SMB: Implement encryption, cleanup RequireSignature (#4643)

Signed-By: gpotter2 <10530980+gpotter2@users.noreply.github.com>

Author: gpotter2

.config/codespell_ignore.txt

@@ -8,6 +8,7 @@ browseable
 byteorder
 cace
 cas
+ciph
 componet
 comversion
 cros

doc/scapy/layers/smb.rst

@@ -5,8 +5,6 @@ Scapy provides pretty good support for SMB 2/3 and very partial support of SMB1.
 
 You can use the :class:`~scapy.layers.smb2.SMB2_Header` to dissect or build SMB2/3, or :class:`~scapy.layers.smb.SMB_Header` for SMB1.
 
-.. warning:: Encryption is currently not supported in neither the client nor server.
-
 .. _client:
 
 SMB 2/3 client
@@ -94,6 +92,12 @@ You might be wondering if you can pass the ``HashNT`` of the password of the use
 
 If you pay very close attention, you'll notice that in this case we aren't using the :class:`~scapy.layers.spnego.SPNEGOSSP` wrapper. You could have used ``ssp=SPNEGOSSP([t.ssp(1)])``.
 
+**smbclient forcing encryption**:
+
+.. code:: python
+
+   >>> smbclient("server1.domain.local", "admin", REQUIRE_ENCRYPTION=True)
+
 .. note::
 
     It is also possible to start the :class:`~scapy.layers.smbclient.smbclient` directly from the OS, using the following::
@@ -306,6 +310,15 @@ A share is identified by a ``name`` and a ``path`` (+ an optional description ca
         readonly=False,
     )
 
+**Start a SMB server requiring encryption (two methods)**:
+
+.. code:: python
+
+   # Method 1: require encryption globally (available in SMB 3.0.0+)
+   >>> smbserver(..., REQUIRE_ENCRYPTION=True)
+   # Method 2: for a specific share (only available in SMB 3.1.1+)
+   >>> smbserver(..., shares=[SMBShare(name="Scapy", path="/tmp", encryptdata=True)])
+
 .. note::
 
     It is possible to start the :class:`~scapy.layers.smbserver.smbserver` (albeit only in unauthenticated mode) directly from the OS, using the following::

doc/scapy/usage.rst

@@ -798,7 +798,12 @@ Available by default:
    - HTTP 1.0
    - TLS
    - Kerberos
+   - LDAP
+   - SMB
    - DCE/RPC
+   - Postgres
+   - DOIP
+   - and maybe other protocols if this page isn't up to date.
 - :py:class:`~scapy.sessions.TLSSession` -> *matches TLS sessions* on the flow.
 - :py:class:`~scapy.sessions.NetflowSession` -> *resolve Netflow V9 packets* from their NetflowFlowset information objects
 

scapy/layers/ntlm.py

@@ -1680,9 +1680,7 @@ def GSS_Accept_sec_context(self, Context: CONTEXT, val=None):
                         EncryptedRandomSessionKey = b"\x00" * 16
                     else:
                         EncryptedRandomSessionKey = auth_tok.EncryptedRandomSessionKey
-                    ExportedSessionKey = RC4K(
-                        KeyExchangeKey, EncryptedRandomSessionKey
-                    )
+                    ExportedSessionKey = RC4K(KeyExchangeKey, EncryptedRandomSessionKey)
                 else:
                     ExportedSessionKey = KeyExchangeKey
                 Context.ExportedSessionKey = ExportedSessionKey
@@ -1800,6 +1798,7 @@ def _getSessionBaseKey(self, Context, auth_tok):
             return NTLMv2_ComputeSessionBaseKey(
                 ResponseKeyNT, auth_tok.NtChallengeResponse.NTProofStr
             )
+        log_runtime.debug("NTLMSSP: Bad credentials for %s" % username)
         return None
 
     def _checkLogin(self, Context, auth_tok):

scapy/layers/smb.py

@@ -67,7 +67,9 @@
 )
 from scapy.layers.smb2 import (
     STATUS_ERREF,
+    SMB2_Compression_Transform_Header,
     SMB2_Header,
+    SMB2_Transform_Header,
 )
 
 
@@ -919,11 +921,9 @@ def dispatch_hook(cls, _pkt=None, *args, **kargs):
             elif _pkt[0] == 0x13:  # LOGON_SAM_USER_RESPONSE
                 try:
                     i = _pkt.index(b"\xff\xff\xff\xff")
-                    NtVersion = (
-                        NETLOGON_SAM_LOGON_RESPONSE_NT40.fields_desc[-3].getfield(
-                            None, _pkt[i - 4:i]
-                        )[1]
-                    )
+                    NtVersion = NETLOGON_SAM_LOGON_RESPONSE_NT40.fields_desc[
+                        -3
+                    ].getfield(None, _pkt[i - 4 : i])[1]
                     if NtVersion.V1 and not NtVersion.V5:
                         return NETLOGON_SAM_LOGON_RESPONSE_NT40
                 except Exception:
@@ -1013,6 +1013,7 @@ class NETLOGON_SAM_LOGON_RESPONSE_NT40(NETLOGON):
 
