_response.rb +1 -14
  21. data/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_request.rb +23 -0
  22. data/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_response.rb +23 -0
  23. data/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request.rb +23 -0
  24. data/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_response.rb +21 -0
  25. data/lib/ruby_smb/dcerpc/samr.rb +453 -83
  26. data/lib/ruby_smb/dcerpc.rb +1 -0
  27. data/lib/ruby_smb/error.rb +4 -0
  28. data/lib/ruby_smb/gss.rb +1 -0
  29. data/lib/ruby_smb/ntlm/client.rb +74 -0
  30. data/lib/ruby_smb/ntlm.rb +1 -0
  31. data/lib/ruby_smb/server/cli.rb +121 -0
  32. data/lib/ruby_smb/server.rb +1 -0
  33. data/lib/ruby_smb/smb1/packet/session_setup_request.rb +11 -0
  34. data/lib/ruby_smb/smb1/pipe.rb +4 -1
  35. data/lib/ruby_smb/smb2/pipe.rb +4 -2
  36. data/lib/ruby_smb/version.rb +1 -1
  37. data/spec/lib/ruby_smb/client_spec.rb +1 -0
  38. data/spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_request_spec.rb +69 -0
  39. data/spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_response_spec.rb +69 -0
  40. data/spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_request_spec.rb +42 -0
  41. data/spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_response_spec.rb +51 -0
  42. data/spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_request_spec.rb +60 -0
  43. data/spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_response_spec.rb +75 -0
  44. data/spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response_spec.rb +0 -195
  45. data/spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_request_spec.rb +62 -0
  46. data/spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_response_spec.rb +54 -0
  47. data/spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request_spec.rb +67 -0
  48. data/spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_response_spec.rb +35 -0
  49. data/spec/lib/ruby_smb/dcerpc/samr_spec.rb +194 -0
  50. data/spec/lib/ruby_smb/ntlm/client/session_spec.rb +114 -0
  51. data/spec/lib/ruby_smb/ntlm/client_spec.rb +36 -0
  52. data.tar.gz.sig +0 -0
  53. metadata +39 -2
  54. metadata.gz.sig +0 -0
@@ -0,0 +1,114 @@
1
+ require 'spec_helper'
2
+
3
+ RSpec.describe RubySMB::NTLM::Client::Session do
4
+ let(:message) { Net::NTLM::Message.decode64(%Q{
5
+ TlRMTVNTUAACAAAADAAMADgAAAA1goni+fNfw+cInOgAAAAAAAAAAJoAmgBE
6
+ AAAACgBjRQAAAA9NAFMARgBMAEEAQgACAAwATQBTAEYATABBAEIAAQAeAFcA
7
+ SQBOAC0AMwBNAFMAUAA4AEsAMgBMAEMARwBDAAQAGABtAHMAZgBsAGEAYgAu
8
+ AGwAbwBjAGEAbAADADgAVwBJAE4ALQAzAE0AUwBQADgASwAyAEwAQwBHAEMA
9
+ LgBtAHMAZgBsAGEAYgAuAGwAbwBjAGEAbAAHAAgAS6UAWjxl2AEAAAAA
10
+ }) }
11
+ subject(:client) { RubySMB::NTLM::Client.new('rubysmb', 'rubysmb', flags: RubySMB::NTLM::DEFAULT_CLIENT_FLAGS) }
12
+ subject(:session) { described_class.new(client, message) }
13
+
14
+ describe '#authenticate!' do
15
+ it 'calculates the user session key' do
16
+ expect(session).to receive(:calculate_user_session_key!).and_call_original
17
+ session.authenticate!
18
+ end
19
+
20
+ it 'checks if it is anonymous' do
21
+ expect(session).to receive(:is_anonymous?).at_least(1).times.and_call_original
22
+ session.authenticate!
