def run(self): # Here we write a mini config for the server smbConfig = ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'server_name') smbConfig.set('global', 'server_os', 'UNIX') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'log_file', self.__smbserver_log) smbConfig.set('global', 'credentials_file', '') # Let's add a dummy share smbConfig.add_section(self.__smbserver_share) smbConfig.set(self.__smbserver_share, 'comment', '') smbConfig.set(self.__smbserver_share, 'read only', 'no') smbConfig.set(self.__smbserver_share, 'share type', '0') smbConfig.set(self.__smbserver_share, 'path', self.__smbserver_dir) # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', '') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path') self.localsmb = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig) logger.info('Setting up SMB Server') self.localsmb.processConfigFile() logger.debug('Ready to listen...') try: self.localsmb.serve_forever() except Exception as _: pass
def run(self): # Here we write a mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'server_name') smbConfig.set('global', 'server_os', 'UNIX') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'log_file', SMBSERVER_DIR + '/smb.log') smbConfig.set('global', 'credentials_file', '') # Let's add a dummy share smbConfig.add_section(DUMMY_SHARE) smbConfig.set(DUMMY_SHARE, 'comment', '') smbConfig.set(DUMMY_SHARE, 'read only', 'no') smbConfig.set(DUMMY_SHARE, 'share type', '0') smbConfig.set(DUMMY_SHARE, 'path', SMBSERVER_DIR) # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', '') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path') self.smb = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig) logging.info('Creating tmp directory') try: os.mkdir(SMBSERVER_DIR) except Exception, e: logging.critical(str(e)) pass
def run(self): # mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'server_name') smbConfig.set('global', 'server_os', 'Windows') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'log_file', '') smbConfig.set('global', 'credentials_file', '') smbConfig.set("global", 'SMB2Support', 'True') # fake ipc$ smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', '') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path') self.smb = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig) self.smb.processConfigFile() # unregister dangerous commands self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY) self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY) self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME) self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE) self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE) self.smb.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX) try: self.smb.serve_forever() except: pass
def __init__(self): Thread.__init__(self) self.daemon = True self.server = 0 self.target = '' self.mode = 'REFLECTION' # Here we write a mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global','server_name','server_name') smbConfig.set('global','server_os','UNIX') smbConfig.set('global','server_domain','WORKGROUP') smbConfig.set('global','log_file','smb.log') smbConfig.set('global','credentials_file','') # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$','comment','') smbConfig.set('IPC$','read only','yes') smbConfig.set('IPC$','share type','3') smbConfig.set('IPC$','path','') self.server = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig) self.server.processConfigFile() self.origSmbComNegotiate = self.server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE, self.SmbComNegotiate) self.origSmbSessionSetupAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX, self.SmbSessionSetupAndX) # Let's use the SMBServer Connection dictionary to keep track of our client connections as well self.server.addConnection('SMBRelay', '0.0.0.0', 445)
def run(self): # Here we write a mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'SERVICE') smbConfig.set('global', 'server_os', 'UNIX') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'log_file', '/tmp/smb.log') smbConfig.set('global', 'credentials_file', '') # Let's add a dummy share smbConfig.add_section("SYSTEM") smbConfig.set("SYSTEM", 'comment', 'system share') smbConfig.set("SYSTEM", 'read only', 'yes') smbConfig.set("SYSTEM", 'share type', '0') smbConfig.set("SYSTEM", 'path', "/tmp/shared/") # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', '') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path') self.smb = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig) print '\n [*] setting up SMB server...' self.smb.processConfigFile() try: self.smb.serve_forever() except: pass
def run(self): # Here we write a mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global','server_name','server_name') smbConfig.set('global','server_os','UNIX') smbConfig.set('global','server_domain','WORKGROUP') smbConfig.set('global','log_file', 'logs/smbserver.log') smbConfig.set('global','credentials_file','') # Let's add a dummy share smbConfig.add_section('TMP') smbConfig.set('TMP','comment','') smbConfig.set('TMP','read only','no') smbConfig.set('TMP','share type','0') smbConfig.set('TMP','path', 'hosted') # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$','comment','') smbConfig.set('IPC$','read only','yes') smbConfig.set('IPC$','share type','3') smbConfig.set('IPC$','path') self.smb = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig) self.smb.processConfigFile() logging.info('SMB server ready') self.smb.serve_forever()
def __init__(self, smb2Support = False): Thread.__init__(self) self.server = 0 self.defaultFile = None self.extensions = {} serverConfig = ConfigParser.ConfigParser() serverConfig.add_section('global') self.server = smbserver.SMBSERVER(('0.0.0.0',445), config_parser = smbConfig) self.server.processConfigFile() # Unregistering some dangerous and unwanted commands self.server.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX) # hook functions # self.origsmbComNtCreateAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_NT_CREATE_ANDX, self.smbComNtCreateAndX) self.__srvsServer = SRVSServer() self.__srvsServer.daemon = True self.server.registerNamedPipe('srvsvc',('127.0.0.1',self.__srvsServer.getListenPort()))
