ruby_smb 3.2.4 → 3.2.5
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_request.rb +22 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_response.rb +21 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_request.rb +20 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_response.rb +21 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_request.rb +20 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_response.rb +21 -0
- data/lib/ruby_smb/dcerpc/encrypting_file_system.rb +52 -0
- data/lib/ruby_smb/ntlm/custom/string_encoder.rb +22 -0
- data/lib/ruby_smb/ntlm.rb +1 -1
- data/lib/ruby_smb/version.rb +1 -1
- data/lib/ruby_smb.rb +1 -1
- data.tar.gz.sig +0 -0
- metadata +9 -3
- metadata.gz.sig +0 -0
- data/lib/ruby_smb/ntlm/custom/ntlm.rb +0 -19
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 94370417b66a804dd7d24a57070fe9e5accf48f042baf4cbc56ead2227b92bd5
|
|
4
|
+
data.tar.gz: 5f130535d6ccf03dd60c9fc879b0bb050d328c4906f40a702260370c24ac52a3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fcc08f98211ef0970ab0cedd56f5955d9ca3f52235b2751a84972036b67f3b2f2c3fd07c22919e8522d4ad1876d43ca3099a1286140abedece7f399f0dc871bf
|
|
7
|
+
data.tar.gz: a4fe143def77e9e85fb40e44dfb5f33be4fb8499c4aff196ded4ad1710f84f278be70752fd9a4827cbc66e1afe299716f80854a74492998fb26c5cd6f6572a7d
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.6 Receiving an EfsRpcDecryptFileSrv Message (Opnum 5)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/043715de-caee-402a-a61b-921743337e78)
|
|
6
|
+
class EfsRpcDecryptFileSrvRequest < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
ndr_conf_var_wide_stringz :file_name
|
|
12
|
+
ndr_uint32 :open_flag
|
|
13
|
+
|
|
14
|
+
def initialize_instance
|
|
15
|
+
super
|
|
16
|
+
@opnum = EFS_RPC_DECRYPT_FILE_SRV
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
|
|
20
|
+
end
|
|
21
|
+
end
|
|
22
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.6 Receiving an EfsRpcDecryptFileSrv Message (Opnum 5)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/043715de-caee-402a-a61b-921743337e78)
|
|
6
|
+
class EfsRpcDecryptFileSrvResponse < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
ndr_uint32 :error_status
|
|
12
|
+
|
|
13
|
+
def initialize_instance
|
|
14
|
+
super
|
|
15
|
+
@opnum = EFS_RPC_DECRYPT_FILE_SRV
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.8 Receiving an EfsRpcQueryRecoveryAgents Message (Opnum 7)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/cf759c00-1b90-4c33-9ace-f51c20149cea)
|
|
6
|
+
class EfsRpcQueryRecoveryAgentsRequest < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
ndr_conf_var_wide_stringz :file_name
|
|
12
|
+
|
|
13
|
+
def initialize_instance
|
|
14
|
+
super
|
|
15
|
+
@opnum = EFS_RPC_QUERY_RECOVERY_AGENTS
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.8 Receiving an EfsRpcQueryRecoveryAgents Message (Opnum 7)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/cf759c00-1b90-4c33-9ace-f51c20149cea)
|
|
6
|
+
class EfsRpcQueryRecoveryAgentsResponse < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
encryption_certificate_hash_list_ptr :recover_agents
|
|
12
|
+
ndr_uint32 :error_status
|
|
13
|
+
|
|
14
|
+
def initialize_instance
|
|
15
|
+
super
|
|
16
|
+
@opnum = EFS_RPC_QUERY_RECOVERY_AGENTS
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -0,0 +1,20 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.7 Receiving an EfsRpcQueryUsersOnFile Message (Opnum 6)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/a058dc6c-bb7e-491c-9143-a5cb1f7e7cea)
|
|
6
|
+
class EfsRpcQueryUsersOnFileRequest < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
ndr_conf_var_wide_stringz :file_name
|
|
12
|
+
|
|
13
|
+
def initialize_instance
|
|
14
|
+
super
|
|
15
|
+
@opnum = EFS_RPC_QUERY_USERS_ON_FILE
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
@@ -0,0 +1,21 @@
|
|
|
1
|
+
module RubySMB
|
|
2
|
+
module Dcerpc
|
|
3
|
+
module EncryptingFileSystem
|
|
4
|
+
|
|
5
|
+
# [3.1.4.2.7 Receiving an EfsRpcQueryUsersOnFile Message (Opnum 6)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/a058dc6c-bb7e-491c-9143-a5cb1f7e7cea)
|
|
6
|
+
class EfsRpcQueryUsersOnFileResponse < BinData::Record
|
|
7
|
+
attr_reader :opnum
|
|
8
|
+
|
|
9
|
+
endian :little
|
|
10
|
+
|
|
11
|
+
encryption_certificate_hash_list_ptr :users
|
|
12
|
+
ndr_uint32 :error_status
|
|
13
|
+
|
|
14
|
+
def initialize_instance
|
|
15
|
+
super
