AccessDenied on session.connect() #321
Description
I am trying to connect to a smb server but always get a STATUS_ACCESS_DENIED error. The connection with other tools works fine. I can see the "Session Setup Request"s in the network dump.
Here i tried the connection using nifi from a container
- 33 3.698110 10.1.101.223 10.2.52.85 445 SMB2 576 Session Setup Request, NTLMSSP_AUTH, User: domain\user
- 34 3.725101 10.2.52.85 10.1.101.223 55478 SMB2 161 Session Setup Response
But when connecting with smbprotocol i get an error
- 37 3.504813 10.1.101.223 10.2.52.85 445 SMB2 651 Session Setup Request, NTLMSSP_AUTH, User: domain\user
- 38 3.556070 10.2.52.85 10.1.101.223 55143 SMB2 132 Session Setup Response, Error: STATUS_ACCESS_DENIED
when i try the integration tests it always fails on session.connect(). At the bottom you will find an example test that is failing including the log output. Any clue what is wrong here?
============================= test session starts ==============================
platform darwin -- Python 3.10.12, pytest-8.4.1, pluggy-1.6.0 -- /Users/user/playground/smbprotocol/.venv/bin/python
cachedir: .pytest_cache
rootdir: /Users/user/playground/smbprotocol/tests
configfile: pytest.ini
plugins: env-1.1.5, cov-6.2.1, mock-3.14.1
collecting ... collected 1 item
tests/test_session.py::TestSession::test_dialect_3_1_1
-------------------------------- live log call ---------------------------------
INFO smbprotocol.connection:connection.py:741 Initialising connection, guid: aa96b06b-3f62-47b3-8142-4265f98c0c82, require_signing: True, server_name: server.domain.net, port: 445
INFO smbprotocol.connection:connection.py:867 Setting up transport connection
INFO smbprotocol.transport:transport.py:64 Connecting to DirectTcp socket
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:876 Starting negotiation with SMB server
INFO smbprotocol.connection:connection.py:1546 Negotiating with SMB2 protocol with highest client dialect of: SMB_3_1_1
DEBUG smbprotocol.connection:connection.py:1554 Adding client guid aa96b06b-3f62-47b3-8142-4265f98c0c82 to negotiate request
DEBUG smbprotocol.connection:connection.py:1562 Adding client capabilities 69 to negotiate request
DEBUG smbprotocol.connection:connection.py:1575 Adding preauth integrity capabilities of hash SHA512 and salt b'o\x14\xce\xf3beM\x05\xad\xddR,\xb4\xa8KW\x0c9\xc9y\x7f\x87[\xbd\xe1(\xb0\x90-\x12\xfc\xa3' to negotiate request
DEBUG smbprotocol.connection:connection.py:1585 Adding encryption capabilities of AES128|256 GCM and AES128|256 CCM to negotiate request
DEBUG smbprotocol.connection:connection.py:1591 Adding netname context id of server.domain.net to negotiate request
DEBUG smbprotocol.connection:connection.py:1597 Adding signing algorithms AES_GMAC, AES_CMAC, and HMAC_SHA256 to negotiate request
INFO smbprotocol.connection:connection.py:1610 Sending SMB2 Negotiate message
DEBUG smbprotocol.connection:connection.py:1611 SMB3NegotiateRequest:
structure_size = 36
dialect_count = 1
security_mode = (2) SMB2_NEGOTIATE_SIGNING_REQUIRED
reserved = 0
capabilities = (69) SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_ENCRYPTION, SMB2_GLOBAL_CAP_LARGE_MTU
client_guid = aa96b06b-3f62-47b3-8142-4265f98c0c82
negotiate_context_offset = 104
negotiate_context_count = 4
reserved2 = 0
dialects = [
(785) SMB_3_1_1
]
padding = 00 00
negotiate_context_list = [
SMB2NegotiateContextRequest:
context_type = (1) SMB2_PREAUTH_INTEGRITY_CAPABILITIES
data_length = 38
reserved = 0
data =
SMB2PreauthIntegrityCapabilities:
hash_algorithm_count = 1
salt_length = 32
hash_algorithms = [
(1) SHA_512
]
salt = 6F 14 CE F3 62 65 4D 05 AD DD 52 2C B4 A8 4B 57 0C 39 C9 79 7F 87 5B BD E1 28 B0 90 2D 12 FC A3
Raw Hex:
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3
padding = 00 00
Raw Hex:
01 00 26 00 00 00 00 00
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3 00 00,
SMB2NegotiateContextRequest:
context_type = (2) SMB2_ENCRYPTION_CAPABILITIES
data_length = 10
reserved = 0
data =
SMB2EncryptionCapabilities:
cipher_count = 4
ciphers = [
(2) AES_128_GCM,
