ruby_smb 0.0.20 → 0.0.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b4dff3ea0843193837a2e7ca9f8f0ab4a7fd2eea
-  data.tar.gz: 7b8e7321255ff7da69f8aba3658c3f5f6769325e
+  metadata.gz: 816022485d644911d10d8001578a7eb49206edc3
+  data.tar.gz: bcf4688f01257ffd062adbd8fa2cb94843365687
 SHA512:
-  metadata.gz: 129e91974e7487ed551eb69506ecd7c7adb92a1b528b135a3bece8387fcb45acde5abde401475c03d469732a94dfd38aaa1f30b810acf641796e7860797b0b3c
-  data.tar.gz: 1233ed26721566ce8f86ea7e8eea3572b959251ae9db1faa6d1f84b324fc9c06a392c823b2551d2161972aaebb190920b465869e6bd97046ca67ec6dc4fb96db
+  metadata.gz: b53ba46aac705524d9c60b27b4c02f9dc9be9f58c5b516596b05780c962eb527f57a5537bcc17882c016d3e63baff4ea4357360faa7fb7c8004687a4d3fc8e16
+  data.tar.gz: e442a5af8c2e22740f2d1f137677b55953548d30b86d4a32895cb600833c4624ec2895056610e3f3a9f0fa1afae6799907ba98b2d4c168f6b2e6c8cb20239848

data.tar.gz.sig

@@ -1,3 +1,2 @@
-�m\Y��ӐLE��|ٰ�
-}��,l^��)�1���!�;#���bk��&(�J�A
-���>)b�f�Ժ���r�̫-����9�>�i1�qM��I,�mD�$bZOp�OC7��E0�m8��$���y����K��>�\�~�{��/���;t�Ќ�5=W��z:�����y������o~x�����T?����/�e���l
+��S&��3K��O��y�>�!�T�a5IoX`6m�[��Ŝ'��׸���^ׯ;/�l�
+��.��}9����P$

data/examples/pipes.rb

@@ -0,0 +1,45 @@
+#!/usr/bin/ruby
+
+#
+# Example script for connecting to a named pipe and performing a peek operation.
+# This is used to demonstrate pipe operations.
+#
+# Usage: ruby pipes.rb ADDRESS PIPENAME USER PASS 1|2
+#
+
+require 'bundler/setup'
+require 'ruby_smb'
+
+address  = ARGV[0]
+pipename = ARGV[1]
+username = ARGV[2]
+password = ARGV[3]
+smbver   = ARGV[4].to_i
+
+sock = TCPSocket.new(address, 445)
+dispatcher = RubySMB::Dispatcher::Socket.new(sock)
+
+if smbver == 2
+  client = RubySMB::Client.new(dispatcher, smb1: false, username: username, password: password)
+  client.negotiate
+  puts "ServerMaxRead:   #{client.server_max_read_size}"
+  puts "ServerMaxWrite:  #{client.server_max_write_size}"
+  puts "ServerMaxTrans:  #{client.server_max_transact_size}"
+elsif smbver == 1
+  client = RubySMB::Client.new(dispatcher, smb2: false, username: username, password: password)
+  client.negotiate
+  puts "ServerMaxBuffer: #{client.server_max_buffer_size}"
+end
+
+client.authenticate
+client.tree_connect("\\\\#{address}\\IPC$")
+pipe = client.create_pipe(pipename, nil)
+
+puts "Available:       #{pipe.peek_available}"
+puts "PipeState:       #{pipe.peek_state}" # 3 == OK
+puts "IsConnected:     #{pipe.is_connected?}"
+
+pipe.close
+puts "IsConnected:     #{pipe.is_connected?}"
+client.tree_connects[-1].disconnect!
+client.disconnect!

data/lib/ruby_smb/client.rb

@@ -23,7 +23,9 @@ module RubySMB
     # Dialect value for SMB2 Default (Version 2.02)
     SMB2_DIALECT_DEFAULT = 0x0202
     # The default maximum size of a SMB message that the Client accepts (in bytes)
-    MAX_BUFFER_SIZE = 4356
+    MAX_BUFFER_SIZE = 64512
+    # The default maximum size of a SMB message that the Server accepts (in bytes)
+    SERVER_MAX_BUFFER_SIZE = 4356
 
