/// <summary>
/// Check whether user can log on with the credential
/// </summary>
/// <param name="info">The detection information</param>
public void CheckUsernamePassword(DetectionInfo info)
{
Smb2Client client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds));
AddToClientList(client);
ulong messageId;
ulong sessionId;
Guid clientGuid;
NEGOTIATE_Response negotiateResp;
if (!UserLogon(info, client, out messageId, out sessionId, out clientGuid, out negotiateResp))
{
return;
}
try
{
Packet_Header header;
LOGOFF_Response logoffResponse;
client.LogOff(1, 1, Packet_Header_Flags_Values.FLAGS_SIGNED, messageId++, sessionId, out header, out logoffResponse);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("LOGOFF", header.Status);
}
}
catch (Exception e)
{
// Swallow all exceptions when cleaning up.
logWriter.AddLog(LogLevel.Information, "Exception in Cleanup: " + e.Message);
}
}
private void LogOffSession(Smb2Client client, Packet_Header_Flags_Values packetHeader, ulong messageId, ulong sessionId, uint treeId, FILEID fileId)
{
if (fileId.Persistent != 0 || fileId.Volatile != 0)
{
client.Close(
1,
1,
packetHeader,
messageId++,
sessionId,
treeId,
fileId,
Flags_Values.NONE,
out _,
out _);
}
client.TreeDisconnect(
1,
1,
packetHeader,
messageId++,
sessionId,
treeId,
out _,
out _);
client.LogOff(
1,
1,
packetHeader,
messageId++,
sessionId,
out _,
out _);
}
public uint LogOff(ushort creditRequest = 1)
{
Packet_Header header;
LOGOFF_Response logoffResponse;
uint status = client.LogOff(
1,
creditRequest,
Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
out header,
out logoffResponse);
return(status);
}
public void CheckUsernamePassword(DetectionInfo info)
{
using (Smb2Client client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds)))
{
ulong messageId;
ulong sessionId;
Guid clientGuid;
NEGOTIATE_Response negotiateResp;
bool encryptionRequired;
UserLogon(info, client, out messageId, out sessionId, out clientGuid, out negotiateResp, out encryptionRequired);
try
{
Packet_Header header;
LOGOFF_Response logoffResponse;
client.LogOff(
1,
1,
info.smb2Info.IsRequireMessageSigning ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
out header,
out logoffResponse);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("LOGOFF", header.Status);
}
}
catch (Exception e)
{
// Swallow all exceptions when cleaning up.
logWriter.AddLog(LogLevel.Information, "Exception in Cleanup: " + e.Message);
}
}
}
private ShareInfo[] RetrieveShareProperties(string[] shareList, DetectionInfo info)
{
List <ShareInfo> shareInfoList = new List <ShareInfo>();
string uncShare;
foreach (var share in shareList)
{
using (Smb2Client smb2Client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds)))
{
Packet_Header header;
ulong messageId;
ulong sessionId;
Guid clientGuid;
uncShare = string.Format(@"\\{0}\{1}", SUTName, share);
try
{
NEGOTIATE_Response negotiateResp;
bool encryptionRequired = false;
UserLogon(info, smb2Client, out messageId, out sessionId, out clientGuid, out negotiateResp, out encryptionRequired);
uint treeId;
TREE_CONNECT_Response treeConnectResp;
if (info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311) // When dialect is 3.11, TreeConnect must be signed or encrypted.
{
smb2Client.EnableSessionSigningAndEncryption(sessionId, true, encryptionRequired);
}
logWriter.AddLog(LogLevel.Information, string.Format("Client sends TreeConnect to {0} to retrieve the share properties.", uncShare));
smb2Client.TreeConnect(
1,
1,
(info.smb2Info.IsRequireMessageSigning || info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311) ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
uncShare,
out treeId,
out header,
out treeConnectResp);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
continue;
}
// When dialect is 3.11, for the messages other than TreeConnect, signing is not required.
