zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-08-14 11:13:47 +02:00
Code Issues Projects Releases Packages Wiki Activity

SMB2Client: Sign commands when required

Browse source
This commit is contained in:
Tal Aloni 2019-04-15 21:52:09 +03:00
parent c6908e2d93
commit a8422adf81
1 changed files with 16 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

17
SMBLibrary/Client/SMB2Client.cs
View file

@ -1,4 +1,4 @@
/* Copyright (C) 2017-2018 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved. /* Copyright (C) 2017-2019 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
* *
* You can redistribute this program and/or modify it under the terms of * You can redistribute this program and/or modify it under the terms of
* the GNU Lesser Public License as published by the Free Software Foundation, * the GNU Lesser Public License as published by the Free Software Foundation,
@ -9,6 +9,7 @@ using System.Collections.Generic;
using System.Diagnostics; using System.Diagnostics;
using System.Net; using System.Net;
using System.Net.Sockets; using System.Net.Sockets;
using System.Security.Cryptography;
using System.Threading; using System.Threading;
using SMBLibrary.Authentication.NTLM; using SMBLibrary.Authentication.NTLM;
using SMBLibrary.NetBios; using SMBLibrary.NetBios;
@ -39,6 +40,7 @@ namespace SMBLibrary.Client
private uint m_messageID = 0; private uint m_messageID = 0;
private SMB2Dialect m_dialect; private SMB2Dialect m_dialect;
private bool m_signingRequired;
private uint m_maxTransactSize; private uint m_maxTransactSize;
private uint m_maxReadSize; private uint m_maxReadSize;
private uint m_maxWriteSize; private uint m_maxWriteSize;
@ -114,6 +116,7 @@ namespace SMBLibrary.Client
if (response != null && response.Header.Status == NTStatus.STATUS_SUCCESS) if (response != null && response.Header.Status == NTStatus.STATUS_SUCCESS)
{ {
m_dialect = response.DialectRevision; m_dialect = response.DialectRevision;
m_signingRequired = (response.SecurityMode & SecurityMode.SigningRequired) > 0;
m_maxTransactSize = Math.Min(response.MaxTransactSize, ClientMaxTransactSize); m_maxTransactSize = Math.Min(response.MaxTransactSize, ClientMaxTransactSize);
m_maxReadSize = Math.Min(response.MaxReadSize, ClientMaxReadSize); m_maxReadSize = Math.Min(response.MaxReadSize, ClientMaxReadSize);
m_maxWriteSize = Math.Min(response.MaxWriteSize, ClientMaxWriteSize); m_maxWriteSize = Math.Min(response.MaxWriteSize, ClientMaxWriteSize);
@ -402,6 +405,18 @@ namespace SMBLibrary.Client
request.Header.Credits = 1; request.Header.Credits = 1;
request.Header.MessageID = m_messageID; request.Header.MessageID = m_messageID;
request.Header.SessionID = m_sessionID; request.Header.SessionID = m_sessionID;
if (m_signingRequired)
{
request.Header.IsSigned = (m_sessionID != 0 && (request.CommandName == SMB2CommandName.TreeConnect || request.Header.TreeID != 0));
if (request.Header.IsSigned)
{
request.Header.Signature = new byte[16]; // Request could be reused
byte[] buffer = request.GetBytes();
byte[] signature = new HMACSHA256(m_sessionKey).ComputeHash(buffer, 0, buffer.Length);
// [MS-SMB2] The first 16 bytes of the hash MUST be copied into the 16-byte signature field of the SMB2 Header.
request.Header.Signature = ByteReader.ReadBytes(signature, 0, 16);
}
}
TrySendCommand(m_clientSocket, request); TrySendCommand(m_clientSocket, request);
m_messageID++; m_messageID++;
} }