Home Verkennen Help
Inloggen
coder
/
SMBLibrary-Fork
1
0
Vork 0
Bestanden Issues 0 Pull-aanvragen 0 Wiki
Boom: 0a89a84434
Aftakkingen Labels
SMBLibrary-F...
/
SMBLibrary
/
Client
/
SMB1Client.cs

SMB1Client.cs 27 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684 
  1. /* Copyright (C) 2014-2020 Tal Aloni <tal.aloni.il@gmail.com>. All rights reserved.
    2. 

  2.  * 
    3. 

  3.  * You can redistribute this program and/or modify it under the terms of
    4. 

  4.  * the GNU Lesser Public License as published by the Free Software Foundation,
    5. 

  5.  * either version 3 of the License, or (at your option) any later version.
    6. 

  6.  */
    7. 

  7. using System;
    8. 

  8. using System.Collections.Generic;
    9. 

  9. using System.Diagnostics;
    10. 

  10. using System.Net;
    11. 

  11. using System.Net.Sockets;
    12. 

  12. using System.Threading;
    13. 

  13. using SMBLibrary.Authentication.NTLM;
    14. 

  14. using SMBLibrary.NetBios;
    15. 

  15. using SMBLibrary.Services;
    16. 

  16. using SMBLibrary.SMB1;
    17. 

  17. using Utilities;
    18. 

  18. 

  19. namespace SMBLibrary.Client
    20. 

  20. {
    21. 

  21.     public class SMB1Client : ISMBClient
    22. 

  22.     {
    23. 

  23.         public const int NetBiosOverTCPPort = 139;
    24. 

  24.         public const int DirectTCPPort = 445;
    25. 

  25.         public const string NTLanManagerDialect = "NT LM 0.12";
    26. 

  26.         
    27. 

  27.         public const ushort ClientMaxBufferSize = 65535; // Valid range: 512 - 65535
    28. 

  28.         public const ushort ClientMaxMpxCount = 1;
    29. 

  29. 

  30.         private SMBTransportType m_transport;
    31. 

  31.         private bool m_isConnected;
    32. 

  32.         private bool m_isLoggedIn;
    33. 

  33.         private Socket m_clientSocket;
    34. 

  34.         private bool m_forceExtendedSecurity;
    35. 

  35.         private bool m_unicode;
    36. 

  36.         private bool m_largeFiles;
    37. 

  37.         private bool m_infoLevelPassthrough;
    38. 

  38.         private bool m_largeRead;
    39. 

  39.         private bool m_largeWrite;
    40. 

  40.         private uint m_serverMaxBufferSize;
    41. 

  41.         private ushort m_maxMpxCount;
    42. 

  42. 

  43.         private object m_incomingQueueLock = new object();
    44. 

  44.         private List<SMB1Message> m_incomingQueue = new List<SMB1Message>();
    45. 

  45.         private EventWaitHandle m_incomingQueueEventHandle = new EventWaitHandle(false, EventResetMode.AutoReset);
    46. 

  46. 

  47.         private SessionPacket m_sessionResponsePacket;
    48. 

  48.         private EventWaitHandle m_sessionResponseEventHandle = new EventWaitHandle(false, EventResetMode.AutoReset);
    49. 

  49. 

  50.         private ushort m_userID;
    51. 

  51.         private byte[] m_serverChallenge;
    52. 

  52.         private byte[] m_securityBlob;
    53. 

  53.         private byte[] m_sessionKey;
    54. 

  54. 

  55.         public SMB1Client()
    56. 

  56.         {
    57. 

  57.         }
    58. 

  58. 

  59.         public bool Connect(IPAddress serverAddress, SMBTransportType transport)
    60. 

  60.         {
    61. 

  61.             return Connect(serverAddress, transport, true);
    62. 

  62.         }
    63. 

  63. 

  64.         public bool Connect(IPAddress serverAddress, SMBTransportType transport, bool forceExtendedSecurity)
    65. 

  65.         {
    66. 

  66.             m_transport = transport;
    67. 

  67.             if (!m_isConnected)
    68. 

  68.             {
    69. 

  69.                 m_forceExtendedSecurity = forceExtendedSecurity;
    70. 

  70.                 int port;
    71. 

  71.                 if (transport == SMBTransportType.NetBiosOverTCP)
    72. 

  72.                 {
    73. 

  73.                     port = NetBiosOverTCPPort;
    74. 

  74.                 }
    75. 

  75.                 else
    76. 

  76.                 {
    77. 

  77.                     port = DirectTCPPort;
    78. 

  78.                 }
    79. 

  79. 

  80.                 if (!ConnectSocket(serverAddress, port))
    81. 

  81.                 {
    82. 

