RubyGems - ruby_smb - Versions diffs - 3.3.5 → 3.3.6 - Mend

ruby_smb 3.3.5 → 3.3.6

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (12) hide show

checksums.yaml +4 -4
checksums.yaml.gz.sig +0 -0
data/lib/ruby_smb/dcerpc/ndr.rb +6 -2
data/lib/ruby_smb/dcerpc/request.rb +1 -0
data/lib/ruby_smb/dcerpc/samr/sampr_domain_info_buffer.rb +151 -0
data/lib/ruby_smb/dcerpc/samr/samr_query_information_domain_request.rb +22 -0
data/lib/ruby_smb/dcerpc/samr/samr_query_information_domain_response.rb +23 -0
data/lib/ruby_smb/dcerpc/samr.rb +42 -1
data/lib/ruby_smb/version.rb +1 -1
data.tar.gz.sig +0 -0
metadata +6 -3
metadata.gz.sig +0 -0

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: b89cb4c288acaa9a8a0b92a92051e3d441f8a0221d4fd07d8e450a100e60c9f3
-  data.tar.gz: '08ea52772ee67282ccc7bc1fd488e6ef7eb486960086c69aa8bff8945c67fe2f'
+  metadata.gz: 69dcf2cf8fa1b0bfe541d6c8fca903fedeb202a779a57ea8f7603122f0ffdd4a
+  data.tar.gz: ea05a9a1c3a6c4120e56b9cd2656b70ffb7aa3f0b857596ae00104236271154c
 SHA512:
-  metadata.gz: 3051889e91d780f88b08bfca39078bd25b00b9e8ef0eabd61e9e22a1636a2d760add5fc6e57b3316a500072ff0029f4c4f0485f3a3c52db80b9626c0458d5e6e
-  data.tar.gz: 7f212f644989208c3d2d319e90be6bba3796abac64f458d41edcb56423afccf7cca307a88ef2d0eb55ddcd074b9c69d8c1bca2800965644ef01a160ab069c22f
+  metadata.gz: 3567cb640cb9221e3bd79adfbb26b9e8a6b2f0baa7b474b61d9fb02e283c72f53148542b5a271263e1c8ea77c9e5c84935123fec5e72c6f2146c8bee563b354f
+  data.tar.gz: 8fe76d29d6d96a63bad52c316909263e6e335819fc0bfcc04e2f5d0783c7c526ebb1b89c2c2b53798eebdcdec66954264d10b99cfdb8cccd5c4c488fba6473ad

checksums.yaml.gz.sig CHANGED Viewed

Binary file

data/lib/ruby_smb/dcerpc/ndr.rb CHANGED Viewed

@@ -66,12 +66,16 @@ module RubySMB::Dcerpc::Ndr
   end
   # [Integers](https://pubs.opengroup.org/onlinepubs/9629399/chap14.htm#tagcjh_19_02_05)
-  # This will define the four size Integers accepted by the NDR protocol:
+  # This will define the eight Integers accepted by the NDR protocol:
+  # - NdrInt8
   # - NdrUint8
+  # - NdrInt16
   # - NdrUint16
+  # - NdrInt32
   # - NdrUint32
+  # - NdrInt64
   # - NdrUint64
-  {Uint8: 1, Uint16le: 2, Uint32le: 4, Uint64le: 8}.each do |klass, nb_bytes|
+  {Int8: 1, Uint8: 1, Int16le: 2, Uint16le: 2, Int32le: 4, Uint32le: 4, Int64le: 8, Uint64le: 8}.each do |klass, nb_bytes|
     new_klass_name = "Ndr#{klass.to_s.chomp('le')}"
     unless self.const_defined?(new_klass_name)
       new_klass = Class.new(BinData.const_get(klass)) do

data/lib/ruby_smb/dcerpc/request.rb CHANGED Viewed

@@ -74,6 +74,7 @@ module RubySMB
           samr_create_user2_in_domain_request          Samr::SAMR_CREATE_USER2_IN_DOMAIN
           samr_set_information_user2_request           Samr::SAMR_SET_INFORMATION_USER2
           samr_delete_user_request                     Samr::SAMR_DELETE_USER
+          samr_query_information_domain_request        Samr::SAMR_QUERY_INFORMATION_DOMAIN
           string                                       :default
         end
         choice 'Wkssvc', selection: -> { opnum } do

