Class: RubySMB::Client

Inherits:

Object

• Object
• RubySMB::Client

Includes:

Authentication, Echo, Encryption, Negotiation, Signing, TreeConnect, Utils, Winreg

Defined in:

lib/ruby_smb/client.rb,
lib/ruby_smb/client/echo.rb,
lib/ruby_smb/client/utils.rb,
lib/ruby_smb/client/winreg.rb,
lib/ruby_smb/client/signing.rb,
lib/ruby_smb/client/encryption.rb,
lib/ruby_smb/client/negotiation.rb,
lib/ruby_smb/client/tree_connect.rb,
lib/ruby_smb/client/authentication.rb

Overview

This module holds all of the methods backing the #open_file method

Defined Under Namespace

Modules: Authentication, Echo, Encryption, Negotiation, Signing, TreeConnect, Utils, Winreg

Constant Summary

SMB1_DIALECT_SMB1_DEFAULT =

The Default SMB1 Dialect string used in an SMB1 Negotiate Request

'NT LM 0.12'.freeze

SMB1_DIALECT_SMB2_DEFAULT =

The Default SMB2 Dialect string used in an SMB1 Negotiate Request

'SMB 2.002'.freeze

SMB1_DIALECT_SMB2_WILDCARD =

The SMB2 wildcard revision number Dialect string used in an SMB1 Negotiate Request It indicates that the server implements SMB 2.1 or future dialect revisions Note that this must be used for SMB3

'SMB 2.???'.freeze

SMB2_DIALECT_DEFAULT =

Dialect values for SMB2

['0x0202', '0x0210']

SMB3_DIALECT_DEFAULT =

Dialect values for SMB3

['0x0300', '0x0302', '0x0311']

MAX_BUFFER_SIZE =

The default maximum size of a SMB message that the Client accepts (in bytes)

64512

SERVER_MAX_BUFFER_SIZE =

The default maximum size of a SMB message that the Server accepts (in bytes)

4356

Instance Attribute Summary

• #client_encryption_key ⇒ String
• #default_domain ⇒ String
• #default_name ⇒ String
• #dialect ⇒ Integer
• #dispatcher ⇒ RubySMB::Dispatcher::Socket
• #dns_domain_name ⇒ String
• #dns_host_name ⇒ String
• #dns_tree_name ⇒ String
• #domain ⇒ String
• #encryption_algorithm ⇒ String
• #local_workstation ⇒ String
• #max_buffer_size ⇒ Integer
• #negotiated_smb_version ⇒ Integer

  The negotiated SMB version.

• #ntlm_client ⇒ String
• #os_version ⇒ String
• #password ⇒ String
• #peer_native_lm ⇒ String
• #peer_native_os ⇒ String
• #preauth_integrity_hash_algorithm ⇒ String
• #preauth_integrity_hash_value ⇒ String
• #primary_domain ⇒ String
• #sequence_counter ⇒ Integer
• #server_compression_algorithms ⇒ Array<Integer>

  List of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities).

• #server_encryption_algorithms ⇒ Array<Integer>

  List of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities).

• #server_encryption_key ⇒ String
• #server_guid ⇒ String
• #server_max_buffer_size ⇒ Object

  The maximum size SMB message that the Server accepts (in bytes) The default value is small by default.

• #server_max_read_size ⇒ Integer
• #server_max_transact_size ⇒ Integer
• #server_max_write_size ⇒ Integer
• #server_start_time ⇒ Time

  The time that the server reports that it was started at.

• #server_system_time ⇒ Time

  The time that the server reports as current.

• #session_encrypt_data ⇒ Boolean
• #session_id ⇒ Integer
• #signing_enabled ⇒ Boolean
• #signing_required ⇒ Object

  Whether or not the Server requires signing.

• #smb1 ⇒ Boolean
• #smb2 ⇒ Boolean
• #smb2_message_id ⇒ Integer
• #smb3 ⇒ Boolean
• #user_id ⇒ String
• #username ⇒ String

Attributes included from Utils

#auth_user, #evasion_opts, #last_file_id, #native_lm, #native_os, #open_files, #send_lm, #send_ntlm, #spnopt, #tree_connects, #use_lanman_key, #use_ntlmv2, #usentlm2_session, #verify_signature

Attributes included from Signing

#session_key

Instance Method Summary

• #can_be_encrypted?(packet) ⇒ Boolean

  Check if the request packet can be encrypted.

