Class: RubySMB::Client

Inherits:

Object

• Object
• RubySMB::Client

Includes:

Authentication, Echo, Encryption, Negotiation, TreeConnect, Utils, Winreg, NTLM, Signing

Defined in:

lib/ruby_smb/client.rb,
lib/ruby_smb/client/echo.rb,
lib/ruby_smb/client/utils.rb,
lib/ruby_smb/client/winreg.rb,
lib/ruby_smb/client/encryption.rb,
lib/ruby_smb/client/negotiation.rb,
lib/ruby_smb/client/tree_connect.rb,
lib/ruby_smb/client/authentication.rb

Overview

This module holds all of the methods backing the #open_file method

Defined Under Namespace

Modules: Authentication, Echo, Encryption, Negotiation, TreeConnect, Utils, Winreg

Constant Summary

SMB1_DIALECT_SMB1_DEFAULT =

The Default SMB1 Dialect string used in an SMB1 Negotiate Request

'NT LM 0.12'.freeze

SMB1_DIALECT_SMB2_DEFAULT =

The Default SMB2 Dialect string used in an SMB1 Negotiate Request

'SMB 2.002'.freeze

SMB1_DIALECT_SMB2_WILDCARD =

The SMB2 wildcard revision number Dialect string used in an SMB1 Negotiate Request It indicates that the server implements SMB 2.1 or future dialect revisions Note that this must be used for SMB3

'SMB 2.???'.freeze

SMB2_DIALECT_0202 =

'0x0202'.freeze

SMB2_DIALECT_0210 =

'0x0210'.freeze

SMB2_DIALECT_0300 =

'0x0300'.freeze

SMB2_DIALECT_0302 =

'0x0302'.freeze

SMB2_DIALECT_0311 =

'0x0311'.freeze

SMB2_DIALECT_DEFAULT =

Dialect values for SMB2

[
  SMB2_DIALECT_0202,
  SMB2_DIALECT_0210,
].freeze

SMB3_DIALECT_DEFAULT =

Dialect values for SMB3

[
  SMB2_DIALECT_0300,
  SMB2_DIALECT_0302,
  SMB2_DIALECT_0311
].freeze

MAX_BUFFER_SIZE =

The default maximum size of a SMB message that the Client accepts (in bytes)

64512

SERVER_MAX_BUFFER_SIZE =

The default maximum size of a SMB message that the Server accepts (in bytes)

4356

Constants included from NTLM

NTLM::DEFAULT_CLIENT_FLAGS, NTLM::NEGOTIATE_FLAGS

Instance Attribute Summary

• #application_key ⇒ String
• #client_encryption_key ⇒ String
• #default_domain ⇒ String
• #default_name ⇒ String
• #dialect ⇒ Integer
• #dispatcher ⇒ RubySMB::Dispatcher::Socket
• #dns_domain_name ⇒ String
• #dns_host_name ⇒ String
• #dns_tree_name ⇒ String
• #domain ⇒ String
• #encryption_algorithm ⇒ String
• #local_workstation ⇒ String
• #max_buffer_size ⇒ Integer
• #negotiated_smb_version ⇒ Integer

  The negotiated SMB version.

• #negotiation_security_buffer ⇒ String

  The raw security buffer bytes.

• #ntlm_client ⇒ String
• #os_version ⇒ String
• #password ⇒ String
• #peer_native_lm ⇒ String
• #peer_native_os ⇒ String
• #pid ⇒ Integer
• #preauth_integrity_hash_algorithm ⇒ String
• #preauth_integrity_hash_value ⇒ String
• #primary_domain ⇒ String
• #sequence_counter ⇒ Integer
• #server_compression_algorithms ⇒ Array<Integer>

  List of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities).

• #server_encryption_algorithms ⇒ Array<Integer>

  List of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities).

• #server_encryption_key ⇒ String
• #server_guid ⇒ String
• #server_max_buffer_size ⇒ Object

  The maximum size SMB message that the Server accepts (in bytes) The default value is small by default.