  82.                     return false;
    83. 

  83.                 }
    84. 

  84.                 
    85. 

  85.                 if (transport == SMBTransportType.NetBiosOverTCP)
    86. 

  86.                 {
    87. 

  87.                     SessionRequestPacket sessionRequest = new SessionRequestPacket();
    88. 

  88.                     sessionRequest.CalledName = NetBiosUtils.GetMSNetBiosName("*SMBSERVER", NetBiosSuffix.FileServiceService);
    89. 

  89.                     sessionRequest.CallingName = NetBiosUtils.GetMSNetBiosName(Environment.MachineName, NetBiosSuffix.WorkstationService);
    90. 

  90.                     TrySendPacket(m_clientSocket, sessionRequest);
    91. 

  91. 

  92.                     SessionPacket sessionResponsePacket = WaitForSessionResponsePacket();
    93. 

  93.                     if (!(sessionResponsePacket is PositiveSessionResponsePacket))
    94. 

  94.                     {
    95. 

  95.                         m_clientSocket.Close();
    96. 

  96.                         if (!ConnectSocket(serverAddress, port))
    97. 

  97.                         {
    98. 

  98.                             return false;
    99. 

  99.                         }
    100. 

  100. 

  101.                         NameServiceClient nameServiceClient = new NameServiceClient(serverAddress);
    102. 

  102.                         string serverName = nameServiceClient.GetServerName();
    103. 

  103.                         if (serverName == null)
    104. 

  104.                         {
    105. 

  105.                             return false;
    106. 

  106.                         }
    107. 

  107. 

  108.                         sessionRequest.CalledName = serverName;
    109. 

  109.                         TrySendPacket(m_clientSocket, sessionRequest);
    110. 

  110. 

  111.                         sessionResponsePacket = WaitForSessionResponsePacket();
    112. 

  112.                         if (!(sessionResponsePacket is PositiveSessionResponsePacket))
    113. 

  113.                         {
    114. 

  114.                             return false;
    115. 

  115.                         }
    116. 

  116.                     }
    117. 

  117.                 }
    118. 

  118. 

  119.                 bool supportsDialect = NegotiateDialect(m_forceExtendedSecurity);
    120. 

  120.                 if (!supportsDialect)
    121. 

  121.                 {
    122. 

  122.                     m_clientSocket.Close();
    123. 

  123.                 }
    124. 

  124.                 else
    125. 

  125.                 {
    126. 

  126.                     m_isConnected = true;
    127. 

  127.                 }
    128. 

  128.             }
    129. 

  129.             return m_isConnected;
    130. 

  130.         }
    131. 

  131. 

  132.         private bool ConnectSocket(IPAddress serverAddress, int port)
    133. 

  133.         {
    134. 

  134.             m_clientSocket = new Socket(AddressFamily.InterNetwork, SocketType.Stream, ProtocolType.Tcp);
    135. 

  135.             
    136. 

  136.             try
    137. 

  137.             {
    138. 

  138.                 m_clientSocket.Connect(serverAddress, port);
    139. 

  139.             }
    140. 

  140.             catch (SocketException)
    141. 

  141.             {
    142. 

  142.                 return false;
    143. 

  143.             }
    144. 

  144. 

  145.             ConnectionState state = new ConnectionState();
    146. 

  146.             NBTConnectionReceiveBuffer buffer = state.ReceiveBuffer;
    147. 

  147.             m_clientSocket.BeginReceive(buffer.Buffer, buffer.WriteOffset, buffer.AvailableLength, SocketFlags.None, new AsyncCallback(OnClientSocketReceive), state);
    148. 

  148.             return true;
    149. 

  149.         }
    150. 

  150. 

  151.         public void Disconnect()
    152. 

  152.         {
    153. 

  153.             if (m_isConnected)
    154. 

  154.             {
    155. 

  155.                 m_clientSocket.Disconnect(false);
    156. 

  156.                 m_isConnected = false;
    157. 

  157.             }
    158. 

  158.         }
    159. 

  159. 

  160.         private bool NegotiateDialect(bool forceExtendedSecurity)
    161. 

  161.         {
    162. 

  162.             NegotiateRequest request = new NegotiateRequest();
    163. 

  163.             request.Dialects.Add(NTLanManagerDialect);
    164. 

  164. 

  165.             TrySendMessage(request);
    166. 

  166.             SMB1Message reply = WaitForMessage(CommandName.SMB_COM_NEGOTIATE);
    167. 

  167.             if (reply == null)
    168. 

  168.             {
    169. 

  169.                 return false;
    170. 

  170.             }
    171. 

  171. 

  172.             if (reply.Commands[0] is NegotiateResponse && !forceExtendedSecurity)
    173. 