(1) AES_128_CCM,
(4) AES_256_GCM,
(3) AES_256_CCM
]
Raw Hex:
04 00 02 00 01 00 04 00
03 00
padding = 00 00 00 00 00 00
Raw Hex:
02 00 0A 00 00 00 00 00
04 00 02 00 01 00 04 00
03 00 00 00 00 00 00 00,
SMB2NegotiateContextRequest:
context_type = (5) SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
data_length = 48
reserved = 0
data =
SMB2NetnameNegotiateContextId:
net_name = server.domain.net
Raw Hex:
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00
padding =
Raw Hex:
05 00 30 00 00 00 00 00
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00,
SMB2NegotiateContextRequest:
context_type = (8) SMB2_SIGNING_CAPABILITIES
data_length = 8
reserved = 0
data =
SMB2SigningCapabilities:
signing_algorithm_count = 3
signing_algorithms = [
(2) AES_GMAC,
(1) AES_CMAC,
(0) HMAC_SHA256
]
Raw Hex:
03 00 02 00 01 00 00 00
padding =
Raw Hex:
08 00 08 00 00 00 00 00
03 00 02 00 01 00 00 00
]
Raw Hex:
24 00 01 00 02 00 00 00
45 00 00 00 AA 96 B0 6B
3F 62 47 B3 81 42 42 65
F9 8C 0C 82 68 00 00 00
04 00 00 00 11 03 00 00
01 00 26 00 00 00 00 00
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3 00 00
02 00 0A 00 00 00 00 00
04 00 02 00 01 00 04 00
03 00 00 00 00 00 00 00
05 00 30 00 00 00 00 00
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00
08 00 08 00 00 00 00 00
03 00 02 00 01 00 00 00
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(324) (total 324)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 324 bytes (total 324)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:1615 Receiving SMB2 Negotiate response
DEBUG smbprotocol.connection:connection.py:1616 SMB2HeaderResponse:
protocol_id = FE 53 4D 42
structure_size = 64
credit_charge = 0
status = (0) STATUS_SUCCESS
command = (0) SMB2_NEGOTIATE
credit_response = 1
flags = (1) SMB2_FLAGS_SERVER_TO_REDIR
next_command = 0
message_id = 0
reserved = 0
tree_id = 0
session_id = 0
signature = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
data = 41 00 03 00 11 03 03 00 20 8F 1C 1B 04 AD 51 45 85 A7 4B D7 C6 44 83 B4 07 00 00 00 00 00 80 00 00 00 80 00 00 00 80 00 CD F3 C7 4A 24 E0 DB 01 00 00 00 00 00 00 00 00 80 00 78 00 F8 00 00 00 60 76 06 06 2B 06 01 05 05 02 A0 6C 30 6A A0 3C 30 3A 06 0A 2B 06 01 04 01 82 37 02 02 1E 06 09 2A 86 48 82 F7 12 01 02 02 06 09 2A 86 48 86 F7 12 01 02 02 06 0A 2A 86 48 86 F7 12 01 02 02 03 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 2A 30 28 A0 26 1B 24 6E 6F 74 5F 64 65 66 69 6E 65 64 5F 69 6E 5F 52 46 43 34 31 37 38 40 70 6C 65 61 73 65 5F 69 67 6E 6F 72 65 01 00 26 00 00 00 00 00 01 00 20 00 01 00 C5 65 42 1E 16 F9 D6 8A 82 84 04 E3 DC F7 AF 78 33 AD 65 15 F2 D8 CC 36 01 7E C4 2F FE 8E EF 1D 00 00 02 00 04 00 00 00 00 00 01 00 02 00 00 00 00 00 08 00 04 00 00 00 00 00 01 00 02 00
Raw Hex:
FE 53 4D 42 40 00 00 00
00 00 00 00 00 00 01 00
01 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
41 00 03 00 11 03 03 00
20 8F 1C 1B 04 AD 51 45
85 A7 4B D7 C6 44 83 B4
07 00 00 00 00 00 80 00
00 00 80 00 00 00 80 00
CD F3 C7 4A 24 E0 DB 01
00 00 00 00 00 00 00 00
80 00 78 00 F8 00 00 00
60 76 06 06 2B 06 01 05
05 02 A0 6C 30 6A A0 3C
30 3A 06 0A 2B 06 01 04
01 82 37 02 02 1E 06 09
2A 86 48 82 F7 12 01 02
02 06 09 2A 86 48 86 F7
12 01 02 02 06 0A 2A 86
48 86 F7 12 01 02 02 03
06 0A 2B 06 01 04 01 82
37 02 02 0A A3 2A 30 28
A0 26 1B 24 6E 6F 74 5F
64 65 66 69 6E 65 64 5F
69 6E 5F 52 46 43 34 31
37 38 40 70 6C 65 61 73
65 5F 69 67 6E 6F 72 65
01 00 26 00 00 00 00 00
01 00 20 00 01 00 C5 65
42 1E 16 F9 D6 8A 82 84
04 E3 DC F7 AF 78 33 AD
65 15 F2 D8 CC 36 01 7E
C4 2F FE 8E EF 1D 00 00
02 00 04 00 00 00 00 00
01 00 02 00 00 00 00 00
08 00 04 00 00 00 00 00
01 00 02 00
INFO smbprotocol.connection:connection.py:889 Negotiated dialect: (785) SMB_3_1_1
INFO smbprotocol.connection:connection.py:901 Connection require signing: True
INFO smbprotocol.session:session.py:226 Initialising session with username: domain\user
DEBUG smbprotocol.session:session.py:271 Decoding SPNEGO token containing supported auth mechanisms