• #server_max_read_size ⇒ Integer
• #server_max_transact_size ⇒ Integer
• #server_max_write_size ⇒ Integer
• #server_start_time ⇒ Time

  The time that the server reports that it was started at.

• #server_supports_multi_credit ⇒ Boolean

  false otherwise.

• #server_system_time ⇒ Time

  The time that the server reports as current.

• #session_encrypt_data ⇒ Boolean
• #session_id ⇒ Integer
• #session_is_guest ⇒ Boolean
• #signing_enabled ⇒ Boolean
• #signing_required ⇒ Object

  Whether or not the Server requires signing.

• #smb1 ⇒ Boolean
• #smb2 ⇒ Boolean
• #smb2_message_id ⇒ Integer
• #smb3 ⇒ Boolean
• #user_id ⇒ Integer
• #username ⇒ String

Attributes included from Utils

#auth_user, #evasion_opts, #last_file_id, #native_lm, #native_os, #open_files, #send_lm, #send_ntlm, #spnopt, #tree_connects, #use_lanman_key, #use_ntlmv2, #usentlm2_session, #verify_signature

Attributes included from Signing

#session_key

Instance Method Summary

• #can_be_encrypted?(packet) ⇒ Boolean

  Check if the request packet can be encrypted.

• #disconnect! ⇒ void

  Logs off any currently open session on the server and closes the TCP socket connection.

• #echo(count: 1, data: '') ⇒ WindowsError::ErrorCode

  Sends an Echo request to the server and returns the NTStatus of the last response packet received.

• #encryption_supported? ⇒ Boolean

  Check if the current dialect supports encryption.

• #increment_smb_message_id(packet) ⇒ RubySMB::GenericPacket

  Sets the message id field in an SMB2 packet's header to the one tracked by the client.

• #initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION', always_encrypt: true, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Client constructor

  A new instance of Client.

• #is_status_pending?(smb2_header) ⇒ Boolean

  Check if the response is an asynchronous operation with STATUS_PENDING status code.

• #login(username: self.username, password: self.password, domain: self.domain, local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Object

  Performs protocol negotiation and session setup.

• #logoff! ⇒ WindowsError::ErrorCode

  Sends a LOGOFF command to the remote server to terminate the session.

• #net_share_enum_all(host) ⇒ Array

  Returns array of shares.

• #recv_packet(encrypt: false) ⇒ String

  Receives the raw response through the Dispatcher and decrypt the packet (if required).

• #send_packet(packet, encrypt: false) ⇒ Object

  Encrypt (if required) and send a packet.

• #send_recv(packet, encrypt: false) ⇒ String

  Sends a packet and receives the raw response through the Dispatcher.

• #session_request(name = '*SMBSERVER') ⇒ TrueClass

  Requests a NetBIOS Session Service using the provided name.

• #session_request_packet(name = '*SMBSERVER') ⇒ RubySMB::Nbss::SessionRequest

  Crafts the NetBIOS SessionRequest packet to be sent for session request operations.

• #session_setup(user, pass, domain, do_recv = true, local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Object
• #tree_connect(share) ⇒ RubySMB::SMB1::Tree, RubySMB::SMB2::Tree

  Connects to the supplied share.

• #update_preauth_hash(data) ⇒ Object
• #wipe_state! ⇒ void

  Resets all of the session state on the client, setting it back to scratch.

Methods included from Encryption

#smb3_decrypt, #smb3_encrypt

Methods included from Winreg

#connect_to_winreg, #enum_registry_key, #enum_registry_values, #get_key_security_descriptor, #has_registry_key?, #read_registry_key_value, #set_key_security_descriptor

Methods included from Utils

#close, #create_pipe, #delete, #last_file, #last_tree, #last_tree_id, #open, #read, #tree_disconnect, #write

Methods included from Echo

#smb1_echo, #smb2_echo

Methods included from TreeConnect

#smb1_tree_connect, #smb1_tree_from_response, #smb2_tree_connect, #smb2_tree_from_response