  173.             {
    174. 

  174.                 NegotiateResponse response = (NegotiateResponse)reply.Commands[0];
    175. 

  175.                 m_unicode = ((response.Capabilities & Capabilities.Unicode) > 0);
    176. 

  176.                 m_largeFiles = ((response.Capabilities & Capabilities.LargeFiles) > 0);
    177. 

  177.                 bool ntSMB = ((response.Capabilities & Capabilities.NTSMB) > 0);
    178. 

  178.                 bool rpc = ((response.Capabilities & Capabilities.RpcRemoteApi) > 0);
    179. 

  179.                 bool ntStatusCode = ((response.Capabilities & Capabilities.NTStatusCode) > 0);
    180. 

  180.                 m_infoLevelPassthrough = ((response.Capabilities & Capabilities.InfoLevelPassthrough) > 0);
    181. 

  181.                 m_largeRead = ((response.Capabilities & Capabilities.LargeRead) > 0);
    182. 

  182.                 m_largeWrite = ((response.Capabilities & Capabilities.LargeWrite) > 0);
    183. 

  183.                 m_serverMaxBufferSize = response.MaxBufferSize;
    184. 

  184.                 m_maxMpxCount = Math.Min(response.MaxMpxCount, ClientMaxMpxCount);
    185. 

  185.                 m_serverChallenge = response.Challenge;
    186. 

  186.                 return ntSMB && rpc && ntStatusCode;
    187. 

  187.             }
    188. 

  188.             else if (reply.Commands[0] is NegotiateResponseExtended)
    189. 

  189.             {
    190. 

  190.                 NegotiateResponseExtended response = (NegotiateResponseExtended)reply.Commands[0];
    191. 

  191.                 m_unicode = ((response.Capabilities & Capabilities.Unicode) > 0);
    192. 

  192.                 m_largeFiles = ((response.Capabilities & Capabilities.LargeFiles) > 0);
    193. 

  193.                 bool ntSMB = ((response.Capabilities & Capabilities.NTSMB) > 0);
    194. 

  194.                 bool rpc = ((response.Capabilities & Capabilities.RpcRemoteApi) > 0);
    195. 

  195.                 bool ntStatusCode = ((response.Capabilities & Capabilities.NTStatusCode) > 0);
    196. 

  196.                 m_infoLevelPassthrough = ((response.Capabilities & Capabilities.InfoLevelPassthrough) > 0);
    197. 

  197.                 m_largeRead = ((response.Capabilities & Capabilities.LargeRead) > 0);
    198. 

  198.                 m_largeWrite = ((response.Capabilities & Capabilities.LargeWrite) > 0);
    199. 

  199.                 m_serverMaxBufferSize = response.MaxBufferSize;
    200. 

  200.                 m_maxMpxCount = Math.Min(response.MaxMpxCount, ClientMaxMpxCount);
    201. 

  201.                 m_securityBlob = response.SecurityBlob;
    202. 

  202.                 return ntSMB && rpc && ntStatusCode;
    203. 

  203.             }
    204. 

  204.             else
    205. 

  205.             {
    206. 

  206.                 return false;
    207. 

  207.             }
    208. 

  208.         }
    209. 

  209. 

  210.         public NTStatus Login(string domainName, string userName, string password)
    211. 

  211.         {
    212. 

  212.             return Login(domainName, userName, password, AuthenticationMethod.NTLMv2);
    213. 

  213.         }
    214. 

  214. 

  215.         public NTStatus Login(string domainName, string userName, string password, AuthenticationMethod authenticationMethod)
    216. 

  216.         {
    217. 

  217.             if (!m_isConnected)
    218. 

  218.             {
    219. 

  219.                 throw new InvalidOperationException("A connection must be successfully established before attempting login");
    220. 

  220.             }
    221. 

  221. 

  222.             Capabilities clientCapabilities = Capabilities.NTSMB | Capabilities.RpcRemoteApi | Capabilities.NTStatusCode | Capabilities.NTFind;
    223. 

  223.             if (m_unicode)
    224. 

  224.             {
    225. 

  225.                 clientCapabilities |= Capabilities.Unicode;
    226. 

  226.             }
    227. 

  227.             if (m_largeFiles)
    228. 

  228.             {
    229. 

  229.                 clientCapabilities |= Capabilities.LargeFiles;
    230. 

  230.             }
    231. 

  231.             if (m_largeRead)
    232. 

  232.             {
    233. 

  233.                 clientCapabilities |= Capabilities.LargeRead;
    234. 

  234.             }
    235. 

  235. 

  236.             if (m_serverChallenge != null)
    237. 

  237.             {
    238. 