DEBUG spnego._negotiate:_negotiate.py:145 SPNEGO step input: YHYGBisGAQUFAqBsMGqgPDA6BgorBgEEAYI3AgIeBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKoZIhvcSAQICAwYKKwYBBAGCNwICCqMqMCigJhskbm90X2RlZmluZWRfaW5fUkZDNDE3OEBwbGVhc2VfaWdub3Jl
DEBUG spnego._negotiate:_negotiate.py:442 Attempting to create kerberos context when building SPNEGO mech list
DEBUG spnego._negotiate:_negotiate.py:458 Failed to create context for SPNEGO protocol kerberos: GSSAPIProxy requires the Python gssapi library: No module named 'gssapi'
DEBUG spnego._negotiate:_negotiate.py:442 Attempting to create ntlm context when building SPNEGO mech list
DEBUG spnego._negotiate:_negotiate.py:174 SPNEGO step output: YEgGBisGAQUFAqA+MDygDjAMBgorBgEEAYI3AgIKoioEKE5UTE1TU1AAAQAAADeCCOIAAAAAKAAAAAAAAAAoAAAAAAsCAAAAAA8=
INFO smbprotocol.session:session.py:302 Sending SMB2_SESSION_SETUP request message
INFO smbprotocol.session:session.py:306 Receiving SMB2_SESSION_SETUP response message
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(321) (total 321)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 321 bytes (total 321)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.session:session.py:328 More processing is required for SMB2_SESSION_SETUP
DEBUG spnego._negotiate:_negotiate.py:145 SPNEGO step input: oYH2MIHzoAMKAQGhDAYKKwYBBAGCNwICCqKB3QSB2k5UTE1TU1AAAgAAAAwADAA4AAAANYKJ4uc8PeNCoPxqAAAAAAAAAACWAJYARAAAAAoAfE8AAAAPUwBJAEMASwBDAE4AAgAMAFMASQBDAEsAQwBOAAEAFABEAEUAQQBHAFMAMAA5ADYAMQA3AAQAFABzAGkAYwBrAGMAbgAuAG4AZQB0AAMAKgBkAGUAYQBnAHMAMAA5ADYAMQA3AC4AcwBpAGMAawBjAG4ALgBuAGUAdAAFABQAcwBpAGMAawBjAG4ALgBuAGUAdAAHAAgAdxDLSiTg2wEAAAAA
DEBUG spnego._negotiate:_negotiate.py:174 SPNEGO step output: oYIB8zCCAe+gAwoBAaKCAdIEggHOTlRMTVNTUAADAAAAGAAYAFgAAAAMAQwBcAAAAAwADAB8AQAADgAOAIgBAAAoACgAlgEAABAAEAC+AQAANYKJ4gALAgAAAAAPh5wAowC8p1ZjB6WWSKv3GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoOz48rKi9jAqsTFyWcs6wBAQAAAAAAAHcQy0ok4NsBRNS/xY2DiGYAAAAAAgAMAFMASQBDAEsAQwBOAAEAFABEAEUAQQBHAFMAMAA5ADYAMQA3AAQAFABzAGkAYwBrAGMAbgAuAG4AZQB0AAMAKgBkAGUAYQBnAHMAMAA5ADYAMQA3AC4AcwBpAGMAawBjAG4ALgBuAGUAdAAFABQAcwBpAGMAawBjAG4ALgBuAGUAdAAHAAgAdxDLSiTg2wEJADoAYwBpAGYAcwAvAGQAZQBhAGcAeAB0AHIAYQBjAHQAZABlAHYALgBzAGkAYwBrAGMAbgAuAG4AZQB0AAYABAACAAAAAAAAAAAAAABzAGkAYwBrAGMAbgBrAG8AZQBoAGwAagBhAE0AQQBDAE8AUwAtAE0AQgBQAC0AVgBYAE0ASABIAEgARgBWAFgARAC9bvoWp2r51TYGArIh59aooxIEEAEAAABBV/jHRmTFbAAAAAA=
INFO smbprotocol.session:session.py:302 Sending SMB2_SESSION_SETUP request message
INFO smbprotocol.session:session.py:306 Receiving SMB2_SESSION_SETUP response message
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(72) (total 72)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 72 bytes (total 72)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:954 Disconnecting transport connection
INFO smbprotocol.transport:transport.py:75 Disconnecting DirectTcp socket
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 0 bytes (total 4)
FAILED [100%]
=================================== FAILURES ===================================
________________________ TestSession.test_dialect_3_1_1 ________________________
self = <tests.test_session.TestSession object at 0x106e0b040>
smb_real = ('domain\\user', 'secret', 'server.domain.net', 445, '\\\\server.domain.net\\test_share', '\\\\server.domain.net\\test_share-encrypted')
def test_dialect_3_1_1(self, smb_real):
connection = Connection(uuid.uuid4(), smb_real[2], smb_real[3])
connection.connect(Dialects.SMB_3_1_1)
session = Session(connection, smb_real[0], smb_real[1])
try:
> session.connect()
tests/test_session.py:198:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
src/smbprotocol/session.py:308: in connect
response = self.connection.receive(request)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
self = <smbprotocol.connection.Connection object at 0x106e0b010>
request = <smbprotocol.connection.Request object at 0x106e9f4c0>, wait = True
timeout = None, resolve_symlinks = True
def receive(self, request, wait=True, timeout=None, resolve_symlinks=True):
"""
Polls the message buffer of the TCP connection and waits until a valid
message is received based on the message_id passed in.
