/
fingerprint.go
77 lines (61 loc) · 1.9 KB
/
fingerprint.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package smb
import (
"context"
"fmt"
"net"
"time"
"github.com/5amu/goad/pkg/smb/internal/utf16le"
)
type SMBFingerprint struct {
// V1Support if supports SMBv1
V1Support bool
// Security Mode of the connection
SigningRequired bool
// Reported Vesion of OS
OSVersion string
// NETBIOS
NetBIOSComputerName string
NetBIOSDomainName string
// DNS
DNSComputerName string
DNSDomainName string
ForestName string
}
func Fingerprint(host string, port int) (*SMBFingerprint, error) {
var d net.Dialer
return FingerprintWithDialer(host, port, d.Dial)
}
func FingerprintWithDialer(host string, port int, dialer func(network string, addr string) (net.Conn, error)) (*SMBFingerprint, error) {
conn1, err := dialer("tcp", fmt.Sprintf("%s:%d", host, port))
if err != nil {
return nil, err
}
var info SMBFingerprint
info.V1Support = NewV1Client().WithConn(conn1).IsSMBv1()
go conn1.Close()
conn3, err := dialer("tcp", fmt.Sprintf("%s:%d", host, port))
if err != nil {
return nil, err
}
d := &Dialer{
Initiator: &NTLMSSPInitiator{},
}
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
defer cancel()
s, _ := d.DialContext(ctx, conn3)
initiator := d.Initiator.(*NTLMSSPInitiator)
if s != nil {
if s.s != nil {
info.SigningRequired = s.s.requireSigning
}
}
sd := initiator.ntlm.SessionDetails()
info.OSVersion = fmt.Sprintf("%d.%d.%d", sd.Version.ProductMajorVersion, sd.Version.ProductMinorVersion, sd.Version.ProductBuild)
infomap := initiator.GetInfoMap()
info.NetBIOSComputerName = utf16le.DecodeToString([]byte(infomap.NbComputerName))
info.NetBIOSDomainName = utf16le.DecodeToString([]byte(infomap.NbDomainName))
info.DNSComputerName = utf16le.DecodeToString([]byte(infomap.DnsComputerName))
info.DNSDomainName = utf16le.DecodeToString([]byte(infomap.DnsDomainName))
info.ForestName = utf16le.DecodeToString([]byte(infomap.DnsTreeName))
return &info, nil
}