def run(self):
# Here we write a mini config for the server
smbConfig = ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'server_name')
smbConfig.set('global', 'server_os', 'UNIX')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'log_file', self.__smbserver_log)
smbConfig.set('global', 'credentials_file', '')
# Let's add a dummy share
smbConfig.add_section(self.__smbserver_share)
smbConfig.set(self.__smbserver_share, 'comment', '')
smbConfig.set(self.__smbserver_share, 'read only', 'no')
smbConfig.set(self.__smbserver_share, 'share type', '0')
smbConfig.set(self.__smbserver_share, 'path', self.__smbserver_dir)
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', '')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path')
self.localsmb = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig)
logger.info('Setting up SMB Server')
self.localsmb.processConfigFile()
logger.debug('Ready to listen...')
try:
self.localsmb.serve_forever()
except Exception as _:
pass
def run(self):
# Here we write a mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'server_name')
smbConfig.set('global', 'server_os', 'UNIX')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'log_file', SMBSERVER_DIR + '/smb.log')
smbConfig.set('global', 'credentials_file', '')
# Let's add a dummy share
smbConfig.add_section(DUMMY_SHARE)
smbConfig.set(DUMMY_SHARE, 'comment', '')
smbConfig.set(DUMMY_SHARE, 'read only', 'no')
smbConfig.set(DUMMY_SHARE, 'share type', '0')
smbConfig.set(DUMMY_SHARE, 'path', SMBSERVER_DIR)
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', '')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path')
self.smb = smbserver.SMBSERVER(('0.0.0.0', 445),
config_parser=smbConfig)
logging.info('Creating tmp directory')
try:
os.mkdir(SMBSERVER_DIR)
except Exception, e:
logging.critical(str(e))
pass
def run(self):
# mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'server_name')
smbConfig.set('global', 'server_os', 'Windows')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'log_file', '')
smbConfig.set('global', 'credentials_file', '')
smbConfig.set("global", 'SMB2Support', 'True')
# fake ipc$
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', '')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path')
self.smb = smbserver.SMBSERVER(('0.0.0.0', 445),
config_parser=smbConfig)
self.smb.processConfigFile()
# unregister dangerous commands
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY)
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY)
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME)
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE)
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE)
self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX)
try:
self.smb.serve_forever()
except:
pass
def __init__(self):
Thread.__init__(self)
self.daemon = True
self.server = 0
self.target = ''
self.mode = 'REFLECTION'
# Here we write a mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global','server_name','server_name')
smbConfig.set('global','server_os','UNIX')
smbConfig.set('global','server_domain','WORKGROUP')
smbConfig.set('global','log_file','smb.log')
smbConfig.set('global','credentials_file','')
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$','comment','')
smbConfig.set('IPC$','read only','yes')
smbConfig.set('IPC$','share type','3')
smbConfig.set('IPC$','path','')
self.server = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig)
self.server.processConfigFile()
self.origSmbComNegotiate = self.server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE, self.SmbComNegotiate)
self.origSmbSessionSetupAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX, self.SmbSessionSetupAndX)
# Let's use the SMBServer Connection dictionary to keep track of our client connections as well
self.server.addConnection('SMBRelay', '0.0.0.0', 445)
def run(self):
# Here we write a mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'SERVICE')
smbConfig.set('global', 'server_os', 'UNIX')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'log_file', '/tmp/smb.log')
smbConfig.set('global', 'credentials_file', '')
# Let's add a dummy share
smbConfig.add_section("SYSTEM")
smbConfig.set("SYSTEM", 'comment', 'system share')
smbConfig.set("SYSTEM", 'read only', 'yes')
smbConfig.set("SYSTEM", 'share type', '0')
smbConfig.set("SYSTEM", 'path', "/tmp/shared/")
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', '')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path')
self.smb = smbserver.SMBSERVER(('0.0.0.0', 445),
config_parser=smbConfig)
print '\n [*] setting up SMB server...'
self.smb.processConfigFile()
try:
self.smb.serve_forever()
except:
pass
def run(self):
# Here we write a mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global','server_name','server_name')
smbConfig.set('global','server_os','UNIX')
smbConfig.set('global','server_domain','WORKGROUP')
smbConfig.set('global','log_file', 'logs/smbserver.log')
smbConfig.set('global','credentials_file','')
# Let's add a dummy share
smbConfig.add_section('TMP')
smbConfig.set('TMP','comment','')
smbConfig.set('TMP','read only','no')
smbConfig.set('TMP','share type','0')
smbConfig.set('TMP','path', 'hosted')
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$','comment','')
smbConfig.set('IPC$','read only','yes')
smbConfig.set('IPC$','share type','3')
smbConfig.set('IPC$','path')
self.smb = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig)
self.smb.processConfigFile()
logging.info('SMB server ready')
self.smb.serve_forever()
def __init__(self, smb2Support = False):
Thread.__init__(self)
self.server = 0
self.defaultFile = None
self.extensions = {}
serverConfig = ConfigParser.ConfigParser()
serverConfig.add_section('global')
self.server = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig)
self.server.processConfigFile()