|
|
16
|
+
@opnum = EFS_RPC_QUERY_USERS_ON_FILE
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
end
|
|
@@ -35,10 +35,62 @@ module RubySMB
|
|
|
35
35
|
OVERWRITE_HIDDEN = 0x00000004
|
|
36
36
|
EFS_DROP_ALTERNATE_STREAMS = 0x00000010
|
|
37
37
|
|
|
38
|
+
# [2.2.7 EFS_HASH_BLOB](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/242d857f-ac8e-4cc8-b5e4-9314a942f45e)
|
|
39
|
+
class EfsHashBlob < Ndr::NdrStruct
|
|
40
|
+
endian :little
|
|
41
|
+
default_parameter byte_align: 4
|
|
42
|
+
|
|
43
|
+
ndr_uint32 :cb_data
|
|
44
|
+
ndr_byte_conf_array_ptr :b_data
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
class EfsHashBlobPtr < EfsHashBlob
|
|
48
|
+
extend Ndr::PointerClassPlugin
|
|
49
|
+
end
|
|
50
|
+
|
|
51
|
+
# [2.2.10 ENCRYPTION_CERTIFICATE_HASH](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/3a7e7151-edcb-4b32-a119-35cdce1584c0)
|
|
52
|
+
class EncryptionCertificateHash < Ndr::NdrStruct
|
|
53
|
+
endian :little
|
|
54
|
+
default_parameter byte_align: 4
|
|
55
|
+
|
|
56
|
+
ndr_uint32 :cb_total_length
|
|
57
|
+
prpc_sid :user_sid
|
|
58
|
+
efs_hash_blob_ptr :certificate_hash
|
|
59
|
+
ndr_wide_stringz_ptr :lp_display_information
|
|
60
|
+
end
|
|
61
|
+
|
|
62
|
+
class EncryptionCertificateHashPtr < EncryptionCertificateHash
|
|
63
|
+
extend Ndr::PointerClassPlugin
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
class EncryptionCertificateHashPtrArrayPtr < Ndr::NdrConfArray
|
|
67
|
+
default_parameter type: :encryption_certificate_hash_ptr
|
|
68
|
+
extend Ndr::PointerClassPlugin
|
|
69
|
+
end
|
|
70
|
+
|
|
71
|
+
# [2.2.11 ENCRYPTION_CERTIFICATE_HASH_LIST](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-efsr/2718804c-6ab9-45fd-98cf-541bc3b6bc75)
|
|
72
|
+
class EncryptionCertificateHashList < BinData::Record
|
|
73
|
+
endian :little
|
|
74
|
+
default_parameter byte_align: 4
|
|
75
|
+
|
|
76
|
+
uint32 :ncert_hash
|
|
77
|
+
encryption_certificate_hash_ptr_array_ptr :users
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
class EncryptionCertificateHashListPtr < EncryptionCertificateHashList
|
|
81
|
+
extend Ndr::PointerClassPlugin
|
|
82
|
+
end
|
|
83
|
+
|
|
84
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_request'
|
|
85
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_response'
|
|
38
86
|
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_encrypt_file_srv_request'
|
|
39
87
|
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_encrypt_file_srv_response'
|
|
40
88
|
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_open_file_raw_request'
|
|
41
89
|
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_open_file_raw_response'
|
|
90
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_request'
|
|
91
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_response'
|
|
92
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_request'
|
|
93
|
+
require 'ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_response'
|
|
42
94
|
end
|
|
43
95
|
end
|
|
44
96
|
end
|
|
@@ -0,0 +1,22 @@
|
|
|
1
|
+
require 'net/ntlm'
|
|
2
|
+
|
|
3
|
+
module RubySMB
|
|
4
|
+
module NTLM
|
|
5
|
+
module Custom
|
|
6
|
+
module StringEncoder
|
|
7
|
+
|
|
8
|
+
def self.prepended(base)
|
|
9
|
+
base.singleton_class.send(:prepend, ClassMethods)
|
|
10
|
+
end
|
|
11
|
+
|
|
12
|
+
module ClassMethods
|
|
13
|
+
def encode_utf16le(str)
|
|
14
|
+
str.dup.force_encoding('UTF-8').encode(Encoding::UTF_16LE, Encoding::UTF_8).force_encoding('ASCII-8BIT')
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
18
|
+
end
|
|
19
|
+
end
|
|
20
|
+
end
|
|
21
|
+
|
|
22
|
+
Net::NTLM::EncodeUtil.send(:prepend, RubySMB::NTLM::Custom::StringEncoder)
|
data/lib/ruby_smb/ntlm.rb
CHANGED
data/lib/ruby_smb/version.rb
CHANGED
data/lib/ruby_smb.rb
CHANGED
|
@@ -6,7 +6,7 @@ require 'openssl/ccm'
|
|
|
6
6
|
require 'openssl/cmac'
|
|
7
7
|
require 'windows_error'
|
|
8
8
|
require 'windows_error/nt_status'
|
|
9
|
-
require 'ruby_smb/ntlm/custom/
|
|
9
|
+
require 'ruby_smb/ntlm/custom/string_encoder'
|
|
10
10
|
# A packet parsing and manipulation library for the SMB1 and SMB2 protocols
|
|
11
11
|
#
|
|
12
12
|
# [[MS-SMB] Server Message Block (SMB) Protocol Version 1](https://msdn.microsoft.com/en-us/library/cc246482.aspx)
|
data.tar.gz.sig
CHANGED
|
Binary file
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_smb
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 3.2.