:param request: The Request object to wait get the response for
:param wait: Wait for the final response in the case of a STATUS_PENDING response, the pending response is
returned in the case of wait=False
:param timeout: Set a timeout used while waiting for the final response from the server.
:param resolve_symlinks: Set to automatically resolve symlinks in the path when opening a file or directory.
:return: SMB2HeaderResponse of the received message
"""
# Make sure the receiver is still active, if not this raises an exception.
self._check_worker_running()
start_time = time.time()
while True:
iter_timeout = int(max(timeout - (time.time() - start_time), 1)) if timeout is not None else None
if not request.response_event.wait(timeout=iter_timeout):
value = request.message["message_id"].get_value()
raise SMBException(
f"Connection timeout of {timeout} seconds exceeded while waiting for a message id {value} "
"response from the server"
)
# Use a lock on the request so that in the case of a pending response we have exclusive lock on the event
# flag and can clear it without the future pending response taking it over before we first clear the flag.
with request.response_event_lock:
self._check_worker_running() # The worker may have failed while waiting for the response, check again
response = request.response
status = response["status"].get_value()
if status == NtStatus.STATUS_PENDING and wait:
# Received a pending message, clear the response_event flag and wait again.
request.response_event.clear()
continue
elif status == NtStatus.STATUS_STOPPED_ON_SYMLINK and resolve_symlinks:
# Received when we do an Open on a path that contains a symlink. Need to capture all related
# requests and resend the Open + others with the redirected path. First we need to resolve the
# symlink path. This will fail if the symlink is pointing to a location that is not in the same
# tree/share as the original request.
# First wait for the other remaining requests to be processed. Their status will also fail and we
# need to make sure we update the old request with the new one properly.
related_requests = [self.outstanding_requests[i] for i in request.related_ids]
[r.response_event.wait() for r in related_requests]
# Now create a new request with the new path the symlink points to.
session = self.session_table[request.session_id]
tree = session.tree_connect_table[request.message["tree_id"].get_value()]
old_create = request.get_message_data()
tree_share_name = tree.share_name + "\\"
original_path = tree_share_name + to_text(
old_create["buffer_path"].get_value(), encoding="utf-16-le"
)
exp = SMBResponseException(response)
reparse_buffer = next(e for e in exp.error_details if isinstance(e, SMB2SymbolicLinkErrorResponse))
new_path = reparse_buffer.resolve_path(original_path)[len(tree_share_name) :]
new_open = Open(tree, new_path)
create_req = new_open.create(
old_create["impersonation_level"].get_value(),
old_create["desired_access"].get_value(),
old_create["file_attributes"].get_value(),
old_create["share_access"].get_value(),
old_create["create_disposition"].get_value(),
old_create["create_options"].get_value(),
create_contexts=old_create["buffer_contexts"].get_value(),
send=False,
)[0]
# Now add all the related requests (if any) to send as a compound request.
new_msgs = [create_req] + [r.get_message_data() for r in related_requests]
new_requests = self.send_compound(new_msgs, session.session_id, tree.tree_connect_id, related=True)
# Verify that the first request was successful before updating the related requests with the new
# info.
error = None
try:
new_response = self.receive(new_requests[0], wait=wait, timeout=timeout, resolve_symlinks=True)
except SMBResponseException as exc:
# We need to make sure we fix up the remaining responses before throwing this.
error = exc
[r.response_event.wait() for r in new_requests]
# Update the old requests with the new response information
for i, old_request in enumerate([request] + related_requests):
del self.outstanding_requests[old_request.message["message_id"].get_value()]
old_request.update_request(new_requests[i])
if error:
raise error
return new_response
else:
# now we have a retrieval request for the response, we can delete
# the request from the outstanding requests
message_id = request.message["message_id"].get_value()
self.outstanding_requests.pop(message_id, None)
if status not in [NtStatus.STATUS_SUCCESS, NtStatus.STATUS_PENDING]:
> raise SMBResponseException(response)
E smbprotocol.exceptions.AccessDenied: Received unexpected status from the server: A process has requested access to an object but has not been granted those access rights. (3221225506) STATUS_ACCESS_DENIED: 0xc0000022
src/smbprotocol/connection.py:1103: AccessDenied
------------------------------ Captured log call -------------------------------
INFO smbprotocol.connection:connection.py:741 Initialising connection, guid: aa96b06b-3f62-47b3-8142-4265f98c0c82, require_signing: True, server_name: server.domain.net, port: 445
INFO smbprotocol.connection:connection.py:867 Setting up transport connection
INFO smbprotocol.transport:transport.py:64 Connecting to DirectTcp socket
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:876 Starting negotiation with SMB server
INFO smbprotocol.connection:connection.py:1546 Negotiating with SMB2 protocol with highest client dialect of: SMB_3_1_1
DEBUG smbprotocol.connection:connection.py:1554 Adding client guid aa96b06b-3f62-47b3-8142-4265f98c0c82 to negotiate request
DEBUG smbprotocol.connection:connection.py:1562 Adding client capabilities 69 to negotiate request
DEBUG smbprotocol.connection:connection.py:1575 Adding preauth integrity capabilities of hash SHA512 and salt b'o\x14\xce\xf3beM\x05\xad\xddR,\xb4\xa8KW\x0c9\xc9y\x7f\x87[\xbd\xe1(\xb0\x90-\x12\xfc\xa3' to negotiate request
DEBUG smbprotocol.connection:connection.py:1585 Adding encryption capabilities of AES128|256 GCM and AES128|256 CCM to negotiate request
DEBUG smbprotocol.connection:connection.py:1591 Adding netname context id of server.domain.net to negotiate request
DEBUG smbprotocol.connection:connection.py:1597 Adding signing algorithms AES_GMAC, AES_CMAC, and HMAC_SHA256 to negotiate request
INFO smbprotocol.connection:connection.py:1610 Sending SMB2 Negotiate message
DEBUG smbprotocol.connection:connection.py:1611 SMB3NegotiateRequest:
structure_size = 36
dialect_count = 1
security_mode = (2) SMB2_NEGOTIATE_SIGNING_REQUIRED
reserved = 0
capabilities = (69) SMB2_GLOBAL_CAP_DFS, SMB2_GLOBAL_CAP_ENCRYPTION, SMB2_GLOBAL_CAP_LARGE_MTU
client_guid = aa96b06b-3f62-47b3-8142-4265f98c0c82
negotiate_context_offset = 104
negotiate_context_count = 4
reserved2 = 0
dialects = [
(785) SMB_3_1_1
]
padding = 00 00
negotiate_context_list = [
SMB2NegotiateContextRequest:
context_type = (1) SMB2_PREAUTH_INTEGRITY_CAPABILITIES
data_length = 38
reserved = 0
data =
SMB2PreauthIntegrityCapabilities:
hash_algorithm_count = 1
salt_length = 32
hash_algorithms = [
(1) SHA_512
]
salt = 6F 14 CE F3 62 65 4D 05 AD DD 52 2C B4 A8 4B 57 0C 39 C9 79 7F 87 5B BD E1 28 B0 90 2D 12 FC A3
Raw Hex:
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3
padding = 00 00
Raw Hex:
01 00 26 00 00 00 00 00
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3 00 00,
SMB2NegotiateContextRequest:
context_type = (2) SMB2_ENCRYPTION_CAPABILITIES
data_length = 10
reserved = 0
data =
SMB2EncryptionCapabilities:
cipher_count = 4
ciphers = [
(2) AES_128_GCM,
