Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make it possible to provide a non-default RPORT #19076

Closed
wants to merge 4 commits into from
Closed

Make it possible to provide a non-default RPORT #19076

wants to merge 4 commits into from

Conversation

nrathaus
Copy link
Contributor

Related to: #19072

Make it possible to add a non-default (139, 445) port to the SMB test, by using Set rather than list/array and adding the datastore RPORT to the mix

@nrathaus nrathaus mentioned this pull request Apr 11, 2024
Closed
@smcintyre-r7 smcintyre-r7 self-assigned this Apr 16, 2024
@smcintyre-r7
Copy link
Contributor

So now that #19095 has been landed, the #connect method has the direct keyword argument. That means this can proceed, it just needs to be rebased and then to consolidate the port options into just RPORT instead of individual datastore options for each.

The pattern now included in smb_enumusers should fit here where it'll check 139 and 445 if RPORT is not set. If RPORT is set, it'll be the only port checked. That should meet the requirements of the original request, maintain backwards compatibility and be relatively intuitive for users due to the reuse of the existing datastore options for their intended purposes.

metasploit-framework/modules/auxiliary/scanner/smb/smb_enumusers.rb

Lines 44 to 58 in aef3cc5

if datastore['RPORT'].blank? || datastore['RPORT'] == 0
smb_services = [
{ port: 139, direct: false },
{ port: 445, direct: true }
]
else
smb_services = [
{ port: datastore['RPORT'], direct: datastore['SMBDirect'] }
]
end
smb_services.each do |smb_service|
run_service(smb_service[:port], smb_service[:direct])
end
end

@smcintyre-r7
Copy link
Contributor

Are you still interested in making these changes?

@nrathaus
Copy link
Contributor Author

nrathaus commented May 5, 2024

@smcintyre-r7 I am not quite following what is needed as a change, is it this:

   if datastore['RPORT'].blank? || datastore['RPORT'] == 0 
     smb_services = [ 
       { port: 139, direct: false }, 
       { port: 445, direct: true } 
     ] 
   else 
     smb_services = [ 
       { port: datastore['RPORT'], direct: datastore['SMBDirect'] } 
     ] 
   end

I changes I proposed earlier you said are not what you hoped

@zeroSteiner zeroSteiner mentioned this pull request May 7, 2024
Merged
4 tasks
@smcintyre-r7
Copy link
Contributor

Sorry for the confusion but I opened a PR with what I had in mind in #19163. Using that, we can retain the original functionality of trying 139 and 445 automatically, or allow the user to specify a port of their choosing in which case it'll be the only one tested. It also reuses the existing RPORT and SMBDirect datastore options instead of adding new ones such as SMB_RPORT / RPC_RPORT.

@nrathaus
Copy link
Contributor Author

nrathaus commented May 7, 2024

Great

@nrathaus nrathaus deleted the smb_version_rport branch May 7, 2024 14:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@smcintyre-r7 smcintyre-r7

Labels
enhancement module rn-enhancement release notes enhancement
Projects
Metasploit Kanban
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@nrathaus @smcintyre-r7