23
+ end
24
+
25
+ it 'returns a Type3 message' do
26
+ expect(session.authenticate!).to be_a Net::NTLM::Message::Type3
27
+ expect(session.authenticate!).to be_a RubySMB::NTLM::Message
28
+ end
29
+
30
+ context 'when it is anonymous' do
31
+ before(:each) { allow(session).to receive(:is_anonymous?).and_return(true) }
32
+ after(:each) { session.authenticate! }
33
+
34
+ it 'uses the correct lm response' do
35
+ expect(session).to_not receive(:lmv2_resp)
36
+ expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
37
+ expect(params).to include :lm_response
38
+ expect(params[:lm_response]).to eq "\x00".b
39
+ method.call(params)
40
+ end
41
+ end
42
+
43
+ it 'uses the correct ntlm response' do
44
+ expect(session).to_not receive(:ntlmv2_resp)
45
+ expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
46
+ expect(params).to include :ntlm_response
47
+ expect(params[:ntlm_response]).to eq ''
48
+ method.call(params)
49
+ end
50
+ end
51
+ end
52
+
53
+ context 'when it is not anonymous' do
54
+ before(:each) { allow(session).to receive(:is_anonymous?).and_return(false) }
55
+ after(:each) { session.authenticate! }
56
+
57
+ it 'uses the correct lm response' do
58
+ expect(session).to receive(:lmv2_resp).and_call_original
59
+ expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
60
+ expect(params).to include :lm_response
61
+ expect(params[:lm_response].length).to be > 16
62
+ method.call(params)
63
+ end
64
+ end
65
+
66
+ it 'uses the correct ntlm response' do
67
+ expect(session).to receive(:ntlmv2_resp).and_call_original
68
+ expect(Net::NTLM::Message::Type3).to receive(:create).and_wrap_original do |method, params|
69
+ expect(params).to include :ntlm_response
70
+ expect(params[:ntlm_response].length).to be > 16
71
+ method.call(params)
72
+ end
73
+ end
74
+ end
75
+ end
76
+
77
+ describe '#calculate_user_session_key!' do
78
+ it 'returns an all zero key when it is anonymous' do
79
+ expect(session).to receive(:is_anonymous?).and_return(true)
80
+ expect(session.send(:calculate_user_session_key!)).to eq "\x00".b * 16
81
+ end
82
+
83
+ it 'returns a session key' do
84
+ expect(session).to receive(:is_anonymous?).and_return(false)
85
+ expect(session.send(:calculate_user_session_key!)).to_not eq "\x00".b * 16
86
+ end
87
+ end
88
+
89
+ describe '#is_anonymous?' do
90
+ it 'returns false when the username is not blank' do
91
+ allow(session).to receive(:username).and_return('username')
92
+ allow(session).to receive(:password).and_return('')
93
+ expect(session.is_anonymous?).to be false
94
+ end
95
+
96
+ it 'returns false when the password is not blank' do
97
+ allow(session).to receive(:username).and_return('')
98
+ allow(session).to receive(:password).and_return('password')
99
+ expect(session.is_anonymous?).to be false
100
+ end
101
+
102
+ it 'returns false when the username is not blank and the password is not blank' do
103
+ allow(session).to receive(:username).and_return('username')
104
+ allow(session).to receive(:password).and_return('password')
105
+ expect(session.is_anonymous?).to be false
106
+ end
107
+
108
+ it 'returns true when the username is blank and the password is blank' do
109
+ allow(session).to receive(:username).and_return('')
110
+ allow(session).to receive(:password).and_return('')
111
+ expect(session.is_anonymous?).to be true
112
+ end
113
+ end
114
+ end
@@ -0,0 +1,36 @@
1
+ require 'spec_helper'
2
+
3
+ RSpec.describe RubySMB::NTLM::Client do
4
+ subject(:client) { described_class.new('rubysmb', 'rubysmb', flags: RubySMB::NTLM::DEFAULT_CLIENT_FLAGS) }
5
+
6
+ describe '#init_context' do
7
+ context 'when a response is provided' do
8
+ let(:resp) { %Q{
9
+ TlRMTVNTUAACAAAADAAMADgAAAA1goni+fNfw+cInOgAAAAAAAAAAJoAmgBE
10
+ AAAACgBjRQAAAA9NAFMARgBMAEEAQgACAAwATQBTAEYATABBAEIAAQAeAFcA
11
+ SQBOAC0AMwBNAFMAUAA4AEsAMgBMAEMARwBDAAQAGABtAHMAZgBsAGEAYgAu
12
+ AGwAbwBjAGEAbAADADgAVwBJAE4ALQAzAE0AUwBQADgASwAyAEwAQwBHAEMA
13
+ LgBtAHMAZgBsAGEAYgAuAGwAbwBjAGEAbAAHAAgAS6UAWjxl2AEAAAAA
14
+ } }
15
+ it 'returns a Type3 message' do
16
+ expect(client.init_context(resp)).to be_a Net::NTLM::Message::Type3
17
+ end
18
+
19
+ it 'creates a new session object' do
20
+ expect(RubySMB::NTLM::Client::Session).to receive(:new).and_call_original
21
+ client.init_context(resp)
22
+ end
23