Methods included from Authentication

#authenticate, #smb1_anonymous_auth, #smb1_anonymous_auth_request, #smb1_anonymous_auth_response, #smb1_authenticate, #smb1_ntlmssp_auth_packet, #smb1_ntlmssp_authenticate, #smb1_ntlmssp_challenge_packet, #smb1_ntlmssp_final_packet, #smb1_ntlmssp_negotiate, #smb1_ntlmssp_negotiate_packet, #smb1_session_setup_response, #smb1_type2_message, #smb2_authenticate, #smb2_ntlmssp_auth_packet, #smb2_ntlmssp_authenticate, #smb2_ntlmssp_challenge_packet, #smb2_ntlmssp_final_packet, #smb2_ntlmssp_negotiate, #smb2_ntlmssp_negotiate_packet, #smb2_session_setup_response, #smb2_type2_message

Methods included from PeerInfo

#extract_os_version, #store_target_info

Methods included from Negotiation

#add_smb3_to_negotiate_request, #negotiate, #negotiate_request, #negotiate_response, #parse_negotiate_response, #parse_smb3_capabilities, #smb1_negotiate_request, #smb2_3_negotiate_request

Methods included from Signing

#smb1_sign, smb1_sign, #smb2_sign, smb2_sign, #smb3_sign, smb3_sign

Constructor Details

#initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.', local_workstation: 'WORKSTATION', always_encrypt: true, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Client

Returns a new instance of Client.

Parameters:

• dispatcher (RubySMB::Dispatcher::Socket) —

  the packet dispatcher to use

• smb1 (Boolean) (defaults to: true) —

  whether or not to enable SMB1 support

• smb2 (Boolean) (defaults to: true) —

  whether or not to enable SMB2 support

• smb3 (Boolean) (defaults to: true) —

  whether or not to enable SMB3 support

Raises:

• (ArgumentError)

# File 'lib/ruby_smb/client.rb', line 316

def initialize(dispatcher, smb1: true, smb2: true, smb3: true, username:, password:, domain: '.',
               local_workstation: 'WORKSTATION', always_encrypt: true, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS)
  raise ArgumentError, 'No Dispatcher provided' unless dispatcher.is_a? RubySMB::Dispatcher::Base
  if smb1 == false && smb2 == false && smb3 == false
    raise ArgumentError, 'You must enable at least one Protocol'
  end

  @dispatcher        = dispatcher
  @pid               = rand(0xFFFF)
  @domain            = domain
  @local_workstation = local_workstation
  @password          = (password || '')
  @sequence_counter  = 0
  @session_id        = 0x00
  @session_key       = ''
  @application_key   = ''
  @session_is_guest  = false
  @signing_required  = false
  @smb1              = smb1
  @smb2              = smb2
  @smb3              = smb3
  @username          = (username || '')
  @max_buffer_size   = MAX_BUFFER_SIZE
  # These sizes will be modified during negotiation
  @server_max_buffer_size = SERVER_MAX_BUFFER_SIZE
  @server_max_read_size   = RubySMB::SMB2::File::MAX_PACKET_SIZE
  @server_max_write_size  = RubySMB::SMB2::File::MAX_PACKET_SIZE
  @server_max_transact_size = RubySMB::SMB2::File::MAX_PACKET_SIZE
  @server_supports_multi_credit = false

  # SMB 3.x options
  # this merely initializes the default value for session encryption, it may be changed as necessary when a
  # session setup response is received
  @session_encrypt_data = always_encrypt

  @ntlm_client = RubySMB::NTLM::Client.new(
    @username,
    @password,
    workstation: @local_workstation,
    domain: @domain,
    flags: ntlm_flags
  )

  @tree_connects = []
  @open_files = {}

  @smb2_message_id = 0
end

Instance Attribute Details

#application_key ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 63

def application_key
  @application_key
end

#client_encryption_key ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 249

def client_encryption_key
  @client_encryption_key
end

#default_domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 117

def default_domain
  @default_domain
end

#default_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 112

def default_name
  @default_name
end

#dialect ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 142

def dialect
  @dialect
end

#dispatcher ⇒ RubySMB::Dispatcher::Socket

Returns:

• (RubySMB::Dispatcher::Socket)

# File 'lib/ruby_smb/client.rb', line 68

def dispatcher
  @dispatcher
end

#dns_domain_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 127

def dns_domain_name
  @dns_domain_name
end

#dns_host_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 122

def dns_host_name
  @dns_host_name
end

#dns_tree_name ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 132

def dns_tree_name
  @dns_tree_name
end

#domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 73

def domain
  @domain
end

#encryption_algorithm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 244

def encryption_algorithm
  @encryption_algorithm
end

#local_workstation ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 78

def local_workstation
  @local_workstation
end

#max_buffer_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 207

def max_buffer_size
  @max_buffer_size
end

#negotiated_smb_version ⇒ Integer

Returns the negotiated SMB version.

Returns:

• (Integer) —

  the negotiated SMB version

# File 'lib/ruby_smb/client.rb', line 296

def negotiated_smb_version
  @negotiated_smb_version
end

#negotiation_security_buffer ⇒ String

Returns The raw security buffer bytes.

Returns:

• (String) —

  The raw security buffer bytes

# File 'lib/ruby_smb/client.rb', line 310

def negotiation_security_buffer
  @negotiation_security_buffer
end

#ntlm_client ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 83

def ntlm_client
  @ntlm_client
end

#os_version ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 137

def os_version
  @os_version
end

#password ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 88

def password
  @password
end

#peer_native_lm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 100

def peer_native_lm
  @peer_native_lm
end

#peer_native_os ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 94

def peer_native_os
  @peer_native_os
end

#pid ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 201

def pid
  @pid
end

#preauth_integrity_hash_algorithm ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 234

def preauth_integrity_hash_algorithm
  @preauth_integrity_hash_algorithm
end

#preauth_integrity_hash_value ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 239

def preauth_integrity_hash_value
  @preauth_integrity_hash_value
end

#primary_domain ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 107

def primary_domain
  @primary_domain
end

#sequence_counter ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 149

def sequence_counter
  @sequence_counter
end

#server_compression_algorithms ⇒ Array<Integer>

Returns list of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities).

Returns:

• (Array<Integer>) —

  list of supported compression algorithms (constants defined in RubySMB::SMB2::CompressionCapabilities)

# File 'lib/ruby_smb/client.rb', line 271

def server_compression_algorithms
  @server_compression_algorithms
end

#server_encryption_algorithms ⇒ Array<Integer>

Returns list of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities).

Returns:

• (Array<Integer>) —

  list of supported encryption algorithms (constants defined in RubySMB::SMB2::EncryptionCapabilities)

# File 'lib/ruby_smb/client.rb', line 265

def server_encryption_algorithms
  @server_encryption_algorithms
end

#server_encryption_key ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 254

def server_encryption_key
  @server_encryption_key
end

#server_guid ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 276

def server_guid
  @server_guid
end

#server_max_buffer_size ⇒ Object

The maximum size SMB message that the Server accepts (in bytes) The default value is small by default

# File 'lib/ruby_smb/client.rb', line 213

def server_max_buffer_size
  @server_max_buffer_size
end

#server_max_read_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 223

def server_max_read_size
  @server_max_read_size
end

#server_max_transact_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 229

def server_max_transact_size
  @server_max_transact_size
end

#server_max_write_size ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 218

def server_max_write_size
  @server_max_write_size
end

#server_start_time ⇒ Time

Returns the time that the server reports that it was started at.

Returns:

• (Time) —

  the time that the server reports that it was started at

# File 'lib/ruby_smb/client.rb', line 283

def server_start_time
  @server_start_time
end

#server_supports_multi_credit ⇒ Boolean

false otherwise

Returns:

• (Boolean) —

  true if the server supports multi-credit operations,

# File 'lib/ruby_smb/client.rb', line 304

def server_supports_multi_credit
  @server_supports_multi_credit
end

#server_system_time ⇒ Time

Returns the time that the server reports as current.

