ruby_smb 2.0.8 → 2.0.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- checksums.yaml.gz.sig +0 -0
- data.tar.gz.sig +1 -1
- data/lib/ruby_smb/client.rb +23 -19
- data/lib/ruby_smb/client/negotiation.rb +8 -10
- data/lib/ruby_smb/version.rb +1 -1
- data/spec/lib/ruby_smb/client_spec.rb +17 -7
- metadata +2 -2
- metadata.gz.sig +0 -0
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 6c56b48b8782a1622a0d9586244a82a4527868e20519a5ab7339a4b679909288
|
|
4
|
+
data.tar.gz: b5aef9f1775e56661b9248567f5a2d254a7b64e67b7252cc742a66b392ab45a4
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 1cf475d6429f701a37557668a1baba47ff241109c99c5a133e3f0c89dbdfc6eda8658952485b8e71eed8a6815541a2d729a093b96230907e2c58f9a63170851d
|
|
7
|
+
data.tar.gz: d5189ce906e257765049e08a6c60d360c5c6bbc389c40d51a3d18c882e68375578cadf74b5b1b892a2b8bee72d3b2ffdc3384259ce0d4213f6d98d076cfcd21e
|
checksums.yaml.gz.sig
CHANGED
|
Binary file
|
data.tar.gz.sig
CHANGED
data/lib/ruby_smb/client.rb
CHANGED
|
@@ -277,7 +277,8 @@ module RubySMB
|
|
|
277
277
|
# @param smb1 [Boolean] whether or not to enable SMB1 support
|
|
278
278
|
# @param smb2 [Boolean] whether or not to enable SMB2 support
|
|
279
279
|
# @param smb3 [Boolean] whether or not to enable SMB3 support
|
|
280
|
-
def initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.',
|
|
280
|
+
def initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.',
|
|
281
|
+
local_workstation: 'WORKSTATION', always_encrypt: true, ntlm_flags: default_flags)
|
|
281
282
|
raise ArgumentError, 'No Dispatcher provided' unless dispatcher.is_a? RubySMB::Dispatcher::Base
|
|
282
283
|
if smb1 == false && smb2 == false && smb3 == false
|
|
283
284
|
raise ArgumentError, 'You must enable at least one Protocol'
|
|
@@ -306,18 +307,12 @@ module RubySMB
|
|
|
306
307
|
# SMB 3.x options
|
|
307
308
|
@session_encrypt_data = always_encrypt
|
|
308
309
|
|
|
309
|
-
negotiate_version_flag = 0x02000000
|
|
310
|
-
flags = Net::NTLM::Client::DEFAULT_FLAGS |
|
|
311
|
-
Net::NTLM::FLAGS[:TARGET_INFO] |
|
|
312
|
-
negotiate_version_flag ^
|
|
313
|
-
Net::NTLM::FLAGS[:OEM]
|
|
314
|
-
|
|
315
310
|
@ntlm_client = Net::NTLM::Client.new(
|
|
316
311
|
@username,
|
|
317
312
|
@password,
|
|
318
313
|
workstation: @local_workstation,
|
|
319
314
|
domain: @domain,
|
|
320
|
-
flags:
|
|
315
|
+
flags: ntlm_flags
|
|
321
316
|
)
|
|
322
317
|
|
|
323
318
|
@tree_connects = []