(1) AES_128_CCM,
(4) AES_256_GCM,
(3) AES_256_CCM
]
Raw Hex:
04 00 02 00 01 00 04 00
03 00
padding = 00 00 00 00 00 00
Raw Hex:
02 00 0A 00 00 00 00 00
04 00 02 00 01 00 04 00
03 00 00 00 00 00 00 00,
SMB2NegotiateContextRequest:
context_type = (5) SMB2_NETNAME_NEGOTIATE_CONTEXT_ID
data_length = 48
reserved = 0
data =
SMB2NetnameNegotiateContextId:
net_name = server.domain.net
Raw Hex:
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00
padding =
Raw Hex:
05 00 30 00 00 00 00 00
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00,
SMB2NegotiateContextRequest:
context_type = (8) SMB2_SIGNING_CAPABILITIES
data_length = 8
reserved = 0
data =
SMB2SigningCapabilities:
signing_algorithm_count = 3
signing_algorithms = [
(2) AES_GMAC,
(1) AES_CMAC,
(0) HMAC_SHA256
]
Raw Hex:
03 00 02 00 01 00 00 00
padding =
Raw Hex:
08 00 08 00 00 00 00 00
03 00 02 00 01 00 00 00
]
Raw Hex:
24 00 01 00 02 00 00 00
45 00 00 00 AA 96 B0 6B
3F 62 47 B3 81 42 42 65
F9 8C 0C 82 68 00 00 00
04 00 00 00 11 03 00 00
01 00 26 00 00 00 00 00
01 00 20 00 01 00 6F 14
CE F3 62 65 4D 05 AD DD
52 2C B4 A8 4B 57 0C 39
C9 79 7F 87 5B BD E1 28
B0 90 2D 12 FC A3 00 00
02 00 0A 00 00 00 00 00
04 00 02 00 01 00 04 00
03 00 00 00 00 00 00 00
05 00 30 00 00 00 00 00
64 00 65 00 61 00 67 00
78 00 74 00 72 00 61 00
63 00 74 00 64 00 65 00
76 00 2E 00 73 00 69 00
63 00 6B 00 63 00 6E 00
2E 00 6E 00 65 00 74 00
08 00 08 00 00 00 00 00
03 00 02 00 01 00 00 00
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(324) (total 324)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 324 bytes (total 324)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:1615 Receiving SMB2 Negotiate response
DEBUG smbprotocol.connection:connection.py:1616 SMB2HeaderResponse:
protocol_id = FE 53 4D 42
structure_size = 64
credit_charge = 0
status = (0) STATUS_SUCCESS
command = (0) SMB2_NEGOTIATE
credit_response = 1
flags = (1) SMB2_FLAGS_SERVER_TO_REDIR
next_command = 0
message_id = 0
reserved = 0
tree_id = 0
session_id = 0
signature = 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
data = 41 00 03 00 11 03 03 00 20 8F 1C 1B 04 AD 51 45 85 A7 4B D7 C6 44 83 B4 07 00 00 00 00 00 80 00 00 00 80 00 00 00 80 00 CD F3 C7 4A 24 E0 DB 01 00 00 00 00 00 00 00 00 80 00 78 00 F8 00 00 00 60 76 06 06 2B 06 01 05 05 02 A0 6C 30 6A A0 3C 30 3A 06 0A 2B 06 01 04 01 82 37 02 02 1E 06 09 2A 86 48 82 F7 12 01 02 02 06 09 2A 86 48 86 F7 12 01 02 02 06 0A 2A 86 48 86 F7 12 01 02 02 03 06 0A 2B 06 01 04 01 82 37 02 02 0A A3 2A 30 28 A0 26 1B 24 6E 6F 74 5F 64 65 66 69 6E 65 64 5F 69 6E 5F 52 46 43 34 31 37 38 40 70 6C 65 61 73 65 5F 69 67 6E 6F 72 65 01 00 26 00 00 00 00 00 01 00 20 00 01 00 C5 65 42 1E 16 F9 D6 8A 82 84 04 E3 DC F7 AF 78 33 AD 65 15 F2 D8 CC 36 01 7E C4 2F FE 8E EF 1D 00 00 02 00 04 00 00 00 00 00 01 00 02 00 00 00 00 00 08 00 04 00 00 00 00 00 01 00 02 00
Raw Hex:
FE 53 4D 42 40 00 00 00
00 00 00 00 00 00 01 00
01 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00
41 00 03 00 11 03 03 00
20 8F 1C 1B 04 AD 51 45
85 A7 4B D7 C6 44 83 B4
07 00 00 00 00 00 80 00
00 00 80 00 00 00 80 00
CD F3 C7 4A 24 E0 DB 01
00 00 00 00 00 00 00 00
80 00 78 00 F8 00 00 00
60 76 06 06 2B 06 01 05
05 02 A0 6C 30 6A A0 3C
30 3A 06 0A 2B 06 01 04
01 82 37 02 02 1E 06 09
2A 86 48 82 F7 12 01 02
02 06 09 2A 86 48 86 F7
12 01 02 02 06 0A 2A 86
48 86 F7 12 01 02 02 03
06 0A 2B 06 01 04 01 82
37 02 02 0A A3 2A 30 28
A0 26 1B 24 6E 6F 74 5F
64 65 66 69 6E 65 64 5F
69 6E 5F 52 46 43 34 31
37 38 40 70 6C 65 61 73
65 5F 69 67 6E 6F 72 65
01 00 26 00 00 00 00 00
01 00 20 00 01 00 C5 65
42 1E 16 F9 D6 8A 82 84
04 E3 DC F7 AF 78 33 AD
65 15 F2 D8 CC 36 01 7E
C4 2F FE 8E EF 1D 00 00
02 00 04 00 00 00 00 00
01 00 02 00 00 00 00 00
