ruby_smb 3.3.16 → 3.3.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. checksums.yaml +4 -4
  2. data/lib/ruby_smb/client/authentication.rb +3 -0
  3. data/lib/ruby_smb/client.rb +12 -0
  4. data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb +19 -6
  5. data/lib/ruby_smb/version.rb +1 -1
  6. metadata +2 -2
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: d5f3e7d4b38a0c2cbae5b04d401f988e0eb90585374877983c5d0f249935379b
4
- data.tar.gz: dc98770e931bf9c6ee4edd80a0a1bba2a2ac6ff75aef12b96f5c00efa1612074
3
+ metadata.gz: df07f2b672976e5cff3e2a4a724038b9557ce8db1d01faa089348f0dc472592a
4
+ data.tar.gz: 936642cf5e5d3dfcef265af694eb37d58f83cbdfd9f3e337fade9dd5f9f4d39f
5
5
  SHA512:
6
- metadata.gz: bb9b0288dc73c844c6707aa1bbd5e7db38a8f1a92240695e4fda6ecbe94bddcb049270a4b6ad96038cabda1a871ebb026ad1ef868c366fe17f804f9c107ba3ee
7
- data.tar.gz: 3fc829b270e287d4e87de00b08c17ed9fa9bf325191582f88cb252a0b64f9b0ec4c1b8d2ffae6ef7200ad42ea3daa7192f54edd8c829540783a980ae920b92e3
6
+ metadata.gz: 33201873ef84ff27d62f8381e52d25da7ce2e4831a262987682050b2deedebcdfe382f4177c5d375268a43fcddc78d195a06368f0d6919a21be34a32544254e3
7
+ data.tar.gz: 978a64324e79c8f183599ad05d1291f4b172deb9ddc1d1e669acbc68e8c179d17cfd367138a4c5bb49aa7abd4063758a8e7b36023ecd8b11a427b086c2ecd154
data/lib/ruby_smb/client/authentication.rb CHANGED
@@ -31,6 +31,7 @@ module RubySMB
31
31
  #
32
32
  # @return [WindowsError::ErrorCode] the status code the server returned
33
33
  def smb1_anonymous_auth
34
+ @mech_type = :anonymous
34
35
  request = smb1_anonymous_auth_request
35
36
  raw_response = send_recv(request)
36
37
  response = smb1_anonymous_auth_response(raw_response)
@@ -73,6 +74,7 @@ module RubySMB
73
74
  # Handles the SMB1 NTLMSSP 4-way handshake for Authentication and store
74
75
  # information about the peer/server.
75
76
  def smb1_authenticate
77
+ @mech_type = :ntlm
76
78
  response = smb1_ntlmssp_negotiate
77
79
  challenge_packet = smb1_ntlmssp_challenge_packet(response)
78
80
 
@@ -205,6 +207,7 @@ module RubySMB
205
207
  # Handles the SMB2 NTLMSSP 4-way handshake for Authentication and store
206
208
  # information about the peer/server.
207
209
  def smb2_authenticate
210
+ @mech_type = :ntlm
208
211
  response = smb2_ntlmssp_negotiate
209
212
  challenge_packet = smb2_ntlmssp_challenge_packet(response)
210
213
  if @dialect == '0x0311'
data/lib/ruby_smb/client.rb CHANGED
@@ -517,6 +517,18 @@ module RubySMB
517
517
  break
518
518
  end unless version == 'SMB1'
519
519
 