• #disconnect! ⇒ void

  Logs off any currently open session on the server and closes the TCP socket connection.

• #echo(count: 1, data: '') ⇒ WindowsError::ErrorCode

  Sends an Echo request to the server and returns the NTStatus of the last response packet received.

• #encryption_supported? ⇒ Boolean

  Check if the current dialect supports encryption.

• #increment_smb_message_id(packet) ⇒ RubySMB::GenericPacket

  Sets the message id field in an SMB2 packet's header to the one tracked by the client.

• #initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION', always_encrypt: true) ⇒ Client constructor

  A new instance of Client.

• #is_status_pending?(raw_response) ⇒ Boolean

  Check if the response is an asynchronous operation with STATUS_PENDING status code.

• #login(username: self.username, password: self.password, domain: self.domain, local_workstation: self.local_workstation) ⇒ Object

  Performs protocol negotiation and session setup.

• #logoff! ⇒ WindowsError::ErrorCode

  Sends a LOGOFF command to the remote server to terminate the session.

• #net_share_enum_all(host) ⇒ Array

  Returns array of shares.

• #recv_encrypt ⇒ String

  Receives the raw response through the Dispatcher and decrypt the packet.

• #send_encrypt(packet) ⇒ Object

  Encrypt and send a packet.

• #send_recv(packet, encrypt: false) ⇒ String

  Sends a packet and receives the raw response through the Dispatcher.

• #session_request(name = '*SMBSERVER') ⇒ TrueClass

  Requests a NetBIOS Session Service using the provided name.

• #session_request_packet(name = '*SMBSERVER') ⇒ RubySMB::Nbss::SessionRequest

  Crafts the NetBIOS SessionRequest packet to be sent for session request operations.

• #session_setup(user, pass, domain, do_recv = true, local_workstation: self.local_workstation) ⇒ Object
• #tree_connect(share) ⇒ RubySMB::SMB1::Tree, RubySMB::SMB2::Tree

  Connects to the supplied share.

• #update_preauth_hash(data) ⇒ Object
• #wipe_state! ⇒ void

  Resets all of the session state on the client, setting it back to scratch.

Methods included from Encryption

#smb3_decrypt, #smb3_encrypt

Methods included from Winreg

#connect_to_winreg, #enum_registry_key, #enum_registry_values, #has_registry_key?, #read_registry_key_value

Methods included from Utils

#close, #create_pipe, #delete, #last_file, #last_tree, #last_tree_id, #open, #read, #tree_disconnect, #write

Methods included from Echo

#smb1_echo, #smb2_echo

Methods included from TreeConnect

#smb1_tree_connect, #smb1_tree_from_response, #smb2_tree_connect, #smb2_tree_from_response

Methods included from Signing

#smb1_sign, #smb2_sign, #smb3_sign

Methods included from Authentication

#authenticate, #extract_os_version, #smb1_anonymous_auth, #smb1_anonymous_auth_request, #smb1_anonymous_auth_response, #smb1_authenticate, #smb1_ntlmssp_auth_packet, #smb1_ntlmssp_authenticate, #smb1_ntlmssp_challenge_packet, #smb1_ntlmssp_final_packet, #smb1_ntlmssp_negotiate, #smb1_ntlmssp_negotiate_packet, #smb1_type2_message, #smb2_authenticate, #smb2_ntlmssp_auth_packet, #smb2_ntlmssp_authenticate, #smb2_ntlmssp_challenge_packet, #smb2_ntlmssp_final_packet, #smb2_ntlmssp_negotiate, #smb2_ntlmssp_negotiate_packet, #smb2_type2_message, #store_target_info

Methods included from Negotiation

#add_smb3_to_negotiate_request, #negotiate, #negotiate_request, #negotiate_response, #parse_negotiate_response, #parse_smb3_capabilities, #smb1_negotiate_request, #smb2_3_negotiate_request

Constructor Details

#initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION', always_encrypt: true) ⇒ Client

Returns a new instance of Client.