# Unregistering some dangerous and unwanted commands
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX)
# hook functions
# self.origsmbComNtCreateAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_NT_CREATE_ANDX, self.smbComNtCreateAndX)
self.__srvsServer = SRVSServer()
self.__srvsServer.daemon = True
self.server.registerNamedPipe('srvsvc',('127.0.0.1',self.__srvsServer.getListenPort()))
def __init__(self):
self.server = 0
self.target = ''
self.server = smbserver.SMBSERVER(('0.0.0.0',445))
self.server.processConfigFile('smb.conf')
self.origSmbComNegotiate = self.server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE, self.SmbComNegotiate)
self.origSmbSessionSetupAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX, self.SmbSessionSetupAndX)
# Let's use the SMBServer Connection dictionary to keep track of our client connections as well
self.server.addConnection('SMBRelay', '0.0.0.0', 445)
def __init__(self, smb_challenge, smb_port, smb2Support=False):
self.server = 0
self.defaultFile = None
self.extensions = {}
# Here we write a mini config for the server
smbConfig = ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'server_name')
smbConfig.set('global', 'server_os', 'UNIX')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'challenge', smb_challenge.decode('hex'))
smbConfig.set('global', 'log_file', 'smb.log')
smbConfig.set('global', 'credentials_file', '')
# IPC always needed
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', 'Logon server share')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path', '')
# NETLOGON always needed
smbConfig.add_section('NETLOGON')
smbConfig.set('NETLOGON', 'comment', 'Logon server share')
smbConfig.set('NETLOGON', 'read only', 'no')
smbConfig.set('NETLOGON', 'share type', '0')
smbConfig.set('NETLOGON', 'path', '')
# SYSVOL always needed
smbConfig.add_section('SYSVOL')
smbConfig.set('SYSVOL', 'comment', '')
smbConfig.set('SYSVOL', 'read only', 'no')
smbConfig.set('SYSVOL', 'share type', '0')
smbConfig.set('SYSVOL', 'path', '')
if smb2Support:
smbConfig.set("global", "SMB2Support", "True")
self.server = smbserver.SMBSERVER(('0.0.0.0', int(smb_port)),
config_parser=smbConfig)
self.server.processConfigFile()
# Unregistering some dangerous and unwanted commands
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE)
self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX)
self.server.unregisterSmb2Command(smb2.SMB2_WRITE)
self.origsmbComNtCreateAndX = self.server.hookSmbCommand(
smb.SMB.SMB_COM_NT_CREATE_ANDX, self.smbComNtCreateAndX)
self.origsmbComTreeConnectAndX = self.server.hookSmbCommand(
smb.SMB.SMB_COM_TREE_CONNECT_ANDX, self.smbComTreeConnectAndX)
self.origQueryPathInformation = self.server.hookTransaction2(
smb.SMB.TRANS2_QUERY_PATH_INFORMATION, self.queryPathInformation)
self.origFindFirst2 = self.server.hookTransaction2(
smb.SMB.TRANS2_FIND_FIRST2, self.findFirst2)
# And the same for SMB2
self.origsmb2TreeConnect = self.server.hookSmb2Command(
smb2.SMB2_TREE_CONNECT, self.smb2TreeConnect)
self.origsmb2Create = self.server.hookSmb2Command(
smb2.SMB2_CREATE, self.smb2Create)
self.origsmb2QueryDirectory = self.server.hookSmb2Command(
smb2.SMB2_QUERY_DIRECTORY, self.smb2QueryDirectory)
self.origsmb2Read = self.server.hookSmb2Command(
smb2.SMB2_READ, self.smb2Read)
self.origsmb2Close = self.server.hookSmb2Command(
smb2.SMB2_CLOSE, self.smb2Close)
# Now we have to register the MS-SRVS server. This specially important for
# Windows 7+ and Mavericks clients since they WONT (specially OSX)
# ask for shares using MS-RAP.
self.__srvsServer = SRVSServer()
self.__srvsServer.daemon = True
self.server.registerNamedPipe(
'srvsvc', ('127.0.0.1', self.__srvsServer.getListenPort()))
#!/usr/bin/python # Copyright (c) 2003-2012 CORE Security Technologies # # This software is provided under under a slightly modified version # of the Apache Software License. See the accompanying LICENSE file # for more information. # # $Id: simple_server.py 612 2012-07-18 13:11:10Z [email protected] $ # # Simple SMB Server, check smb.conf for details # # Author: # Alberto Solino <*****@*****.**> # from impacket import smbserver server = smbserver.SMBSERVER(('0.0.0.0',445)) server.processConfigFile('smb.conf') # Uncomment this is you want the SMBServer to redirect all the \srvsvc pipe # calls to another DCERPC Server # You might need to run srvsvcserver.py # This is gonna be needed if you want Windows 7 users to connect to the server due # to a nasty bug in the Win7 when asking for shares (it will timeout for minutes before asking to # LANMAN) #server.registerNamedPipe('srvsvc',('0.0.0.0',4344)) server.serve_forever()
if __name__ == "__main__":
smbConfig = smbserver.ConfigParser.ConfigParser()
smbConfig.add_section('global')
smbConfig.set('global', 'server_name', 'server_name')
smbConfig.set('global', 'server_os', 'UNIX')
smbConfig.set('global', 'server_domain', 'WORKGROUP')
smbConfig.set('global', 'log_file', 'smb.log')
smbConfig.set('global', 'credentials_file', '')
smbConfig.add_section('IPC$')
smbConfig.set('IPC$', 'comment', '')
smbConfig.set('IPC$', 'read only', 'yes')
smbConfig.set('IPC$', 'share type', '3')
smbConfig.set('IPC$', 'path', '')
server = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig)
server.processConfigFile()
server.registerNamedPipe('srvsvc', ('0.0.0.0', 4344))
# Auth and information gathering hooks
# Hook session setup to grab the credentials and deny any empty authentication requests
server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX,
smbCommandHook_SMB_COM_SESSION_SETUP_ANDX)
# Hook the negotiate call to disable SPNEGO
server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE,
smbCommandHook_SMB_COM_NEGOTIATE)
# Hook tree connect
server.hookSmbCommand(smb.SMB.SMB_COM_TREE_CONNECT_ANDX,
smbCommandHook_SMB_COM_TREE_CONNECT_ANDX)
server.serve_forever()