+ end
24
+
25
+ context 'when a response is not provided' do
26
+ it 'returns a Type1 message' do
27
+ expect(client.init_context).to be_a Net::NTLM::Message::Type1
28
+ end
29
+
30
+ it 'does not create a new session object' do
31
+ expect(RubySMB::NTLM::Client::Session).to_not receive(:new)
32
+ client.init_context
33
+ end
34
+ end
35
+ end
36
+ end
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_smb
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.1.2
4
+ version: 3.1.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -97,7 +97,7 @@ cert_chain:
97
97
  EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
98
98
  9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
99
99
  -----END CERTIFICATE-----
100
- date: 2022-05-04 00:00:00.000000000 Z
100
+ date: 2022-06-29 00:00:00.000000000 Z
101
101
  dependencies:
102
102
  - !ruby/object:Gem::Dependency
103
103
  name: redcarpet
@@ -320,6 +320,7 @@ files:
320
320
  - lib/ruby_smb/dcerpc/epm/epm_ept_map_response.rb
321
321
  - lib/ruby_smb/dcerpc/epm/epm_twrt.rb
322
322
  - lib/ruby_smb/dcerpc/error.rb
323
+ - lib/ruby_smb/dcerpc/fault.rb
323
324
  - lib/ruby_smb/dcerpc/ndr.rb
324
325
  - lib/ruby_smb/dcerpc/netlogon.rb
325
326
  - lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_request.rb
@@ -349,6 +350,12 @@ files:
349
350
  - lib/ruby_smb/dcerpc/samr/samr_close_handle_response.rb
350
351
  - lib/ruby_smb/dcerpc/samr/samr_connect_request.rb
351
352
  - lib/ruby_smb/dcerpc/samr/samr_connect_response.rb
353
+ - lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_request.rb
354
+ - lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_response.rb
355
+ - lib/ruby_smb/dcerpc/samr/samr_delete_user_request.rb
356
+ - lib/ruby_smb/dcerpc/samr/samr_delete_user_response.rb
357
+ - lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_request.rb
358
+ - lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_response.rb
352
359
  - lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request.rb
353
360
  - lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response.rb
354
361
  - lib/ruby_smb/dcerpc/samr/samr_get_alias_membership_request.rb
@@ -357,12 +364,16 @@ files:
357
364
  - lib/ruby_smb/dcerpc/samr/samr_get_groups_for_user_response.rb
358
365
  - lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request.rb
359
366
  - lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response.rb
367
+ - lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_request.rb
368
+ - lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_response.rb
360
369
  - lib/ruby_smb/dcerpc/samr/samr_open_domain_request.rb
361
370
  - lib/ruby_smb/dcerpc/samr/samr_open_domain_response.rb
362
371
  - lib/ruby_smb/dcerpc/samr/samr_open_user_request.rb
363
372
  - lib/ruby_smb/dcerpc/samr/samr_open_user_response.rb
364
373
  - lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request.rb
365
374
  - lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response.rb
375
+ - lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request.rb
376
+ - lib/ruby_smb/dcerpc/samr/samr_set_information_user2_response.rb
366
377
  - lib/ruby_smb/dcerpc/sec_trailer.rb
367
378
  - lib/ruby_smb/dcerpc/srvsvc.rb
368
379
  - lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all.rb
@@ -473,7 +484,9 @@ files:
473
484
  - lib/ruby_smb/nbss/session_header.rb
474
485
  - lib/ruby_smb/nbss/session_request.rb
475
486
  - lib/ruby_smb/ntlm.rb
487
+ - lib/ruby_smb/ntlm/client.rb
476
488
  - lib/ruby_smb/server.rb
489
+ - lib/ruby_smb/server/cli.rb
477
490
  - lib/ruby_smb/server/server_client.rb
478
491
  - lib/ruby_smb/server/server_client/encryption.rb
479
492
  - lib/ruby_smb/server/server_client/negotiation.rb
@@ -691,14 +704,24 @@ files:
691
704
  - spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_response_spec.rb
692
705
  - spec/lib/ruby_smb/dcerpc/samr/samr_connect_request_spec.rb
693
706
  - spec/lib/ruby_smb/dcerpc/samr/samr_connect_response_spec.rb
707
+ - spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_request_spec.rb
708
+ - spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_response_spec.rb
709
+ - spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_request_spec.rb
710
+ - spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_response_spec.rb
711
+ - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_request_spec.rb
712
+ - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_response_spec.rb
694
713
  - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request_spec.rb
695
714
  - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response_spec.rb
696
715
  - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request_spec.rb
697
716
  - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response_spec.rb
717
+ - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_request_spec.rb
718
+ - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_response_spec.rb
698
719
  - spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_request_spec.rb
699
720
  - spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_response_spec.rb
700
721
  - spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request_spec.rb
701
722
  - spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response_spec.rb
723
+ - spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request_spec.rb
724
+ - spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_response_spec.rb
702
725
  - spec/lib/ruby_smb/dcerpc/samr_spec.rb
703
726
  - spec/lib/ruby_smb/dcerpc/sec_trailer_spec.rb
704
727
  - spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb
@@ -802,6 +825,8 @@ files:
802
825
  - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
803
826
  - spec/lib/ruby_smb/nbss/session_header_spec.rb
804
827
  - spec/lib/ruby_smb/nbss/session_request_spec.rb
828
+ - spec/lib/ruby_smb/ntlm/client/session_spec.rb
829
+ - spec/lib/ruby_smb/ntlm/client_spec.rb
805
830
  - spec/lib/ruby_smb/server/server_client_spec.rb
806
831
  - spec/lib/ruby_smb/server/session_spec.rb
807
832
  - spec/lib/ruby_smb/server/share/provider/disk_spec.rb
@@ -1001,14 +1026,24 @@ test_files:
1001
1026
  - spec/lib/ruby_smb/dcerpc/samr/samr_close_handle_response_spec.rb
1002
1027
  - spec/lib/ruby_smb/dcerpc/samr/samr_connect_request_spec.rb
1003
1028
  - spec/lib/ruby_smb/dcerpc/samr/samr_connect_response_spec.rb
1029
+ - spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_request_spec.rb
1030
+ - spec/lib/ruby_smb/dcerpc/samr/samr_create_user2_in_domain_response_spec.rb
1031
+ - spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_request_spec.rb
1032
+ - spec/lib/ruby_smb/dcerpc/samr/samr_delete_user_response_spec.rb
1033
+ - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_request_spec.rb
1034
+ - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_domains_in_sam_server_response_spec.rb
1004
1035
  - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_request_spec.rb
1005
1036
  - spec/lib/ruby_smb/dcerpc/samr/samr_enumerate_users_in_domain_response_spec.rb
1006
1037
  - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_request_spec.rb
1007
1038
  - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_domain_in_sam_server_response_spec.rb
1039
+ - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_request_spec.rb
1040
+ - spec/lib/ruby_smb/dcerpc/samr/samr_lookup_names_in_domain_response_spec.rb
1008
1041
  - spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_request_spec.rb
1009
1042
  - spec/lib/ruby_smb/dcerpc/samr/samr_open_domain_response_spec.rb
1010
1043
  - spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request_spec.rb
1011
1044
  - spec/lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response_spec.rb
1045
+ - spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request_spec.rb
1046
+ - spec/lib/ruby_smb/dcerpc/samr/samr_set_information_user2_response_spec.rb
1012
1047
  - spec/lib/ruby_smb/dcerpc/samr_spec.rb
1013
1048
  - spec/lib/ruby_smb/dcerpc/sec_trailer_spec.rb
1014
1049
  - spec/lib/ruby_smb/dcerpc/srvsvc/net_share_enum_all_spec.rb
@@ -1112,6 +1147,8 @@ test_files:
1112
1147
  - spec/lib/ruby_smb/nbss/netbios_name_spec.rb
1113
1148
  - spec/lib/ruby_smb/nbss/session_header_spec.rb
1114
1149
  - spec/lib/ruby_smb/nbss/session_request_spec.rb
1150
+ - spec/lib/ruby_smb/ntlm/client/session_spec.rb
1151
+ - spec/lib/ruby_smb/ntlm/client_spec.rb
1115
1152
  - spec/lib/ruby_smb/server/server_client_spec.rb
1116
1153
  - spec/lib/ruby_smb/server/session_spec.rb
1117
1154
  - spec/lib/ruby_smb/server/share/provider/disk_spec.rb
metadata.gz.sig CHANGED
Binary file