Parameters:

• dispatcher (RubySMB::Dispatcher::Socket) —

  the packet dispatcher to use

• smb1 (Boolean) (defaults to: true) —

  whether or not to enable SMB1 support

• smb2 (Boolean) (defaults to: true) —

  whether or not to enable SMB2 support

• smb3 (Boolean) (defaults to: true) —

  whether or not to enable SMB3 support

Raises:

• (ArgumentError)

# File 'lib/ruby_smb/client.rb', line 265

def initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION', always_encrypt: true)
  raise ArgumentError, 'No Dispatcher provided' unless dispatcher.is_a? RubySMB::Dispatcher::Base
  if smb1 == false && smb2 == false && smb3 == false
    raise ArgumentError, 'You must enable at least one Protocol'
  end
  @dispatcher        = dispatcher
  @domain            = domain
  @local_workstation = local_workstation
  @password          = password.encode('utf-8') || ''.encode('utf-8')
  @sequence_counter  = 0
  @session_id        = 0x00
  @session_key       = ''
  @signing_required  = false
  @smb1              = smb1
  @smb2              = smb2
  @smb3              = smb3
  @username          = username.encode('utf-8') || ''.encode('utf-8')
  @max_buffer_size   = MAX_BUFFER_SIZE
  # These sizes will be modifed during negotiation
  @server_max_buffer_size = SERVER_MAX_BUFFER_SIZE
  @server_max_read_size   = RubySMB::SMB2::File::MAX_PACKET_SIZE
  @server_max_write_size  = RubySMB::SMB2::File::MAX_PACKET_SIZE
  @server_max_transact_size = RubySMB::SMB2::File::MAX_PACKET_SIZE

  # SMB 3.x options
  @session_encrypt_data = always_encrypt

  negotiate_version_flag = 0x02000000
  flags = Net::NTLM::Client::DEFAULT_FLAGS |
    Net::NTLM::FLAGS[:TARGET_INFO] |
    negotiate_version_flag ^
    Net::NTLM::FLAGS[:OEM]

  @ntlm_client = Net::NTLM::Client.new(
    @username,
    @password,
    workstation: @local_workstation,
    domain: @domain,
    flags: flags
  )

  @tree_connects = []
  @open_files = {}

  @smb2_message_id = 0
end

Instance Attribute Details

#client_encryption_key ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 212

def client_encryption_key
  @client_encryption_key
end

#default_domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 92

def default_domain
  @default_domain
end

#default_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 87

def default_name
  @default_name
end

#dialect ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 117

def dialect
  @dialect
end

#dispatcher ⇒ RubySMB::Dispatcher::Socket

Returns:

• (RubySMB::Dispatcher::Socket)

# File 'lib/ruby_smb/client.rb', line 43

def dispatcher
  @dispatcher
end

#dns_domain_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 102

def dns_domain_name
  @dns_domain_name
end

#dns_host_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 97

def dns_host_name
  @dns_host_name
end

#dns_tree_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 107

def dns_tree_name
  @dns_tree_name
end

#domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 48

def domain
  @domain
end

#encryption_algorithm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 207

def encryption_algorithm
  @encryption_algorithm
end

#local_workstation ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 53

def local_workstation
  @local_workstation
end

#max_buffer_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 170

def max_buffer_size
  @max_buffer_size
end

#negotiated_smb_version ⇒ Integer

Returns the negotiated SMB version.

Returns:

• (Integer) —

  the negotiated SMB version

# File 'lib/ruby_smb/client.rb', line 259

def negotiated_smb_version
  @negotiated_smb_version
end

#ntlm_client ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 58

def ntlm_client
  @ntlm_client
end

#os_version ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 112

def os_version
  @os_version
end

#password ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 63

def password
  @password
end

#peer_native_lm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 75

def peer_native_lm
  @peer_native_lm
end

#peer_native_os ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 69

def peer_native_os
  @peer_native_os
end

#preauth_integrity_hash_algorithm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 197

def preauth_integrity_hash_algorithm
  @preauth_integrity_hash_algorithm
end

#preauth_integrity_hash_value ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 202

def preauth_integrity_hash_value
  @preauth_integrity_hash_value
end

#primary_domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 82

def primary_domain
  @primary_domain
end

#sequence_counter ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 124

def sequence_counter
  @sequence_counter
end

#server_compression_algorithms ⇒ Array<Integer>

Returns list of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities).