 # [MS-ADTS] sect 6.3.1.8
 
+
 class NETLOGON_SAM_LOGON_RESPONSE(NETLOGON, DNSCompressedPacket):
     fields_desc = [
         LEShortEnumField("OpCode", 0x17, _NETLOGON_opcodes),
@@ -1085,8 +1086,7 @@ def pre_dissect(self, s):
         try:
             i = s.index(b"\xff\xff\xff\xff")
             self.fields["NtVersion"] = self.fields_desc[-3].getfield(
-                self,
-                s[i - 4:i]
+                self, s[i - 4 : i]
             )[1]
         except Exception:
             self.NtVersion = 0xB
@@ -1098,20 +1098,25 @@ def get_full(self):
 
 # [MS-BRWS] sect 2.2
 
+
 class BRWS(Packet):
     fields_desc = [
-        ByteEnumField("OpCode", 0x00, {
-            0x01: "HostAnnouncement",
-            0x02: "AnnouncementRequest",
-            0x08: "RequestElection",
-            0x09: "GetBackupListRequest",
-            0x0A: "GetBackupListResponse",
-            0x0B: "BecomeBackup",
-            0x0C: "DomainAnnouncement",
-            0x0D: "MasterAnnouncement",
-            0x0E: "ResetStateRequest",
-            0x0F: "LocalMasterAnnouncement",
-        }),
+        ByteEnumField(
+            "OpCode",
+            0x00,
+            {
+                0x01: "HostAnnouncement",
+                0x02: "AnnouncementRequest",
+                0x08: "RequestElection",
+                0x09: "GetBackupListRequest",
+                0x0A: "GetBackupListResponse",
+                0x0B: "BecomeBackup",
+                0x0C: "DomainAnnouncement",
+                0x0D: "MasterAnnouncement",
+                0x0E: "ResetStateRequest",
+                0x0F: "LocalMasterAnnouncement",
+            },
+        ),
     ]
 
     def mysummary(self):
@@ -1135,6 +1140,7 @@ def default_payload_class(self, payload):
 
 # [MS-BRWS] sect 2.2.1
 
+
 class BRWS_HostAnnouncement(BRWS):
     OpCode = 0x01
     fields_desc = [
@@ -1157,6 +1163,7 @@ def mysummary(self):
 
 # [MS-BRWS] sect 2.2.6
 
+
 class BRWS_BecomeBackup(BRWS):
     OpCode = 0x0B
     fields_desc = [
@@ -1170,6 +1177,7 @@ def mysummary(self):
 
 # [MS-BRWS] sect 2.2.10
 
+
 class BRWS_LocalMasterAnnouncement(BRWS_HostAnnouncement):
     OpCode = 0x0F
 
@@ -1193,6 +1201,10 @@ def dispatch_hook(cls, _pkt=None, *args, **kargs):
                 return SMB_Header
             if _pkt[:4] == b"\xfeSMB":
                 return SMB2_Header
+            if _pkt[:4] == b"\xfdSMB":
+                return SMB2_Transform_Header
+            if _pkt[:4] == b"\xfcSMB":
+                return SMB2_Compression_Transform_Header
         return cls
 
 

scapy/layers/smb2.py

@@ -83,8 +83,8 @@
     SMB2_CREATE_REQUEST_LEASE,
     SMB2_Create_Request,
     SMB2_Create_Response,
-    SMB2_Encryption_Capabilities,
     SMB2_ENCRYPTION_CIPHERS,
+    SMB2_Encryption_Capabilities,
     SMB2_Error_Response,
     SMB2_Header,
     SMB2_IOCTL_Request,
@@ -100,9 +100,9 @@
     SMB2_Query_Info_Response,
     SMB2_Read_Request,
     SMB2_Read_Response,
+    SMB2_SIGNING_ALGORITHMS,
     SMB2_Session_Setup_Request,
     SMB2_Session_Setup_Response,
-    SMB2_SIGNING_ALGORITHMS,
     SMB2_Signing_Capabilities,
     SMB2_Tree_Connect_Request,
     SMB2_Tree_Connect_Response,
@@ -127,6 +127,7 @@ class SMB_Client(Automaton):
     All other options (in caps) are optional, and SMB specific:
 
