hkmoon
commented
6 years ago Remote Administration Protocol request is carried in a single SMB_COM_TRANSACTION request which is in CIFS protocol. Protocol structure is quite different from SMB2. The header is starting with '\xFF', 'S', 'M', 'B', rather than '\xFE', 'S', 'M', 'B'.
So far implementation seems to be hard. Alternatively, we can use the external programs.
// Windows 7: if there is no credential given, it complains with System error 5
// The below tip is from https://superuser.com/a/936816
net use \\fileserver\IPC$ /u:"" "" /persistent:no
net view \\fileserver
net use \\fileserver\IPC$ /delete
// MacOSX 10.11:
smbutil view //@fileserver
// Ubuntu 14.04:
smbclient -NL //fileserver
Currently, I use the external program to collect the shares.
It would be really great to enumerate all the shares from the host in native javascript. In order to get this information, Microsoft Remote Administration Protocol is needed to be implemented in addition to the smb2 message structure.
Here might be the starting point. https://msdn.microsoft.com/en-us/library/cc240321.aspx
Based on the documentation, it looks easier than SMB2 negotiation.