data/lib/ruby_smb/dcerpc/samr/sampr_domain_info_buffer.rb ADDED Viewed

@@ -0,0 +1,151 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+      # [2.2.3.5 DOMAIN_PASSWORD_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/0ae356d8-c220-4706-846e-ebbdc6fabdcb)
+      class SamprDomainPasswordInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_uint16 :min_password_length
+        ndr_uint16 :password_history_length
+        ndr_uint32 :password_properties
+        ndr_int64  :max_password_age
+        ndr_int64  :min_password_age
+      end
+      # [2.2.3.12 SAMPR_DOMAIN_OEM_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/7cbb7ff0-e593-440d-8341-a3435195cdf1)
+      class SamprDomainOemInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        rpc_unicode_string :oem_information
+      end
+      # [2.2.3.7 DOMAIN_SERVER_ROLE_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/cb0e586a-29c8-49b2-8ced-c273a7476c22)
+      class SamprDomainServerRoleInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_uint16 :domain_server_role
+      end
+      # [2.2.3.15 SAMPR_DOMAIN_LOCKOUT_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/c9d789ed-c54a-4450-be56-251e627e1f52)
+      class SamprDomainLockoutInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_uint64  :lockout_duration
+        ndr_uint64  :lockout_observation_window
+        ndr_uint16  :lockout_threshold
+      end
+      # [2.2.3.10 SAMPR_DOMAIN_GENERAL_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/85973e1c-96f2-4c80-8135-b24d74ad7794)
+      class SamprDomainGeneralInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_int64          :force_logoff
+        rpc_unicode_string :oem_information
+        rpc_unicode_string :domain_name
+        rpc_unicode_string :replica_source_node_name
+        ndr_int64          :domain_modified_count
+        ndr_uint32         :domain_server_state
+        ndr_uint32         :domain_server_role
+        ndr_uint8          :uas_compatibility_required
+        ndr_uint32         :user_count
+        ndr_uint32         :group_count
+        ndr_uint32         :alias_count
+      end
+      # [2.2.3.6 DOMAIN_LOGOFF_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/6fb0bbea-888c-4353-b5f8-75e7862344be)
+      class SamprDomainLogoffInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_int64  :force_logoff
+      end
+      # [2.2.3.13 SAMPR_DOMAIN_NAME_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/5131d2c0-04c7-4c1b-8fd5-0b0b6cfa6c24)
+      class SamprDomainNameInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        rpc_unicode_string :domain_name
+      end
+      # [2.2.3.8 DOMAIN_MODIFIED_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/e1da9680-8968-423b-98c0-fbdcf1535ef9)
+      class SamprDomainModifiedInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_int64 :domain_modified_count
+        ndr_int64 :creation_time
+      end
+      # [2.2.3.9 DOMAIN_MODIFIED_INFORMATION2](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/47eea81b-5fee-4925-b5c1-fc594dcc8dff)
+      class SamprDomainModifiedInformation2 < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_int64 :domain_modified_count
+        ndr_int64 :creation_time
+        ndr_int64 :modified_count_at_last_promotion
+      end
+      # [2.2.3.3 DOMAIN_STATE_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/f224edcf-8d4e-4294-b0c3-b0eda384c402)
+      class SamprDomainStateInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        ndr_uint16 :domain_server_state
+      end
+      # [2.2.3.11 SAMPR_DOMAIN_GENERAL_INFORMATION2](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/9a663cf2-0923-4959-b2c5-2e25c19735ff)
+      class SamprDomainGeneralInformation2 < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        sampr_domain_general_information :i1
+        ndr_uint64  :lockout_duration
+        ndr_uint64  :lockout_observation_window
+        ndr_uint16  :lockout_threshold
+      end
+      # [2.2.3.14 SAMPR_DOMAIN_REPLICATION_INFORMATION](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/c9293797-e11d-4098-be12-bf9e1de91f20)
+      class SamprDomainReplicationInformation < Ndr::NdrStruct
+        default_parameters byte_align: 4
+        endian :little
+        rpc_unicode_string :replica_node_name
+      end
+      # [2.2.3.17 SAMPR_DOMAIN_INFO_BUFFER](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/1adc2142-dbb8-4554-aa24-010c713698bf)
+      class SamprDomainInfoBuffer < BinData::Record
+        default_parameters byte_align: 4
+        endian :little
+        uint16 :info_class
+        skip   length: 2
+        choice :buffer, selection: :info_class do
+          sampr_domain_password_information    DOMAIN_PASSWORD_INFORMATION
+          sampr_domain_oem_information         DOMAIN_OEM_INFORMATION
+          sampr_domain_server_role_information DOMAIN_SERVER_ROLE_INFORMATION
+          sampr_domain_lockout_information     DOMAIN_LOCKOUT_INFORMATION
+          sampr_domain_logoff_information      DOMAIN_LOGOFF_INFORMATION
+          sampr_domain_general_information     DOMAIN_GENERAL_INFORMATION
+          sampr_domain_name_information        DOMAIN_NAME_INFORMATION
+          sampr_domain_modified_information    DOMAIN_MODIFIED_INFORMATION
+          sampr_domain_modified_information2   DOMAIN_MODIFIED_INFORMATION2
+          sampr_domain_state_information       DOMAIN_STATE_INFORMATION
+          sampr_domain_general_information2    DOMAIN_GENERAL_INFORMATION2
+          sampr_domain_replication_information DOMAIN_REPLICATION_INFORMATION
+        end
+      end
+      class PsamprDomainInfoBuffer < SamprDomainInfoBuffer
+        extend Ndr::PointerClassPlugin
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/samr/samr_query_information_domain_request.rb ADDED Viewed