     :param REQUIRE_SIGNATURE: set 'Require Signature'
+    :param REQUIRE_ENCRYPTION: set 'Requite Encryption'
     :param MIN_DIALECT: minimum SMB dialect. Defaults to 0x0202 (2.0.2)
     :param MAX_DIALECT: maximum SMB dialect. Defaults to 0x0311 (3.1.1)
     :param DIALECTS: list of supported SMB2 dialects.
@@ -140,7 +141,8 @@ def __init__(self, sock, ssp=None, *args, **kwargs):
         # Various SMB client arguments
         self.EXTENDED_SECURITY = kwargs.pop("EXTENDED_SECURITY", True)
         self.USE_SMB1 = kwargs.pop("USE_SMB1", False)
-        self.REQUIRE_SIGNATURE = kwargs.pop("REQUIRE_SIGNATURE", False)
+        self.REQUIRE_SIGNATURE = kwargs.pop("REQUIRE_SIGNATURE", None)
+        self.REQUIRE_ENCRYPTION = kwargs.pop("REQUIRE_ENCRYPTION", False)
         self.RETRY = kwargs.pop("RETRY", 0)  # optionally: retry n times session setup
         self.SMB2 = kwargs.pop("SMB2", False)  # optionally: start directly in SMB2
         self.SERVER_NAME = kwargs.pop("SERVER_NAME", "")
@@ -158,7 +160,6 @@ def __init__(self, sock, ssp=None, *args, **kwargs):
                 ]
             )
         # Internal Session information
-        self.IsGuest = False
         self.ErrorStatus = None
         self.NegotiateCapabilities = None
         self.GUID = RandUUID()._fix()
@@ -187,9 +188,8 @@ def __init__(self, sock, ssp=None, *args, **kwargs):
             self.smb_sock_ready = threading.Event()
         # Set session options
         self.session.ssp = ssp
-        self.session.SecurityMode = kwargs.pop(
-            "SECURITY_MODE",
-            3 if self.REQUIRE_SIGNATURE else int(bool(ssp)),
+        self.session.SigningRequired = (
+            self.REQUIRE_SIGNATURE if self.REQUIRE_SIGNATURE is not None else bool(ssp)
         )
         self.session.Dialect = self.MAX_DIALECT
 
@@ -319,7 +319,11 @@ def on_negotiate_smb2(self):
         # [MS-SMB2] sect 3.2.4.2.2.2 - SMB2-Only Negotiate
         pkt = self.smb_header.copy() / SMB2_Negotiate_Protocol_Request(
             Dialects=self.DIALECTS,
-            SecurityMode=self.session.SecurityMode,
+            SecurityMode=(
+                "SIGNING_ENABLED+SIGNING_REQUIRED"
+                if self.session.SigningRequired
+                else "SIGNING_ENABLED"
+            ),
         )
         if self.MAX_DIALECT >= 0x0210:
             # "If the client implements the SMB 2.1 or SMB 3.x dialect, ClientGuid
@@ -340,25 +344,21 @@ def on_negotiate_smb2(self):
                     "MULTI_CHANNEL",
                     "PERSISTENT_HANDLES",
                     "DIRECTORY_LEASING",
+                    "ENCRYPTION",
                 ]
             )
-        if self.MAX_DIALECT >= 0x0300:
-            # "If the client implements the SMB 3.x dialect family, the client MUST
-            # set the Capabilities field as follows"
-            self.NegotiateCapabilities += "+ENCRYPTION"
         if self.MAX_DIALECT >= 0x0311:
             # "If the client implements the SMB 3.1.1 dialect, it MUST do"
             pkt.NegotiateContexts = [
                 SMB2_Negotiate_Context()
                 / SMB2_Preauth_Integrity_Capabilities(
-                    # SHA-512 by default
-                    HashAlgorithms=[self.session.PreauthIntegrityHashId],
+                    # As for today, no other hash algorithm is described by the spec
+                    HashAlgorithms=["SHA-512"],
                     Salt=self.session.Salt,
                 ),
                 SMB2_Negotiate_Context()
                 / SMB2_Encryption_Capabilities(
-                    # AES-128-CCM by default
-                    Ciphers=[self.session.CipherId],
+                    Ciphers=self.session.SupportedCipherIds,
                 ),
                 # TODO support compression and RDMA
                 SMB2_Negotiate_Context()
@@ -367,8 +367,7 @@ def on_negotiate_smb2(self):
                 ),
                 SMB2_Negotiate_Context()
                 / SMB2_Signing_Capabilities(
-                    # AES-128-CCM by default
-                    SigningAlgorithms=[self.session.SigningAlgorithmId],
+                    SigningAlgorithms=self.session.SupportedSigningAlgorithmIds,
                 ),
             ]
         pkt.Capabilities = self.NegotiateCapabilities
@@ -416,26 +415,41 @@ def receive_negotiate_response(self, pkt):
                     self.MaxReadSize = pkt.MaxReadSize
                     self.MaxTransactionSize = pkt.MaxTransactionSize
                     self.MaxWriteSize = pkt.MaxWriteSize
+                    # Process SecurityMode
+                    if pkt.SecurityMode.SIGNING_REQUIRED:
+                        self.session.SigningRequired = True
+                    # Process capabilities
+                    if self.session.Dialect >= 0x0300:
+                        self.session.SupportsEncryption = pkt.Capabilities.ENCRYPTION
                     # Process NegotiateContext
                     if self.session.Dialect >= 0x0311 and pkt.NegotiateContextsCount:
                         for ngctx in pkt.NegotiateContexts:
                             if ngctx.ContextType == 0x0002:
                                 # SMB2_ENCRYPTION_CAPABILITIES
-                                self.session.CipherId = SMB2_ENCRYPTION_CIPHERS[
-                                    ngctx.Ciphers[0]
-                                ]
+                                if ngctx.Ciphers[0] != 0:
+                                    self.session.CipherId = SMB2_ENCRYPTION_CIPHERS[
+                                        ngctx.Ciphers[0]
+                                    ]
+                                    self.session.SupportsEncryption = True
                             elif ngctx.ContextType == 0x0008:
                                 # SMB2_SIGNING_CAPABILITIES
                                 self.session.SigningAlgorithmId = (
                                     SMB2_SIGNING_ALGORITHMS[ngctx.SigningAlgorithms[0]]
                                 )
+                    if self.REQUIRE_ENCRYPTION and not self.session.SupportsEncryption:
+                        self.ErrorStatus = "NEGOTIATE FAILURE: encryption."
+                        raise self.NEGO_FAILED()
                 self.update_smbheader(pkt)
                 raise self.NEGOTIATED(ssp_blob)
         elif SMBNegotiate_Response_Security in pkt:
             # Non-extended SMB1
             # Never tested. FIXME. probably broken
             raise self.NEGOTIATED(pkt.Challenge)
 