Returns:

• (Time) —

  the time that the server reports as current

# File 'lib/ruby_smb/client.rb', line 290

def server_system_time
  @server_system_time
end

#session_encrypt_data ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 259

def session_encrypt_data
  @session_encrypt_data
end

#session_id ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 154

def session_id
  @session_id
end

#session_is_guest ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 159

def session_is_guest
  @session_is_guest
end

#signing_enabled ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 164

attr_accessor :signing_required

#signing_required ⇒ Object

Whether or not the Server requires signing

# File 'lib/ruby_smb/client.rb', line 164

def signing_required
  @signing_required
end

#smb1 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 169

def smb1
  @smb1
end

#smb2 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 174

def smb2
  @smb2
end

#smb2_message_id ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 184

def smb2_message_id
  @smb2_message_id
end

#smb3 ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/ruby_smb/client.rb', line 179

def smb3
  @smb3
end

#user_id ⇒ Integer

Returns:

• (Integer)

# File 'lib/ruby_smb/client.rb', line 194

def user_id
  @user_id
end

#username ⇒ String

Returns:

• (String)

# File 'lib/ruby_smb/client.rb', line 189

def username
  @username
end

Instance Method Details

#can_be_encrypted?(packet) ⇒ Boolean

Check if the request packet can be encrypted. Per the SMB2 spec, SessionSetupRequest and NegotiateRequest must not be encrypted.

Parameters:

• packet (RubySMB::GenericPacket) —

  the request packet

Returns:

• (Boolean) —

  true if the packet can be encrypted

# File 'lib/ruby_smb/client.rb', line 543

def can_be_encrypted?(packet)
  return false if packet.packet_smb_version == 'SMB1'
  [RubySMB::SMB2::Packet::SessionSetupRequest, RubySMB::SMB2::Packet::NegotiateRequest].none? do |klass|
    packet.is_a?(klass)
  end
end

#disconnect! ⇒ void

This method returns an undefined value.

Logs off any currently open session on the server and closes the TCP socket connection.

# File 'lib/ruby_smb/client.rb', line 369

def disconnect!
  begin
    logoff!
  rescue
    wipe_state!
  end
  dispatcher.tcp_socket.close
end

#echo(count: 1, data: '') ⇒ WindowsError::ErrorCode

Sends an Echo request to the server and returns the NTStatus of the last response packet received.

Parameters:

• echo (Integer) —

  the number of times the server should echo (ignored in SMB2)

• data (String) (defaults to: '') —

  the data the server should echo back (ignored in SMB2)

Returns:

• (WindowsError::ErrorCode) —

  the NTStatus of the last response received

# File 'lib/ruby_smb/client.rb', line 384

def echo(count: 1, data: '')
  response = if smb2 || smb3
               smb2_echo
             else
               smb1_echo(count: count, data: data)
             end
  response.status_code
end

#encryption_supported? ⇒ Boolean

Check if the current dialect supports encryption.

Returns:

• (Boolean) —

  true if encryption is supported

# File 'lib/ruby_smb/client.rb', line 553

def encryption_supported?
  ['0x0300', '0x0302', '0x0311'].include?(@dialect)
end

#increment_smb_message_id(packet) ⇒ RubySMB::GenericPacket

Sets the message id field in an SMB2 packet's header to the one tracked by the client. It then increments the counter on the client.

Parameters:

• packet (RubySMB::GenericPacket) —

  the packet to set the message id for

Returns:

• (RubySMB::GenericPacket) —

  the modified packet

# File 'lib/ruby_smb/client.rb', line 399

def increment_smb_message_id(packet)
  packet.smb2_header.message_id = self.smb2_message_id
  self.smb2_message_id += 1
  packet
end

#is_status_pending?(smb2_header) ⇒ Boolean

Check if the response is an asynchronous operation with STATUS_PENDING status code.

