zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-04-29 18:27:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

SMBServer: Domain information is now logged during session setup

Browse source
This commit is contained in:
Tal Aloni 2017-03-11 22:04:57 +02:00
parent f5d540728e
commit e639361c9c
2 changed files with 13 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
SMBLibrary/Server/SMB1/SessionSetupHelper.cs
View file

@ -29,7 +29,7 @@ namespace SMBLibrary.Server.SMB1
header.Status = securityProvider.NTLMAuthenticate(state.AuthenticationContext, message);
if (header.Status != NTStatus.STATUS_SUCCESS)
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", message.WorkStation, message.UserName, header.Status);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", message.UserName, message.DomainName, message.WorkStation, header.Status);
return new ErrorResponse(request.CommandName);
}
@ -39,12 +39,12 @@ namespace SMBLibrary.Server.SMB1
SMB1Session session;
if (!isGuest.HasValue || !isGuest.Value)
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", message.WorkStation, message.UserName);
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", message.UserName, message.DomainName, message.WorkStation);
session = state.CreateSession(message.UserName, message.WorkStation, sessionKey, accessToken);
}
else
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", message.WorkStation, message.UserName);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", message.UserName, message.DomainName, message.WorkStation);
session = state.CreateSession("Guest", message.WorkStation, sessionKey, accessToken);
response.Action = SessionSetupAction.SetupGuest;
}
@ -81,8 +81,9 @@ namespace SMBLibrary.Server.SMB1
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
{
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", machineName, userName, status);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", userName, domainName, machineName, status);
header.Status = status;
return new ErrorResponse(request.CommandName);
}
@ -111,18 +112,19 @@ namespace SMBLibrary.Server.SMB1
else // header.Status == NTStatus.STATUS_SUCCESS
{
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
if (!isGuest.HasValue || !isGuest.Value)
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", machineName, userName);
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", userName, domainName, machineName);
state.CreateSession(header.UID, userName, machineName, sessionKey, accessToken);
}
else
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", machineName, userName);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", userName, domainName, machineName);
state.CreateSession(header.UID, "Guest", machineName, sessionKey, accessToken);
response.Action = SessionSetupAction.SetupGuest;
}

8
SMBLibrary/Server/SMB2/SessionSetupHelper.cs
View file

@ -27,8 +27,9 @@ namespace SMBLibrary.Server.SMB2
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
{
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", machineName, userName, status);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", userName, domainName, machineName, status);
return new ErrorResponse(request.CommandName, status);
}
@ -55,18 +56,19 @@ namespace SMBLibrary.Server.SMB2
else // status == STATUS_SUCCESS
{
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
if (!isGuest.HasValue || !isGuest.Value)
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", machineName, userName);
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", userName, domainName, machineName);
state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken);
}
else
{
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", machineName, userName);
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", userName, domainName, machineName);
state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken);
response.SessionFlags = SessionFlags.IsGuest;
}