     # The dispatcher responsible for sending packets
     # @!attribute [rw] dispatcher
@@ -158,7 +160,23 @@ module RubySMB
     #   @return [Integer]
     attr_accessor :server_max_buffer_size
 
-    # @param dispatcher [RubySMB::Dispacther::Socket] the packet dispatcher to use
+    # The maximum size SMB2 write request that the Server accepts (in bytes)
+    # @!attribute [rw] server_max_write_size
+    #   @return [Integer]
+    attr_accessor :server_max_write_size
+
+    # The maximum size SMB2 read request that the Server accepts (in bytes)
+    # @!attribute [rw] server_max_read_size
+    #   @return [Integer]
+    attr_accessor :server_max_read_size
+
+    # The maximum size SMB2 transaction that the Server accepts (in bytes)
+    # For transactions that are not a read or write request
+    # @!attribute [rw] server_max_transact_size
+    #   @return [Integer]
+    attr_accessor :server_max_transact_size
+
+    # @param dispatcher [RubySMB::Dispatcher::Socket] the packet dispatcher to use
     # @param smb1 [Boolean] whether or not to enable SMB1 support
     # @param smb2 [Boolean] whether or not to enable SMB2 support
     def initialize(dispatcher, smb1: true, smb2: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION')
@@ -178,7 +196,11 @@ module RubySMB
       @smb2              = smb2
       @username          = username.encode('utf-8') || ''.encode('utf-8')
       @max_buffer_size   = MAX_BUFFER_SIZE
-      @server_max_buffer_size = MAX_BUFFER_SIZE
+      # These sizes will be modifed during negotiation
+      @server_max_buffer_size = SERVER_MAX_BUFFER_SIZE
+      @server_max_read_size   = RubySMB::SMB2::File::MAX_PACKET_SIZE
+      @server_max_write_size  = RubySMB::SMB2::File::MAX_PACKET_SIZE
+      @server_max_transact_size = RubySMB::SMB2::File::MAX_PACKET_SIZE
 
       negotiate_version_flag = 0x02000000
       flags = Net::NTLM::Client::DEFAULT_FLAGS |

data/lib/ruby_smb/client/negotiation.rb

@@ -82,14 +82,21 @@ module RubySMB
           self.smb2 = false
           self.signing_required = packet.parameter_block.security_mode.security_signatures_required == 1
           self.dialect = packet.negotiated_dialect.to_s
-          self.server_max_buffer_size = packet.parameter_block.max_buffer_size
+          # MaxBufferSize is largest message server will receive, measured from start of the SMB header. Subtract 260
+          # for protocol overhead. Then this value can be used for max read/write size without having to factor in
+          # protocol overhead every time.
+          self.server_max_buffer_size = packet.parameter_block.max_buffer_size - 260
           'SMB1'
         when RubySMB::SMB2::Packet::NegotiateResponse
           self.smb1 = false
           self.smb2 = true
           self.signing_required = packet.security_mode.signing_required == 1
           self.dialect = "0x%04x" % packet.dialect_revision
-          self.server_max_buffer_size = 16644
+          self.server_max_read_size = packet.max_read_size
+          self.server_max_write_size = packet.max_write_size
+          self.server_max_transact_size = packet.max_transact_size
+          # This value is used in SMB1 only but calculate a valid value anyway
+          self.server_max_buffer_size = [self.server_max_read_size, self.server_max_write_size, self.server_max_transact_size].min
           'SMB2'
         end
 
@@ -102,7 +109,7 @@ module RubySMB
       def smb1_negotiate_request
         packet = RubySMB::SMB1::Packet::NegotiateRequest.new
         # Default to always enabling Extended Security. It simplifies the Negotiation process
-        # while being gauranteed to work with any modern Windows system. We can get more sophisticated
+        # while being guaranteed to work with any modern Windows system. We can get more sophisticated
         # with switching this on and off at a later date if the need arises.
         packet.smb_header.flags2.extended_security = 1
         # There is no real good reason to ever send an SMB1 Negotiate packet

data/lib/ruby_smb/nbss/session_header.rb

@@ -5,9 +5,9 @@ module RubySMB
     class SessionHeader < BinData::Record
       endian :big
 
-      uint8  :session_packet_type, label: 'Session Packet Type'
-      uint8  :flags,               label: 'Flags',              initial_value: 0
-      uint16 :packet_length,       label: 'Packet Length'
+      uint8 :session_packet_type,  label: 'Session Packet Type'
+      bit7  :flags,                label: 'Flags',              initial_value: 0
+      bit17 :packet_length,        label: 'Packet Length'
     end
   end
 end

data/lib/ruby_smb/smb1.rb

@@ -18,5 +18,6 @@ module RubySMB
     require 'ruby_smb/smb1/packet'
     require 'ruby_smb/smb1/tree'
     require 'ruby_smb/smb1/file'
+    require 'ruby_smb/smb1/pipe'
   end
 end

data/lib/ruby_smb/smb1/bit_field.rb

@@ -10,6 +10,7 @@ module RubySMB
       require 'ruby_smb/smb1/bit_field/optional_support'
       require 'ruby_smb/smb1/bit_field/directory_access_mask'
       require 'ruby_smb/smb1/bit_field/file_access_mask'
+      require 'ruby_smb/smb1/bit_field/trans_flags'
       require 'ruby_smb/smb1/bit_field/trans2_flags'
       require 'ruby_smb/smb1/bit_field/open2_flags'
       require 'ruby_smb/smb1/bit_field/open2_access_mode'

data/lib/ruby_smb/smb1/bit_field/trans_flags.rb

@@ -0,0 +1,15 @@
+module RubySMB
+  module SMB1
+    module BitField
+      # The Flags bit-field for a Trans Request Packet
+      # [2.2.4.33.1 Request](https://msdn.microsoft.com/en-us/library/ee441730.aspx)
+      class TransFlags < BinData::Record
+        endian  :little
+        bit6    :reserved,              label: 'Reserved Space',             initial_value: 0
+        bit1    :no_response,           label: 'Do Not reply',               initial_value: 0
+        bit1    :disconnect,            label: 'Disconnect Tree',            initial_value: 0
+        bit8    :reserved2,             label: 'Reserved Space',             initial_value: 0
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/commands.rb

@@ -2,6 +2,7 @@ module RubySMB
   module SMB1
     module Commands
       SMB_COM_CLOSE                   = 0x04
+      SMB_COM_TRANSACTION             = 0x25
       SMB_COM_ECHO                    = 0x2B
       SMB_COM_READ_ANDX               = 0x2E
       SMB_COM_WRITE_ANDX              = 0x2F

data/lib/ruby_smb/smb1/packet.rb

@@ -19,6 +19,7 @@ module RubySMB
       require 'ruby_smb/smb1/packet/logoff_response'
       require 'ruby_smb/smb1/packet/echo_request'
       require 'ruby_smb/smb1/packet/echo_response'
+      require 'ruby_smb/smb1/packet/trans'
       require 'ruby_smb/smb1/packet/trans2'
       require 'ruby_smb/smb1/packet/nt_trans'
       require 'ruby_smb/smb1/packet/nt_create_andx_request'

data/lib/ruby_smb/smb1/packet/trans.rb

@@ -0,0 +1,16 @@
+module RubySMB
+  module SMB1
+    module Packet
+      # Namespace for the Transaction sub-protocol documented in
+      # [2.2.4.33 SMB_COM_TRANSACTION (0x25)](https://msdn.microsoft.com/en-us/library/ee441489.aspx)
+      module Trans
+        require 'ruby_smb/smb1/packet/trans/subcommands'
+        require 'ruby_smb/smb1/packet/trans/data_block'
+        require 'ruby_smb/smb1/packet/trans/request'
+        require 'ruby_smb/smb1/packet/trans/response'
+        require 'ruby_smb/smb1/packet/trans/peek_nmpipe_request'
+        require 'ruby_smb/smb1/packet/trans/peek_nmpipe_response'
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/data_block.rb

@@ -0,0 +1,49 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # Extends the {RubySMB::SMB1::DataBlock} to include padding methods
+        # that all Trans DataBlocks will need to handle proper byte alignment.
+        class DataBlock < RubySMB::SMB1::DataBlock
+          # Controls whether the padding fields will be used
+          # @!attribute [rw] enable_padding
+          #   @return [Boolean]
+          attr_accessor :enable_padding
+
+          def initialize_instance
+            super
+            @enable_padding = true
+          end
+
+          private
+
+          # Determines the correct length for the padding in front of
+          # trans_parameters. It should always force a 4-byte alignment.
+          def pad1_length
+            if enable_padding
+              offset = if respond_to?(:name)
+                         (name.abs_offset + 1) % 4
+                       else
+                         (byte_count.abs_offset + 2) % 4
+                       end
+              (4 - offset) % 4
+            else
+              0
+            end
+          end
+
+          # Determines the correct length for the padding in front of
+          # trans_data. It should always force a 4-byte alignment.
+          def pad2_length
+            if enable_padding
+              offset = (trans_parameters.abs_offset + trans_parameters.length) % 4
+              (4 - offset) % 4
+            else
+              0
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_request.rb

@@ -0,0 +1,24 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # This class represents an SMB1 Trans PeekNamedPipe Request Packet as defined in
+        # [2.2.5.5.1 Request](https://msdn.microsoft.com/en-us/library/ee442106.aspx)
+        class PeekNmpipeRequest < RubySMB::SMB1::Packet::Trans::Request
+
+          def fid=(file_id)
+            parameter_block.setup = [RubySMB::SMB1::Packet::Trans::Subcommands::PEEK_NMPIPE, file_id]
+          end
+
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            data_block.name = "\\PIPE\\"
+            parameter_block.setup << RubySMB::SMB1::Packet::Trans::Subcommands::PEEK_NMPIPE
+            parameter_block.setup_count = 2
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/peek_nmpipe_response.rb

@@ -0,0 +1,59 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+        # This class represents an SMB1 Trans PeekNamedPipe Response Packet as defined in
+        # [2.2.5.5.2 Response](https://msdn.microsoft.com/en-us/library/ee441883.aspx)
+        class PeekNmpipeResponse < RubySMB::GenericPacket
+          class ParameterBlock < RubySMB::SMB1::Packet::Trans::Response::ParameterBlock
+          end
+
+          # The Trans Parameter Block for this particular Subcommand
+          class TransParameters < BinData::Record
+            endian :little
+
+            uint16 :read_data_available,     label: 'Read bytes available'
+            uint16 :message_bytes_length,    label: 'Byte length of available message'
+            uint16 :pipe_state,              label: 'Named pipe state'
+
+            # Returns the length of the TransParameters struct
+            # in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+          
+          class TransData < BinData::Record
+            string :read_data, label: 'Readable data', length: -> { parent.parameter_block.total_data_count }
+
+            # Returns the length of the TransData struct
+            # in number of bytes
+            def length
+              do_num_bytes
+            end
+          end
+
+          # The {RubySMB::SMB1::DataBlock} specific to this packet type.
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            string           :pad1,               length: -> { pad1_length }
+            trans_parameters :trans_parameters,   label: 'Trans Parameters'
+            # dont understand the padding on this one...
+            string           :pad2,               length: -> { parent.parameter_block.data_offset - parent.parameter_block.parameter_offset - parent.parameter_block.parameter_count }
+            trans_data       :trans_data,         label: 'Trans Data'
+          end
+
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            smb_header.flags.reply = 1
+            parameter_block.setup << RubySMB::SMB1::Packet::Trans::Subcommands::PEEK_NMPIPE
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/request.rb

