SMB3 rpc(lookupNamesForSIDs) support

[FixBugsFor]

With SMB3 session: RPCTransport rpcTransport = SMBTransportFactories.LSASVC.getTransport(session3); I got: Exception in thread "main" java.lang.NoSuchMethodError: com.hierynomus.smbj.connection.Connection.getConfig()Lcom/hierynomus/smbj/SmbConfig; at com.rapid7.helper.smbj.io.SMB2SessionMessage.(SMB2SessionMessage.java:45) at com.rapid7.helper.smbj.share.NamedPipe.(NamedPipe.java:51) at com.rapid7.client.dcerpc.transport.SMBTransportFactories.openPipe(SMBTransportFactories.java:99) at com.rapid7.client.dcerpc.transport.SMBTransportFactories.openAndHandleStatusPipeNotAvailable(SMBTransportFactories.java:74) at com.rapid7.client.dcerpc.transport.SMBTransportFactories.getTransport(SMBTransportFactories.java:58)

======= I am using 'com.rapid7.client:dcerpc' V0.10.0

Apparently, it doesn't support SMB3 (3.0) session from Azure files ? Is there any way (RPC) that we can lookup ACL name from SMB3 file SID ?

[pepijnve]

Azure Files does not support RPC services at all, you need to use the Azure REST API or communicate with your AD server directly somehow. https://docs.microsoft.com/en-us/rest/api/storageservices/features-not-supported-by-the-azure-file-service lists the SMB features that are not supported. One of those is 'named pipes' which are a prerequisite for RPC over SMB.

That being said, that's not the cause of that NoSuchMethodError seems like you're using incompatible versions of smbj-rpc and smbj.

[hierynomus]

Which version of SMBJ are you using? The latest master has a lot of refactorings, which could potentially have broken smbj-rpc which was built on top of SMBJ. I'm not sure how alive smbj-rpc still is?

[FixBugsFor]

Yeah, i am trying with the latest master version; As pepijnve stated, for azure Files (SMB3), We cannot use smb-rpc; I am able to get SID on Azure files with the latest build, Anyone knows how to map SID to Azure AD user ?

[alexwbaule]

Hi Guys.

@hierynomus, Im using your lib too, and the diff from 0.10.0 to 0.11.1 its in the Connection, the getConfig() was removed.

The SMB2SessionMessage from com.rapid7.helper.smbj.io , uses "getConfig" from its Class constructor.

So, the error occurs when use the SMBTransportFactories.LSASVC.getTransport(session3), thats use an SMB2SessionMessage.

The com.rapid7.helper.smbj.io has no updates, I suggest keeping "getConfig" to maintain compatibility.

You want a Pull Request with this , or you will add "getConfig" in Connection.java by yourself ?

[alexwbaule]

There is another Missing part, the: import com.hierynomus.mssmb2.SMB2Header;

Is used to, by com.rapid7.helper.smbj.io

[hierynomus]

The SMB2Header class has been renamed to SMB2PacketHeader.

For the getConfig we need to have a look at whether you can get that from another place or whether I need to re-add the method.

[alexwbaule]

Removing the getConfig and renaming the SMB2Header file, broken the compability with smb-rpc from rapid7.

Maybe forking the smb-rpc and fix files to use the new SMB2PacketHeader and get the timeout directly from connection ? Or do you have another solution. ?

[derekarodriguez1234]

Hi, I am researching this item, came to the same conclusion, and wanted to know if anyone has found an alternate way to translate Azure AD SIDS to Names. Longtime user of SMBJ and rapid7. Did anyone here come up with an approach ?

Thanks, Derek