def __init__(self): self.server = 0 self.target = '' self.server = smbserver.SMBSERVER(('0.0.0.0',445)) self.server.processConfigFile('smb.conf') self.origSmbComNegotiate = self.server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE, self.SmbComNegotiate) self.origSmbSessionSetupAndX = self.server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX, self.SmbSessionSetupAndX) # Let's use the SMBServer Connection dictionary to keep track of our client connections as well self.server.addConnection('SMBRelay', '0.0.0.0', 445)
def __init__(self, smb_challenge, smb_port, smb2Support=False): self.server = 0 self.defaultFile = None self.extensions = {} # Here we write a mini config for the server smbConfig = ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'server_name') smbConfig.set('global', 'server_os', 'UNIX') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'challenge', smb_challenge.decode('hex')) smbConfig.set('global', 'log_file', 'smb.log') smbConfig.set('global', 'credentials_file', '') # IPC always needed smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', 'Logon server share') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path', '') # NETLOGON always needed smbConfig.add_section('NETLOGON') smbConfig.set('NETLOGON', 'comment', 'Logon server share') smbConfig.set('NETLOGON', 'read only', 'no') smbConfig.set('NETLOGON', 'share type', '0') smbConfig.set('NETLOGON', 'path', '') # SYSVOL always needed smbConfig.add_section('SYSVOL') smbConfig.set('SYSVOL', 'comment', '') smbConfig.set('SYSVOL', 'read only', 'no') smbConfig.set('SYSVOL', 'share type', '0') smbConfig.set('SYSVOL', 'path', '') if smb2Support: smbConfig.set("global", "SMB2Support", "True") self.server = smbserver.SMBSERVER(('0.0.0.0', int(smb_port)), config_parser=smbConfig) self.server.processConfigFile() # Unregistering some dangerous and unwanted commands self.server.unregisterSmbCommand(smb.SMB.SMB_COM_CREATE_DIRECTORY) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE_DIRECTORY) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_RENAME) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_DELETE) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE) self.server.unregisterSmbCommand(smb.SMB.SMB_COM_WRITE_ANDX) self.server.unregisterSmb2Command(smb2.SMB2_WRITE) self.origsmbComNtCreateAndX = self.server.hookSmbCommand( smb.SMB.SMB_COM_NT_CREATE_ANDX, self.smbComNtCreateAndX) self.origsmbComTreeConnectAndX = self.server.hookSmbCommand( smb.SMB.SMB_COM_TREE_CONNECT_ANDX, self.smbComTreeConnectAndX) self.origQueryPathInformation = self.server.hookTransaction2( smb.SMB.TRANS2_QUERY_PATH_INFORMATION, self.queryPathInformation) self.origFindFirst2 = self.server.hookTransaction2( smb.SMB.TRANS2_FIND_FIRST2, self.findFirst2) # And the same for SMB2 self.origsmb2TreeConnect = self.server.hookSmb2Command( smb2.SMB2_TREE_CONNECT, self.smb2TreeConnect) self.origsmb2Create = self.server.hookSmb2Command( smb2.SMB2_CREATE, self.smb2Create) self.origsmb2QueryDirectory = self.server.hookSmb2Command( smb2.SMB2_QUERY_DIRECTORY, self.smb2QueryDirectory) self.origsmb2Read = self.server.hookSmb2Command( smb2.SMB2_READ, self.smb2Read) self.origsmb2Close = self.server.hookSmb2Command( smb2.SMB2_CLOSE, self.smb2Close) # Now we have to register the MS-SRVS server. This specially important for # Windows 7+ and Mavericks clients since they WONT (specially OSX) # ask for shares using MS-RAP. self.__srvsServer = SRVSServer() self.__srvsServer.daemon = True self.server.registerNamedPipe( 'srvsvc', ('127.0.0.1', self.__srvsServer.getListenPort()))
#!/usr/bin/python # Copyright (c) 2003-2012 CORE Security Technologies # # This software is provided under under a slightly modified version # of the Apache Software License. See the accompanying LICENSE file # for more information. # # $Id: simple_server.py 612 2012-07-18 13:11:10Z [email protected] $ # # Simple SMB Server, check smb.conf for details # # Author: # Alberto Solino <*****@*****.**> # from impacket import smbserver server = smbserver.SMBSERVER(('0.0.0.0',445)) server.processConfigFile('smb.conf') # Uncomment this is you want the SMBServer to redirect all the \srvsvc pipe # calls to another DCERPC Server # You might need to run srvsvcserver.py # This is gonna be needed if you want Windows 7 users to connect to the server due # to a nasty bug in the Win7 when asking for shares (it will timeout for minutes before asking to # LANMAN) #server.registerNamedPipe('srvsvc',('0.0.0.0',4344)) server.serve_forever()
if __name__ == "__main__": smbConfig = smbserver.ConfigParser.ConfigParser() smbConfig.add_section('global') smbConfig.set('global', 'server_name', 'server_name') smbConfig.set('global', 'server_os', 'UNIX') smbConfig.set('global', 'server_domain', 'WORKGROUP') smbConfig.set('global', 'log_file', 'smb.log') smbConfig.set('global', 'credentials_file', '') smbConfig.add_section('IPC$') smbConfig.set('IPC$', 'comment', '') smbConfig.set('IPC$', 'read only', 'yes') smbConfig.set('IPC$', 'share type', '3') smbConfig.set('IPC$', 'path', '') server = smbserver.SMBSERVER(('0.0.0.0', 445), config_parser=smbConfig) server.processConfigFile() server.registerNamedPipe('srvsvc', ('0.0.0.0', 4344)) # Auth and information gathering hooks # Hook session setup to grab the credentials and deny any empty authentication requests server.hookSmbCommand(smb.SMB.SMB_COM_SESSION_SETUP_ANDX, smbCommandHook_SMB_COM_SESSION_SETUP_ANDX) # Hook the negotiate call to disable SPNEGO server.hookSmbCommand(smb.SMB.SMB_COM_NEGOTIATE, smbCommandHook_SMB_COM_NEGOTIATE) # Hook tree connect server.hookSmbCommand(smb.SMB.SMB_COM_TREE_CONNECT_ANDX, smbCommandHook_SMB_COM_TREE_CONNECT_ANDX) server.serve_forever()