  238.                 SessionSetupAndXRequest request = new SessionSetupAndXRequest();
    239. 

  239.                 request.MaxBufferSize = ClientMaxBufferSize;
    240. 

  240.                 request.MaxMpxCount = m_maxMpxCount;
    241. 

  241.                 request.Capabilities = clientCapabilities;
    242. 

  242.                 request.AccountName = userName;
    243. 

  243.                 request.PrimaryDomain = domainName;
    244. 

  244.                 byte[] clientChallenge = new byte[8];
    245. 

  245.                 new Random().NextBytes(clientChallenge);
    246. 

  246.                 if (authenticationMethod == AuthenticationMethod.NTLMv1)
    247. 

  247.                 {
    248. 

  248.                     request.OEMPassword = NTLMCryptography.ComputeLMv1Response(m_serverChallenge, password);
    249. 

  249.                     request.UnicodePassword = NTLMCryptography.ComputeNTLMv1Response(m_serverChallenge, password);
    250. 

  250.                 }
    251. 

  251.                 else if (authenticationMethod == AuthenticationMethod.NTLMv1ExtendedSessionSecurity)
    252. 

  252.                 {
    253. 

  253.                     // [MS-CIFS] CIFS does not support Extended Session Security because there is no mechanism in CIFS to negotiate Extended Session Security
    254. 

  254.                     throw new ArgumentException("SMB Extended Security must be negotiated in order for NTLMv1 Extended Session Security to be used");
    255. 

  255.                 }
    256. 

  256.                 else // NTLMv2
    257. 

  257.                 {
    258. 

  258.                     // Note: NTLMv2 over non-extended security session setup is not supported under Windows Vista and later which will return STATUS_INVALID_PARAMETER.
    259. 

  259.                     // https://msdn.microsoft.com/en-us/library/ee441701.aspx
    260. 

  260.                     // https://msdn.microsoft.com/en-us/library/cc236700.aspx
    261. 

  261.                     request.OEMPassword = NTLMCryptography.ComputeLMv2Response(m_serverChallenge, clientChallenge, password, userName, domainName);
    262. 

  262.                     NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(DateTime.UtcNow, clientChallenge, AVPairUtils.GetAVPairSequence(domainName, Environment.MachineName));
    263. 

  263.                     byte[] temp = clientChallengeStructure.GetBytesPadded();
    264. 

  264.                     byte[] proofStr = NTLMCryptography.ComputeNTLMv2Proof(m_serverChallenge, temp, password, userName, domainName);
    265. 

  265.                     request.UnicodePassword = ByteUtils.Concatenate(proofStr, temp);
    266. 

  266.                 }
    267. 

  267.                 
    268. 

  268.                 TrySendMessage(request);
    269. 

  269. 

  270.                 SMB1Message reply = WaitForMessage(CommandName.SMB_COM_SESSION_SETUP_ANDX);
    271. 

  271.                 if (reply != null)
    272. 

  272.                 {
    273. 

  273.                     m_isLoggedIn = (reply.Header.Status == NTStatus.STATUS_SUCCESS);
    274. 

  274.                     return reply.Header.Status;
    275. 

  275.                 }
    276. 

  276.                 return NTStatus.STATUS_INVALID_SMB;
    277. 

  277.             }
    278. 

  278.             else // m_securityBlob != null
    279. 

  279.             {
    280. 

  280.                 byte[] negotiateMessage = NTLMAuthenticationHelper.GetNegotiateMessage(m_securityBlob, domainName, authenticationMethod);
    281. 

  281.                 if (negotiateMessage == null)
    282. 

  282.                 {
    283. 

  283.                     return NTStatus.SEC_E_INVALID_TOKEN;
    284. 

  284.                 }
    285. 

  285. 

  286.                 SessionSetupAndXRequestExtended request = new SessionSetupAndXRequestExtended();
    287. 

  287.                 request.MaxBufferSize = ClientMaxBufferSize;
    288. 

  288.                 request.MaxMpxCount = m_maxMpxCount;
    289. 

  289.                 request.Capabilities = clientCapabilities;
    290. 

  290.                 request.SecurityBlob = negotiateMessage;
    291. 

  291.                 TrySendMessage(request);
    292. 

  292.                 
    293. 

  293.                 SMB1Message reply = WaitForMessage(CommandName.SMB_COM_SESSION_SETUP_ANDX);
    294. 

  294.                 if (reply != null)
    295. 

  295.                 {
    296. 

  296.                     if (reply.Header.Status == NTStatus.STATUS_MORE_PROCESSING_REQUIRED && reply.Commands[0] is SessionSetupAndXResponseExtended)
    297. 

  297.                     {
    298. 

