From 153ca54a744489434d5a4257189e8a20bd28ecec Mon Sep 17 00:00:00 2001
From: Kevin Robertson <robertsonk@gmail.com>
Date: Tue, 25 Sep 2018 14:16:13 -0400
Subject: Updates for Inveigh 1.4

---
 Invoke-SMBClient.ps1 |  2 +-
 Invoke-SMBEnum.ps1   | 10 +++++++---
 Invoke-SMBExec.ps1   |  5 +----
 3 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/Invoke-SMBClient.ps1 b/Invoke-SMBClient.ps1
index 2463734..2b0f0aa 100644
--- a/Invoke-SMBClient.ps1
+++ b/Invoke-SMBClient.ps1
@@ -2918,7 +2918,7 @@ if($client.Connected -or (!$startup_error -and $inveigh.session_socket_table[$se
         {
             $inveigh.session_lock_table[$session] = 'open'
             $inveigh.session_message_ID_table[$session] = $message_ID
-            $inveigh.session_list[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
+            $inveigh.session[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
         }
 
         if(!$inveigh_session -or $Logoff)
diff --git a/Invoke-SMBEnum.ps1 b/Invoke-SMBEnum.ps1
index 951b009..e500d82 100644
--- a/Invoke-SMBEnum.ps1
+++ b/Invoke-SMBEnum.ps1
@@ -2806,12 +2806,17 @@ if($client.Connected -or (!$startup_error -and $inveigh.session_socket_table[$se
 
                             'NetSessEnum'
                             {
-
+                                
                                 if([System.BitConverter]::ToString($client_receive[172..175]) -eq '05-00-00-00')
                                 {
                                     Write-Output "[-] $username does not have permission to enumerate NetSessions on $target"
                                     $stage = 'CloseRequest'
                                 }
+                                elseif([System.BitConverter]::ToString($client_receive[12..15]) -ne '00-00-00-00')
+                                {
+                                    Write-Output "[-] NetSessEnum response error 0x$([System.BitConverter]::ToString($client_receive[15..12]) -replace '-','')"
+                                    $stage = 'CloseRequest'
+                                }
                                 else
                                 {
                                     $stage = 'ParseSRVSVC'
@@ -3168,14 +3173,13 @@ if($client.Connected -or (!$startup_error -and $inveigh.session_socket_table[$se
 
         }
 
-
     }
 
     if($inveigh_session -and $Inveigh)
     {
         $inveigh.session_lock_table[$session] = 'open'
         $inveigh.session_message_ID_table[$session] = $message_ID
-        $inveigh.session_list[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
+        $inveigh.session[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
     }
 
     if(!$inveigh_session -or $Logoff)
diff --git a/Invoke-SMBExec.ps1 b/Invoke-SMBExec.ps1
index 7e6d24a..dc8ef0a 100644
--- a/Invoke-SMBExec.ps1
+++ b/Invoke-SMBExec.ps1
@@ -728,9 +728,6 @@ function New-PacketSCMOpenSCManagerW
 {
     param ([Byte[]]$packet_service,[Byte[]]$packet_service_length)
 
-    [Byte[]]$packet_write_length = [System.BitConverter]::GetBytes($packet_service.Length + 92)
-    [Byte[]]$packet_frag_length = $packet_write_length[0,1]
-    [Byte[]]$packet_alloc_hint = [System.BitConverter]::GetBytes($packet_service.Length + 68)
     $packet_referent_ID1 = [String](1..2 | ForEach-Object {"{0:X2}" -f (Get-Random -Minimum 1 -Maximum 255)})
     $packet_referent_ID1 = $packet_referent_ID1.Split(" ") | ForEach-Object{[Char][System.Convert]::ToInt16($_,16)}
     $packet_referent_ID1 += 0x00,0x00
@@ -2938,7 +2935,7 @@ if($client.Connected -or (!$startup_error -and $inveigh.session_socket_table[$se
     {
         $inveigh.session_lock_table[$session] = 'open'
         $inveigh.session_message_ID_table[$session] = $message_ID
-        $inveigh.session_list[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
+        $inveigh.session[$session] | Where-Object {$_."Last Activity" = Get-Date -format s}
     }
 
     if(!$inveigh_session -or $Logoff)
-- 
cgit v1.2.3