+    @ATMT.state(final=1)
+    def NEGO_FAILED(self):
+        self.smb_sock_ready.set()
+
     @ATMT.state()
     def NEGOTIATED(self, ssp_blob=None):
         # Negotiated ! We now know the Dialect
@@ -448,11 +462,7 @@ def NEGOTIATED(self, ssp_blob=None):
             ssp_blob,
             req_flags=(
                 GSS_C_FLAGS.GSS_C_MUTUAL_FLAG
-                | (
-                    GSS_C_FLAGS.GSS_C_INTEG_FLAG
-                    if self.session.SecurityMode != 0
-                    else 0
-                )
+                | (GSS_C_FLAGS.GSS_C_INTEG_FLAG if self.session.SigningRequired else 0)
             ),
         )
         return ssp_tuple
@@ -498,7 +508,11 @@ def send_setup_andx_request(self, ssp_tuple):
                 # SMB2
                 pkt = self.smb_header.copy() / SMB2_Session_Setup_Request(
                     Capabilities="DFS",
-                    SecurityMode=self.session.SecurityMode,
+                    SecurityMode=(
+                        "SIGNING_ENABLED+SIGNING_REQUIRED"
+                        if self.session.SigningRequired
+                        else "SIGNING_ENABLED"
+                    ),
                 )
             else:
                 # SMB1 extended
@@ -562,9 +576,18 @@ def receive_setup_andx_response(self, pkt):
             self.smb_header.SessionId = pkt.SessionId
             # SMB1 extended / SMB2
             if pkt.Status == 0:  # Authenticated
-                if SMB2_Session_Setup_Response in pkt and pkt.SessionFlags.IS_GUEST:
-                    # We were 'authenticated' in GUEST
-                    self.IsGuest = True
+                if SMB2_Session_Setup_Response in pkt:
+                    # [MS-SMB2] sect 3.2.5.3.1
+                    if pkt.SessionFlags.IS_GUEST:
+                        # "If the security subsystem indicates that the session
+                        # was established by a guest user, Session.SigningRequired
+                        # MUST be set to FALSE and Session.IsGuest MUST be set to TRUE."
+                        self.session.IsGuest = True
+                        self.session.SigningRequired = False
+                    elif self.session.Dialect >= 0x0300:
+                        if pkt.SessionFlags.ENCRYPT_DATA or self.REQUIRE_ENCRYPTION:
+                            self.session.EncryptData = True
+                            self.session.SigningRequired = False
                 raise self.AUTHENTICATED(pkt.SecurityBlob)
             else:
                 if SMB2_Header in pkt:
@@ -600,10 +623,7 @@ def AUTHENTICATED(self, ssp_blob=None):
         if status != GSS_S_COMPLETE:
             raise ValueError("Internal error: the SSP completed with an error.")
         # Authentication was successful
-        self.session.computeSMBSessionKey()
-        if self.IsGuest:
-            # When authenticated in Guest, the sessionkey the client has is invalid
-            self.session.SMBSessionKey = None
+        self.session.computeSMBSessionKeys(IsClient=True)
 
