FindSMB2UPTime now working properly

2025-07-16 10:02:53 -07:00 · 2015-08-04 14:10:37 -04:00 · 2015-08-04 14:10:37 -04:00 · c9eca961cc
commit c9eca961cc
parent ee033e0c7f
2 changed files with 42 additions and 4 deletions
--- a/packets.py
+++ b/packets.py
@ -1275,3 +1275,41 @@ class SMBSessTreeAns(Packet):
 		self.fields["Bcc"] = struct.pack("<h",len(CompleteBCCLen))
 		CompleteBCC2Len = str(self.fields["Service"])+str(self.fields["ServiceNull"])+str(self.fields["FileSystem"])+str(self.fields["FileSystemNull"])
 		self.fields["Bcc2"] = struct.pack("<h",len(CompleteBCC2Len))
+
+### SMB2 Packets
+
+class SMB2Header(Packet):
+    fields = OrderedDict([
+        ("Proto", "\xff\x53\x4d\x42"),
+        ("Cmd", "\x72"),
+        ("Error-Code", "\x00\x00\x00\x00" ),
+        ("Flag1", "\x10"),
+        ("Flag2", "\x00\x00"),
+        ("Pidhigh", "\x00\x00"),
+        ("Signature", "\x00\x00\x00\x00\x00\x00\x00\x00"),
+        ("Reserved", "\x00\x00"),
+        ("TID", "\x00\x00"),
+        ("PID", "\xff\xfe"),
+        ("UID", "\x00\x00"),
+        ("MID", "\x00\x00"),
+    ])
+
+class SMB2Nego(Packet):
+    fields = OrderedDict([
+        ("Wordcount", "\x00"),
+        ("Bcc", "\x62\x00"),
+        ("Data", "")
+    ])
+    
+    def calculate(self):
+        self.fields["Bcc"] = struct.pack("<H",len(str(self.fields["Data"])))
+
+class SMB2NegoData(Packet):
+    fields = OrderedDict([
+        ("StrType","\x02" ),
+        ("dialect", "NT LM 0.12\x00"),
+        ("StrType1","\x02"),
+        ("dialect1", "SMB 2.002\x00"),
+        ("StrType2","\x02"),
+        ("dialect2", "SMB 2.???\x00"),
+    ])
--- a/tools/FindSMB2UPTime.py
+++ b/tools/FindSMB2UPTime.py
@ -21,13 +21,13 @@ import struct
 import socket

 sys.path.insert(0, os.path.realpath(os.path.join(os.path.dirname(__file__), '..')))
-from packets import SMBHeader, SMBNego, SMBNegoData
+from packets import SMBHeader,SMB2Header, SMB2Nego, SMB2NegoData

 def GetBootTime(data):
    Filetime = int(struct.unpack('<q',data)[0])
    t = divmod(Filetime - 116444736000000000, 10000000)
    time = datetime.datetime.fromtimestamp(t[0])
-    return time, time.strftime('%Y-%m-%d %Header:%M:%S')
+    return time, time.strftime('%Y-%m-%d %H:%M:%S')


 def IsDCVuln(t):
@ -47,8 +47,8 @@ def run(host):
    s.connect(host)  
    s.settimeout(5) 

-    Header = SMBHeader(Cmd="\x72",Flag1="\x18",Flag2="\x53\xc8")
-    Nego = SMBNego(Data = SMBNegoData())
+    Header = SMB2Header(Cmd="\x72",Flag1="\x18",Flag2="\x53\xc8")
+    Nego = SMB2Nego(Data = SMB2NegoData())
    Nego.calculate()

    Packet = str(Header)+str(Nego)