Returns:

• (Array<Integer>) —

  list of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities)

# File 'lib/ruby_smb/client.rb', line 234

def server_compression_algorithms
  @server_compression_algorithms
end

#server_encryption_algorithms ⇒ Array<Integer>

Returns list of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities).

Returns:

• (Array<Integer>) —

  list of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities)

# File 'lib/ruby_smb/client.rb', line 228

def server_encryption_algorithms
  @server_encryption_algorithms
end

#server_encryption_key ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 217

def server_encryption_key
  @server_encryption_key
end

#server_guid ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 239

def server_guid
  @server_guid
end

#server_max_buffer_size ⇒ Object

The maximum size SMB message that the Server accepts (in bytes) The default value is small by default

# File 'lib/ruby_smb/client.rb', line 176

def server_max_buffer_size
  @server_max_buffer_size
end

#server_max_read_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 186

def server_max_read_size
  @server_max_read_size
end

#server_max_transact_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 192

def server_max_transact_size
  @server_max_transact_size
end

#server_max_write_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 181

def server_max_write_size
  @server_max_write_size
end

#server_start_time ⇒ Time

Returns the time that the server reports that it was started at.

Returns:

• (Time) —

  the time that the server reports that it was started at

# File 'lib/ruby_smb/client.rb', line 246

def server_start_time
  @server_start_time
end

#server_system_time ⇒ Time

Returns the time that the server reports as current.

Returns:

• (Time) —

  the time that the server reports as current

# File 'lib/ruby_smb/client.rb', line 253

def server_system_time
  @server_system_time
end

#session_encrypt_data ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 222

def session_encrypt_data
  @session_encrypt_data
end

#session_id ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 129

def session_id
  @session_id
end

#signing_enabled ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 134

attr_accessor :signing_required

#signing_required ⇒ Object

Whether or not the Server requires signing

# File 'lib/ruby_smb/client.rb', line 134

def signing_required
  @signing_required
end

#smb1 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 139

def smb1
  @smb1
end

#smb2 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 144

def smb2
  @smb2
end

#smb2_message_id ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 154

def smb2_message_id
  @smb2_message_id
end

#smb3 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 149

def smb3
  @smb3
end

#user_id ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 164

def user_id
  @user_id
end

#username ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 159

def username
  @username
end

Instance Method Details

#can_be_encrypted?(packet) ⇒ Boolean

Check if the request packet can be encrypted. Per the SMB2 spec, SessionSetupRequest and NegotiateRequest must not be encrypted.

Parameters:

• packet (RubySMB::GenericPacket) —

  the request packet

Returns:

• (Boolean) —

  true if the packet can be encrypted

# File 'lib/ruby_smb/client.rb', line 486

def can_be_encrypted?(packet)
  return false if packet.packet_smb_version == 'SMB1'
  [RubySMB::SMB2::Packet::SessionSetupRequest, RubySMB::SMB2::Packet::NegotiateRequest].none? do |klass|
    packet.is_a?(klass)
  end
end

#disconnect! ⇒ void

This method returns an undefined value.

Logs off any currently open session on the server and closes the TCP socket connection.

# File 'lib/ruby_smb/client.rb', line 316

def disconnect!
  begin
    logoff!
  rescue
    wipe_state!
  end
  dispatcher.tcp_socket.close
end

#echo(count: 1, data: '') ⇒ WindowsError::ErrorCode

Sends an Echo request to the server and returns the NTStatus of the last response packet received.