08 00 04 00 00 00 00 00
01 00 02 00
INFO smbprotocol.connection:connection.py:889 Negotiated dialect: (785) SMB_3_1_1
INFO smbprotocol.connection:connection.py:901 Connection require signing: True
INFO smbprotocol.session:session.py:226 Initialising session with username: domain\user
DEBUG smbprotocol.session:session.py:271 Decoding SPNEGO token containing supported auth mechanisms
DEBUG spnego._negotiate:_negotiate.py:145 SPNEGO step input: YHYGBisGAQUFAqBsMGqgPDA6BgorBgEEAYI3AgIeBgkqhkiC9xIBAgIGCSqGSIb3EgECAgYKKoZIhvcSAQICAwYKKwYBBAGCNwICCqMqMCigJhskbm90X2RlZmluZWRfaW5fUkZDNDE3OEBwbGVhc2VfaWdub3Jl
DEBUG spnego._negotiate:_negotiate.py:442 Attempting to create kerberos context when building SPNEGO mech list
DEBUG spnego._negotiate:_negotiate.py:458 Failed to create context for SPNEGO protocol kerberos: GSSAPIProxy requires the Python gssapi library: No module named 'gssapi'
DEBUG spnego._negotiate:_negotiate.py:442 Attempting to create ntlm context when building SPNEGO mech list
DEBUG spnego._negotiate:_negotiate.py:174 SPNEGO step output: YEgGBisGAQUFAqA+MDygDjAMBgorBgEEAYI3AgIKoioEKE5UTE1TU1AAAQAAADeCCOIAAAAAKAAAAAAAAAAoAAAAAAsCAAAAAA8=
INFO smbprotocol.session:session.py:302 Sending SMB2_SESSION_SETUP request message
INFO smbprotocol.session:session.py:306 Receiving SMB2_SESSION_SETUP response message
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(321) (total 321)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 321 bytes (total 321)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.session:session.py:328 More processing is required for SMB2_SESSION_SETUP
DEBUG spnego._negotiate:_negotiate.py:145 SPNEGO step input: oYH2MIHzoAMKAQGhDAYKKwYBBAGCNwICCqKB3QSB2k5UTE1TU1AAAgAAAAwADAA4AAAANYKJ4uc8PeNCoPxqAAAAAAAAAACWAJYARAAAAAoAfE8AAAAPUwBJAEMASwBDAE4AAgAMAFMASQBDAEsAQwBOAAEAFABEAEUAQQBHAFMAMAA5ADYAMQA3AAQAFABzAGkAYwBrAGMAbgAuAG4AZQB0AAMAKgBkAGUAYQBnAHMAMAA5ADYAMQA3AC4AcwBpAGMAawBjAG4ALgBuAGUAdAAFABQAcwBpAGMAawBjAG4ALgBuAGUAdAAHAAgAdxDLSiTg2wEAAAAA
DEBUG spnego._negotiate:_negotiate.py:174 SPNEGO step output: oYIB8zCCAe+gAwoBAaKCAdIEggHOTlRMTVNTUAADAAAAGAAYAFgAAAAMAQwBcAAAAAwADAB8AQAADgAOAIgBAAAoACgAlgEAABAAEAC+AQAANYKJ4gALAgAAAAAPh5wAowC8p1ZjB6WWSKv3GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABoOz48rKi9jAqsTFyWcs6wBAQAAAAAAAHcQy0ok4NsBRNS/xY2DiGYAAAAAAgAMAFMASQBDAEsAQwBOAAEAFABEAEUAQQBHAFMAMAA5ADYAMQA3AAQAFABzAGkAYwBrAGMAbgAuAG4AZQB0AAMAKgBkAGUAYQBnAHMAMAA5ADYAMQA3AC4AcwBpAGMAawBjAG4ALgBuAGUAdAAFABQAcwBpAGMAawBjAG4ALgBuAGUAdAAHAAgAdxDLSiTg2wEJADoAYwBpAGYAcwAvAGQAZQBhAGcAeAB0AHIAYQBjAHQAZABlAHYALgBzAGkAYwBrAGMAbgAuAG4AZQB0AAYABAACAAAAAAAAAAAAAABzAGkAYwBrAGMAbgBrAG8AZQBoAGwAagBhAE0AQQBDAE8AUwAtAE0AQgBQAC0AVgBYAE0ASABIAEgARgBWAFgARAC9bvoWp2r51TYGArIh59aooxIEEAEAAABBV/jHRmTFbAAAAAA=
INFO smbprotocol.session:session.py:302 Sending SMB2_SESSION_SETUP request message
INFO smbprotocol.session:session.py:306 Receiving SMB2_SESSION_SETUP response message
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 4 bytes (total 4)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(72) (total 72)
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 72 bytes (total 72)
DEBUG smbprotocol.transport:transport.py:128 Socket recv(4) (total 4)
INFO smbprotocol.connection:connection.py:954 Disconnecting transport connection
INFO smbprotocol.transport:transport.py:75 Disconnecting DirectTcp socket
DEBUG smbprotocol.transport:transport.py:154 Socket recv() returned 0 bytes (total 4)
----- generated xml file: /Users/user/playground/smbprotocol/report.xml -----
================================ tests coverage ================================
______________ coverage: platform darwin, python 3.10.12-final-0 _______________
Name Stmts Miss Cover Missing
