I'm working on some additional functionality for impacket to augment the SMBConnection class so that it can be used for remotely searching through open SMB shares for grepping and permissions checks and so forth without creating an interactive shell.
My use-case is that I am trying to simulate a ransomware attack for a client, and impacket has almost everything I need except for a walk() function.
In the smbprotocol library for python, this is as simple as root, subs, files = smbclient.walk() very similar to the os.walk() method
I'm trying to implement this myself manually, and if I manage to succeed, I'd be happy to submit a pull request, but before I go re-inventing the wheel, I'd appreciate the dev teams' input for this.
I've been reviewing the do_mget functionality for the smbclient.py example, but since it is only passing back filepaths and doing the smb.getFile() method, it's not quite what I need. We manually implemented something similar using the smbprotocol's walk() and stat() functions, but I can't pass the impacket connection to a different smbclient very elegantly. It would be far nicer to implement this functionality within the SMBConnection class itself.
Use-case example:
Dependency: python3 -m pip install smbprotocol
import smbclient
for dirpath, dirnames, filenames in smbclient.walk(path):
for f in filenames:
file_path = os.path.join(dirpath, f)
file_info = smbclient.stat(file_path)
f_perm = file_info.st_mode
# list the SMB perms as reported by the server
perm_str = ""
perm_str += "d" if stat.S_ISDIR(f_perm) else "-"
perm_str += "r" if f_perm & stat.S_IRUSR else "-"
perm_str += "w" if f_perm & stat.S_IWUSR else "-"
perm_str += "x" if f_perm & stat.S_IXUSR else "-"
perm_str += "r" if f_perm & stat.S_IRGRP else "-"
perm_str += "w" if f_perm & stat.S_IWGRP else "-"
perm_str += "x" if f_perm & stat.S_IXGRP else "-"
perm_str += "r" if f_perm & stat.S_IROTH else "-"
perm_str += "w" if f_perm & stat.S_IWOTH else "-"
perm_str += "x" if f_perm & stat.S_IXOTH else "-"
log.info(f"File: {file_path}\nServer Reported Permissions: {perm_str}")
Configuration
impacket version: 0.11.0 Python version: 3.12.0 Target OS: Debian/Ubuntu
I'm working on some additional functionality for impacket to augment the SMBConnection class so that it can be used for remotely searching through open SMB shares for grepping and permissions checks and so forth without creating an interactive shell.
My use-case is that I am trying to simulate a ransomware attack for a client, and impacket has almost everything I need except for a walk() function.
In the
smbprotocollibrary for python, this is as simple asroot, subs, files = smbclient.walk()very similar to theos.walk()methodI'm trying to implement this myself manually, and if I manage to succeed, I'd be happy to submit a pull request, but before I go re-inventing the wheel, I'd appreciate the dev teams' input for this.
I've been reviewing the
do_mgetfunctionality for the smbclient.py example, but since it is only passing back filepaths and doing thesmb.getFile()method, it's not quite what I need. We manually implemented something similar using the smbprotocol's walk() and stat() functions, but I can't pass the impacket connection to a different smbclient very elegantly. It would be far nicer to implement this functionality within the SMBConnection class itself.Use-case example:
Dependency:
python3 -m pip install smbprotocol