Parameters:

• smb2_header (String) —

  the response packet SMB2 header

Returns:

• (Boolean) —

  true if it is a status pending operation, false otherwise

# File 'lib/ruby_smb/client.rb', line 531

def is_status_pending?(smb2_header)
  value = smb2_header.nt_status.value
  status_code = WindowsError::NTStatus.find_by_retval(value).first
  status_code == WindowsError::NTStatus::STATUS_PENDING &&
    smb2_header.flags.async_command == 1
end

#login(username: self.username, password: self.password, domain: self.domain, local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Object

Performs protocol negotiation and session setup. It defaults to using the credentials supplied during initialization, but can take a new set of credentials if needed.

# File 'lib/ruby_smb/client.rb', line 407

def login(username: self.username, password: self.password,
          domain: self.domain, local_workstation: self.local_workstation,
          ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS)
  negotiate
  session_setup(username, password, domain,
                local_workstation: local_workstation,
                ntlm_flags: ntlm_flags)
end

#logoff! ⇒ WindowsError::ErrorCode

Sends a LOGOFF command to the remote server to terminate the session

Returns:

• (WindowsError::ErrorCode) —

  the NTStatus of the response

Raises:

• (RubySMB::Error::InvalidPacket) —

  if the response packet is not a LogoffResponse packet

# File 'lib/ruby_smb/client.rb', line 438

def logoff!
  if smb2 || smb3
    request      = RubySMB::SMB2::Packet::LogoffRequest.new
    raw_response = send_recv(request)
    response     = RubySMB::SMB2::Packet::LogoffResponse.read(raw_response)
    unless response.valid?
      raise RubySMB::Error::InvalidPacket.new(
        expected_proto: RubySMB::SMB2::SMB2_PROTOCOL_ID,
        expected_cmd:   RubySMB::SMB2::Packet::LogoffResponse::COMMAND,
        packet:         response
      )
    end
  else
    request      = RubySMB::SMB1::Packet::LogoffRequest.new
    raw_response = send_recv(request)
    response     = RubySMB::SMB1::Packet::LogoffResponse.read(raw_response)
    unless response.valid?
      raise RubySMB::Error::InvalidPacket.new(
        expected_proto: RubySMB::SMB1::SMB_PROTOCOL_ID,
        expected_cmd:   RubySMB::SMB1::Packet::LogoffResponse::COMMAND,
        packet:         response
      )
    end
  end
  wipe_state!
  response.status_code
end

#net_share_enum_all(host) ⇒ Array

Returns array of shares

Parameters:

• host (String)

Returns:

• (Array) —

  of shares

# File 'lib/ruby_smb/client.rb', line 622

def net_share_enum_all(host)
  tree = tree_connect("\\\\#{host}\\IPC$")
  named_pipe = tree.open_pipe(filename: "srvsvc", write: true, read: true)
  named_pipe.net_share_enum_all(host)
end

#recv_packet(encrypt: false) ⇒ String

Receives the raw response through the Dispatcher and decrypt the packet (if required).

Parameters:

• encrypt (Boolean) (defaults to: false) —

  true if the packet is encrypted, false otherwise

Returns:

• (String) —

  the raw unencrypted packet

# File 'lib/ruby_smb/client.rb', line 576

def recv_packet(encrypt: false)
  begin
    raw_response = dispatcher.recv_packet
  rescue RubySMB::Error::CommunicationError => e
    if encrypt
      raise e, "Communication error with the "\
        "remote host: #{e.message}. The server supports encryption and this error "\
        "may have been caused by encryption issues, but not always."
    else
      raise e
    end
  end
  if encrypt
    begin
      transform_response = RubySMB::SMB2::Packet::TransformHeader.read(raw_response)
    rescue IOError
      raise RubySMB::Error::InvalidPacket, 'Not a SMB2 TransformHeader packet'
    end
    begin
      raw_response = smb3_decrypt(transform_response)
    rescue RubySMB::Error::RubySMBError => e
      raise RubySMB::Error::EncryptionError, "Error while decrypting #{transform_response.class.name} packet (SMB #@dialect}): #{e}"
    end
  end
  raw_response
end

#send_packet(packet, encrypt: false) ⇒ Object

Encrypt (if required) and send a packet.