Parameters:

• echo (Integer) —

  the number of times the server should echo (ignored in SMB2)

• data (String) (defaults to: '') —

  the data the server should echo back (ignored in SMB2)

Returns:

• (WindowsError::ErrorCode) —

  the NTStatus of the last response received

# File 'lib/ruby_smb/client.rb', line 331

def echo(count: 1, data: '')
  response = if smb2 || smb3
               smb2_echo
             else
               smb1_echo(count: count, data: data)
             end
  response.status_code
end

#encryption_supported? ⇒ Boolean

Check if the current dialect supports encryption.

Returns:

• (Boolean) —

  true if encryption is supported

# File 'lib/ruby_smb/client.rb', line 496

def encryption_supported?
  ['0x0300', '0x0302', '0x0311'].include?(@dialect)
end

#increment_smb_message_id(packet) ⇒ RubySMB::GenericPacket

Sets the message id field in an SMB2 packet's header to the one tracked by the client. It then increments the counter on the client.

Parameters:

• packet (RubySMB::GenericPacket) —

  the packet to set the message id for

Returns:

• (RubySMB::GenericPacket) —

  the modified packet

# File 'lib/ruby_smb/client.rb', line 346

def increment_smb_message_id(packet)
  packet.smb2_header.message_id = smb2_message_id
  self.smb2_message_id += 1
  packet
end

#is_status_pending?(raw_response) ⇒ Boolean

Check if the response is an asynchronous operation with STATUS_PENDING status code.

Parameters:

• raw_response (String) —

  the raw response packet

Returns:

• (Boolean) —

  true if it is a status pending operation, false otherwise

# File 'lib/ruby_smb/client.rb', line 473

def is_status_pending?(raw_response)
  smb2_header = RubySMB::SMB2::SMB2Header.read(raw_response)
  value = smb2_header.nt_status.value
  status_code = WindowsError::NTStatus.find_by_retval(value).first
  status_code == WindowsError::NTStatus::STATUS_PENDING &&
    smb2_header.flags.async_command == 1
end

#login(username: self.username, password: self.password, domain: self.domain, local_workstation: self.local_workstation) ⇒ Object

Performs protocol negotiation and session setup. It defaults to using the credentials supplied during initialization, but can take a new set of credentials if needed.

# File 'lib/ruby_smb/client.rb', line 354

def login(username: self.username, password: self.password, domain: self.domain, local_workstation: self.local_workstation)
  negotiate
  session_setup(username, password, domain, true,
                local_workstation: local_workstation)
end

#logoff! ⇒ WindowsError::ErrorCode

Sends a LOGOFF command to the remote server to terminate the session

Returns:

• (WindowsError::ErrorCode) —

  the NTStatus of the response

Raises:

• (RubySMB::Error::InvalidPacket) —

  if the response packet is not a LogoffResponse packet

# File 'lib/ruby_smb/client.rb', line 388

def logoff!
  if smb2 || smb3
    request      = RubySMB::SMB2::Packet::LogoffRequest.new
    raw_response = send_recv(request)
    response     = RubySMB::SMB2::Packet::LogoffResponse.read(raw_response)
    unless response.valid?
      raise RubySMB::Error::InvalidPacket.new(
        expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
        expected_cmd:   RubySMB::SMB2::Packet::LogoffResponse::COMMAND,
        received_proto: response.smb2_header.protocol,
        received_cmd:   response.smb2_header.command
      )
    end
  else
    request      = RubySMB::SMB1::Packet::LogoffRequest.new
    raw_response = send_recv(request)
    response     = RubySMB::SMB1::Packet::LogoffResponse.read(raw_response)
    unless response.valid?
      raise RubySMB::Error::InvalidPacket.new(
        expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
        expected_cmd:   RubySMB::SMB1::Packet::LogoffResponse::COMMAND,
        received_proto: response.smb_header.protocol,
        received_cmd:   response.smb_header.command
      )
    end
  end
  wipe_state!
  response.status_code
end

#net_share_enum_all(host) ⇒ Array

Returns array of shares

Parameters:

• host (String)

Returns:

• (Array) —

  of shares

# File 'lib/ruby_smb/client.rb', line 552

def net_share_enum_all(host)
  tree = tree_connect("\\\\#{host}\\IPC$")
  named_pipe = tree.open_file(filename: "srvsvc", write: true, read: true)
  named_pipe.net_share_enum_all(host)
end

#recv_encrypt ⇒ String

Receives the raw response through the Dispatcher and decrypt the packet.

