mirror of
https://github.com/TalAloni/SMBLibrary.git
synced 2025-04-30 02:37:49 +02:00
SMBServer: Domain information is now logged during session setup
This commit is contained in:
Tal Aloni
parent
f5d540728e
commit
e639361c9c
2 changed files with 13 additions and 9 deletions
|
|
@ -29,7 +29,7 @@ namespace SMBLibrary.Server.SMB1
|
||||||
header.Status = securityProvider.NTLMAuthenticate(state.AuthenticationContext, message);
|
header.Status = securityProvider.NTLMAuthenticate(state.AuthenticationContext, message);
|
||||||
if (header.Status != NTStatus.STATUS_SUCCESS)
|
if (header.Status != NTStatus.STATUS_SUCCESS)
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", message.WorkStation, message.UserName, header.Status);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", message.UserName, message.DomainName, message.WorkStation, header.Status);
|
||||||
return new ErrorResponse(request.CommandName);
|
return new ErrorResponse(request.CommandName);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -39,12 +39,12 @@ namespace SMBLibrary.Server.SMB1
|
||||||
SMB1Session session;
|
SMB1Session session;
|
||||||
if (!isGuest.HasValue || !isGuest.Value)
|
if (!isGuest.HasValue || !isGuest.Value)
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", message.WorkStation, message.UserName);
|
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", message.UserName, message.DomainName, message.WorkStation);
|
||||||
session = state.CreateSession(message.UserName, message.WorkStation, sessionKey, accessToken);
|
session = state.CreateSession(message.UserName, message.WorkStation, sessionKey, accessToken);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", message.WorkStation, message.UserName);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", message.UserName, message.DomainName, message.WorkStation);
|
||||||
session = state.CreateSession("Guest", message.WorkStation, sessionKey, accessToken);
|
session = state.CreateSession("Guest", message.WorkStation, sessionKey, accessToken);
|
||||||
response.Action = SessionSetupAction.SetupGuest;
|
response.Action = SessionSetupAction.SetupGuest;
|
||||||
}
|
}
|
||||||
|
|
@ -81,8 +81,9 @@ namespace SMBLibrary.Server.SMB1
|
||||||
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
|
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
|
||||||
{
|
{
|
||||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||||
|
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
|
||||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", machineName, userName, status);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", userName, domainName, machineName, status);
|
||||||
header.Status = status;
|
header.Status = status;
|
||||||
return new ErrorResponse(request.CommandName);
|
return new ErrorResponse(request.CommandName);
|
||||||
}
|
}
|
||||||
|
|
@ -111,18 +112,19 @@ namespace SMBLibrary.Server.SMB1
|
||||||
else // header.Status == NTStatus.STATUS_SUCCESS
|
else // header.Status == NTStatus.STATUS_SUCCESS
|
||||||
{
|
{
|
||||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||||
|
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
|
||||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||||
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
|
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
|
||||||
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
||||||
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
||||||
if (!isGuest.HasValue || !isGuest.Value)
|
if (!isGuest.HasValue || !isGuest.Value)
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", machineName, userName);
|
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", userName, domainName, machineName);
|
||||||
state.CreateSession(header.UID, userName, machineName, sessionKey, accessToken);
|
state.CreateSession(header.UID, userName, machineName, sessionKey, accessToken);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", machineName, userName);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", userName, domainName, machineName);
|
||||||
state.CreateSession(header.UID, "Guest", machineName, sessionKey, accessToken);
|
state.CreateSession(header.UID, "Guest", machineName, sessionKey, accessToken);
|
||||||
response.Action = SessionSetupAction.SetupGuest;
|
response.Action = SessionSetupAction.SetupGuest;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -27,8 +27,9 @@ namespace SMBLibrary.Server.SMB2
|
||||||
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
|
if (status != NTStatus.STATUS_SUCCESS && status != NTStatus.SEC_I_CONTINUE_NEEDED)
|
||||||
{
|
{
|
||||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||||
|
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
|
||||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, NTStatus: {2}", machineName, userName, status);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), NTStatus: {3}", userName, domainName, machineName, status);
|
||||||
return new ErrorResponse(request.CommandName, status);
|
return new ErrorResponse(request.CommandName, status);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -55,18 +56,19 @@ namespace SMBLibrary.Server.SMB2
|
||||||
else // status == STATUS_SUCCESS
|
else // status == STATUS_SUCCESS
|
||||||
{
|
{
|
||||||
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
string userName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.UserName) as string;
|
||||||
|
string domainName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.DomainName) as string;
|
||||||
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
string machineName = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.MachineName) as string;
|
||||||
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
|
byte[] sessionKey = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.SessionKey) as byte[];
|
||||||
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
object accessToken = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.AccessToken);
|
||||||
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
bool? isGuest = securityProvider.GetContextAttribute(state.AuthenticationContext, GSSAttributeName.IsGuest) as bool?;
|
||||||
if (!isGuest.HasValue || !isGuest.Value)
|
if (!isGuest.HasValue || !isGuest.Value)
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' authenticated successfully.", machineName, userName);
|
state.LogToServer(Severity.Information, "User '{0}' authenticated successfully (Domain: '{1}', Workstation: '{2}').", userName, domainName, machineName);
|
||||||
state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken);
|
state.CreateSession(request.Header.SessionID, userName, machineName, sessionKey, accessToken);
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
{
|
{
|
||||||
state.LogToServer(Severity.Information, "User '{0}\\{1}' failed authentication, logged in as guest.", machineName, userName);
|
state.LogToServer(Severity.Information, "User '{0}' failed authentication (Domain: '{1}', Workstation: '{2}'), logged in as guest.", userName, domainName, machineName);
|
||||||
state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken);
|
state.CreateSession(request.Header.SessionID, "Guest", machineName, sessionKey, accessToken);
|
||||||
response.SessionFlags = SessionFlags.IsGuest;
|
response.SessionFlags = SessionFlags.IsGuest;
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue