From cea00533ea8d87e242e66f921110de7dbf47c31f Mon Sep 17 00:00:00 2001 From: van Hauser Date: Fri, 7 Jul 2017 18:26:17 +0200 Subject: [PATCH] smb req signing check --- CHANGES | 2 +- hydra-smb.c | 9 ++++++++- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/CHANGES b/CHANGES index 37f5b4d..237e1a6 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ Changelog for hydra ------------------- Release 8.6-dev -* smb module now checks if SMBv1 is supported by the server +* smb module now checks if SMBv1 is supported by the server and now signing is required * http-form module now supports URLs up to 6000 bytes (thanks to petrock6@github for the patch) * Fix for SSL connections that failed with error:00000000:lib(0):func(0):reason(0) (thanks gaia@github for reporting) * Added new command line option: diff --git a/hydra-smb.c b/hydra-smb.c index afc8ec6..3be4170 100644 --- a/hydra-smb.c +++ b/hydra-smb.c @@ -1480,7 +1480,7 @@ int32_t service_smb_init(char *ip, int32_t sp, unsigned char options, char *misc ctime = time(NULL); do { usleepn(300); - } while ((ready = hydra_data_ready(sock)) <= 0 && ctime + 5 < time(NULL)); + } while ((ready = hydra_data_ready(sock)) <= 0 && ctime + 5 <= time(NULL)); if (ready <= 0) { fprintf(stderr, "[ERROR] no reply from target smb://%s:%d/\n", hostname, port); @@ -1491,12 +1491,19 @@ int32_t service_smb_init(char *ip, int32_t sp, unsigned char options, char *misc fprintf(stderr, "[ERROR] invalid reply from target smb://%s:%d/\n", hostname, port); return -1; } + + close(sock); if (buf[37] == buf[38] && buf[38] == 0xff) { fprintf(stderr, "[ERROR] target smb://%s:%d/ does not support SMBv1\n", hostname, port); return -1; } + if (buf[15] & 16 == 16) { + fprintf(stderr, "[ERROR] target smb://%s:%d/ requires signing which we do not support\n", hostname, port); + return -1; + } + return 0; }