infosecn1nja
/
metasploit-framework
mirror of https://github.com/infosecn1nja/metasploit-framework.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Define constants for SMB Flags

bug/bundler_fix
jvazquez-r7 2015-02-25 12:28:25 -06:00
parent e5d9bb0a47
commit 50d50d5353
8 changed files with 19 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
lib/msf/core/exploit/smb/server/share.rb
View File

@ -29,6 +29,8 @@ module Msf
include Msf::Exploit::Remote::SMB::Server
FLAGS = CONST::FLAGS_REQ_RES + CONST::FLAGS_CASE_SENSITIVE
FLAGS2 = CONST::FLAGS2_UNICODE_STRINGS +
CONST::FLAGS2_EXTENDED_SECURITY +
CONST::FLAGS2_32_BIT_ERROR_CODES +

2
lib/msf/core/exploit/smb/server/share/command/close.rb
View File

@ -17,7 +17,7 @@ module Msf
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_CLOSE
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['WordCount'] = 0

2
lib/msf/core/exploit/smb/server/share/command/negotiate.rb
View File

@ -21,7 +21,7 @@ module Msf
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_NEGOTIATE
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['WordCount'] = 17
pkt['Payload'].v['Dialect'] = dialect

4
lib/msf/core/exploit/smb/server/share/command/nt_create_andx.rb
View File

@ -39,7 +39,7 @@ module Msf
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_NT_CREATE_ANDX
pkt['Payload']['SMB'].v['ErrorClass'] = 0xC0000034 # OBJECT_NAME_NOT_FOUND
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
c.put(pkt.to_s)
return
@ -48,7 +48,7 @@ module Msf
pkt = CONST::SMB_CREATE_ANDX_RES_PKT.make_struct
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_NT_CREATE_ANDX
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['WordCount'] = 42
pkt['Payload'].v['AndX'] = 0xff # no further commands

2
lib/msf/core/exploit/smb/server/share/command/read_andx.rb
View File

@ -23,7 +23,7 @@ module Msf
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_READ_ANDX
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['WordCount'] = 12
pkt['Payload'].v['AndX'] = 0xff # no more commands

2
lib/msf/core/exploit/smb/server/share/command/session_setup_andx.rb
View File

@ -25,7 +25,7 @@ module Msf
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_SESSION_SETUP_ANDX
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['WordCount'] = 3
pkt['Payload'].v['AndX'] = 0x75

2
lib/msf/core/exploit/smb/server/share/command/trans2.rb
View File

@ -40,7 +40,7 @@ module Msf
pkt = CONST::SMB_TRANS_RES_PKT.make_struct
smb_set_defaults(c, pkt)
pkt['Payload']['SMB'].v['Command'] = CONST::SMB_COM_TRANSACTION2
pkt['Payload']['SMB'].v['Flags1'] = 0x88
pkt['Payload']['SMB'].v['Flags1'] = FLAGS
pkt['Payload']['SMB'].v['Flags2'] = FLAGS2
pkt['Payload']['SMB'].v['ErrorClass'] = 0xc0000225 # NT_STATUS_NOT_FOUND
c.put(pkt.to_s)

10
lib/rex/proto/smb/constants.rb
View File

@ -113,6 +113,16 @@ class Constants
NT_TRANSACT_GET_USER_QUOTA = 7 # Get quota
NT_TRANSACT_SET_USER_QUOTA = 8 # Set quota
# NT Flags bits - cifs6.txt section 3.1.1
FLAGS_REQ_RES = 0x80
FLAGS_NOTIFY = 0x40
FLAGS_OP_LOCKS = 0x20
FLAGS_PATH_NORMALIZED = 0x10
FLAGS_CASE_SENSITIVE = 0x8
FLAGS_RESERVED = 0x4
FLAGS_POSTED = 0x2
FLAGS_LOCK_SUPPORT = 0x1
# NT Flags2 bits - cifs6.txt section 3.1.2
FLAGS2_LONG_PATH_COMPONENTS = 0x0001
FLAGS2_EXTENDED_ATTRIBUTES = 0x0002