// Set it back to the configuration of the SUT.
if (info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311)
{
smb2Client.EnableSessionSigningAndEncryption(sessionId, info.smb2Info.IsRequireMessageSigning, encryptionRequired);
}
ShareInfo shareInfo = new ShareInfo();
shareInfo.ShareName = share;
shareInfo.ShareCapabilities = treeConnectResp.Capabilities;
shareInfo.ShareFlags = treeConnectResp.ShareFlags;
shareInfo.ShareType = treeConnectResp.ShareType;
shareInfoList.Add(shareInfo);
TREE_DISCONNECT_Response treeDisconnectResponse;
smb2Client.TreeDisconnect(
1,
1,
info.smb2Info.IsRequireMessageSigning ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
treeId,
out header,
out treeDisconnectResponse);
LOGOFF_Response logoffResponse;
smb2Client.LogOff(1, 1, Packet_Header_Flags_Values.NONE, messageId++, sessionId, out header, out logoffResponse);
}
catch (Exception ex)
{
logWriter.AddLog(LogLevel.Information, string.Format("Exception when retrieving share properties: " + ex.Message));
// Swallow all exceptions when cleaning up.
}
}
}
return(shareInfoList.ToArray());
}
public void CheckUsernamePassword(DetectionInfo info)
{
using (Smb2Client client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds)))
{
ulong messageId;
ulong sessionId;
Guid clientGuid;
NEGOTIATE_Response negotiateResp;
bool encryptionRequired;
UserLogon(info, client, out messageId, out sessionId, out clientGuid, out negotiateResp, out encryptionRequired);
try
{
Packet_Header header;
LOGOFF_Response logoffResponse;
client.LogOff(
1,
1,
info.smb2Info.IsRequireMessageSigning ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
out header,
out logoffResponse);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("LOGOFF", header.Status);
}
}
catch (Exception e)
{
// Swallow all exceptions when cleaning up.
logWriter.AddLog(LogLevel.Information, "Exception in Cleanup: " + e.Message);
}
}
}
private ShareInfo[] RetrieveShareProperties(string[] shareList, DetectionInfo info)
{
List<ShareInfo> shareInfoList = new List<ShareInfo>();
string uncShare;
foreach (var share in shareList)
{
using (Smb2Client smb2Client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds)))
{
Packet_Header header;
ulong messageId;
ulong sessionId;
Guid clientGuid;
uncShare = string.Format(@"\\{0}\{1}", SUTName, share);
try
{
NEGOTIATE_Response negotiateResp;
bool encryptionRequired = false;
UserLogon(info, smb2Client, out messageId, out sessionId, out clientGuid, out negotiateResp, out encryptionRequired);
uint treeId;
TREE_CONNECT_Response treeConnectResp;
if (info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311) // When dialect is 3.11, TreeConnect must be signed or encrypted.
{
smb2Client.EnableSessionSigningAndEncryption(sessionId, true, encryptionRequired);
}
logWriter.AddLog(LogLevel.Information, string.Format("Client sends TreeConnect to {0} to retrieve the share properties.", uncShare));
smb2Client.TreeConnect(
1,
1,
(info.smb2Info.IsRequireMessageSigning || info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311) ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
uncShare,
out treeId,
out header,
out treeConnectResp);
if (header.Status != Smb2Status.STATUS_SUCCESS)
continue;
// When dialect is 3.11, for the messages other than TreeConnect, signing is not required.
// Set it back to the configuration of the SUT.
if (info.smb2Info.MaxSupportedDialectRevision == DialectRevision.Smb311)
{
smb2Client.EnableSessionSigningAndEncryption(sessionId, info.smb2Info.IsRequireMessageSigning, encryptionRequired);
}
ShareInfo shareInfo = new ShareInfo();
shareInfo.ShareName = share;
shareInfo.ShareCapabilities = treeConnectResp.Capabilities;
shareInfo.ShareFlags = treeConnectResp.ShareFlags;
shareInfo.ShareType = treeConnectResp.ShareType;
shareInfoList.Add(shareInfo);
TREE_DISCONNECT_Response treeDisconnectResponse;
smb2Client.TreeDisconnect(
1,
1,
info.smb2Info.IsRequireMessageSigning ? Packet_Header_Flags_Values.FLAGS_SIGNED : Packet_Header_Flags_Values.NONE,
messageId++,
sessionId,
treeId,
out header,
out treeDisconnectResponse);
LOGOFF_Response logoffResponse;
smb2Client.LogOff(1, 1, Packet_Header_Flags_Values.NONE, messageId++, sessionId, out header, out logoffResponse);
}
catch (Exception ex)
{
logWriter.AddLog(LogLevel.Information, string.Format("Exception when retrieving share properties: " + ex.Message));
// Swallow all exceptions when cleaning up.