----------------------------------------------------------------------
src/smbprotocol/__init__.py 8 0 100%
src/smbprotocol/_text.py 8 1 88% 14
src/smbprotocol/change_notify.py 121 121 0% 4-331
src/smbprotocol/connection.py 656 230 65% 154-192, 298-304, 307-312, 371, 610-613, 620-626, 633, 669-670, 685-697, 710-722, 900, 952, 998, 1019-1020, 1034-1035, 1044-1095, 1124-1137, 1161-1176, 1183-1184, 1187, 1206-1209, 1218-1222, 1233, 1246-1248, 1259, 1262, 1265-1272, 1279, 1294, 1297, 1313-1334, 1342-1344, 1378, 1392, 1400-1407, 1412, 1415-1451, 1454-1480, 1483-1511, 1517-1536, 1541, 1559, 1567, 1645, 1648, 1651-1653, 1656-1658, 1706-1714, 1717-1719, 1722-1728
src/smbprotocol/create_contexts.py 206 97 53% 57-63, 155-179, 182-185, 188-193, 196-198, 208-215, 229-253, 267-285, 288-293, 307-319, 332-333, 344-345, 358-359, 373-374, 386-393, 407-408, 422-423, 436-444, 455-463, 476-483, 498-509, 520-531, 546-555, 569-576, 588-591, 606-613, 627-640, 653-667, 681-699, 712-731, 746-755
src/smbprotocol/dfs.py 174 65 63% 48-51, 56, 61, 65-71, 76, 81, 84-90, 103-107, 111, 115, 119, 127-128, 132, 136, 140-145, 149, 159-165, 220-226, 237-280, 313, 316, 342-351, 355, 359, 370-386, 389-398
src/smbprotocol/exceptions.py 446 140 69% 51-80, 83-88, 94-98, 102, 106, 109, 115, 119, 123, 127-130, 134-148, 151, 154-156, 170, 180-183, 212-229, 238-255, 260, 710-721, 737-762, 776-807, 810-812, 824-832, 835-838, 841-844, 857-884, 897-917, 920-922, 934-947, 950-953, 956-959, 963-968, 973-979
src/smbprotocol/file_info.py 256 54 79% 189-208, 221-227, 240-307, 320-331, 344-364, 377-394, 407-440, 453-475, 488-493, 506-511, 524-529, 542-565, 578-612, 622-641, 654-689, 702-727, 740-745, 758-785, 798-809, 822-830, 843-854, 867-893, 906-928, 941-974, 987-996, 1009-1021, 1034-1056
src/smbprotocol/header.py 109 2 98% 141-189
src/smbprotocol/ioctl.py 157 69 56% 127-162, 167-172, 185-200, 213-221, 235-244, 257-264, 278-306, 320-346, 357-364, 378-386, 399-417, 433-444, 456-464, 476-482, 494-513, 516-519, 522-525, 528-531, 543-546, 549-550, 556-557, 569-577, 582-584, 590-593, 606-620
src/smbprotocol/open.py 562 338 40% 331-377, 380-381, 384-387, 390-391, 395-399, 402-410, 425-460, 463-466, 469-479, 493-501, 515-536, 551-559, 573-574, 588-604, 607-610, 613-616, 620-623, 637-648, 662-684, 687-693, 707-717, 731-745, 760-779, 790-798, 811-826, 839-845, 859-868, 882-941, 955-986, 989-1012, 1026-1066, 1081-1086, 1102-1145, 1149, 1205-1239, 1242-1280, 1304-1335, 1338-1348, 1372-1410, 1413-1423, 1440-1454, 1457-1466, 1496-1515, 1518-1533, 1552-1572, 1575-1604, 1626-1644, 1647-1651
src/smbprotocol/query_info.py 3 3 0% 4-8
src/smbprotocol/reparse_point.py 98 28 71% 75, 86, 96, 116-137, 149-170, 173, 176, 179-186, 189-200, 203-206
src/smbprotocol/security_descriptor.py 176 176 0% 4-398
src/smbprotocol/session.py 164 72 56% 169-170, 281-282, 286, 291-292, 295, 330-403, 415-434, 448-460
src/smbprotocol/structure.py 516 92 82% 30-31, 101-102, 127, 152, 180, 313, 317, 320, 336, 356, 382-383, 385, 389, 429, 435, 439, 441, 460, 478, 489, 522, 566-567, 580, 586, 592, 609, 635, 639-648, 654, 668-675, 682-683, 696, 703, 711, 713, 716-719, 745, 756, 768-776, 788, 795, 812-814, 817, 820-830, 833, 836, 847, 857-860, 889-895
src/smbprotocol/transport.py 88 8 91% 67-68, 99, 140-141, 145-151
src/smbprotocol/tree.py 151 97 36% 106-133, 148-176, 191-203, 217-228, 238-270, 276-292, 295-364, 367-369
----------------------------------------------------------------------
TOTAL 3899 1593 59%
=========================== short test summary info ============================
FAILED tests/test_session.py::TestSession::test_dialect_3_1_1 - smbprotocol.e...
============================== 1 failed in 0.36s ===============================