Parameters:

• encrypt (Boolean) (defaults to: false) —

  true if the packet should be encrypted, false otherwise

# File 'lib/ruby_smb/client.rb', line 561

def send_packet(packet, encrypt: false)
  if encrypt
    begin
      packet = smb3_encrypt(packet.to_binary_s)
    rescue RubySMB::Error::RubySMBError => e
      raise RubySMB::Error::EncryptionError, "Error while encrypting #{packet.class.name} packet (SMB #{@dialect}): #{e}"
    end
  end
  dispatcher.send_packet(packet)
end

#send_recv(packet, encrypt: false) ⇒ String

Sends a packet and receives the raw response through the Dispatcher. It will also sign the packet if necessary.

Parameters:

• packet (RubySMB::GenericPacket) —

  the request to be sent

• encrypt (Boolean) (defaults to: false) —

  true if encryption has to be enabled for this transaction (note that if @session_encrypt_data is set, encryption will be enabled regardless of this parameter value)

Returns:

• (String) —

  the raw response data received

# File 'lib/ruby_smb/client.rb', line 474

def send_recv(packet, encrypt: false)
  version = packet.packet_smb_version
  case version
  when 'SMB1'
    packet.smb_header.uid = self.user_id if self.user_id
    packet.smb_header.pid_low = self.pid if self.pid
    packet = smb1_sign(packet) if signing_required && !session_key.empty?
  when 'SMB2'
    packet = increment_smb_message_id(packet)
    packet.smb2_header.session_id = session_id
    unless packet.is_a?(RubySMB::SMB2::Packet::SessionSetupRequest) || session_key.empty?
      if self.smb2 && signing_required
        packet = smb2_sign(packet)
      elsif self.smb3
        # see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/652e0c14-5014-4470-999d-b174d7b2da87
        if @dialect == '0x0311' && (signing_required || (!@session_is_guest && packet.is_a?(RubySMB::SMB2::Packet::TreeConnectRequest)))
          packet = smb3_sign(packet)
        elsif signing_required
          packet = smb3_sign(packet)
        end
      end
    end
  else
    packet = packet
  end

  encrypt_data = false
  if can_be_encrypted?(packet) && encryption_supported? && (@session_encrypt_data || encrypt)
    encrypt_data = true
  end
  send_packet(packet, encrypt: encrypt_data)
  raw_response = recv_packet(encrypt: encrypt_data)
  smb2_header = nil
  loop do
    smb2_header = RubySMB::SMB2::SMB2Header.read(raw_response)
    break unless is_status_pending?(smb2_header)
    sleep 1
    raw_response = recv_packet(encrypt: encrypt_data)
  rescue IOError
    # We're expecting an SMB2 packet, but the server sent an SMB1 packet
    # instead. This behavior has been observed with older versions of Samba
    # when something goes wrong on the server side. So, we just ignore it
    # and expect the caller to handle this wrong response packet.
    break
  end unless version == 'SMB1'

  self.sequence_counter += 1 if signing_required && !session_key.empty?
  # update the SMB2 message ID according to the received Credit Charged
  self.smb2_message_id += smb2_header.credit_charge - 1 if smb2_header && self.server_supports_multi_credit
  raw_response
end

#session_request(name = '*SMBSERVER') ⇒ TrueClass

Requests a NetBIOS Session Service using the provided name.