     # DEV: add a condition on AUTHENTICATED with prio=0
 
@@ -663,7 +683,9 @@ def __init__(self, smbsock, use_ioctl=True, timeout=3):
         self.ins = smbsock
         self.timeout = timeout
         if not self.ins.atmt.smb_sock_ready.wait(timeout=timeout):
-            self.ins.atmt.session.sspcontext.clifailure()
+            # If we have a SSP, tell it we failed.
+            if self.ins.atmt.session.sspcontext:
+                self.ins.atmt.session.sspcontext.clifailure()
             raise TimeoutError(
                 "The SMB handshake timed out ! (enable debug=1 for logs)"
             )
@@ -725,6 +747,12 @@ def tree_connect(self, name):
             raise ValueError("TreeConnect timed out !")
         if SMB2_Tree_Connect_Response not in resp:
             raise ValueError("Failed TreeConnect ! %s" % resp.NTStatus)
+        # [MS-SMB2] sect 3.2.5.5
+        if self.session.Dialect >= 0x0300:
+            if resp.ShareFlags.ENCRYPT_DATA and self.session.SupportsEncryption:
+                self.session.TreeEncryptData = True
+            else:
+                self.session.TreeEncryptData = False
         return self.get_TID()
 
     def tree_disconnect(self):
@@ -1078,6 +1106,11 @@ class smbclient(CLIUtil):
     :param ST: if provided, the service ticket to use (Kerberos)
     :param KEY: if provided, the session key associated to the ticket (Kerberos)
     :param cli: CLI mode (default True). False to use for scripting
+
+    Some additional SMB parameters are available under help(SMB_Client). Some of
+    them include the following:
+
+    :param REQUIRE_ENCRYPTION: requires encryption.
     """
 
     def __init__(
@@ -1097,6 +1130,7 @@ def __init__(
         KEY=None,
         cli=True,
         # SMB arguments
+        REQUIRE_ENCRYPTION=False,
         **kwargs,
     ):
         if cli:
@@ -1187,6 +1221,7 @@ def __init__(
             sock,
             ssp=ssp,
             debug=debug,
+            REQUIRE_ENCRYPTION=REQUIRE_ENCRYPTION,
             **kwargs,
         )
         try:
@@ -1229,7 +1264,7 @@ def __init__(
                     "SMB %s" % self.smbsock.session.Dialect,
                 ),
                 repr(self.smbsock.session.sspcontext),
-                " as GUEST" if self.sock.atmt.IsGuest else "",
+                " as GUEST" if self.smbsock.session.IsGuest else "",
             )
         )
         # Now define some variables for our CLI

scapy/layers/smbclient.py

@@ -76,26 +76,27 @@
     FileStreamInformation,
     NETWORK_INTERFACE_INFO,
     SECURITY_DESCRIPTOR,
+    SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2,
+    SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE,
+    SMB2_CREATE_QUERY_ON_DISK_ID,
     SMB2_Cancel_Request,
     SMB2_Change_Notify_Request,
     SMB2_Change_Notify_Response,
     SMB2_Close_Request,
     SMB2_Close_Response,
     SMB2_Create_Context,
-    SMB2_CREATE_DURABLE_HANDLE_RESPONSE_V2,
-    SMB2_CREATE_QUERY_MAXIMAL_ACCESS_RESPONSE,
-    SMB2_CREATE_QUERY_ON_DISK_ID,
     SMB2_Create_Request,
     SMB2_Create_Response,
+    SMB2_ENCRYPTION_CIPHERS,
     SMB2_Echo_Request,
     SMB2_Echo_Response,
     SMB2_Encryption_Capabilities,
     SMB2_Error_Response,
     SMB2_FILEID,
     SMB2_Header,
     SMB2_IOCTL_Network_Interface_Info,
-    SMB2_IOCTL_Request,
     SMB2_IOCTL_RESP_GET_DFS_Referral,
+    SMB2_IOCTL_Request,
     SMB2_IOCTL_Response,
     SMB2_IOCTL_Validate_Negotiate_Info_Response,
     SMB2_Negotiate_Context,
@@ -108,6 +109,7 @@
     SMB2_Query_Info_Response,
     SMB2_Read_Request,
     SMB2_Read_Response,
+    SMB2_SIGNING_ALGORITHMS,
     SMB2_Session_Logoff_Request,
     SMB2_Session_Logoff_Response,
     SMB2_Session_Setup_Request,
@@ -155,9 +157,11 @@ class SMBShare:
     :param path: the path the the folder hosted by the share
     :param type: (optional) share type per [MS-SRVS] sect 2.2.2.4
     :param remark: (optional) a description of the share
+    :param encryptdata: (optional) whether encryption should be used for this
+        share. This only applies to SMB 3.1.1.
     """
 
