1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
samba-mirror/source3/libsmb
Aurelien Aptel 584dfc15fd libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set
Use of previously added smb.conf global param.

Sample usage:

$ smbclient //localhost/scratch --option='debugencryption=yes' \
                                 -e -mSMB3 -U aaptel%aaptel -c quit
debug encryption: dumping generated session keys
Session Id    [0000] 26 48 BF FD 00 00 00 00                             &H......
Session Key   [0000] 63 D6 CA BC 08 C8 4A D2   45 F6 AE 35 AB 4A B3 3B   c.....J. E..5.J.;
Signing Key   [0000] 4E FE 35 92 AC 13 14 FC   C9 17 62 B1 82 20 A4 12   N.5..... ..b.. ..
App Key       [0000] A5 0F F4 8B 2F FB 0D FF   F2 BF EE 39 E6 6D F5 0A   ..../... ...9.m..
ServerIn Key  [0000] 2A 02 7E E1 D3 58 D8 12   4C 63 76 AE 59 17 5A E4   *.~..X.. Lcv.Y.Z.
ServerOut Key [0000] 59 F2 5B 7F 66 8F 31 A0   A5 E4 A8 D8 2F BA 00 38   Y.[.f.1. ..../..8

We can now simply pass -ouat:smb2_seskey_list:<sesid>,<seskey> to
wireshark or tshark:

$ tshark -ouat:smb2_seskey_list:2648BFFD00000000,63D6CABC08C84AD245F6AE35AB4AB33B \
          -Y smb2 -r capture.pcap -Tfields -e _ws.col.Info
Negotiate Protocol Response
Negotiate Protocol Request
Negotiate Protocol Response
Session Setup Request, NTLMSSP_NEGOTIATE
Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
Session Setup Request, NTLMSSP_AUTH, User: WORKGROUP\aaptel
Session Setup Response
Tree Connect Request Tree: \\localhost\IPC$
Tree Connect Response
Decrypted SMB3;Ioctl Request FSCTL_DFS_GET_REFERRALS, File: \localhost\scratch
Decrypted SMB3;Ioctl Response, Error: STATUS_NOT_FOUND
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response
Decrypted SMB3;Tree Connect Request Tree: \\localhost\scratch
Decrypted SMB3;Tree Connect Response
Decrypted SMB3;Tree Disconnect Request
Decrypted SMB3;Tree Disconnect Response

For more info on Wireshark decryption support see
https://wiki.samba.org/index.php/Wireshark_Decryption