|
|
4
|
+
version: 3.2.5
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Metasploit Hackers
|
|
@@ -97,7 +97,7 @@ cert_chain:
|
|
|
97
97
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
|
98
98
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
|
99
99
|
-----END CERTIFICATE-----
|
|
100
|
-
date: 2023-
|
|
100
|
+
date: 2023-03-09 00:00:00.000000000 Z
|
|
101
101
|
dependencies:
|
|
102
102
|
- !ruby/object:Gem::Dependency
|
|
103
103
|
name: redcarpet
|
|
@@ -316,10 +316,16 @@ files:
|
|
|
316
316
|
- lib/ruby_smb/dcerpc/drsr/drs_unbind_request.rb
|
|
317
317
|
- lib/ruby_smb/dcerpc/drsr/drs_unbind_response.rb
|
|
318
318
|
- lib/ruby_smb/dcerpc/encrypting_file_system.rb
|
|
319
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_request.rb
|
|
320
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_decrypt_file_srv_response.rb
|
|
319
321
|
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_encrypt_file_srv_request.rb
|
|
320
322
|
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_encrypt_file_srv_response.rb
|
|
321
323
|
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_open_file_raw_request.rb
|
|
322
324
|
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_open_file_raw_response.rb
|
|
325
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_request.rb
|
|
326
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_recover_agents_response.rb
|
|
327
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_request.rb
|
|
328
|
+
- lib/ruby_smb/dcerpc/encrypting_file_system/efs_rpc_query_users_on_file_response.rb
|
|
323
329
|
- lib/ruby_smb/dcerpc/epm.rb
|
|
324
330
|
- lib/ruby_smb/dcerpc/epm/epm_ept_map_request.rb
|
|
325
331
|
- lib/ruby_smb/dcerpc/epm/epm_ept_map_response.rb
|
|
@@ -493,7 +499,7 @@ files:
|
|
|
493
499
|
- lib/ruby_smb/nbss/session_request.rb
|
|
494
500
|
- lib/ruby_smb/ntlm.rb
|
|
495
501
|
- lib/ruby_smb/ntlm/client.rb
|
|
496
|
-
- lib/ruby_smb/ntlm/custom/
|
|
502
|
+
- lib/ruby_smb/ntlm/custom/string_encoder.rb
|
|
497
503
|
- lib/ruby_smb/peer_info.rb
|
|
498
504
|
- lib/ruby_smb/server.rb
|
|
499
505
|
- lib/ruby_smb/server/cli.rb
|
metadata.gz.sig
CHANGED
|
Binary file
|
|
@@ -1,19 +0,0 @@
|
|
|
1
|
-
require 'net/ntlm'
|
|
2
|
-
|
|
3
|
-
module Custom
|
|
4
|
-
module NTLM
|
|
5
|
-
|
|
6
|
-
def self.prepended(base)
|
|
7
|
-
base.singleton_class.send(:prepend, ClassMethods)
|
|
8
|
-
end
|
|
9
|
-
|
|
10
|
-
module ClassMethods
|
|
11
|
-
def encode_utf16le(str)
|
|
12
|
-
str.dup.force_encoding('UTF-8').encode(Encoding::UTF_16LE, Encoding::UTF_8).force_encoding('ASCII-8BIT')
|
|
13
|
-
end
|
|
14
|
-
end
|
|
15
|
-
|
|
16
|
-
end
|
|
17
|
-
end
|
|
18
|
-
|
|
19
|
-
Net::NTLM::EncodeUtil.send(:prepend, Custom::NTLM)
|