Parameters:

• name (String) (defaults to: '*SMBSERVER') —

  the NetBIOS name to request

Returns:

• (TrueClass) —

  if session request is granted

Raises:

• (RubySMB::Error::NetBiosSessionService) —

  if session request is refused

• (RubySMB::Error::InvalidPacket) —

  if the response packet is not a NBSS packet

# File 'lib/ruby_smb/client.rb', line 652

def session_request(name = '*SMBSERVER')
  session_request = session_request_packet(name)
  dispatcher.send_packet(session_request, nbss_header: false)
  raw_response = dispatcher.recv_packet(full_response: true)
  begin
    session_header = RubySMB::Nbss::SessionHeader.read(raw_response)
    if session_header.session_packet_type == RubySMB::Nbss::NEGATIVE_SESSION_RESPONSE
      negative_session_response =  RubySMB::Nbss::NegativeSessionResponse.read(raw_response)
      raise RubySMB::Error::NetBiosSessionService, "Session Request failed: #{negative_session_response.error_msg}"
    end
  rescue IOError
    raise RubySMB::Error::InvalidPacket, 'Not a NBSS packet'
  end

  return true
end

#session_request_packet(name = '*SMBSERVER') ⇒ RubySMB::Nbss::SessionRequest

Crafts the NetBIOS SessionRequest packet to be sent for session request operations.

Parameters:

• name (String) (defaults to: '*SMBSERVER') —

  the NetBIOS name to request

Returns:

• (RubySMB::Nbss::SessionRequest) —

  the SessionRequest packet

# File 'lib/ruby_smb/client.rb', line 673

def session_request_packet(name = '*SMBSERVER')
  called_name = "#{name.upcase.ljust(15)}\x20"
  calling_name = "#{''.ljust(15)}\x00"

  session_request = RubySMB::Nbss::SessionRequest.new
  session_request.session_header.session_packet_type = RubySMB::Nbss::SESSION_REQUEST
  session_request.called_name  = called_name
  session_request.calling_name = calling_name
  session_request.session_header.stream_protocol_length =
    session_request.num_bytes - session_request.session_header.num_bytes
  session_request
end

#session_setup(user, pass, domain, do_recv = true, local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS) ⇒ Object

# File 'lib/ruby_smb/client.rb', line 416

def session_setup(user, pass, domain, do_recv=true,
                  local_workstation: self.local_workstation, ntlm_flags: NTLM::DEFAULT_CLIENT_FLAGS)
  @domain            = domain
  @local_workstation = local_workstation
  @password          = (pass || '')
  @username          = (user || '')

  @ntlm_client = RubySMB::NTLM::Client.new(
      @username,
      @password,
      workstation: @local_workstation,
      domain: @domain,
      flags: ntlm_flags
  )

  authenticate
end

#tree_connect(share) ⇒ RubySMB::SMB1::Tree, RubySMB::SMB2::Tree

Connects to the supplied share

Parameters:

• share (String) —

  the path to the share in \\server\share_name format

Returns:

• (RubySMB::SMB1::Tree) —

  if talking over SMB1

• (RubySMB::SMB2::Tree) —

  if talking over SMB2

# File 'lib/ruby_smb/client.rb', line 608

def tree_connect(share)
  connected_tree = if smb2 || smb3
    smb2_tree_connect(share)
  else
    smb1_tree_connect(share)
  end
  @tree_connects << connected_tree
  connected_tree
end

#update_preauth_hash(data) ⇒ Object

# File 'lib/ruby_smb/client.rb', line 686

def update_preauth_hash(data)
  unless @preauth_integrity_hash_algorithm
    raise RubySMB::Error::EncryptionError.new(
      'Cannot compute the Preauth Integrity Hash value: Preauth Integrity Hash Algorithm is nil'
    )
  end
  @preauth_integrity_hash_value = OpenSSL::Digest.digest(
    @preauth_integrity_hash_algorithm,
    @preauth_integrity_hash_value + data.to_binary_s
  )
end

#wipe_state! ⇒ void

This method returns an undefined value.

Resets all of the session state on the client, setting it back to scratch. Should only be called when a session is no longer valid.

# File 'lib/ruby_smb/client.rb', line 633

def wipe_state!
  self.session_id       = 0x00
  self.user_id          = 0x00
  self.application_key  = ''
  self.session_key      = ''
  self.session_is_guest = false
  self.sequence_counter = 0
  self.smb2_message_id  = 0
  self.client_encryption_key = nil
  self.server_encryption_key = nil
  self.server_supports_multi_credit = false
end