Module: Msf::Exploit::Remote::SMB::Server::Share::Command::Trans2::FindFirst2

Included in:

Msf::Exploit::Remote::SMB::Server::Share

Defined in:

lib/msf/core/exploit/remote/smb/server/share/command/trans2/find_first2.rb

Instance Method Summary

• #smb_cmd_trans2_find_first2(c, buff) ⇒ Integer

  Handles an TRANS2_FIND_FIRST2 subcommand, used to begin a search for file(s) within a directory or for a directory.

Instance Method Details

#smb_cmd_trans2_find_first2(c, buff) ⇒ Integer

Handles an TRANS2_FIND_FIRST2 subcommand, used to begin a search for file(s) within a directory or for a directory.

Parameters:

• c (Socket) —

  The client sending the request.

• buff (String) —

  The data including the client request.

Returns:

• (Integer) —

  The number of bytes returned to the client as response.

# File 'lib/msf/core/exploit/remote/smb/server/share/command/trans2/find_first2.rb', line 16

def smb_cmd_trans2_find_first2(c, buff)
  smb = @state[c]

  params = CONST::SMB_TRANS2_FIND_FIRST2_PARAMETERS.make_struct
  params.from_s(buff)

  loi = params.v['InformationLevel']
  normalized_path = normalize_path(params.v['FileName'])
  search_path = smb_expand(normalized_path)

  case loi
  when CONST::SMB_FIND_FILE_NAMES_INFO
    return smb_cmd_find_file_names_info(c, search_path)
  when CONST::SMB_FIND_FILE_BOTH_DIRECTORY_INFO
    return smb_cmd_find_file_both_directory_info(c, search_path)
  when CONST::SMB_FIND_FILE_FULL_DIRECTORY_INFO
    return smb_cmd_find_file_full_directory_info(c, search_path)
  else
    # Send STATUS_SUCCESS with the hope of going ahead
    vprint_status("SMB Share - #{smb[:ip]} Unknown TRANS2_FIND_FIRST2 with loi: #{loi.to_s(16)}")
    return smb_error(CONST::SMB_COM_TRANSACTION2, c, CONST::SMB_STATUS_SUCCESS)
  end
end