  298.                         SessionSetupAndXResponseExtended response = (SessionSetupAndXResponseExtended)reply.Commands[0];
    299. 

  299.                         byte[] authenticateMessage = NTLMAuthenticationHelper.GetAuthenticateMessage(response.SecurityBlob, domainName, userName, password, authenticationMethod, out m_sessionKey);
    300. 

  300.                         if (authenticateMessage == null)
    301. 

  301.                         {
    302. 

  302.                             return NTStatus.SEC_E_INVALID_TOKEN;
    303. 

  303.                         }
    304. 

  304. 

  305.                         m_userID = reply.Header.UID;
    306. 

  306.                         request = new SessionSetupAndXRequestExtended();
    307. 

  307.                         request.MaxBufferSize = ClientMaxBufferSize;
    308. 

  308.                         request.MaxMpxCount = m_maxMpxCount;
    309. 

  309.                         request.Capabilities = clientCapabilities;
    310. 

  310.                         request.SecurityBlob = authenticateMessage;
    311. 

  311.                         TrySendMessage(request);
    312. 

  312. 

  313.                         reply = WaitForMessage(CommandName.SMB_COM_SESSION_SETUP_ANDX);
    314. 

  314.                         if (reply != null)
    315. 

  315.                         {
    316. 

  316.                             m_isLoggedIn = (reply.Header.Status == NTStatus.STATUS_SUCCESS);
    317. 

  317.                             return reply.Header.Status;
    318. 

  318.                         }
    319. 

  319.                     }
    320. 

  320.                     else
    321. 

  321.                     {
    322. 

  322.                         return reply.Header.Status;
    323. 

  323.                     }
    324. 

  324.                 }
    325. 

  325.                 return NTStatus.STATUS_INVALID_SMB;
    326. 

  326.             }
    327. 

  327.         }
    328. 

  328. 

  329.         public NTStatus Logoff()
    330. 

  330.         {
    331. 

  331.             if (!m_isConnected)
    332. 

  332.             {
    333. 

  333.                 throw new InvalidOperationException("A login session must be successfully established before attempting logoff");
    334. 

  334.             }
    335. 

  335. 

  336.             LogoffAndXRequest request = new LogoffAndXRequest();
    337. 

  337.             TrySendMessage(request);
    338. 

  338. 

  339.             SMB1Message reply = WaitForMessage(CommandName.SMB_COM_LOGOFF_ANDX);
    340. 

  340.             if (reply != null)
    341. 

  341.             {
    342. 

  342.                 m_isLoggedIn = (reply.Header.Status != NTStatus.STATUS_SUCCESS);
    343. 

  343.                 return reply.Header.Status;
    344. 

  344.             }
    345. 

  345.             return NTStatus.STATUS_INVALID_SMB;
    346. 

  346.         }
    347. 

  347. 

  348.         public List<string> ListShares(out NTStatus status)
    349. 

  349.         {
    350. 

  350.             if (!m_isConnected || !m_isLoggedIn)
    351. 

  351.             {
    352. 

  352.                 throw new InvalidOperationException("A login session must be successfully established before retrieving share list");
    353. 

  353.             }
    354. 

  354. 

  355.             SMB1FileStore namedPipeShare = TreeConnect("IPC$", ServiceName.NamedPipe, out status);
    356. 

  356.             if (namedPipeShare == null)
    357. 

  357.             {
    358. 

  358.                 return null;
    359. 

  359.             }
    360. 

  360. 

  361.             List<string> shares = ServerServiceHelper.ListShares(namedPipeShare, ShareType.DiskDrive, out status);
    362. 

  362.             namedPipeShare.Disconnect();
    363. 

  363.             return shares;
    364. 

  364.         }
    365. 

  365. 

  366.         public ISMBFileStore TreeConnect(string shareName, out NTStatus status)
    367. 

  367.         {
    368. 

  368.             return TreeConnect(shareName, ServiceName.AnyType, out status);
    369. 

  369.         }
    370. 

  370. 

  371.         public SMB1FileStore TreeConnect(string shareName, ServiceName serviceName, out NTStatus status)
    372. 

  372.         {
    373. 

  373.             if (!m_isConnected || !m_isLoggedIn)
    374. 

  374.             {
    375. 

  375.                 throw new InvalidOperationException("A login session must be successfully established before connecting to a share");
    376. 

  376.             }
    377. 

  377. 

  378.             TreeConnectAndXRequest request = new TreeConnectAndXRequest();
    379. 

  379.             request.Path = shareName;
    380. 

  380.             request.Service = serviceName;
    381. 

