cdelafuente-r7
commented
3 months ago Thanks @zeroSteiner! It looks good to me. I tested using the examples/virtual_file_server.rb script and made sure compound requests are handled correctly. However, I was not able to reproduce the same use case as you described. I only observed Create requests chained with Find requests. That said, the file_id is correctly populated and the find operations properly works. I'll go ahead and land it. Thanks!
This adds handling for compound SMB2 requests as defined here: https://learn.microsoft.com/en-us/openspecs/windows_protocols/ms-smb2/46dd4182-62d3-4e30-9fe5-e2ec124edca1
I ran into this while working on an exploit that triggered a load over a UNC path from a Python app running on a Windows Server 2022 host. In this case, there was a create request followed by another request whose
#file_idattribute was not populated leading the higher level read operation to fail.