Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update smb login to support additional configuration #18897

Merged
merged 1 commit into from Feb 29, 2024
Merged

Update smb login to support additional configuration #18897

merged 1 commit into from Feb 29, 2024

Conversation

adfoster-r7
Copy link
Contributor

Updates the smb_login module to support configuring the negotiated SMB protocol versions and whether encryption is negotiated.

Verification

Create samba target:

docker run -it --rm -p 139:139 -p 445:445 ubuntu:16.04 /bin/bash
mkdir -p /tmp/foo
apt update
apt install -y samba

samba --version
# Version 4.3.11-Ubuntu

cat << EOF >> /etc/samba/smb.conf
[foo_share]
    comment = Foo samba share
    path = /tmp/foo
    read only = no
    browsable = yes
    valid users = root
EOF


# Allow root access
passwd -u root
echo 'root:admin' | chpasswd

service smbd restart

Run Metasploit module:

use scanner/smb/smb_login
run rhost=127.0.0.1 username=root password=admin createsession=true smb::alwaysencrypt=false smb::protocolversion=2

Before

SMB configuration is ignored, and wireshark shows encryption is present

image

After

SMB configuration is honored, and wireshark shows encryption is now disabled

image

@adfoster-r7 adfoster-r7 force-pushed the update-smb-login-to-support-additional-configuration branch 2 times, most recently from 1fd665e to 440645c Compare February 28, 2024 16:43
@adfoster-r7 adfoster-r7 force-pushed the update-smb-login-to-support-additional-configuration branch from 440645c to 1315852 Compare February 28, 2024 20:24
@dwelch-r7 dwelch-r7 merged commit a4543b0 into rapid7:master Feb 29, 2024
48 checks passed
@dwelch-r7 dwelch-r7 added the rn-fix release notes fix label Feb 29, 2024
@dwelch-r7
Copy link
Contributor

Release Notes

Updates the smb_login module to support configuring the negotiated SMB protocol versions and whether encryption is negotiated.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
rn-fix release notes fix
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@adfoster-r7 @dwelch-r7