-    def __init__(self, name, path=".", type=None, remark=""):
+    def __init__(self, name, path=".", type=None, remark="", encryptdata=False):
         # Set the default type
         if type is None:
             type = 0  # DISKTREE
@@ -171,6 +175,7 @@ def __init__(self, name, path=".", type=None, remark=""):
         self.name = name
         self.type = type
         self.remark = remark
+        self.encryptdata = encryptdata
 
     def __repr__(self):
         type = SRVSVC_SHARE_TYPES[self.type & 0x0FFFFFFF]
@@ -202,6 +207,8 @@ class SMB_Server(Automaton):
     :param ANONYMOUS_LOGIN: mark the clients as anonymous
     :param GUEST_LOGIN: mark the clients as guest
     :param REQUIRE_SIGNATURE: set 'Require Signature'
+    :param REQUIRE_ENCRYPTION: globally require encryption.
+        You could also make it share-specific on 3.1.1.
     :param MAX_DIALECT: maximum SMB dialect. Defaults to 0x0311 (3.1.1)
     :param TREE_SHARE_FLAGS: flags to announce on Tree_Connect_Response
     :param TREE_CAPABILITIES: capabilities to announce on Tree_Connect_Response
@@ -223,7 +230,8 @@ def __init__(self, shares=[], ssp=None, verb=True, readonly=True, *args, **kwarg
         self.GUEST_LOGIN = kwargs.pop("GUEST_LOGIN", None)
         self.EXTENDED_SECURITY = kwargs.pop("EXTENDED_SECURITY", True)
         self.USE_SMB1 = kwargs.pop("USE_SMB1", False)
-        self.REQUIRE_SIGNATURE = kwargs.pop("REQUIRE_SIGNATURE", False)
+        self.REQUIRE_SIGNATURE = kwargs.pop("REQUIRE_SIGNATURE", None)
+        self.REQUIRE_ENCRYPTION = kwargs.pop("REQUIRE_ENCRYPTION", False)
         self.MAX_DIALECT = kwargs.pop("MAX_DIALECT", 0x0311)
         self.TREE_SHARE_FLAGS = kwargs.pop(
             "TREE_SHARE_FLAGS", "FORCE_LEVELII_OPLOCK+RESTRICT_EXCLUSIVE_OPENS"
@@ -294,6 +302,8 @@ def __init__(self, shares=[], ssp=None, verb=True, readonly=True, *args, **kwarg
         self.SMB2 = False
         self.NegotiateCapabilities = None
         self.GUID = RandUUID()._fix()
+        self.NextForceSign = False
+        self.NextForceEncrypt = False
         # Compounds are handled on receiving by the StreamSocket,
         # and on aggregated in a CompoundQueue to be sent in one go
         self.NextCompound = False
@@ -315,9 +325,8 @@ def __init__(self, shares=[], ssp=None, verb=True, readonly=True, *args, **kwarg
         Automaton.__init__(self, *args, **kwargs)
         # Set session options
         self.session.ssp = ssp
-        self.session.SecurityMode = kwargs.pop(
-            "SECURITY_MODE",
-            3 if self.REQUIRE_SIGNATURE else bool(ssp),
+        self.session.SigningRequired = (
+            self.REQUIRE_SIGNATURE if self.REQUIRE_SIGNATURE is not None else bool(ssp)
         )
 
     @property
@@ -336,7 +345,14 @@ def vprint(self, s=""):
                 print("> %s" % s)
 
     def send(self, pkt):
-        return super(SMB_Server, self).send(pkt, Compounded=self.NextCompound)
+        ForceSign, ForceEncrypt = self.NextForceSign, self.NextForceEncrypt
+        self.NextForceSign = self.NextForceEncrypt = False
+        return super(SMB_Server, self).send(
+            pkt,
+            Compounded=self.NextCompound,
+            ForceSign=ForceSign,
+            ForceEncrypt=ForceEncrypt,
+        )
 