@@ -0,0 +1,22 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+      # [3.1.5.5.2 SamrQueryInformationDomain (Opnum 8)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/5d6a2817-caa9-41ca-a269-fd13ecbb4fa8)
+      class SamrQueryInformationDomainRequest < BinData::Record
+        attr_reader :opnum
+        endian :little
+        sampr_handle :domain_handle
+        ndr_uint16   :domain_information_class
+        def initialize_instance
+          super
+          @opnum = SAMR_QUERY_INFORMATION_DOMAIN
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/samr/samr_query_information_domain_response.rb ADDED Viewed

@@ -0,0 +1,23 @@
+module RubySMB
+  module Dcerpc
+    module Samr
+      # [3.1.5.5.2 SamrQueryInformationDomain (Opnum 8)](https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/5d6a2817-caa9-41ca-a269-fd13ecbb4fa8)
+      class SamrQueryInformationDomainResponse < BinData::Record
+        attr_reader :opnum
+        endian :little
+        psampr_domain_info_buffer :buffer
+        ndr_uint32                :error_status
+        def initialize_instance
+          super
+          @opnum = SAMR_QUERY_INFORMATION_DOMAIN
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/dcerpc/samr.rb CHANGED Viewed

@@ -16,6 +16,7 @@ module RubySMB
       SAMR_LOOKUP_DOMAIN_IN_SAM_SERVER     = 0x0005
       SAMR_ENUMERATE_DOMAINS_IN_SAM_SERVER = 0x0006
       SAMR_OPEN_DOMAIN                     = 0x0007
+      SAMR_QUERY_INFORMATION_DOMAIN        = 0x0008
       SAMR_ENUMERATE_USERS_IN_DOMAIN       = 0x000D
       SAMR_GET_ALIAS_MEMBERSHIP            = 0x0010
       SAMR_LOOKUP_NAMES_IN_DOMAIN          = 0x0011
@@ -139,6 +140,20 @@ module RubySMB
       USER_ALL_SECURITYDESCRIPTOR  = 0x10000000
       USER_ALL_UNDEFINED_MASK      = 0xC0000000
+      # [2.2.3.16 DOMAIN_INFORMATION_CLASS Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/6b0dff90-5ac0-429a-93aa-150334adabf6)
+      DOMAIN_PASSWORD_INFORMATION    = 1
+      DOMAIN_GENERAL_INFORMATION     = 2
+      DOMAIN_LOGOFF_INFORMATION      = 3
+      DOMAIN_OEM_INFORMATION         = 4
+      DOMAIN_NAME_INFORMATION        = 5
+      DOMAIN_REPLICATION_INFORMATION = 6
+      DOMAIN_SERVER_ROLE_INFORMATION = 7
+      DOMAIN_MODIFIED_INFORMATION    = 8
+      DOMAIN_STATE_INFORMATION       = 9
+      DOMAIN_GENERAL_INFORMATION2    = 11
+      DOMAIN_LOCKOUT_INFORMATION     = 12
+      DOMAIN_MODIFIED_INFORMATION2   = 13
       # [2.2.6.28 USER_INFORMATION_CLASS Values](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-samr/6b0dff90-5ac0-429a-93aa-150334adabf6)
       USER_GENERAL_INFORMATION       = 1
       USER_PREFERENCES_INFORMATION   = 2
@@ -474,6 +489,7 @@ module RubySMB
       end
       require 'ruby_smb/dcerpc/samr/rpc_sid'
+      require 'ruby_smb/dcerpc/samr/sampr_domain_info_buffer'
       require 'ruby_smb/dcerpc/samr/samr_connect_request'
       require 'ruby_smb/dcerpc/samr/samr_connect_response'
@@ -503,6 +519,8 @@ module RubySMB
       require 'ruby_smb/dcerpc/samr/samr_set_information_user2_response'
       require 'ruby_smb/dcerpc/samr/samr_delete_user_request'
       require 'ruby_smb/dcerpc/samr/samr_delete_user_response'
+      require 'ruby_smb/dcerpc/samr/samr_query_information_domain_request'
+      require 'ruby_smb/dcerpc/samr/samr_query_information_domain_response'
       # Returns a handle to a server object.
       #
@@ -979,7 +997,30 @@ module RubySMB
         samr_get_groups_for_user_reponse.groups.groups.to_ary
       end
+      # Returns domain information.
+      #
+      # @param domain_handle [RubySMB::Dcerpc::Samr::SamprHandle] An RPC context
+      #   representing a domain object
+      # @param info_class [Integer] The class of information to retrieve
+      # @return [BinData::Choice] The requested information.
+      def samr_query_information_domain(domain_handle:, info_class:)
+        samr_request = SamrQueryInformationDomainRequest.new(
+          domain_handle: domain_handle,
+          domain_information_class: info_class
+        )
+        response = dcerpc_request(samr_request)
+        begin
+          samr_response = SamrQueryInformationDomainResponse.read(response)
+        rescue IOError
+          raise RubySMB::Dcerpc::Error::InvalidPacket, 'Error reading SamrQueryInformationDomainResponse'
+        end
+        unless samr_response.error_status == WindowsError::NTStatus::STATUS_SUCCESS
+          raise RubySMB::Dcerpc::Error::SamrError,
+            "Error returned while querying domain information: "\
+            "#{WindowsError::NTStatus.find_by_retval(samr_response.error_status.value).join(',')}"
+        end
+        samr_response.buffer.buffer
+      end
     end
   end
 end

