ruby_smb 3.3.3 → 3.3.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (12) hide show
  1. checksums.yaml +4 -4
  2. checksums.yaml.gz.sig +0 -0
  3. data/lib/ruby_smb/client.rb +3 -3
  4. data/lib/ruby_smb/server/server_client/session_setup.rb +7 -1
  5. data/lib/ruby_smb/server/server_client/share_io.rb +33 -3
  6. data/lib/ruby_smb/server/server_client/tree_connect.rb +4 -0
  7. data/lib/ruby_smb/server/server_client.rb +24 -3
  8. data/lib/ruby_smb/version.rb +1 -1
  9. data/spec/lib/ruby_smb/client_spec.rb +2 -3
  10. data.tar.gz.sig +0 -0
  11. metadata +2 -2
  12. metadata.gz.sig +0 -0
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 5731e815d97e8a27d6b66cc5a6e1e9d174fa4b00310a7c5078d5511e3ad38203
4
- data.tar.gz: 991b1bc215df449d885b5f87a71899dc8c062b6416c94fd9111027f1aff25cb8
3
+ metadata.gz: b89cb4c288acaa9a8a0b92a92051e3d441f8a0221d4fd07d8e450a100e60c9f3
4
+ data.tar.gz: '08ea52772ee67282ccc7bc1fd488e6ef7eb486960086c69aa8bff8945c67fe2f'
5
5
  SHA512:
6
- metadata.gz: 40ba754f0c1b64b3e9cd80a86052b8deee3a534676e8cbf31aee537c18dd1d439ac64b9b748e2964b859e2df4a84c75d709e852802b490fba897ec80b4661932
7
- data.tar.gz: 8c4a38d904e93c97f8822352848853cc6934c4008f3917ec8fcf6d38b715a1ac59302ed129d192fdf54b1ee8faf56eb97dc6d810010c820e21ced7952513411a
6
+ metadata.gz: 3051889e91d780f88b08bfca39078bd25b00b9e8ef0eabd61e9e22a1636a2d760add5fc6e57b3316a500072ff0029f4c4f0485f3a3c52db80b9626c0458d5e6e
7
+ data.tar.gz: 7f212f644989208c3d2d319e90be6bba3796abac64f458d41edcb56423afccf7cca307a88ef2d0eb55ddcd074b9c69d8c1bca2800965644ef01a160ab069c22f
checksums.yaml.gz.sig CHANGED
Binary file
data/lib/ruby_smb/client.rb CHANGED
@@ -578,9 +578,9 @@ module RubySMB
578
578
  raw_response = dispatcher.recv_packet
579
579
  rescue RubySMB::Error::CommunicationError => e
580
580
  if encrypt
581
- raise RubySMB::Error::EncryptionError, "Communication error with the "\
582
- "remote host: #{e.message}. The server supports encryption but was "\
583
- "not able to handle the encrypted request."
581
+ raise e, "Communication error with the "\
582
+ "remote host: #{e.message}. The server supports encryption and this error "\
583
+ "may have been caused by encryption issues, but not always."
584
584
  else
585
585
  raise e
586
586
  end
data/lib/ruby_smb/server/server_client/session_setup.rb CHANGED
@@ -53,10 +53,12 @@ module RubySMB
53
53
  end
54
54
 
55
55
  def do_session_setup_smb2(request, session)
56
+ @smb2_related_operations_state.delete(:session_id)
57
+
56
58
  session_id = request.smb2_header.session_id
57
59
  if session_id == 0
58
60
  session_id = rand(1..0xfffffffe)
59
- session = @session_table[session_id] = Session.new(session_id)
61
+ session = Session.new(session_id)
60
62
  else
61
63
  session = @session_table[session_id]
62
64
  if session.nil?
@@ -92,6 +94,10 @@ module RubySMB
92
94
  update_preauth_hash(response)
93
95
  end
94
96
 