|
|
@@ -368,31 +363,28 @@ module RubySMB
|
|
|
368
363
|
|
|
369
364
|
# Performs protocol negotiation and session setup. It defaults to using
|
|
370
365
|
# the credentials supplied during initialization, but can take a new set of credentials if needed.
|
|
371
|
-
def login(username: self.username, password: self.password,
|
|
366
|
+
def login(username: self.username, password: self.password,
|
|
367
|
+
domain: self.domain, local_workstation: self.local_workstation,
|
|
368
|
+
ntlm_flags: default_flags)
|
|
372
369
|
negotiate
|
|
373
|
-
session_setup(username, password, domain,
|
|
374
|
-
local_workstation: local_workstation
|
|
370
|
+
session_setup(username, password, domain,
|
|
371
|
+
local_workstation: local_workstation,
|
|
372
|
+
ntlm_flags: ntlm_flags)
|
|
375
373
|
end
|
|
376
374
|
|
|
377
375
|
def session_setup(user, pass, domain, do_recv=true,
|
|
378
|
-
local_workstation: self.local_workstation)
|
|
376
|
+
local_workstation: self.local_workstation, ntlm_flags: default_flags)
|
|
379
377
|
@domain = domain
|
|
380
378
|
@local_workstation = local_workstation
|
|
381
379
|
@password = pass.encode('utf-8') || ''.encode('utf-8')
|
|
382
380
|
@username = user.encode('utf-8') || ''.encode('utf-8')
|
|
383
381
|
|
|
384
|
-
negotiate_version_flag = 0x02000000
|
|
385
|
-
flags = Net::NTLM::Client::DEFAULT_FLAGS |
|
|
386
|
-
Net::NTLM::FLAGS[:TARGET_INFO] |
|
|
387
|
-
negotiate_version_flag ^
|
|
388
|
-
Net::NTLM::FLAGS[:OEM]
|
|
389
|
-
|
|
390
382
|
@ntlm_client = Net::NTLM::Client.new(
|
|
391
383
|
@username,
|
|
392
384
|
@password,
|
|
393
385
|
workstation: @local_workstation,
|
|
394
386
|
domain: @domain,
|
|
395
|
-
flags:
|
|
387
|
+
flags: ntlm_flags
|
|
396
388
|
)
|
|
397
389
|
|
|
398
390
|
authenticate
|
|
@@ -654,5 +646,17 @@ module RubySMB
|
|
|
654
646
|
@preauth_integrity_hash_value + data.to_binary_s
|
|
655
647
|
)
|
|
656
648
|
end
|
|
649
|
+
|
|
650
|
+
private
|
|
651
|
+
|
|
652
|
+
def default_flags
|
|
653
|
+
negotiate_version_flag = 0x02000000
|
|
654
|
+
flags = Net::NTLM::Client::DEFAULT_FLAGS |
|
|
655
|
+
Net::NTLM::FLAGS[:TARGET_INFO] |
|
|
656
|
+
negotiate_version_flag ^
|
|
657
|
+
Net::NTLM::FLAGS[:OEM]
|
|
658
|
+
|
|
659
|
+
flags
|
|
660
|
+
end
|
|
657
661
|
end
|
|
658
662
|
end
|
|
@@ -57,15 +57,20 @@ module RubySMB
|
|
|
57
57
|
|
|
58
58
|
# Takes the raw response data from the server and tries
|
|
59
59
|
# parse it into a valid Response packet object.
|
|
60
|
-
# This method currently assumes that all SMB1 will use Extended Security.
|
|
61
60
|
#
|
|
62
61
|
# @param raw_data [String] the raw binary response from the server
|
|
63
62
|
# @return [RubySMB::SMB1::Packet::NegotiateResponseExtended] when the response is an SMB1 Extended Security Negotiate Response Packet
|
|
63
|
+
# @return [RubySMB::SMB1::Packet::NegotiateResponse] when the response is an SMB1 Negotiate Response Packet
|
|
64
64
|
# @return [RubySMB::SMB2::Packet::NegotiateResponse] when the response is an SMB2 Negotiate Response Packet
|
|
65
65
|
def negotiate_response(raw_data)
|
|
66
66
|
response = nil
|
|
67
67
|
if smb1
|
|
68
68
|
packet = RubySMB::SMB1::Packet::NegotiateResponseExtended.read raw_data
|
|
69
|
+
|
|
70
|
+
unless packet.valid?
|
|
71
|
+
packet = RubySMB::SMB1::Packet::NegotiateResponse.read raw_data
|
|
72
|
+
end
|
|
73
|
+
|
|
69
74
|
response = packet if packet.valid?
|
|
70
75
|
end
|
|
71
76
|
if (smb2 || smb3) && response.nil?
|
|
@@ -74,17 +79,10 @@ module RubySMB
|
|
|
74
79
|
end
|
|
75
80
|
if response.nil?