  381.             TrySendMessage(request);
    382. 

  382.             SMB1Message reply = WaitForMessage(CommandName.SMB_COM_TREE_CONNECT_ANDX);
    383. 

  383.             if (reply != null)
    384. 

  384.             {
    385. 

  385.                 status = reply.Header.Status;
    386. 

  386.                 if (reply.Header.Status == NTStatus.STATUS_SUCCESS && reply.Commands[0] is TreeConnectAndXResponse)
    387. 

  387.                 {
    388. 

  388.                     TreeConnectAndXResponse response = (TreeConnectAndXResponse)reply.Commands[0];
    389. 

  389.                     return new SMB1FileStore(this, reply.Header.TID);
    390. 

  390.                 }
    391. 

  391.             }
    392. 

  392.             else
    393. 

  393.             {
    394. 

  394.                 status = NTStatus.STATUS_INVALID_SMB;
    395. 

  395.             }
    396. 

  396.             return null;
    397. 

  397.         }
    398. 

  398. 

  399.         private void OnClientSocketReceive(IAsyncResult ar)
    400. 

  400.         {
    401. 

  401.             ConnectionState state = (ConnectionState)ar.AsyncState;
    402. 

  402. 

  403.             if (!m_clientSocket.Connected)
    404. 

  404.             {
    405. 

  405.                 return;
    406. 

  406.             }
    407. 

  407. 

  408.             int numberOfBytesReceived = 0;
    409. 

  409.             try
    410. 

  410.             {
    411. 

  411.                 numberOfBytesReceived = m_clientSocket.EndReceive(ar);
    412. 

  412.             }
    413. 

  413.             catch (ArgumentException) // The IAsyncResult object was not returned from the corresponding synchronous method on this class.
    414. 

  414.             {
    415. 

  415.                 return;
    416. 

  416.             }
    417. 

  417.             catch (ObjectDisposedException)
    418. 

  418.             {
    419. 

  419.                 Log("[ReceiveCallback] EndReceive ObjectDisposedException");
    420. 

  420.                 return;
    421. 

  421.             }
    422. 

  422.             catch (SocketException ex)
    423. 

  423.             {
    424. 

  424.                 Log("[ReceiveCallback] EndReceive SocketException: " + ex.Message);
    425. 

  425.                 return;
    426. 

  426.             }
    427. 

  427. 

  428.             if (numberOfBytesReceived == 0)
    429. 

  429.             {
    430. 

  430.                 m_isConnected = false;
    431. 

  431.             }
    432. 

  432.             else
    433. 

  433.             {
    434. 

  434.                 NBTConnectionReceiveBuffer buffer = state.ReceiveBuffer;
    435. 

  435.                 buffer.SetNumberOfBytesReceived(numberOfBytesReceived);
    436. 

  436.                 ProcessConnectionBuffer(state);
    437. 

  437. 

  438.                 try
    439. 

  439.                 {
    440. 

  440.                     m_clientSocket.BeginReceive(buffer.Buffer, buffer.WriteOffset, buffer.AvailableLength, SocketFlags.None, new AsyncCallback(OnClientSocketReceive), state);
    441. 

  441.                 }
    442. 

  442.                 catch (ObjectDisposedException)
    443. 

  443.                 {
    444. 

  444.                     m_isConnected = false;
    445. 

  445.                     Log("[ReceiveCallback] BeginReceive ObjectDisposedException");
    446. 

  446.                 }
    447. 

  447.                 catch (SocketException ex)
    448. 

  448.                 {
    449. 

  449.                     m_isConnected = false;
    450. 

  450.                     Log("[ReceiveCallback] BeginReceive SocketException: " + ex.Message);
    451. 

  451.                 }
    452. 

  452.             }
    453. 

  453.         }
    454. 

  454. 

  455.         private void ProcessConnectionBuffer(ConnectionState state)
    456. 

  456.         {
    457. 

  457.             NBTConnectionReceiveBuffer receiveBuffer = state.ReceiveBuffer;
    458. 

  458.             while (receiveBuffer.HasCompletePacket())
    459. 

  459.             {
    460. 

  460.                 SessionPacket packet = null;
    461. 

  461.                 try
    462. 

  462.                 {
    463. 

  463.                     packet = receiveBuffer.DequeuePacket();
    464. 

  464.                 }
    465. 

  465.                 catch (Exception)
    466. 

  466.                 {
    467. 

  467.                     m_clientSocket.Close();
    468. 

  468.                     break;
    469. 

  469.                 }
    470. 

  470. 

  471.                 if (packet != null)
    472. 

  472.                 {
    473. 

  473.                     ProcessPacket(packet, state);
    474. 

  474.                 }
    475. 

  475.             }
    476. 

  476.         }
    477. 

  477. 

