search

jfjallid / go-smb

A client library to interact with Windows RPC services such as MS-SRVS and MS-RRP.
MIT License
40 stars 9 forks source link

[Feature Request] NTLM Info #6

Closed XiaoliChan closed 9 months ago

XiaoliChan commented 9 months ago

It's a good idea to get NTLM info when doing enumeration image

I think it can do this like impacket, for example

session.getDNSDomainName()

Reference:

jfjallid commented 9 months ago

Thanks for the idea, I'll try to implement something similar.

XiaoliChan commented 9 months ago

I think these errors should be processed

In this screenshot, 0xC0000224 == user is required to change password at next logon image

Reference:

jfjallid commented 9 months ago

I have added the missing status code of "password must change" and implemented a new function on the connection struct called GetTargetInfo() which returns a TargetInfo struct in commit 2c9fbb015d9815bf941f83fc2d91024b7e66d44e (Tag v.0.3.2)

Instead of deciding how and what to print in this library, I'll leave that up to the various clients to print whatever they deem relevant. GetTargetInfo() will return nil if called before a connection has been established and the SessionSetup handshake has been initiated.

Something similar to your example would be:

if session != nil {
    targetInfo := session.GetTargetInfo()
    if targetInfo != nil {
        fmt.Println("[*] Server info")
        fmt.Printf("      [->] Signing: %v\n", session.IsSigningRequired.Load())
        fmt.Printf("      [->] OS Version: %s\n", targetInfo.GuessedOSVersion)
        fmt.Printf("      [->] Hostname: %s\n", targetInfo.DnsComputerName)
        fmt.Printf("      [->] Domain: %s\n", targetInfo.DnsDomainName)
        fmt.Println()
    }
}
XiaoliChan commented 9 months ago

For the NTLM info and the error exclude "Login failed", it did a nice job with release 3.2.0

image