     @ATMT.state(initial=1)
     def BEGIN(self):
@@ -433,6 +449,9 @@ def on_negotiate(self, pkt):
             self.send(resp)
             return
         if self.SMB2:  # SMB2
+            # SecurityMode
+            if SMB2_Header in pkt and pkt.SecurityMode.SIGNING_REQUIRED:
+                self.session.SigningRequired = True
             # Capabilities: [MS-SMB2] 3.3.5.4
             self.NegotiateCapabilities = "+".join(
                 [
@@ -449,16 +468,17 @@ def on_negotiate(self, pkt):
                         "MULTI_CHANNEL",
                         "PERSISTENT_HANDLES",
                         "DIRECTORY_LEASING",
+                        "ENCRYPTION",
                     ]
                 )
-            if DialectRevision in [0x0300, 0x0302]:
-                # "if Connection.Dialect is "3.0" or "3.0.2""...
-                # Note: 3.1.1 uses the ENCRYPT_DATA flag in Tree Connect Response
-                self.NegotiateCapabilities += "+ENCRYPTION"
             # Build response
             resp = self.smb_header.copy() / cls(
                 DialectRevision=DialectRevision,
-                SecurityMode=self.session.SecurityMode,
+                SecurityMode=(
+                    "SIGNING_ENABLED+SIGNING_REQUIRED"
+                    if self.session.SigningRequired
+                    else "SIGNING_ENABLED"
+                ),
                 ServerTime=(time.time() + 11644473600) * 1e7,
                 ServerStartTime=0,
                 MaxTransactionSize=65536,
@@ -473,7 +493,27 @@ def on_negotiate(self, pkt):
                 resp.MaxReadSize = 0x800000
                 resp.MaxWriteSize = 0x800000
             # SMB 3.1.1
-            if DialectRevision >= 0x0311:
+            if DialectRevision >= 0x0311 and pkt.NegotiateContextsCount:
+                # Negotiate context-capabilities
+                for ngctx in pkt.NegotiateContexts:
+                    if ngctx.ContextType == 0x0002:
+                        # SMB2_ENCRYPTION_CAPABILITIES
+                        for ciph in ngctx.Ciphers:
+                            tciph = SMB2_ENCRYPTION_CIPHERS.get(ciph, None)
+                            if tciph in self.session.SupportedCipherIds:
+                                # Common !
+                                self.session.CipherId = tciph
+                                self.session.SupportsEncryption = True
+                                break
+                    elif ngctx.ContextType == 0x0008:
+                        # SMB2_SIGNING_CAPABILITIES
+                        for signalg in ngctx.SigningAlgorithms:
+                            tsignalg = SMB2_SIGNING_ALGORITHMS.get(signalg, None)
+                            if tsignalg in self.session.SupportedSigningAlgorithmIds:
+                                # Common !
+                                self.session.SigningAlgorithmId = tsignalg
+                                break
+                # Send back the negotiated algorithms
                 resp.NegotiateContexts = [
                     # Preauth capabilities
                     SMB2_Negotiate_Context()
@@ -504,7 +544,11 @@ def on_negotiate(self, pkt):
                     "LEVEL_II_OPLOCKS+LOCK_AND_READ+NT_FIND+"
                     "LWIO+INFOLEVEL_PASSTHRU+LARGE_READX+LARGE_WRITEX"
                 ),
-                SecurityMode=self.session.SecurityMode,
+                SecurityMode=(
+                    "SIGNING_ENABLED+SIGNING_REQUIRED"
+                    if self.session.SigningRequired
+                    else "SIGNING_ENABLED"
+                ),
                 ServerTime=(time.time() + 11644473600) * 1e7,
                 ServerTimeZone=0x3C,
             )
@@ -534,6 +578,11 @@ def on_negotiate(self, pkt):
             )
         self.send(resp)
 