}
}
}
return shareInfoList.ToArray();
}
/// <summary>
/// Get branchcache version supported information, which version SUT supports depends on the IOCTL_READ_HASH response code
/// </summary>
/// <param name="info">The detection information</param>
/// <returns></returns>
public VersionInfo FetchVersionInfo(DetectionInfo info)
{
logWriter.AddLog(LogLevel.Information, "===== Detect Version Info =====");
Smb2Client client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds));
AddToClientList(client);
Packet_Header header;
Guid clientGuid;
NEGOTIATE_Response negotiateResp;
ulong messageId = 1;
ulong sessionId = 0;
uint treeId = 0;
try
{
UserLogon(info, client, out messageId, out sessionId, out clientGuid, out negotiateResp);
}
catch (Exception ex)
{
logWriter.AddLog(LogLevel.Warning, "Failed", false, Detector.LogStyle.StepFailed);
logWriter.AddLineToLog(LogLevel.Information);
logWriter.AddLog(LogLevel.Error, string.Format("User log on failed: {0}", ex.Message));
}
detectionInfo.ResetDetectResult();
#region TreeConnect
TREE_CONNECT_Response treeConnectResp;
string uncSharePath = Smb2Utility.GetUncPath(info.ContentServerName, defaultShare);
client.TreeConnect(
1,
1,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
sessionId,
uncSharePath,
out treeId,
out header,
out treeConnectResp);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("TREECONNECT", header.Status);
throw new Exception("TREECONNECT failed with " + Smb2Status.GetStatusCode(header.Status));
}
#endregion
CREATE_Response createResp;
FILEID fileId;
Smb2CreateContextResponse[] serverCreateContexts = null;
VersionInfo versionInfo = new VersionInfo();
versionInfo.branchCacheVersion = BranchCacheVersion.NotSupported;
string fileName = "MultipleBlocks.txt";
client.Create(
1,
1,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
sessionId,
treeId,
fileName,
AccessMask.GENERIC_READ | AccessMask.GENERIC_WRITE,
ShareAccess_Values.NONE,
CreateOptions_Values.FILE_NON_DIRECTORY_FILE,
CreateDisposition_Values.FILE_OPEN_IF,
File_Attributes.NONE,
ImpersonationLevel_Values.Impersonation,
SecurityFlags_Values.NONE,
RequestedOplockLevel_Values.OPLOCK_LEVEL_NONE,
null,
out fileId,
out serverCreateContexts,
out header,
out createResp);
HASH_HEADER hashHeader;
byte[] hashData = null;
// Trigger to generate Content Information V1
uint status = 0;
status = ReadHash(
client,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
treeId,
sessionId,
fileId,
SRV_READ_HASH_Request_HashType_Values.SRV_HASH_TYPE_PEER_DIST,
SRV_READ_HASH_Request_HashVersion_Values.SRV_HASH_VER_1,
SRV_READ_HASH_Request_HashRetrievalType_Values.SRV_HASH_RETRIEVE_HASH_BASED,
0,
uint.MaxValue,
out hashHeader,
out hashData);
// Retrieve Content Information V1
status = ReadHash(
client,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
treeId,
sessionId,
fileId,
SRV_READ_HASH_Request_HashType_Values.SRV_HASH_TYPE_PEER_DIST,
SRV_READ_HASH_Request_HashVersion_Values.SRV_HASH_VER_1,
SRV_READ_HASH_Request_HashRetrievalType_Values.SRV_HASH_RETRIEVE_HASH_BASED,
0,
uint.MaxValue,
out hashHeader,
out hashData);
if (status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("READ_HASH_V1", header.Status);
}
else
{
versionInfo.branchCacheVersion = BranchCacheVersion.BranchCacheVersion1;
}
// Trigger to generate Content Information V2
status = ReadHash(
client,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
treeId,
sessionId,