  478.         private void ProcessPacket(SessionPacket packet, ConnectionState state)
    479. 

  479.         {
    480. 

  480.             if (packet is SessionKeepAlivePacket && m_transport == SMBTransportType.NetBiosOverTCP)
    481. 

  481.             {
    482. 

  482.                 // [RFC 1001] NetBIOS session keep alives do not require a response from the NetBIOS peer
    483. 

  483.             }
    484. 

  484.             else if ((packet is PositiveSessionResponsePacket || packet is NegativeSessionResponsePacket) && m_transport == SMBTransportType.NetBiosOverTCP)
    485. 

  485.             {
    486. 

  486.                 m_sessionResponsePacket = packet;
    487. 

  487.                 m_sessionResponseEventHandle.Set();
    488. 

  488.             }
    489. 

  489.             else if (packet is SessionMessagePacket)
    490. 

  490.             {
    491. 

  491.                 SMB1Message message;
    492. 

  492.                 try
    493. 

  493.                 {
    494. 

  494.                     message = SMB1Message.GetSMB1Message(packet.Trailer);
    495. 

  495.                 }
    496. 

  496.                 catch (Exception ex)
    497. 

  497.                 {
    498. 

  498.                     Log("Invalid SMB1 message: " + ex.Message);
    499. 

  499.                     m_clientSocket.Close();
    500. 

  500.                     m_isConnected = false;
    501. 

  501.                     return;
    502. 

  502.                 }
    503. 

  503. 

  504.                 // [MS-CIFS] 3.2.5.1 - If the MID value is the reserved value 0xFFFF, the message can be an OpLock break
    505. 

  505.                 // sent by the server. Otherwise, if the PID and MID values of the received message are not found in the
    506. 

  506.                 // Client.Connection.PIDMIDList, the message MUST be discarded.
    507. 

  507.                 if ((message.Header.MID == 0xFFFF && message.Header.Command == CommandName.SMB_COM_LOCKING_ANDX) ||
    508. 

  508.                     (message.Header.PID == 0 && message.Header.MID == 0))
    509. 

  509.                 {
    510. 

  510.                     lock (m_incomingQueueLock)
    511. 

  511.                     {
    512. 

  512.                         m_incomingQueue.Add(message);
    513. 

  513.                         m_incomingQueueEventHandle.Set();
    514. 

  514.                     }
    515. 

  515.                 }
    516. 

  516.             }
    517. 

  517.         }
    518. 

  518. 

  519.         internal SMB1Message WaitForMessage(CommandName commandName)
    520. 

  520.         {
    521. 

  521.             const int TimeOut = 5000;
    522. 

  522.             Stopwatch stopwatch = new Stopwatch();
    523. 

  523.             stopwatch.Start();
    524. 

  524.             while (stopwatch.ElapsedMilliseconds < TimeOut)
    525. 

  525.             {
    526. 

  526.                 lock (m_incomingQueueLock)
    527. 

  527.                 {
    528. 

  528.                     for (int index = 0; index < m_incomingQueue.Count; index++)
    529. 

  529.                     {
    530. 

  530.                         SMB1Message message = m_incomingQueue[index];
    531. 

  531. 

  532.                         if (message.Commands[0].CommandName == commandName)
    533. 

  533.                         {
    534. 

  534.                             m_incomingQueue.RemoveAt(index);
    535. 

  535.                             return message;
    536. 

  536.                         }
    537. 

  537.                     }
    538. 

  538.                 }
    539. 

  539.                 m_incomingQueueEventHandle.WaitOne(100);
    540. 

  540.             }
    541. 

  541.             return null;
    542. 

  542.         }
    543. 

  543. 

  544.         internal SessionPacket WaitForSessionResponsePacket()
    545. 

  545.         {
    546. 

  546.             const int TimeOut = 5000;
    547. 

  547.             Stopwatch stopwatch = new Stopwatch();
    548. 

  548.             stopwatch.Start();
    549. 

  549.             while (stopwatch.ElapsedMilliseconds < TimeOut)
    550. 

  550.             {
    551. 

  551.                 if (m_sessionResponsePacket != null)
    552. 

  552.                 {
    553. 

  553.                     SessionPacket result = m_sessionResponsePacket;
    554. 

  554.                     m_sessionResponsePacket = null;
    555. 

  555.                     return result;
    556. 

  556.                 }
    557. 

  557. 

  558.                 m_sessionResponseEventHandle.WaitOne(100);
    559. 

  559.             }
    560. 

  560. 

  561.             return null;
    562. 

  562.         }
    563. 

  563. 

  564.         private void Log(string message)
    565. 

  565.         {
    566. 

  566.             System.Diagnostics.Debug.Print(message);
    567. 

  567.         }
    568. 

