github/Responder
1
0
Fork 0
mirror of https://github.com/lgandx/Responder.git synced 2025-07-16 10:02:53 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

FindSMB2UPTime now working properly

Browse source
This commit is contained in:
lgandx 2015-08-04 14:10:37 -04:00
parent ee033e0c7f
commit c9eca961cc
2 changed files with 42 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

38
packets.py
View file

@ -1275,3 +1275,41 @@ class SMBSessTreeAns(Packet):
self.fields["Bcc"] = struct.pack("<h",len(CompleteBCCLen)) self.fields["Bcc"] = struct.pack("<h",len(CompleteBCCLen))
CompleteBCC2Len = str(self.fields["Service"])+str(self.fields["ServiceNull"])+str(self.fields["FileSystem"])+str(self.fields["FileSystemNull"]) CompleteBCC2Len = str(self.fields["Service"])+str(self.fields["ServiceNull"])+str(self.fields["FileSystem"])+str(self.fields["FileSystemNull"])
self.fields["Bcc2"] = struct.pack("<h",len(CompleteBCC2Len)) self.fields["Bcc2"] = struct.pack("<h",len(CompleteBCC2Len))
### SMB2 Packets
class SMB2Header(Packet):
fields = OrderedDict([
("Proto", "\xff\x53\x4d\x42"),
("Cmd", "\x72"),
("Error-Code", "\x00\x00\x00\x00" ),
("Flag1", "\x10"),
("Flag2", "\x00\x00"),
("Pidhigh", "\x00\x00"),
("Signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
("Reserved", "\x00\x00"),
("TID", "\x00\x00"),
("PID", "\xff\xfe"),
("UID", "\x00\x00"),
("MID", "\x00\x00"),
])
class SMB2Nego(Packet):
fields = OrderedDict([
("Wordcount", "\x00"),
("Bcc", "\x62\x00"),
("Data", "")
])
def calculate(self):
self.fields["Bcc"] = struct.pack("<H",len(str(self.fields["Data"])))
class SMB2NegoData(Packet):
fields = OrderedDict([
("StrType","\x02" ),
("dialect", "NT LM 0.12\x00"),
("StrType1","\x02"),
("dialect1", "SMB 2.002\x00"),
("StrType2","\x02"),
("dialect2", "SMB 2.???\x00"),
])

8
tools/FindSMB2UPTime.py Normal file → Executable file
View file

@ -21,13 +21,13 @@ import struct
import socket import socket
sys.path.insert(0, os.path.realpath(os.path.join(os.path.dirname(__file__), '..'))) sys.path.insert(0, os.path.realpath(os.path.join(os.path.dirname(__file__), '..')))
from packets import SMBHeader, SMBNego, SMBNegoData from packets import SMBHeader,SMB2Header, SMB2Nego, SMB2NegoData
def GetBootTime(data): def GetBootTime(data):
Filetime = int(struct.unpack('<q',data)[0]) Filetime = int(struct.unpack('<q',data)[0])
t = divmod(Filetime - 116444736000000000, 10000000) t = divmod(Filetime - 116444736000000000, 10000000)
time = datetime.datetime.fromtimestamp(t[0]) time = datetime.datetime.fromtimestamp(t[0])
return time, time.strftime('%Y-%m-%d %Header:%M:%S') return time, time.strftime('%Y-%m-%d %H:%M:%S')
def IsDCVuln(t): def IsDCVuln(t):
@ -47,8 +47,8 @@ def run(host):
s.connect(host) s.connect(host)
s.settimeout(5) s.settimeout(5)
Header = SMBHeader(Cmd="\x72",Flag1="\x18",Flag2="\x53\xc8") Header = SMB2Header(Cmd="\x72",Flag1="\x18",Flag2="\x53\xc8")
Nego = SMBNego(Data = SMBNegoData()) Nego = SMB2Nego(Data = SMB2NegoData())
Nego.calculate() Nego.calculate()
Packet = str(Header)+str(Nego) Packet = str(Header)+str(Nego)