fileId,
SRV_READ_HASH_Request_HashType_Values.SRV_HASH_TYPE_PEER_DIST,
SRV_READ_HASH_Request_HashVersion_Values.SRV_HASH_VER_2,
SRV_READ_HASH_Request_HashRetrievalType_Values.SRV_HASH_RETRIEVE_FILE_BASED,
0,
uint.MaxValue,
out hashHeader,
out hashData);
status = ReadHash(
client,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
treeId,
sessionId,
fileId,
SRV_READ_HASH_Request_HashType_Values.SRV_HASH_TYPE_PEER_DIST,
SRV_READ_HASH_Request_HashVersion_Values.SRV_HASH_VER_2,
SRV_READ_HASH_Request_HashRetrievalType_Values.SRV_HASH_RETRIEVE_FILE_BASED,
0,
uint.MaxValue,
out hashHeader,
out hashData);
if (status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("READ_HASH_V2", header.Status);
}
else
{
versionInfo.branchCacheVersion |= BranchCacheVersion.BranchCacheVersion2;
}
try
{
LOGOFF_Response logoffResponse;
client.LogOff(1, 1, Packet_Header_Flags_Values.FLAGS_SIGNED, messageId++, sessionId, out header, out logoffResponse);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("LOGOFF", header.Status);
}
}
catch (Exception e)
{
logWriter.AddLog(LogLevel.Information, "Exception in Cleanup: " + e.Message);
}
return(versionInfo);
}
/// <summary>
/// Get share information
/// </summary>
/// <param name="info">The detection information</param>
/// <returns></returns>
public ShareInfo FetchShareInfo(DetectionInfo info)
{
logWriter.AddLog(LogLevel.Information, "===== Detect Share Info =====");
logWriter.AddLog(LogLevel.Information, "Share name: " + defaultShare);
Smb2Client client = new Smb2Client(new TimeSpan(0, 0, defaultTimeoutInSeconds));
AddToClientList(client);
Packet_Header header;
Guid clientGuid;
NEGOTIATE_Response negotiateResp;
ulong messageId = 0;
ulong sessionId = 0;
uint treeId = 0;
try
{
UserLogon(info, client, out messageId, out sessionId, out clientGuid, out negotiateResp);
}
catch (Exception ex)
{
logWriter.AddLog(LogLevel.Warning, "Failed", false, Detector.LogStyle.StepFailed);
logWriter.AddLineToLog(LogLevel.Information);
logWriter.AddLog(LogLevel.Error, string.Format("User log on failed: {0}", ex.Message));
}
detectionInfo.ResetDetectResult();
#region TreeConnect
TREE_CONNECT_Response treeConnectResp;
string uncSharePath = Smb2Utility.GetUncPath(info.ContentServerName, defaultShare);
client.TreeConnect(
1,
1,
Packet_Header_Flags_Values.FLAGS_SIGNED,
messageId++,
sessionId,
uncSharePath,
out treeId,
out header,
out treeConnectResp);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("TREECONNECT", header.Status);
throw new Exception("TREECONNECT failed with " + Smb2Status.GetStatusCode(header.Status));
}
ShareInfo shareInfo = new ShareInfo();
shareInfo.ShareName = uncSharePath;
shareInfo.shareHashGeneration = ShareHashGeneration.NotEnabled;
if (treeConnectResp.ShareFlags.HasFlag(ShareFlags_Values.SHAREFLAG_ENABLE_HASH_V1))
{
shareInfo.shareHashGeneration = ShareHashGeneration.V1Enabled;
}
if (treeConnectResp.ShareFlags.HasFlag(ShareFlags_Values.SHAREFLAG_ENABLE_HASH_V2))
{
shareInfo.shareHashGeneration |= ShareHashGeneration.V2Enabled;
}
#endregion
try
{
LOGOFF_Response logoffResponse;
client.LogOff(1, 1, Packet_Header_Flags_Values.FLAGS_SIGNED, messageId++, sessionId, out header, out logoffResponse);
if (header.Status != Smb2Status.STATUS_SUCCESS)
{
LogFailedStatus("LOGOFF", header.Status);
}
}
catch (Exception e)
{
logWriter.AddLog(LogLevel.Information, "Exception in Cleanup: " + e.Message);
}
return(shareInfo);
}