  568. 

  569.         internal void TrySendMessage(SMB1Command request)
    570. 

  570.         {
    571. 

  571.             TrySendMessage(request, 0);
    572. 

  572.         }
    573. 

  573. 

  574.         internal void TrySendMessage(SMB1Command request, ushort treeID)
    575. 

  575.         {
    576. 

  576.             SMB1Message message = new SMB1Message();
    577. 

  577.             message.Header.UnicodeFlag = m_unicode;
    578. 

  578.             message.Header.ExtendedSecurityFlag = m_forceExtendedSecurity;
    579. 

  579.             message.Header.Flags2 |= HeaderFlags2.LongNamesAllowed | HeaderFlags2.LongNameUsed | HeaderFlags2.NTStatusCode;
    580. 

  580.             message.Header.UID = m_userID;
    581. 

  581.             message.Header.TID = treeID;
    582. 

  582.             message.Commands.Add(request);
    583. 

  583.             TrySendMessage(m_clientSocket, message);
    584. 

  584.         }
    585. 

  585. 

  586.         public bool Unicode
    587. 

  587.         {
    588. 

  588.             get
    589. 

  589.             {
    590. 

  590.                 return m_unicode;
    591. 

  591.             }
    592. 

  592.         }
    593. 

  593. 

  594.         public bool LargeFiles
    595. 

  595.         {
    596. 

  596.             get
    597. 

  597.             {
    598. 

  598.                 return m_largeFiles;
    599. 

  599.             }
    600. 

  600.         }
    601. 

  601. 

  602.         public bool InfoLevelPassthrough
    603. 

  603.         {
    604. 

  604.             get
    605. 

  605.             {
    606. 

  606.                 return m_infoLevelPassthrough;
    607. 

  607.             }
    608. 

  608.         }
    609. 

  609. 

  610.         public bool LargeRead
    611. 

  611.         {
    612. 

  612.             get
    613. 

  613.             {
    614. 

  614.                 return m_largeRead;
    615. 

  615.             }
    616. 

  616.         }
    617. 

  617. 

  618.         public bool LargeWrite
    619. 

  619.         {
    620. 

  620.             get
    621. 

  621.             {
    622. 

  622.                 return m_largeWrite;
    623. 

  623.             }
    624. 

  624.         }
    625. 

  625. 

  626.         public uint ServerMaxBufferSize
    627. 

  627.         {
    628. 

  628.             get
    629. 

  629.             {
    630. 

  630.                 return m_serverMaxBufferSize;
    631. 

  631.             }
    632. 

  632.         }
    633. 

  633. 

  634.         public int MaxMpxCount
    635. 

  635.         {
    636. 

  636.             get
    637. 

  637.             {
    638. 

  638.                 return m_maxMpxCount;
    639. 

  639.             }
    640. 

  640.         }
    641. 

  641. 

  642.         public uint MaxReadSize
    643. 

  643.         {
    644. 

  644.             get
    645. 

  645.             {
    646. 

  646.                 return ClientMaxBufferSize - (SMB1Header.Length + 3 + ReadAndXResponse.ParametersLength);
    647. 

  647.             }
    648. 

  648.         }
    649. 

  649. 

  650.         public uint MaxWriteSize
    651. 

  651.         {
    652. 

  652.             get
    653. 

  653.             {
    654. 

  654.                 uint result = ServerMaxBufferSize - (SMB1Header.Length + 3 + WriteAndXRequest.ParametersFixedLength + 4);
    655. 

  655.                 if (m_unicode)
    656. 

  656.                 {
    657. 

  657.                     result--;
    658. 

  658.                 }
    659. 

  659.                 return result;
    660. 

  660.             }
    661. 

  661.         }
    662. 

  662. 

  663.         public static void TrySendMessage(Socket socket, SMB1Message message)
    664. 

  664.         {
    665. 

  665.             SessionMessagePacket packet = new SessionMessagePacket();
    666. 

  666.             packet.Trailer = message.GetBytes();
    667. 

  667.             TrySendPacket(socket, packet);
    668. 

  668.         }
    669. 

  669. 

  670.         public static void TrySendPacket(Socket socket, SessionPacket packet)
    671. 

  671.         {
    672. 

  672.             try
    673. 

  673.             {
    674. 

  674.                 socket.Send(packet.GetBytes());
    675. 

  675.             }
    676. 

  676.             catch (SocketException)
    677. 

  677.             {
    678. 

  678.             }
    679. 

  679.             catch (ObjectDisposedException)
    680. 

  680.             {
    681. 

  681.             }
    682. 

  682.         }
    683. 

  683.     }
    684. 

  684. }
    685.