Land #18897, Update smb login to support additional configuration
This commit is contained in:
commit
a4543b0f41
|
@ -48,6 +48,12 @@ module Metasploit
|
|||
].freeze
|
||||
end
|
||||
|
||||
# @returns [Array[Integer]] The SMB versions to negotiate
|
||||
attr_accessor :versions
|
||||
|
||||
# @returns [Boolean] By default the client uses encryption even if it is not required by the server. Disable this by setting always_encrypt to false
|
||||
attr_accessor :always_encrypt
|
||||
|
||||
# @!attribute dispatcher
|
||||
# @return [RubySMB::Dispatcher::Socket]
|
||||
attr_accessor :dispatcher
|
||||
|
@ -104,7 +110,16 @@ module Metasploit
|
|||
realm = (credential.realm || '').dup.force_encoding('UTF-8')
|
||||
username = (credential.public || '').dup.force_encoding('UTF-8')
|
||||
password = (credential.private || '').dup.force_encoding('UTF-8')
|
||||
client = RubySMB::Client.new(dispatcher, username: username, password: password, domain: realm)
|
||||
client = RubySMB::Client.new(
|
||||
dispatcher,
|
||||
username: username,
|
||||
password: password,
|
||||
domain: realm,
|
||||
smb1: versions.include?(1),
|
||||
smb2: versions.include?(2),
|
||||
smb3: versions.include?(3),
|
||||
always_encrypt: always_encrypt
|
||||
)
|
||||
|
||||
if kerberos_authenticator_factory
|
||||
client.extend(Msf::Exploit::Remote::SMB::Client::KerberosAuthentication)
|
||||
|
@ -187,6 +202,8 @@ module Metasploit
|
|||
self.connection_timeout = 10 if connection_timeout.nil?
|
||||
self.max_send_size = 0 if max_send_size.nil?
|
||||
self.send_delay = 0 if send_delay.nil?
|
||||
self.always_encrypt = true if always_encrypt.nil?
|
||||
self.versions = ::Rex::Proto::SMB::SimpleClient::DEFAULT_VERSIONS if versions.nil?
|
||||
end
|
||||
|
||||
end
|
||||
|
|
|
@ -96,7 +96,7 @@ module Msf
|
|||
# @return (see Exploit::Remote::Tcp#connect)
|
||||
def connect(global=true, versions: [], backend: nil)
|
||||
if versions.nil? || versions.empty?
|
||||
versions = datastore['SMB::ProtocolVersion'].split(',').map(&:to_i)
|
||||
versions = datastore['SMB::ProtocolVersion'].split(',').map(&:strip).reject(&:blank?).map(&:to_i)
|
||||
# if the user explicitly set the protocol version to 1, still use ruby_smb
|
||||
backend ||= :ruby_smb if versions == [1]
|
||||
end
|
||||
|
|
|
@ -16,6 +16,8 @@ class SimpleClient
|
|||
XCEPT = Rex::Proto::SMB::Exceptions
|
||||
EVADE = Rex::Proto::SMB::Evasions
|
||||
|
||||
DEFAULT_VERSIONS = [1, 2, 3].freeze
|
||||
|
||||
# Public accessors
|
||||
attr_accessor :last_error, :server_max_buffer_size, :address, :port
|
||||
|
||||
|
@ -23,7 +25,7 @@ class SimpleClient
|
|||
attr_accessor :socket, :client, :direct, :shares, :last_share, :versions
|
||||
|
||||
# Pass the socket object and a boolean indicating whether the socket is netbios or cifs
|
||||
def initialize(socket, direct = false, versions = [1, 2, 3], always_encrypt: true, backend: nil, client: nil)
|
||||
def initialize(socket, direct = false, versions = DEFAULT_VERSIONS, always_encrypt: true, backend: nil, client: nil)
|
||||
self.socket = socket
|
||||
self.direct = direct
|
||||
self.versions = versions
|
||||
|
|
|
@ -128,6 +128,8 @@ class MetasploitModule < Msf::Auxiliary
|
|||
send_delay: datastore['TCP::send_delay'],
|
||||
framework: framework,
|
||||
framework_module: self,
|
||||
always_encrypt: datastore['SMB::AlwaysEncrypt'],
|
||||
versions: datastore['SMB::ProtocolVersion'].split(',').map(&:strip).reject(&:blank?).map(&:to_i),
|
||||
kerberos_authenticator_factory: kerberos_authenticator_factory,
|
||||
use_client_as_proof: create_session?
|
||||
)
|
||||
|
|
Loading…
Reference in New Issue