data/lib/ruby_smb/version.rb CHANGED Viewed

@@ -1,3 +1,3 @@
 module RubySMB
-  VERSION = '3.3.5'.freeze
+  VERSION = '3.3.6'.freeze
 end

data.tar.gz.sig CHANGED Viewed

Binary file

metadata CHANGED Viewed

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: ruby_smb
 version: !ruby/object:Gem::Version
-  version: 3.3.5
+  version: 3.3.6
 platform: ruby
 authors:
 - Metasploit Hackers
@@ -38,7 +38,7 @@ cert_chain:
   DgscAao7wB3xW2BWEp1KnaDWkf1x9ttgoBEYyuYwU7uatB67kBQG1PKvLt79wHvz
   Dxs+KOjGbBRfMnPgVGYkORKVrZIwlaboHbDKxcVW5xv+oZc7KYXWGg==
   -----END CERTIFICATE-----
-date: 2024-04-12 00:00:00.000000000 Z
+date: 2024-04-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: redcarpet
@@ -309,6 +309,7 @@ files:
 - lib/ruby_smb/dcerpc/rrp_rpc_unicode_string.rb
 - lib/ruby_smb/dcerpc/samr.rb
 - lib/ruby_smb/dcerpc/samr/rpc_sid.rb
+- lib/ruby_smb/dcerpc/samr/sampr_domain_info_buffer.rb
 - lib/ruby_smb/dcerpc/samr/samr_close_handle_request.rb
 - lib/ruby_smb/dcerpc/samr/samr_close_handle_response.rb
 - lib/ruby_smb/dcerpc/samr/samr_connect_request.rb
@@ -333,6 +334,8 @@ files:
 - lib/ruby_smb/dcerpc/samr/samr_open_domain_response.rb
 - lib/ruby_smb/dcerpc/samr/samr_open_user_request.rb
 - lib/ruby_smb/dcerpc/samr/samr_open_user_response.rb
+- lib/ruby_smb/dcerpc/samr/samr_query_information_domain_request.rb
+- lib/ruby_smb/dcerpc/samr/samr_query_information_domain_response.rb
 - lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_request.rb
 - lib/ruby_smb/dcerpc/samr/samr_rid_to_sid_response.rb
 - lib/ruby_smb/dcerpc/samr/samr_set_information_user2_request.rb
@@ -956,7 +959,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.4
+rubygems_version: 3.4.18
 signing_key:
 specification_version: 4
 summary: A pure Ruby implementation of the SMB Protocol Family

metadata.gz.sig CHANGED Viewed

Binary file