520
+ # Handle STATUS_NETWORK_SESSION_EXPIRED. The 'net use' client upon receiving this error will automatically attempt
521
+ # to re-authenticate, which makes relaying ntlm authentication to multiple targets possible. This block ensures
522
+ # ruby_smb behaves in the same manner as 'net use'.
523
+ if smb2_header && smb2_header.nt_status == WindowsError::NTStatus::STATUS_NETWORK_SESSION_EXPIRED && !@mech_type.nil?
524
+ if @mech_type == :ntlm || @mech_type == :anonymous
525
+ session_setup(self.username, self.password, self.domain, local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS)
526
+ raw_response = send_recv(packet, encrypt: encrypt) # Retry the request after re-authentication
527
+ elsif @mech_type == :kerberos
528
+ raise RubySMB::Error::RubySMBError, 'WindowsError::NTStatus::STATUS_NETWORK_SESSION_EXPIRED received, but kerberos authentication is being used, so automatic re-authentication cannot be attempted.'
529
+ end
530
+ end
531
+
520
532
  self.sequence_counter += 1 if signing_required && !session_key.empty?
521
533
  # update the SMB2 message ID according to the received Credit Charged
522
534
  self.smb2_message_id += smb2_header.credit_charge - 1 if smb2_header && self.server_supports_multi_credit
data/lib/ruby_smb/smb1/packet/nt_create_andx_response.rb CHANGED
@@ -2,8 +2,8 @@ module RubySMB
2
2
  module SMB1
3
3
  module Packet
4
4
  # A SMB1 SMB_COM_NT_CREATE_ANDX Response Packet as defined in
5
- # [2.2.4.64.2 Response](https://msdn.microsoft.com/en-us/library/ee441612.aspx) and
6
- # [2.2.4.9.2 Server Response Extensions](https://msdn.microsoft.com/en-us/library/cc246334.aspx)
5
+ # [MS-CIFS: 2.2.4.64.2 Response](https://msdn.microsoft.com/en-us/library/ee441612.aspx) and
6
+ # [MS-SMB : 2.2.4.9.2 Server Response Extensions](https://msdn.microsoft.com/en-us/library/cc246334.aspx)
7
7
  class NtCreateAndxResponse < RubySMB::GenericPacket
8
8
  COMMAND = RubySMB::SMB1::Commands::SMB_COM_NT_CREATE_ANDX
9
9
 
@@ -35,15 +35,28 @@ module RubySMB
35
35
  end
36
36
 
37
37
  uint8 :directory, label: 'Directory'
38
- string :volume_guid, label: 'Volume GUID', length: 16
39
- uint64 :file_id, label: 'File ID'
38
+ # MS-CIFS: 2.2.4.64.2 (WC=34)
39
+ # MS-SMB: 2.2.4.9.2 (WC=42) - VolumeGUID only, per the spec (so we get the right WordCount, WC)
40
+ # MS-SMB: 2.2.4.9.2 (WC=50) - all four fields as per spec (but then the spec is then wrong for the WC)
41
+ # VolumeGUID, FileId, MaximalAccessRights & GuestMaximalAccessRights
42
+ # MS-SMB 2.2.4.9.2 (WC=42): VolumeGUID
43
+ string :volume_guid, label: 'Volume GUID', length: 16,
44
+ onlyif: -> { word_count >= 42 }
40
45
 
41
- choice :maximal_access_rights, selection: -> { ext_file_attributes.directory } do
46
+ # MS-SMB 2.2.4.9.2 (WC=50): FileId
47
+ uint64 :file_id, label: 'File ID',
48
+ onlyif: -> { word_count >= 50 }
49
+
50
+ # MS-SMB 2.2.4.9.2 (WC=50): MaximalAccessRights
51
+ choice :maximal_access_rights, selection: -> { ext_file_attributes.directory },
52
+ onlyif: -> { word_count >= 50 } do
42
53
  file_access_mask 0, label: 'Maximal Access Rights'
43
54
  directory_access_mask 1, label: 'Maximal Access Rights'
44
55
  end
45
56
 
46
- choice :guest_maximal_access_rights, selection: -> { ext_file_attributes.directory } do
57
+ # MS-SMB 2.2.4.9.2 (WC=50): GuestMaximalAccessRights
58
+ choice :guest_maximal_access_rights, selection: -> { ext_file_attributes.directory },
59
+ onlyif: -> { word_count >= 50 } do
47
60
  file_access_mask 0, label: 'Guest Maximal Access Rights'
48
61
  directory_access_mask 1, label: 'Guest Maximal Access Rights'
49
62
  end
data/lib/ruby_smb/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RubySMB
2
- VERSION = '3.3.16'.freeze
2
+ VERSION = '3.3.18'.freeze
3
3
  end
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_smb
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.16
4
+ version: 3.3.18
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -13,7 +13,7 @@ authors:
13
13
  autorequire:
14
14
  bindir: bin
15
15
  cert_chain: []
16
- date: 2025-05-06 00:00:00.000000000 Z
16
+ date: 2026-04-22 00:00:00.000000000 Z
17
17
  dependencies:
18
18
  - !ruby/object:Gem::Dependency
19
19
  name: redcarpet