public static bool SupportSMB2And3(string server, out SMBSecurityModeEnum securityMode) { bool tempResult = false; bool result = false; securityMode = SMBSecurityModeEnum.NotTested; SMBSecurityModeEnum smbv2temp; foreach (int dialect in new int[] { 0x0202, 0x0210, 0x0300, 0x0302, 0x0311 }) { try { tempResult = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(server, dialect, out smbv2temp); if (tempResult) { result = true; securityMode = CombineSecurityMode(securityMode, smbv2temp); } } catch (SmbPortClosedException) { break; } catch (Exception) { } } return(result); }
private static SMBSecurityModeEnum CombineSecurityMode(SMBSecurityModeEnum smbv2secmode, SMBSecurityModeEnum smbv2temp) { if (smbv2temp == SMBSecurityModeEnum.NotTested) { return(smbv2secmode); } if (smbv2secmode == SMBSecurityModeEnum.NotTested) { return(smbv2temp); } if (smbv2temp == SMBSecurityModeEnum.None || smbv2secmode == SMBSecurityModeEnum.None) { return(SMBSecurityModeEnum.None); } if ((smbv2temp & SMBSecurityModeEnum.SmbSigningEnabled) != 0 && (smbv2secmode & SMBSecurityModeEnum.SmbSigningEnabled) != 0) { if ((smbv2temp & SMBSecurityModeEnum.SmbSigningRequired) != 0 && (smbv2secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0) { return(SMBSecurityModeEnum.SmbSigningEnabled | SMBSecurityModeEnum.SmbSigningRequired); } return(SMBSecurityModeEnum.SmbSigningEnabled); } // defensive programming return(SMBSecurityModeEnum.NotTested); }
public static bool SupportSMB1(string server, out SMBSecurityModeEnum securityMode) { securityMode = SMBSecurityModeEnum.NotTested; try { return(Smb1Protocol.DoesServerSupportDialect(server, "NT LM 0.12", out securityMode)); } catch (Exception) { return(false); } }
override protected string GetCsvData(string computer) { bool isPortOpened = true; bool SMBv1 = false; bool SMBv2_0x0202 = false; bool SMBv2_0x0210 = false; bool SMBv2_0x0300 = false; bool SMBv2_0x0302 = false; bool SMBv2_0x0311 = false; SMBSecurityModeEnum smbv1secmode = SMBSecurityModeEnum.NotTested; SMBSecurityModeEnum smbv2secmode = SMBSecurityModeEnum.NotTested; SMBSecurityModeEnum smbv2temp; try { try { SMBv1 = Smb1Protocol.DoesServerSupportDialect(computer, "NT LM 0.12", out smbv1secmode); } catch (Smb1NotSupportedException) { } try { SMBv2_0x0202 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0202, out smbv2secmode); SMBv2_0x0210 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0210, out smbv2temp); smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp); SMBv2_0x0300 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0300, out smbv2temp); smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp); SMBv2_0x0302 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0302, out smbv2temp); smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp); SMBv2_0x0311 = Smb2ProtocolTest.DoesServerSupportDialectWithSmbV2(computer, 0x0311, out smbv2temp); smbv2secmode = CombineSecurityMode(smbv2secmode, smbv2temp); } catch (Smb2NotSupportedException) { } } catch (SmbPortClosedException) { isPortOpened = false; } return(computer + "\t" + (isPortOpened ? "Yes" : "No") + "\t" + (SMBv1 ? "Yes" : "No") + "\t" + ((smbv1secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0 ? "Yes" : "No") + "\t" + (SMBv2_0x0202 ? "Yes" : "No") + "\t" + (SMBv2_0x0210 ? "Yes" : "No") + "\t" + (SMBv2_0x0300 ? "Yes" : "No") + "\t" + (SMBv2_0x0302 ? "Yes" : "No") + "\t" + (SMBv2_0x0311 ? "Yes" : "No") + "\t" + ((smbv2secmode & SMBSecurityModeEnum.SmbSigningRequired) != 0 ? "Yes" : "No")); }
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode) { Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2")); securityMode = SMBSecurityModeEnum.NotTested; TcpClient client = new TcpClient(); client.ReceiveTimeout = 500; client.SendTimeout = 500; try { client.Connect(server, 445); } catch (Exception) { throw new SmbPortClosedException(server); } try { NetworkStream stream = client.GetStream(); var smb2 = new Smb2Protocol(stream, server); var negotiateresponse = smb2.SendNegotiateRequest(dialect); if ((negotiateresponse.SecurityMode & 1) != 0) { securityMode = SMBSecurityModeEnum.SmbSigningEnabled; if ((negotiateresponse.SecurityMode & 2) != 0) { securityMode |= SMBSecurityModeEnum.SmbSigningRequired; } } else { securityMode = SMBSecurityModeEnum.None; } Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Supported"); return(true); } catch (Exception) { throw new Smb2NotSupportedException(server); } }