|
|
76
81
|
if packet.packet_smb_version == 'SMB1'
|
|
77
|
-
extended_security = if packet.is_a? RubySMB::SMB1::Packet::NegotiateResponseExtended
|
|
78
|
-
packet.parameter_block.capabilities.extended_security
|
|
79
|
-
else
|
|
80
|
-
"n/a"
|
|
81
|
-
end
|
|
82
82
|
raise RubySMB::Error::InvalidPacket.new(
|
|
83
83
|
expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
|
|
84
|
-
expected_cmd: RubySMB::SMB1::Packet::
|
|
85
|
-
|
|
86
|
-
packet: packet,
|
|
87
|
-
received_custom: "extended_security=#{extended_security}"
|
|
84
|
+
expected_cmd: RubySMB::SMB1::Packet::NegotiateResponse::COMMAND,
|
|
85
|
+
packet: packet
|
|
88
86
|
)
|
|
89
87
|
elsif packet.packet_smb_version == 'SMB2'
|
|
90
88
|
raise RubySMB::Error::InvalidPacket.new(
|
data/lib/ruby_smb/version.rb
CHANGED
|
@@ -809,6 +809,18 @@ RSpec.describe RubySMB::Client do
|
|
|
809
809
|
smb1_extended_response.to_binary_s
|
|
810
810
|
}
|
|
811
811
|
|
|
812
|
+
let(:smb1_response) {
|
|
813
|
+
packet = RubySMB::SMB1::Packet::NegotiateResponse.new
|
|
814
|
+
smb1_capabilities_dup = smb1_capabilities.dup
|
|
815
|
+
smb1_capabilities_dup[:extended_security] = 0
|
|
816
|
+
|
|
817
|
+
packet.parameter_block.capabilities = smb1_capabilities_dup
|
|
818
|
+
packet
|
|
819
|
+
}
|
|
820
|
+
let(:smb1_response_raw) {
|
|
821
|
+
smb1_response.to_binary_s
|
|
822
|
+
}
|
|
823
|
+
|
|
812
824
|
let(:smb2_response) { RubySMB::SMB2::Packet::NegotiateResponse.new(dialect_revision: 0x200) }
|
|
813
825
|
let(:smb3_response) { RubySMB::SMB2::Packet::NegotiateResponse.new(dialect_revision: 0x300) }
|
|
814
826
|
|
|
@@ -997,10 +1009,14 @@ RSpec.describe RubySMB::Client do
|
|
|
997
1009
|
|
|
998
1010
|
describe '#negotiate_response' do
|
|
999
1011
|
context 'with only SMB1' do
|
|
1000
|
-
it 'returns a properly formed packet' do
|
|
1012
|
+
it 'returns a properly formed NegotiateResponseExtended packet if extended_security is set as 1' do
|
|
1001
1013
|
expect(smb1_client.negotiate_response(smb1_extended_response_raw)).to eq smb1_extended_response
|
|
1002
1014
|
end
|
|
1003
1015
|
|
|
1016
|
+
it 'returns a properly formed NegotiateResponse packet if extended_security is set as 0' do
|
|
1017
|
+
expect(smb1_client.negotiate_response(smb1_response_raw)).to eq smb1_response
|
|
1018
|
+
end
|
|
1019
|
+
|
|
1004
1020
|
it 'raises an exception if the response is not a SMB packet' do
|
|
1005
1021
|
expect { smb1_client.negotiate_response(random_junk) }.to raise_error(RubySMB::Error::InvalidPacket)
|
|
1006
1022
|
end
|
|
@@ -1015,12 +1031,6 @@ RSpec.describe RubySMB::Client do
|
|
|
1015
1031
|
bogus_response.smb_header.command = 0xff
|
|
1016
1032
|
expect { smb1_client.negotiate_response(bogus_response.to_binary_s) }.to raise_error(RubySMB::Error::InvalidPacket)
|
|
1017
1033
|
end
|
|
1018
|
-
|
|
1019
|
-
it 'considers the response invalid if Extended Security is not enabled' do
|
|
1020
|
-
bogus_response = smb1_extended_response
|
|
1021
|
-
bogus_response.parameter_block.capabilities.extended_security = 0
|
|
1022
|
-
expect { smb1_client.negotiate_response(bogus_response.to_binary_s) }.to raise_error(RubySMB::Error::InvalidPacket)
|
|
1023
|
-
end
|
|
1024
1034
|
end
|
|
1025
1035
|
|
|
1026
1036
|
context 'with only SMB2' do
|
metadata
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: ruby_smb
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.0.
|
|
4
|
+
version: 2.0.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Metasploit Hackers
|
|
@@ -97,7 +97,7 @@ cert_chain:
|
|
|
97
97
|
EknWpNgVhohbot1lfVAMmIhdtOVaRVcQQixWPwprDj/ydB8ryDMDosIMcw+fkoXU
|
|
98
98
|
9GJsSaSRRYQ9UUkVL27b64okU8D48m8=
|
|
99
99
|
-----END CERTIFICATE-----
|
|
100
|
-
date: 2021-
|
|
100
|
+
date: 2021-05-17 00:00:00.000000000 Z
|
|
101
101
|
dependencies:
|
|
102
102
|
- !ruby/object:Gem::Dependency
|
|
103
103
|
name: redcarpet
|
metadata.gz.sig
CHANGED
|
Binary file
|