@@ -0,0 +1,50 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+      # A SMB1 SMB_COM_TRANSACTION Request Packet as defined in
+      # [2.2.4.33.1 Request](https://msdn.microsoft.com/en-us/library/ee441730.aspx)
+        class Request < RubySMB::GenericPacket
+          # A SMB1 Parameter Block
+          class ParameterBlock < RubySMB::SMB1::ParameterBlock
+            uint16        :total_parameter_count, label: 'Total Parameter Count(bytes)'
+            uint16        :total_data_count,      label: 'Total Data Count(bytes)'
+            uint16        :max_parameter_count,   label: 'Max Parameter Count(bytes)'
+            uint16        :max_data_count,        label: 'Max Data Count(bytes)'
+            uint8         :max_setup_count,       label: 'Max Setup Count'
+            uint8         :reserved,              label: 'Reserved Space',         initial_value: 0x00
+            trans_flags   :flags
+            uint32        :timeout,               label: 'Timeout',                initial_value: 0x00000000
+            uint16        :reserved2,             label: 'Reserved Space',         initial_value: 0x00
+            uint16        :parameter_count,       label: 'Parameter Count(bytes)', initial_value: -> { parent.data_block.trans_parameters.length }
+            uint16        :parameter_offset,      label: 'Parameter Offset',       initial_value: -> { parent.data_block.trans_parameters.abs_offset }
+            uint16        :data_count,            label: 'Data Count(bytes)',      initial_value: -> { parent.data_block.trans_data.length }
+            uint16        :data_offset,           label: 'Data Offset',            initial_value: -> { parent.data_block.trans_data.abs_offset }
+            uint8         :setup_count,           label: 'Setup Count',            initial_value: -> { setup.length }
+            uint8         :reserved3,             label: 'Reserved Space',         initial_value: 0x00
+
+            array :setup, type: :uint16, initial_length: 0
+          end
+
+          # The {RubySMB::SMB1::DataBlock} specific to this packet type.
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            stringz :name,              label: 'Name', initial_value: ""
+            string :pad1,               length: -> { pad1_length }
+            string :trans_parameters,   label: 'Trans Parameters'
+            string :pad2,               length: -> { pad2_length }
+            string :trans_data,         label: 'Trans Data'
+          end
+
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+          end
+        end
+      end
+    end
+  end
+end

data/lib/ruby_smb/smb1/packet/trans/response.rb

@@ -0,0 +1,46 @@
+module RubySMB
+  module SMB1
+    module Packet
+      module Trans
+      # A SMB1 SMB_COM_TRANSACTION Response Packet as defined in
+      # [2.2.4.33.2 Response](https://msdn.microsoft.com/en-us/library/ee442061.aspx)
+        class Response < RubySMB::GenericPacket
+          # A SMB1 Parameter Block
+          class ParameterBlock < RubySMB::SMB1::ParameterBlock
+            uint16 :total_parameter_count, label: 'Total Parameter Count(bytes)'
+            uint16        :total_data_count,        label: 'Total Data Count(bytes)'
+            uint16        :reserved,                label: 'Reserved Space',                 initial_value: 0x00
+            uint16        :parameter_count,         label: 'Parameter Count(bytes)',         initial_value: -> { parent.data_block.trans_parameters.length }
+            uint16        :parameter_offset,        label: 'Parameter Offset',               initial_value: -> { parent.data_block.trans_parameters.abs_offset }
+            uint16        :parameter_displacement,  label: 'Parameter Displacement'
+            uint16        :data_count,              label: 'Data Count(bytes)',              initial_value: -> { parent.data_block.trans_data.length }
+            uint16        :data_offset,             label: 'Data Offset',                    initial_value: -> { parent.data_block.trans_data.abs_offset }
+            uint16        :data_displacement,       label: 'Data Displacement'
+            uint8         :setup_count,             label: 'Setup Count',                    initial_value: -> { setup.length }
+            uint8         :reserved2,               label: 'Reserved Space',                 initial_value: 0x00
+
+            array :setup, type: :uint16, initial_length: 0
+          end
+
+          # The {RubySMB::SMB1::DataBlock} specific to this packet type.
+          class DataBlock < RubySMB::SMB1::Packet::Trans::DataBlock
+            string :pad1,               length: -> { pad1_length }
+            string :trans_parameters,   label: 'Trans Parameters'
+            string :pad2,               length: -> { pad2_length }
+            string :trans_data,         label: 'Trans Data'
+          end
+
+          smb_header        :smb_header
+          parameter_block   :parameter_block
+          data_block        :data_block
+
+          def initialize_instance
+            super
+            smb_header.command = RubySMB::SMB1::Commands::SMB_COM_TRANSACTION
+            smb_header.flags.reply = 1
+          end
+        end
+      end
+    end
+  end
+end