From 1644a1e20ba0da10f58a3772f43d855224bf5dc7 Mon Sep 17 00:00:00 2001 From: Brendan Date: Wed, 19 Oct 2016 17:24:26 -0500 Subject: [PATCH] Change how we populate workgroup/domain data --- lib/rex/proto/smb/client.rb | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/lib/rex/proto/smb/client.rb b/lib/rex/proto/smb/client.rb index c9ab9d3db4..3845aaa7bf 100644 --- a/lib/rex/proto/smb/client.rb +++ b/lib/rex/proto/smb/client.rb @@ -760,7 +760,13 @@ NTLM_UTILS = Rex::Proto::NTLM::Utils self.peer_native_os = info[0] self.peer_native_lm = info[1] - self.default_domain = info[2] + # + # if the PC belongs to a domain, this value is already populated + # if it is not populated, we're in a workgroup and need to pupulate it now + # + if self.default_domain.nil? + self.default_domain = info[2] + end return ack end @@ -906,7 +912,13 @@ NTLM_UTILS = Rex::Proto::NTLM::Utils #dns name self.dns_host_name = blob_data[:dns_host_name] || '' #dns domain - self.dns_domain_name = blob_data[:dns_domain_name] || '' + if blob_data[:default_name] != blob_data[:default_domain] + # We're in a domain; get the domain name now + self.default_domain = blob_data[:default_domain] || '' + else + # We're in a workgroup; workgroup names come later in the handshake + self.default_domain = nil + end type3 = @ntlm_client.init_context([blob].pack('m')) type3_blob = type3.serialize