private void FetchSmb2CompressionInfo(Smb2Info smb2Info) { if (smb2Info.MaxSupportedDialectRevision < DialectRevision.Smb311) { logWriter.AddLog(LogLevel.Information, "SMB dialect less than 3.1.1 does not support compression."); smb2Info.SupportedCompressionAlgorithms = new CompressionAlgorithm[0]; return; } var possibleCompressionAlogrithms = new CompressionAlgorithm[] { CompressionAlgorithm.LZ77, CompressionAlgorithm.LZ77Huffman, CompressionAlgorithm.LZNT1 }; // Iterate all possible compression algorithm for Windows will only return only one supported compression algorithm in response. var result = possibleCompressionAlogrithms.Where(compressionAlgorithm => { using (var client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; uint status = client.Negotiate( 0, 1, Packet_Header_Flags_Values.NONE, 0, new DialectRevision[] { DialectRevision.Smb311 }, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.NONE, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload, preauthHashAlgs: new PreauthIntegrityHashID[] { PreauthIntegrityHashID.SHA_512 }, compressionAlgorithms: new CompressionAlgorithm[] { compressionAlgorithm } ); if (status == Smb2Status.STATUS_SUCCESS && client.CompressionInfo.CompressionIds.Length == 1 && client.CompressionInfo.CompressionIds[0] == compressionAlgorithm) { logWriter.AddLog(LogLevel.Information, $"Compression algorithm: {compressionAlgorithm} is supported by SUT."); return(true); } else { logWriter.AddLog(LogLevel.Information, $"Compression algorithm: {compressionAlgorithm} is not supported by SUT."); return(false); } } }); smb2Info.SupportedCompressionAlgorithms = result.ToArray(); }
public Smb2Info FetchSmb2Info(DetectionInfo info) { Smb2Info smb2Info = new Smb2Info(); using (Smb2Client smb2Client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { logWriter.AddLog(DetectLogLevel.Information, "Client connects to server"); smb2Client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; ulong messageId = 1; logWriter.AddLog(DetectLogLevel.Information, "Client sends multi-protocol Negotiate to server"); MultiProtocolNegotiate( smb2Client, 0, 1, Packet_Header_Flags_Values.NONE, ref messageId, info.requestDialect, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.GLOBAL_CAP_DFS | Capabilities_Values.GLOBAL_CAP_DIRECTORY_LEASING | Capabilities_Values.GLOBAL_CAP_ENCRYPTION | Capabilities_Values.GLOBAL_CAP_LARGE_MTU | Capabilities_Values.GLOBAL_CAP_LEASING | Capabilities_Values.GLOBAL_CAP_MULTI_CHANNEL | Capabilities_Values.GLOBAL_CAP_PERSISTENT_HANDLES, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload); if (responseHeader.Status != Smb2Status.STATUS_SUCCESS) { LogFailedStatus("NEGOTIATE", responseHeader.Status); throw new Exception(string.Format("NEGOTIATE failed with {0}", Smb2Status.GetStatusCode(responseHeader.Status))); } smb2Info.MaxSupportedDialectRevision = responsePayload.DialectRevision; smb2Info.SupportedCapabilities = (Capabilities_Values)responsePayload.Capabilities; smb2Info.SelectedCipherID = smb2Client.SelectedCipherID; smb2Info.IsRequireMessageSigning = responsePayload.SecurityMode.HasFlag(NEGOTIATE_Response_SecurityMode_Values.NEGOTIATE_SIGNING_REQUIRED); } FetchSmb2CompressionInfo(smb2Info); FetchSmb2EncryptionInfo(smb2Info); return(smb2Info); }
public Smb2Info FetchSmb2Info(DetectionInfo info) { Smb2Info smb2Info = new Smb2Info(); using (Smb2Client smb2Client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { logWriter.AddLog(LogLevel.Information, "Client connects to server"); smb2Client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; logWriter.AddLog(LogLevel.Information, "Client sends multi-protocol Negotiate to server"); MultiProtocolNegotiate( smb2Client, 0, 1, Packet_Header_Flags_Values.NONE, 1, info.requestDialect, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.GLOBAL_CAP_DFS | Capabilities_Values.GLOBAL_CAP_DIRECTORY_LEASING | Capabilities_Values.GLOBAL_CAP_ENCRYPTION | Capabilities_Values.GLOBAL_CAP_LARGE_MTU | Capabilities_Values.GLOBAL_CAP_LEASING | Capabilities_Values.GLOBAL_CAP_MULTI_CHANNEL | Capabilities_Values.GLOBAL_CAP_PERSISTENT_HANDLES, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload); if (responseHeader.Status != Smb2Status.STATUS_SUCCESS) { LogFailedStatus("NEGOTIATE", responseHeader.Status); throw new Exception(string.Format("NEGOTIATE failed with {0}", Smb2Status.GetStatusCode(responseHeader.Status))); } smb2Info.MaxSupportedDialectRevision = responsePayload.DialectRevision; smb2Info.SupportedCapabilities = (Capabilities_Values)responsePayload.Capabilities; smb2Info.SelectedCipherID = smb2Client.SelectedCipherID; smb2Info.IsRequireMessageSigning = responsePayload.SecurityMode.HasFlag(NEGOTIATE_Response_SecurityMode_Values.NEGOTIATE_SIGNING_REQUIRED); return smb2Info; } }