Returns:

• (String) —

  the raw unencrypted packet

# File 'lib/ruby_smb/client.rb', line 513

def recv_encrypt
  begin
    raw_response = dispatcher.recv_packet
  rescue RubySMB::Error::CommunicationError => e
    raise RubySMB::Error::EncryptionError, "Communication error with the "\
      "remote host: #{e.message}. The server supports encryption but was "\
      "not able to handle the encrypted request."
  end
  begin
    transform_response = RubySMB::SMB2::Packet::TransformHeader.read(raw_response)
  rescue IOError
    raise RubySMB::Error::InvalidPacket, 'Not a SMB2 TransformHeader packet'
  end
  begin
    smb3_decrypt(transform_response)
  rescue RubySMB::Error::RubySMBError => e
    raise RubySMB::Error::EncryptionError, "Error while decrypting #{transform_response.class.name} packet (SMB #@dialect}): #{e}"
  end
end

#send_encrypt(packet) ⇒ Object

Encrypt and send a packet

# File 'lib/ruby_smb/client.rb', line 501

def send_encrypt(packet)
  begin
    transform_request = smb3_encrypt(packet.to_binary_s)
  rescue RubySMB::Error::RubySMBError => e
    raise RubySMB::Error::EncryptionError, "Error while encrypting #{packet.class.name} packet (SMB #{@dialect}): #{e}"
  end
  dispatcher.send_packet(transform_request)
end

#send_recv(packet, encrypt: false) ⇒ String

Sends a packet and receives the raw response through the Dispatcher. It will also sign the packet if neccessary.

Parameters:

• packet (RubySMB::GenericPacket) —

  the request to be sent

• encrypt (Boolean) (defaults to: false) —

  true if encryption has to be enabled for this transaction (note that if @session_encrypt_data is set, encryption will be enabled regardless of this parameter value)

Returns:

• (String) —

  the raw response data received

# File 'lib/ruby_smb/client.rb', line 426

def send_recv(packet, encrypt: false)
  version = packet.packet_smb_version
  case version
  when 'SMB1'
    packet.smb_header.uid = user_id if user_id
    packet = smb1_sign(packet)
  when 'SMB2'
    packet = increment_smb_message_id(packet)
    packet.smb2_header.session_id = session_id
    unless packet.is_a?(RubySMB::SMB2::Packet::SessionSetupRequest)
      if self.smb2
        packet = smb2_sign(packet)
      elsif self.smb3
        packet = smb3_sign(packet)
      end
    end
  else
    packet = packet
  end

  if can_be_encrypted?(packet) && encryption_supported? && (@session_encrypt_data || encrypt)
    send_encrypt(packet)
    raw_response = recv_encrypt
    loop do
      break unless is_status_pending?(raw_response)
      sleep 1
      raw_response = recv_encrypt
    end
  else
    dispatcher.send_packet(packet)
    raw_response = dispatcher.recv_packet
    loop do
      break unless is_status_pending?(raw_response)
      sleep 1
      raw_response = dispatcher.recv_packet
    end unless version == 'SMB1'
  end

  self.sequence_counter += 1 if signing_required && !session_key.empty?
  raw_response
end

#session_request(name = '*SMBSERVER') ⇒ TrueClass

Requests a NetBIOS Session Service using the provided name.

