Closed zeroSteiner closed 4 years ago
I added another value to store: server_guid
which will allow SMB servers that have multiple NICs to be uniquely identified. Changes added in commit f726317c0de0d4003287683e16ac3477c7182767.
Output from WIP smb_version
:
[*] 192.168.159.31:445 - SMB Detected (versions:1, 2) (preferred dialect:SMB 2.1) (signatures:optional) (uptime:3h 16m) (guid:{6e73395c-f006-4657-a132-b25e96ba2cfb})
[+] 192.168.159.31:445 - Host is running Windows 7 Professional SP1 (build:7601) (name:WIN-9NSI4A6AIHJ) (workgroup:WORKGROUP)
[*] Scanned 1 of 2 hosts (50% complete)
[*] 192.168.250.100:445 - SMB Detected (versions:1, 2) (preferred dialect:SMB 2.1) (signatures:optional) (uptime:3h 16m) (guid:{6e73395c-f006-4657-a132-b25e96ba2cfb})
[+] 192.168.250.100:445 - Host is running Windows 7 Professional SP1 (build:7601) (name:WIN-9NSI4A6AIHJ) (workgroup:WORKGROUP)
[*] Scanned 2 of 2 hosts (100% complete)
[*] Auxiliary module execution completed
Moved to parse_negotiate_response
in commit 2a61d9e. Thanks for the review!
I tested with the smb_version WIP module against multiple Windows versions and verified that uptime
and server_guid
information was reported each time.
This stores the server start and system times in the client object. This will be necessary for upcoming changes to Metasploit's
smb_version
module which will consolidate theauxilary/scanner/smb/smb2
module. Thesmb2
scanner module currently reports the amount of time the remote system has been booted, so to not lose this we'll need it in RubySMB.For testing you can inspect the object manually, or check out the
smb_version
WIP. If you choose to go with the later,uptime
should be reported for any server that reports both the system and start times.