Signed-off-by: Aurelien Aptel <aaptel@suse.com>
Reviewed-by: Noel Power <npower@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Sat Feb  9 21:43:25 CET 2019 on sn-devel-144
2019-02-09 21:43:25 +01:00
..
ABI s3:libsmbclient: Add function to set protocol levels 2018-09-05 18:22:24 +02:00
async_smb.c s3: libsmb: Add uint16_t addtional_flags2 to cli_smb_req_create(). 2016-08-19 20:03:12 +02:00
auth_generic.c s3:auth_generic: add "ntlmssp_resume_ccache" backend in auth_generic_client_prepare() 2016-03-10 06:52:28 +01:00
cli_smb2_fnum.c s3:libsmb: Store file allocation size in struct file_info. 2019-01-18 20:11:22 +01:00
cli_smb2_fnum.h s3:libsmb: pass impersonation_level to cli_smb2_create_fnum() 2018-12-13 08:52:24 +01:00
cliconnect.c libsmb,s3/smbd: dump SMB3+ session keys if debug parm is set 2019-02-09 21:43:25 +01:00
clidfs.c s3:libsmb: Print debug message about Netbios 2019-01-09 18:40:44 +01:00
clidgram.c libsmb: Pass "account_name/flags" through nb_getdc 2018-04-11 01:06:39 +02:00
clidgram.h libsmb: Pass "account_name/flags" through nb_getdc 2018-04-11 01:06:39 +02:00
clientgen.c libsmb: Use smb2 tcon if conn_protocol >= SMB2_02 2018-03-02 00:39:58 +01:00
clierror.c Fix spelling s/unitialized/uninitialized/ 2018-05-12 02:09:27 +02:00
clifile.c s3:libsmb: pass impersonation_level to cli_ntcreate_send() 2018-12-13 08:52:24 +01:00
clifsinfo.c s3: smbclient: Implement "volume" command over SMB2. 2017-11-15 15:56:24 +01:00
clilist.c s3: client: Add btime_ts to struct finfo. 2018-05-05 01:39:40 +02:00
climessage.c s3: libsmb: Add uint16_t additional_flags2 arg to cli_smb_send(). 2016-08-19 20:03:11 +02:00
clioplock.c s3: libsmb: Add uint16_t additional_flags2 arg to cli_smb_send(). 2016-08-19 20:03:11 +02:00
cliprint.c
cliquota.c libsmb: Fix CID 1438243 Unchecked return value 2018-08-08 23:10:22 +02:00
clirap2.c s3:libsmb/clirap: remove unused cli_get_server_*() functions 2016-07-06 22:41:41 +02:00
clirap.c s3: libsmb: Add cli_smb2_setpathinfo(), to be called by cli_setpathinfo_basic(). 2017-07-25 17:43:15 +02:00
clirap.h s3:libsmb/clirap: remove unused cli_get_server_*() functions 2016-07-06 22:41:41 +02:00
clireadwrite.c s3:libsmb: Avoid duplicated code by making cli_read_sink() public 2019-01-07 01:23:08 +01:00
clisecdesc.c
clispnego.c s3:libsmb: remove unused functions in clispnego.c 2016-03-10 06:52:30 +01:00
clistr.c s3: libsmb: Add return args to clistr_is_previous_version_path(). 2016-08-22 19:10:22 +02:00
clisymlink.c s3:libsmb: pass impersonation_level to cli_ntcreate_send() 2018-12-13 08:52:24 +01:00
clitrans.c libsmb: Make cli_trans_send cancellable 2018-11-21 16:53:41 +01:00
conncache.c lib: Remove gencache.h from proto.h 2018-10-19 18:52:50 +02:00
dsgetdcname.c lib: Remove gencache.h from proto.h 2018-10-19 18:52:50 +02:00
dsgetdcname.h libsmb: Give dsgetdcname.c its own header 2018-04-11 01:06:39 +02:00
errormap_wbc.c
errormap_wbc.h
errormap.c
libsmb_cache.c
libsmb_compat.c s3: libsmbclient: Add new function SMBC_readdirplus_ctx(). 2018-05-05 01:39:40 +02:00
libsmb_context.c s3:libsmbclient: cleanup smbc_setWorkgroup() usage 2018-05-17 01:10:28 +02:00
libsmb_dir.c s3:libsmbclient: Do not call cli_RNetShareEnum if SMB1 is disabled 2018-09-05 18:22:24 +02:00
libsmb_file.c libsmbclient: Initialize written value before use. 2018-07-09 18:46:13 +02:00
libsmb_misc.c
libsmb_path.c libsmb: Harden smbc_readdir_internal() against returns from malicious servers. 2018-08-14 13:57:16 +02:00
libsmb_printjob.c
libsmb_server.c s3:libsmb: Print debug message about Netbios 2019-01-09 18:40:44 +01:00
libsmb_setget.c s3:libsmbclient: Fix a typo 2018-09-11 21:43:28 +02:00
libsmb_stat.c s3:libsmb: Use #ifdef instead of #if for config.h definitions 2018-11-28 23:19:23 +01:00
libsmb_thread_impl.c
libsmb_thread_posix.c
libsmb_xattr.c
libsmb.h
namecache.c lib: Remove gencache.h from proto.h 2018-10-19 18:52:50 +02:00
namequery_dc.c libsmb: Give namequery.c its own header 2018-04-11 01:06:39 +02:00
namequery.c libsmb: Use strlcpy instead of StrnCpy 2019-01-08 03:40:26 +01:00
namequery.h libsmb: Give namequery.c its own header 2018-04-11 01:06:39 +02:00
nmblib.c s3: lib: nmbname: Ensure we limit the NetBIOS name correctly. CID: 1433607 2018-11-13 20:54:56 +01:00
nmblib.h libnmb: Move "read_packet" to nmbd 2018-01-24 05:48:19 +01:00
passchange.c s3:smbpasswd: Print debug message about Netbios 2019-01-09 18:40:44 +01:00
proto.h s3:libsmb: Avoid duplicated code by making cli_read_sink() public 2019-01-07 01:23:08 +01:00
pylibsmb.c s3/libsmb/py: match input argument types with C types 2019-02-08 13:31:38 +01:00
reparse_symlink.c
samlogon_cache.c libsmb: Use dom_sid_str_buf 2018-11-02 21:21:15 +01:00
samlogon_cache.h samlogon_cache: add netsamlog_cache_for_all() 2017-07-03 19:59:09 +02:00
smbclient.pc.in
smberr.c
smbsock_connect.c s3:libsmb: Honor disable_netbios option in smbsock_connect_send 2019-01-16 08:54:23 +01:00
trusts_util.c libsmb: Remove incorrect fall through comment in trusts_util.c 2018-03-01 09:52:37 +01:00
unexpected.c libsmb: Fix an error path memleak 2018-02-13 16:42:22 +01:00
unexpected.h libnmb: Make nb_packet_read_recv return a talloc'ed pkt 2018-01-24 00:58:17 +01:00
wscript s3:libsmbclient: Add function to set protocol levels 2018-09-05 18:22:24 +02:00