public static bool SupportSMB2And3(string server, out SMBSecurityModeEnum securityMode)
{
bool tempResult = false;
bool result = false;
securityMode = SMBSecurityModeEnum.NotTested;
SMBSecurityModeEnum smbv2temp;
foreach (int dialect in new int[] { 0x0202, 0x0210, 0x0300, 0x0302, 0x0311 })
{
try
{
tempResult = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(server, dialect, out smbv2temp);
if (tempResult)
{
result = true;
securityMode = CombineSecurityMode(securityMode, smbv2temp);
}
}
catch (SmbPortClosedException)
{
break;
}
catch (Exception)
{
}
}
return(result);
}
private static SMBSecurityModeEnum CombineSecurityMode(SMBSecurityModeEnum smbv2secmode, SMBSecurityModeEnum smbv2temp)
{
if (smbv2temp == SMBSecurityModeEnum.NotTested)
{
return(smbv2secmode);
}
if (smbv2secmode == SMBSecurityModeEnum.NotTested)
{
return(smbv2temp);
}
if (smbv2temp == SMBSecurityModeEnum.None || smbv2secmode == SMBSecurityModeEnum.None)
{
return(SMBSecurityModeEnum.None);
}
if ((smbv2temp & SMBSecurityModeEnum.SmbSigningEnabled) != 0 && (smbv2secmode & SMBSecurityModeEnum.SmbSigningEnabled) != 0)
{
if ((smbv2temp & SMBSecurityModeEnum.SmbSigningRequired) != 0 && (smbv2secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0)
{
return(SMBSecurityModeEnum.SmbSigningEnabled | SMBSecurityModeEnum.SmbSigningRequired);
}
return(SMBSecurityModeEnum.SmbSigningEnabled);
}
// defensive programming
return(SMBSecurityModeEnum.NotTested);
}
public static bool SupportSMB1(string server, out SMBSecurityModeEnum securityMode)
{
securityMode = SMBSecurityModeEnum.NotTested;
try
{
return(Smb1Protocol.DoesServerSupportDialect(server, "NT LM 0.12", out securityMode));
}
catch (Exception)
{
return(false);
}
}
override protected string GetCsvData(string computer)
{
bool isPortOpened = true;
bool SMBv1 = false;
bool SMBv2_0x0202 = false;
bool SMBv2_0x0210 = false;
bool SMBv2_0x0300 = false;
bool SMBv2_0x0302 = false;
bool SMBv2_0x0311 = false;
SMBSecurityModeEnum smbv1secmode = SMBSecurityModeEnum.NotTested;
SMBSecurityModeEnum smbv2secmode = SMBSecurityModeEnum.NotTested;
SMBSecurityModeEnum smbv2temp;
try
{
try
{
SMBv1 = Smb1Protocol.DoesServerSupportDialect(computer, "NT LM 0.12", out smbv1secmode);
}
catch (Smb1NotSupportedException)
{
}
try
{
SMBv2_0x0202 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0202, out smbv2secmode);
SMBv2_0x0210 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0210, out smbv2temp);
smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp);
SMBv2_0x0300 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0300, out smbv2temp);
smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp);
SMBv2_0x0302 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0302, out smbv2temp);
smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp);
SMBv2_0x0311 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0311, out smbv2temp);
smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp);
}
catch (Smb2NotSupportedException)
{
}
}
catch (SmbPortClosedException)
{
isPortOpened = false;
}
return(computer + "\t" + (isPortOpened ? "Yes" : "No") + "\t" + (SMBv1 ? "Yes" : "No")
+ "\t" + ((smbv1secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0 ? "Yes" : "No")
+ "\t" + (SMBv2_0x0202 ? "Yes" : "No")
+ "\t" + (SMBv2_0x0210 ? "Yes" : "No")
+ "\t" + (SMBv2_0x0300 ? "Yes" : "No")
+ "\t" + (SMBv2_0x0302 ? "Yes" : "No")
+ "\t" + (SMBv2_0x0311 ? "Yes" : "No")
+ "\t" + ((smbv2secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0 ? "Yes" : "No"));
}
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode)
{
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2"));
securityMode = SMBSecurityModeEnum.NotTested;
TcpClient client = new TcpClient();
client.ReceiveTimeout = 500;
client.SendTimeout = 500;
try
{
client.Connect(server, 445);
}
catch (Exception)
{
throw new SmbPortClosedException(server);
}
try
{
NetworkStream stream = client.GetStream();
var smb2 = new Smb2Protocol(stream, server);
var negotiateresponse = smb2.SendNegotiateRequest(dialect);
if ((negotiateresponse.SecurityMode & 1) != 0)
{
securityMode = SMBSecurityModeEnum.SmbSigningEnabled;
if ((negotiateresponse.SecurityMode & 2) != 0)
{
securityMode |= SMBSecurityModeEnum.SmbSigningRequired;
}
}
else
{
securityMode = SMBSecurityModeEnum.None;
}
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Supported");
return(true);
}
catch (Exception)
{
throw new Smb2NotSupportedException(server);
}
}
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode)
{
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2"));
securityMode = SMBSecurityModeEnum.NotTested;
TcpClient client = new TcpClient();
client.ReceiveTimeout = 500;
client.SendTimeout = 500;
try
{
client.Connect(server, 445);
}
catch (Exception)
{
throw new SmbPortClosedException(server);
}
try
{
NetworkStream stream = client.GetStream();
byte[] packet = BuildNegotiatePacket(dialect);
stream.Write(packet, 0, packet.Length);
stream.Flush();
byte[] answer = ReadPacket(stream, server);
var header = ReadSMB2Header(answer);
if (header.Status != 0)
{
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Not supported via error code");
return(false);
}
var negotiateresponse = ReadNegotiateResponse(packet);
if ((negotiateresponse.SecurityMode & 1) != 0)
{
securityMode = SMBSecurityModeEnum.SmbSigningEnabled;
if ((negotiateresponse.SecurityMode & 2) != 0)
{
securityMode |= SMBSecurityModeEnum.SmbSigningRequired;
}
}
else
{
securityMode = SMBSecurityModeEnum.None;
}
if (negotiateresponse.Dialect == dialect)
{
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Supported");
return(true);
}
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Not supported via not returned dialect");
return(false);
}
catch (Exception)
{
throw new Smb2NotSupportedException(server);
}
}
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode)
{
Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2"));
securityMode = SMBSecurityModeEnum.NotTested;
TcpClient client = new TcpClient();
client.ReceiveTimeout = 500;
client.SendTimeout = 500;
try
{
client.Connect(server, 445);
}
catch (Exception)
{
throw new SmbPortClosedException(server);
}
try
{
NetworkStream stream = client.GetStream();
byte[] header = GenerateSmb2HeaderFromCommand(SMB2_NEGOTIATE);
byte[] negotiatemessage = GetNegotiateMessageSmbv2(dialect);
byte[] packet = GetNegotiatePacket(header, negotiatemessage);
stream.Write(packet, 0, packet.Length);
stream.Flush();
byte[] netbios = new byte[4];
if (stream.Read(netbios, 0, netbios.Length) != netbios.Length)
{
return(false);
}
byte[] smbHeader = new byte[Marshal.SizeOf(typeof(SMB2_Header))];
if (stream.Read(smbHeader, 0, smbHeader.Length) != smbHeader.Length)
{
return(false);
}
if (smbHeader[8] != 0 || smbHeader[9] != 0 || smbHeader[10] != 0 || smbHeader[11] != 0)
{
Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Not supported via error code");
return(false);
}
byte[] negotiateresponse = new byte[6];
if (stream.Read(negotiateresponse, 0, negotiateresponse.Length) != negotiateresponse.Length)
{
return(false);
}
int SmbSecurityMode = negotiateresponse[3] * 0x100 + negotiateresponse[2];
if ((SmbSecurityMode & 1) != 0)
{
securityMode = SMBSecurityModeEnum.SmbSigningEnabled;
if ((SmbSecurityMode & 2) != 0)
{
securityMode |= SMBSecurityModeEnum.SmbSigningRequired;
}
}
else
{
securityMode = SMBSecurityModeEnum.None;
}
int selectedDialect = negotiateresponse[5] * 0x100 + negotiateresponse[4];
if (selectedDialect == dialect)
{
Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Supported");
return(true);
}
Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Not supported via not returned dialect");
return(false);
}
catch (Exception)
{
throw new Smb2NotSupportedException(server);
}
}
public static bool DoesServerSupportDialect(string server, string dialect, out SMBSecurityModeEnum securityMode)
{
Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect);
securityMode = SMBSecurityModeEnum.NotTested;
TcpClient client = new TcpClient();
client.ReceiveTimeout = 500;
client.SendTimeout = 500;
try
{
client.Connect(server, 445);
}
catch (Exception)
{
throw new SmbPortClosedException(server);
}
try
{
NetworkStream stream = client.GetStream();
byte[] header = GenerateSmbHeaderFromCommand(SMB_COM_NEGOTIATE);
byte[] dialectEncoding = getDialect(dialect);
byte[] negotiatemessage = GetNegotiateMessage(dialectEncoding);
byte[] packet = GetNegotiatePacket(header, negotiatemessage);
stream.Write(packet, 0, packet.Length);
stream.Flush();
byte[] netbios = new byte[4];
if (stream.Read(netbios, 0, netbios.Length) != netbios.Length)
{
return(false);
}
byte[] smbHeader = new byte[Marshal.SizeOf(typeof(SMB_Header))];
if (stream.Read(smbHeader, 0, smbHeader.Length) != smbHeader.Length)
{
return(false);
}
byte[] negotiateresponse = new byte[4];
if (stream.Read(negotiateresponse, 0, negotiateresponse.Length) != negotiateresponse.Length)
{
return(false);
}
if (negotiateresponse[1] == 0 && negotiateresponse[2] == 0)
{
Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect + " = Supported");
byte SmbSecurityMode = negotiateresponse[3];
if (SmbSecurityMode == 4)
{
securityMode = SMBSecurityModeEnum.SmbSigningEnabled;
}
else if (SmbSecurityMode == 8)
{
securityMode = SMBSecurityModeEnum.SmbSigningEnabled | SMBSecurityModeEnum.SmbSigningRequired;
}
else
{
securityMode = SMBSecurityModeEnum.None;
}
return(true);
}
Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect + " = Not supported");
return(false);
}
catch (Exception)
{
throw new Smb1NotSupportedException(server);
}
}