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode) { Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2")); securityMode = SMBSecurityModeEnum.NotTested; TcpClient client = new TcpClient(); client.ReceiveTimeout = 500; client.SendTimeout = 500; try { client.Connect(server, 445); } catch (Exception) { throw new SmbPortClosedException(server); } try { NetworkStream stream = client.GetStream(); byte[] packet = BuildNegotiatePacket(dialect); stream.Write(packet, 0, packet.Length); stream.Flush(); byte[] answer = ReadPacket(stream, server); var header = ReadSMB2Header(answer); if (header.Status != 0) { Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Not supported via error code"); return(false); } var negotiateresponse = ReadNegotiateResponse(packet); if ((negotiateresponse.SecurityMode & 1) != 0) { securityMode = SMBSecurityModeEnum.SmbSigningEnabled; if ((negotiateresponse.SecurityMode & 2) != 0) { securityMode |= SMBSecurityModeEnum.SmbSigningRequired; } } else { securityMode = SMBSecurityModeEnum.None; } if (negotiateresponse.Dialect == dialect) { Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Supported"); return(true); } Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2") + " = Not supported via not returned dialect"); return(false); } catch (Exception) { throw new Smb2NotSupportedException(server); } }
public static bool DoesServerSupportDialectWithSmbV2(string server, int dialect, out SMBSecurityModeEnum securityMode) { Trace.WriteLine("Checking " + server + " for SMBV2 dialect 0x" + dialect.ToString("X2")); securityMode = SMBSecurityModeEnum.NotTested; TcpClient client = new TcpClient(); client.ReceiveTimeout = 500; client.SendTimeout = 500; try { client.Connect(server, 445); } catch (Exception) { throw new SmbPortClosedException(server); } try { NetworkStream stream = client.GetStream(); byte[] header = GenerateSmb2HeaderFromCommand(SMB2_NEGOTIATE); byte[] negotiatemessage = GetNegotiateMessageSmbv2(dialect); byte[] packet = GetNegotiatePacket(header, negotiatemessage); stream.Write(packet, 0, packet.Length); stream.Flush(); byte[] netbios = new byte[4]; if (stream.Read(netbios, 0, netbios.Length) != netbios.Length) { return(false); } byte[] smbHeader = new byte[Marshal.SizeOf(typeof(SMB2_Header))]; if (stream.Read(smbHeader, 0, smbHeader.Length) != smbHeader.Length) { return(false); } if (smbHeader[8] != 0 || smbHeader[9] != 0 || smbHeader[10] != 0 || smbHeader[11] != 0) { Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Not supported via error code"); return(false); } byte[] negotiateresponse = new byte[6]; if (stream.Read(negotiateresponse, 0, negotiateresponse.Length) != negotiateresponse.Length) { return(false); } int SmbSecurityMode = negotiateresponse[3] * 0x100 + negotiateresponse[2]; if ((SmbSecurityMode & 1) != 0) { securityMode = SMBSecurityModeEnum.SmbSigningEnabled; if ((SmbSecurityMode & 2) != 0) { securityMode |= SMBSecurityModeEnum.SmbSigningRequired; } } else { securityMode = SMBSecurityModeEnum.None; } int selectedDialect = negotiateresponse[5] * 0x100 + negotiateresponse[4]; if (selectedDialect == dialect) { Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Supported"); return(true); } Trace.WriteLine("Checking " + server + " for SMBV1 dialect 0x" + dialect.ToString("X2") + " = Not supported via not returned dialect"); return(false); } catch (Exception) { throw new Smb2NotSupportedException(server); } }
public static bool DoesServerSupportDialect(string server, string dialect, out SMBSecurityModeEnum securityMode) { Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect); securityMode = SMBSecurityModeEnum.NotTested; TcpClient client = new TcpClient(); client.ReceiveTimeout = 500; client.SendTimeout = 500; try { client.Connect(server, 445); } catch (Exception) { throw new SmbPortClosedException(server); } try { NetworkStream stream = client.GetStream(); byte[] header = GenerateSmbHeaderFromCommand(SMB_COM_NEGOTIATE); byte[] dialectEncoding = getDialect(dialect); byte[] negotiatemessage = GetNegotiateMessage(dialectEncoding); byte[] packet = GetNegotiatePacket(header, negotiatemessage); stream.Write(packet, 0, packet.Length); stream.Flush(); byte[] netbios = new byte[4]; if (stream.Read(netbios, 0, netbios.Length) != netbios.Length) { return(false); } byte[] smbHeader = new byte[Marshal.SizeOf(typeof(SMB_Header))]; if (stream.Read(smbHeader, 0, smbHeader.Length) != smbHeader.Length) { return(false); } byte[] negotiateresponse = new byte[4]; if (stream.Read(negotiateresponse, 0, negotiateresponse.Length) != negotiateresponse.Length) { return(false); } if (negotiateresponse[1] == 0 && negotiateresponse[2] == 0) { Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect + " = Supported"); byte SmbSecurityMode = negotiateresponse[3]; if (SmbSecurityMode == 4) { securityMode = SMBSecurityModeEnum.SmbSigningEnabled; } else if (SmbSecurityMode == 8) { securityMode = SMBSecurityModeEnum.SmbSigningEnabled | SMBSecurityModeEnum.SmbSigningRequired; } else { securityMode = SMBSecurityModeEnum.None; } return(true); } Trace.WriteLine("Checking " + server + " for SMBV1 dialect " + dialect + " = Not supported"); return(false); } catch (Exception) { throw new Smb1NotSupportedException(server); } }