97
+
98
+ @session_table[session_id] = session
99
+ @smb2_related_operations_state[:session_id] = session_id
100
+
95
101
  response
96
102
  end
97
103
 
data/lib/ruby_smb/server/server_client/share_io.rb CHANGED
@@ -20,16 +20,46 @@ module RubySMB
20
20
  alias :do_transactions2_smb1 :proxy_share_io_smb1
21
21
 
22
22
  def proxy_share_io_smb2(request, session)
23
- # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9a639360-87be-4d49-a1dd-4c6be0c020bd
24
- share_processor = session.tree_connect_table[request.smb2_header.tree_id]
23
+ if request.smb2_header.flags.related_operations == 0
24
+ # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/9a639360-87be-4d49-a1dd-4c6be0c020bd
25
+ share_processor = session.tree_connect_table[request.smb2_header.tree_id]
26
+ @smb2_related_operations_state[:tree_id] = request.smb2_header.tree_id
27
+ else
28
+ # see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/46dd4182-62d3-4e30-9fe5-e2ec124edca1
29
+ if @smb2_related_operations_state.fetch(:tree_id) == 0
30
+ response = SMB2::Packet::ErrorPacket.new
31
+ response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_PARAMETER
32
+ return response
33
+ end
34
+ share_processor = session.tree_connect_table[@smb2_related_operations_state[:tree_id]]
35
+ end
36
+
25
37
  if share_processor.nil?
26
38
  response = SMB2::Packet::ErrorPacket.new
27
39
  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_NETWORK_NAME_DELETED
28
40
  return response
29
41
  end
30
42
 
43
+ if request.field_names.include?(:file_id)
44
+ if request.smb2_header.flags.related_operations == 0
45
+ @smb2_related_operations_state[:file_id] = request.file_id
46
+ elsif @smb2_related_operations_state[:file_id].nil?
47
+ response = SMB2::Packet::ErrorPacket.new
48
+ response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_HANDLE
49
+ return response
50
+ else
51
+ request.file_id = @smb2_related_operations_state[:file_id]
52
+ end
53
+ end
54
+
31
55
  logger.debug("Received #{SMB2::Commands.name(request.smb2_header.command)} request for share: #{share_processor.provider.name}")
32
- share_processor.share_io(__callee__, request)
56
+ response = share_processor.share_io(__callee__, request)
57
+
58
+ if response.field_names.include?(:file_id)
59
+ @smb2_related_operations_state[:file_id] = response.file_id
60
+ end
61
+
62
+ response
33
63
  end
34
64
 
35
65
  alias :do_close_smb2 :proxy_share_io_smb2
data/lib/ruby_smb/server/server_client/tree_connect.rb CHANGED
@@ -41,6 +41,8 @@ module RubySMB
41
41
  end
42
42
 
43
43
  def do_tree_connect_smb2(request, session)
44
+ @smb2_related_operations_state.delete(:tree_id)
45
+
44
46
  response = RubySMB::SMB2::Packet::TreeConnectResponse.new
45
47
  response.smb2_header.credits = 1
46
48
  if session.tree_connect_table.length >= MAX_TREE_CONNECTIONS
@@ -75,6 +77,8 @@ module RubySMB
75
77
  session.tree_connect_table[tree_id] = share_processor = share_provider.new_processor(self, session)
76
78
  response.maximal_access = share_processor.maximal_access
77
79
 
80
+ @smb2_related_operations_state[:tree_id] = tree_id
81
+
78
82
  response
79
83
  end
80
84
 
data/lib/ruby_smb/server/server_client.rb CHANGED
@@ -36,6 +36,7 @@ module RubySMB
36
36
 
37
37
  # session id => session instance
38
38
  @session_table = {}
39
+ @smb2_related_operations_state = {}
39
40
  end
40
41
 
41
42
  #
@@ -334,9 +335,23 @@ module RubySMB
334
335
  # @raise [NotImplementedError] Raised when the requested operation is not
335
336
  # supported.
336
337
  def handle_smb2(raw_request, header)
337
- session = @session_table[header.session_id]
338
+ session_required = !(header.command == SMB2::Commands::SESSION_SETUP && header.session_id == 0)
339
+
340
+ if header.flags.related_operations == 0
341
+ @smb2_related_operations_state.clear
342
+ session = @session_table[header.session_id]
343
+ @smb2_related_operations_state[:session_id] = header.session_id
344
+ else
345
+ # see: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/46dd4182-62d3-4e30-9fe5-e2ec124edca1
346
+ if @smb2_related_operations_state.fetch(:session_id) == 0 && session_required
347
+ response = SMB2::Packet::ErrorPacket.new
348
+ response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_INVALID_PARAMETER
349
+ return response
350
+ end
351
+ session = @session_table[@smb2_related_operations_state[:session_id]]
352
+ end
338
353
 
339
- if session.nil? && !(header.command == SMB2::Commands::SESSION_SETUP && header.session_id == 0)
354
+ if session.nil? && session_required
340
355
  response = SMB2::Packet::ErrorPacket.new
341
356
  response.smb2_header.nt_status = WindowsError::NTStatus::STATUS_USER_SESSION_DELETED
342
357
  return response
@@ -387,7 +402,13 @@ module RubySMB
387
402
  end
388
403
 
389
404
  logger.debug("Dispatching request to #{dispatcher} (session: #{session.inspect})")
390
- send(dispatcher, request, session)
405
+ response = send(dispatcher, request, session)
406
+
407
+ if response.is_a?(SMB2::Packet::ErrorPacket)
408
+ @smb2_related_operations_state.clear
409
+ end
410
+
411
+ response
391
412
  end
392
413
 
393
414
  def _handle_smb2(raw_request)
data/lib/ruby_smb/version.rb CHANGED
@@ -1,3 +1,3 @@
1
1
  module RubySMB
2
- VERSION = '3.3.3'.freeze
2
+ VERSION = '3.3.5'.freeze
3
3
  end
data/spec/lib/ruby_smb/client_spec.rb CHANGED
@@ -471,9 +471,9 @@ RSpec.describe RubySMB::Client do
471
471
  it 'raises an EncryptionError exception if an error occurs while receiving the response' do
472
472
  allow(dispatcher).to receive(:recv_packet).and_raise(RubySMB::Error::CommunicationError)
473
473
  expect { client.recv_packet(encrypt: true) }.to raise_error(
474
- RubySMB::Error::EncryptionError,
474
+ RubySMB::Error::CommunicationError,
475
475
  'Communication error with the remote host: RubySMB::Error::CommunicationError. '\
476
- 'The server supports encryption but was not able to handle the encrypted request.'
476
+ 'The server supports encryption and this error may have been caused by encryption issues, but not always.'
477
477
  )
478
478
  end
479
479
 
@@ -2853,4 +2853,3 @@ RSpec.describe RubySMB::Client do
2853
2853
  end
2854
2854
  end
2855
2855
  end
2856
-
data.tar.gz.sig CHANGED
Binary file
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: ruby_smb
3
3
  version: !ruby/object:Gem::Version
4
- version: 3.3.3
4
+ version: 3.3.5
5
5
  platform: ruby
6
6
  authors:
7
7
  - Metasploit Hackers
@@ -38,7 +38,7 @@ cert_chain:
38
38
  DgscAao7wB3xW2BWEp1KnaDWkf1x9ttgoBEYyuYwU7uatB67kBQG1PKvLt79wHvz
39
39
  Dxs+KOjGbBRfMnPgVGYkORKVrZIwlaboHbDKxcVW5xv+oZc7KYXWGg==
40
40
  -----END CERTIFICATE-----
41
- date: 2024-03-12 00:00:00.000000000 Z
41
+ date: 2024-04-12 00:00:00.000000000 Z
42
42
  dependencies:
43
43
  - !ruby/object:Gem::Dependency
44
44
  name: redcarpet
metadata.gz.sig CHANGED
Binary file