Parameters:

• name (String) (defaults to: '*SMBSERVER') —

  the NetBIOS name to request

Returns:

• (TrueClass) —

  if session request is granted

Raises:

• (RubySMB::Error::NetBiosSessionService) —

  if session request is refused

• (RubySMB::Error::InvalidPacket) —

  if the response packet is not a NBSS packet

# File 'lib/ruby_smb/client.rb', line 579

def session_request(name = '*SMBSERVER')
  session_request = session_request_packet(name)
  dispatcher.send_packet(session_request, nbss_header: false)
  raw_response = dispatcher.recv_packet(full_response: true)
  begin
    session_header = RubySMB::Nbss::SessionHeader.read(raw_response)
    if session_header.session_packet_type == RubySMB::Nbss::NEGATIVE_SESSION_RESPONSE
      negative_session_response =  RubySMB::Nbss::NegativeSessionResponse.read(raw_response)
      raise RubySMB::Error::NetBiosSessionService, "Session Request failed: #{negative_session_response.error_msg}"
    end
  rescue IOError
    raise RubySMB::Error::InvalidPacket, 'Not a NBSS packet'
  end

  return true
end

#session_request_packet(name = '*SMBSERVER') ⇒ RubySMB::Nbss::SessionRequest

Crafts the NetBIOS SessionRequest packet to be sent for session request operations.

Parameters:

• name (String) (defaults to: '*SMBSERVER') —

  the NetBIOS name to request

Returns:

• (RubySMB::Nbss::SessionRequest) —

  the SessionRequest packet

# File 'lib/ruby_smb/client.rb', line 600

def session_request_packet(name = '*SMBSERVER')
  called_name = "#{name.upcase.ljust(15)}\x20"
  calling_name = "#{''.ljust(15)}\x00"

  session_request = RubySMB::Nbss::SessionRequest.new
  session_request.session_header.session_packet_type = RubySMB::Nbss::SESSION_REQUEST
  session_request.called_name  = called_name
  session_request.calling_name = calling_name
  session_request.session_header.packet_length =
    session_request.num_bytes - session_request.session_header.num_bytes
  session_request
end

#session_setup(user, pass, domain, do_recv = true, local_workstation: self.local_workstation) ⇒ Object

# File 'lib/ruby_smb/client.rb', line 360

def session_setup(user, pass, domain, do_recv=true,
                  local_workstation: self.local_workstation)
  @domain            = domain
  @local_workstation = local_workstation
  @password          = pass.encode('utf-8') || ''.encode('utf-8')
  @username          = user.encode('utf-8') || ''.encode('utf-8')

  negotiate_version_flag = 0x02000000
  flags = Net::NTLM::Client::DEFAULT_FLAGS |
    Net::NTLM::FLAGS[:TARGET_INFO] |
    negotiate_version_flag ^
    Net::NTLM::FLAGS[:OEM]

  @ntlm_client = Net::NTLM::Client.new(
      @username,
      @password,
      workstation: @local_workstation,
      domain: @domain,
      flags: flags
  )

  authenticate
end

#tree_connect(share) ⇒ RubySMB::SMB1::Tree, RubySMB::SMB2::Tree

Connects to the supplied share

Parameters:

• share (String) —

  the path to the share in \\server\share_name format

Returns:

• (RubySMB::SMB1::Tree) —

  if talking over SMB1

• (RubySMB::SMB2::Tree) —

  if talking over SMB2

# File 'lib/ruby_smb/client.rb', line 538

def tree_connect(share)
  connected_tree = if smb2 || smb3
    smb2_tree_connect(share)
  else
    smb1_tree_connect(share)
  end
  @tree_connects << connected_tree
  connected_tree
end

#update_preauth_hash(data) ⇒ Object

# File 'lib/ruby_smb/client.rb', line 613

def update_preauth_hash(data)
  unless @preauth_integrity_hash_algorithm
    raise RubySMB::Error::EncryptionError.new(
      'Cannot compute the Preauth Integrity Hash value: Preauth Integrity Hash Algorithm is nil'
    )
  end
  @preauth_integrity_hash_value = OpenSSL::Digest.digest(
    @preauth_integrity_hash_algorithm,
    @preauth_integrity_hash_value + data.to_binary_s
  )
end

#wipe_state! ⇒ void

This method returns an undefined value.

Resets all of the session state on the client, setting it back to scratch. Should only be called when a session is no longer valid.

# File 'lib/ruby_smb/client.rb', line 563

def wipe_state!
  self.session_id       = 0x00
  self.user_id          = 0x00
  self.session_key      = ''
  self.sequence_counter = 0
  self.smb2_message_id  = 0
  self.client_encryption_key = nil
  self.server_encryption_key = nil
end