private void FetchSmb2CompressionInfo(Smb2Info smb2Info) { if (smb2Info.MaxSupportedDialectRevision < DialectRevision.Smb311) { logWriter.AddLog(LogLevel.Information, "SMB dialect less than 3.1.1 does not support compression."); smb2Info.SupportedCompressionAlgorithms = new CompressionAlgorithm[0]; smb2Info.IsChainedCompressionSupported = false; return; } var allCompressionAlogrithms = Enum.GetValues(typeof(CompressionAlgorithm)).Cast <CompressionAlgorithm>().ToArray(); var possibleCompressionAlogrithms = Smb2Utility.GetSupportedPatternScanningAlgorithms(allCompressionAlogrithms).Concat(Smb2Utility.GetSupportedCompressionAlgorithms(allCompressionAlogrithms)); // Iterate all possible compression algorithm for Windows will only return only one supported compression algorithm in response. var result = possibleCompressionAlogrithms.Where(compressionAlgorithm => { using (var client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; uint status = client.Negotiate( 0, 1, Packet_Header_Flags_Values.NONE, 0, new DialectRevision[] { DialectRevision.Smb311 }, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.NONE, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload, preauthHashAlgs: new PreauthIntegrityHashID[] { PreauthIntegrityHashID.SHA_512 }, compressionAlgorithms: new CompressionAlgorithm[] { compressionAlgorithm } ); if (status == Smb2Status.STATUS_SUCCESS && client.CompressionInfo.CompressionIds.Length == 1 && client.CompressionInfo.CompressionIds[0] == compressionAlgorithm) { logWriter.AddLog(LogLevel.Information, $"Compression algorithm: {compressionAlgorithm} is supported by SUT."); return(true); } else { logWriter.AddLog(LogLevel.Information, $"Compression algorithm: {compressionAlgorithm} is not supported by SUT."); return(false); } } }); smb2Info.SupportedCompressionAlgorithms = result.ToArray(); // Check for chained compression support using (var client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; uint status = client.Negotiate( 0, 1, Packet_Header_Flags_Values.NONE, 0, new DialectRevision[] { DialectRevision.Smb311 }, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.NONE, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload, preauthHashAlgs: new PreauthIntegrityHashID[] { PreauthIntegrityHashID.SHA_512 }, compressionAlgorithms: possibleCompressionAlogrithms.ToArray(), compressionFlags: SMB2_COMPRESSION_CAPABILITIES_Flags.SMB2_COMPRESSION_CAPABILITIES_FLAG_CHAINED ); if (status == Smb2Status.STATUS_SUCCESS && client.CompressionInfo.SupportChainedCompression) { logWriter.AddLog(LogLevel.Information, "Chained compression is supported by SUT."); smb2Info.IsChainedCompressionSupported = true; } else { logWriter.AddLog(LogLevel.Information, "Chained compression is not supported by SUT."); smb2Info.IsChainedCompressionSupported = false; } } }
private void FetchSmb2EncryptionInfo(Smb2Info smb2Info) { EncryptionAlgorithm[] excludedEncryptionAlogrithms; if (smb2Info.MaxSupportedDialectRevision < DialectRevision.Smb311) { excludedEncryptionAlogrithms = new EncryptionAlgorithm[] { EncryptionAlgorithm.ENCRYPTION_NONE, EncryptionAlgorithm.ENCRYPTION_INVALID, EncryptionAlgorithm.ENCRYPTION_AES256_CCM, EncryptionAlgorithm.ENCRYPTION_AES256_GCM }; } else { excludedEncryptionAlogrithms = new EncryptionAlgorithm[] { EncryptionAlgorithm.ENCRYPTION_NONE, EncryptionAlgorithm.ENCRYPTION_INVALID }; } var possibleEncryptionAlogrithms = Enum.GetValues(typeof(EncryptionAlgorithm)).Cast <EncryptionAlgorithm>().Except(excludedEncryptionAlogrithms); logWriter.AddLog(DetectLogLevel.Information, $"Available EncryptionAlgorithms ==> {String.Join(";", possibleEncryptionAlogrithms.Select(encryptionAlgorithm => encryptionAlgorithm.ToString()))}"); // Iterate all the possible encryption algorithms since we get back only one encryption algorithm in response. var result = possibleEncryptionAlogrithms.Where(encryptionAlgorithm => { using (var client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds))) { client.ConnectOverTCP(SUTIpAddress); DialectRevision selectedDialect; byte[] gssToken; Packet_Header responseHeader; NEGOTIATE_Response responsePayload; uint status = client.Negotiate( 0, 1, Packet_Header_Flags_Values.NONE, 0, new DialectRevision[] { DialectRevision.Smb311 }, SecurityMode_Values.NEGOTIATE_SIGNING_ENABLED, Capabilities_Values.NONE, Guid.NewGuid(), out selectedDialect, out gssToken, out responseHeader, out responsePayload, preauthHashAlgs: new PreauthIntegrityHashID[] { PreauthIntegrityHashID.SHA_512 }, encryptionAlgs: new EncryptionAlgorithm[] { encryptionAlgorithm } ); if (status == Smb2Status.STATUS_SUCCESS && client.SelectedCipherID == encryptionAlgorithm) { logWriter.AddLog(DetectLogLevel.Information, $"Encryption algorithm: {encryptionAlgorithm} is supported by SUT."); return(true); } else { logWriter.AddLog(DetectLogLevel.Information, $"Encryption algorithm: {encryptionAlgorithm} is not supported by SUT."); return(false); } } }); smb2Info.SutSupportedEncryptionAlgorithms = result.ToArray(); }