+    @ATMT.state(final=1)
+    def NEGO_FAILED(self):
+        self.vprint("SMB Negotiate failed: encryption was not negotiated.")
+        self.end()
+
     @ATMT.state()
     def NEGOTIATED(self):
         pass
@@ -550,6 +599,17 @@ def update_smbheader(self, pkt):
         self.smb_header.CreditCharge = pkt.CreditCharge
         # If the packet has a NextCommand, set NextCompound to True
         self.NextCompound = bool(pkt.NextCommand)
+        # [MS-SMB2] sect 3.3.4.1.1 - "If the request was signed by the client..."
+        # If the packet was signed, note we must answer with a signed packet.
+        if (
+            not self.session.SigningRequired
+            and pkt.SecuritySignature != b"\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"
+        ):
+            self.NextForceSign = True
+        # [MS-SMB2] sect 3.3.4.1.4 - "If the message being sent is any response to a
+        # client request for which Request.IsEncrypted is TRUE"
+        if pkt[SMB2_Header]._decrypted:
+            self.NextForceEncrypt = True
         # [MS-SMB2] sect 3.3.5.2.7.2
         # Add SMB2_FLAGS_RELATED_OPERATIONS to the response if present
         if pkt.Flags.SMB2_FLAGS_RELATED_OPERATIONS:
@@ -632,12 +692,19 @@ def on_setup_andx_request(self, pkt, ssp_blob):
             ):
                 # SMB1 extended / SMB2
                 if SMB2_Session_Setup_Request in pkt:
-                    # SMB2
                     resp = self.smb_header.copy() / SMB2_Session_Setup_Response()
                     if self.GUEST_LOGIN:
+                        # "If the security subsystem indicates that the session
+                        # was established by a guest user, Session.SigningRequired
+                        # MUST be set to FALSE and Session.IsGuest MUST be set to TRUE."
                         resp.SessionFlags = "IS_GUEST"
+                        self.session.IsGuest = True
+                        self.session.SigningRequired = False
                     if self.ANONYMOUS_LOGIN:
                         resp.SessionFlags = "IS_NULL"
+                    # [MS-SMB2] sect 3.3.5.5.3
+                    if self.session.Dialect >= 0x0300 and self.REQUIRE_ENCRYPTION:
+                        resp.SessionFlags += "ENCRYPT_DATA"
                 else:
                     # SMB1 extended
                     resp = (
@@ -672,10 +739,23 @@ def on_setup_andx_request(self, pkt, ssp_blob):
             )
         if status == GSS_S_COMPLETE:
             # Authentication was successful
-            self.session.computeSMBSessionKey()
+            self.session.computeSMBSessionKeys(IsClient=False)
             self.authenticated = True
-        # and send
+        # [MS-SMB2] Note: "Windows-based servers always sign the final session setup
+        # response when the user is neither anonymous nor guest."
+        # If not available, it will still be ignored.
+        self.NextForceSign = True
         self.send(resp)
+        # Check whether we must enable encryption from now on
+        if (
+            self.authenticated
+            and not self.session.IsGuest
+            and self.session.Dialect >= 0x0300
+            and self.REQUIRE_ENCRYPTION
+        ):
+            # [MS-SMB2] sect 3.3.5.5.3: from now on, turn encryption on !
+            self.session.EncryptData = True
+            self.session.SigningRequired = False
 
     @ATMT.condition(RECEIVED_SETUP_ANDX_REQUEST)
     def wait_for_next_request(self):
@@ -771,7 +851,9 @@ def receive_tree_connect(self, pkt):
     def send_tree_connect_response(self, pkt, tree_name):
         self.update_smbheader(pkt)
         # Check the tree name against the shares we're serving
-        if not any(x._name == tree_name.lower() for x in self.shares):
+        try:
+            share = next(x for x in self.shares if x._name == tree_name.lower())
+        except StopIteration:
             # Unknown tree
             resp = self.smb_header.copy() / SMB2_Error_Response()
             resp.Command = "SMB2_TREE_CONNECT"
@@ -783,17 +865,32 @@ def send_tree_connect_response(self, pkt, tree_name):
             self.tree_id += 1
             self.smb_header.TID = self.tree_id
         self.current_trees[self.smb_header.TID] = tree_name
+
+        # Construct ShareFlags
+        ShareFlags = (
+            "AUTO_CACHING+NO_CACHING"
+            if self.current_tree() == "IPC$"
+            else self.TREE_SHARE_FLAGS
+        )
+        # [MS-SMB2] sect 3.3.5.7
+        if (
+            self.session.Dialect >= 0x0311
+            and not self.session.EncryptData
+            and share.encryptdata
+        ):
+            if not self.session.SupportsEncryption:
+                raise Exception("Peer asked for encryption but doesn't support it !")
+            ShareFlags += "+ENCRYPT_DATA"
+
         self.vprint("Tree Connect on: %s" % tree_name)
         self.send(
-            self.smb_header
+            self.smb_header.copy()
             / SMB2_Tree_Connect_Response(
                 ShareType="PIPE" if self.current_tree() == "IPC$" else "DISK",
-                ShareFlags="AUTO_CACHING+NO_CACHING"
-                if self.current_tree() == "IPC$"
-                else self.TREE_SHARE_FLAGS,
-                Capabilities=0
-                if self.current_tree() == "IPC$"
-                else self.TREE_CAPABILITIES,
+                ShareFlags=ShareFlags,
+                Capabilities=(
+                    0 if self.current_tree() == "IPC$" else self.TREE_CAPABILITIES
+                ),
                 MaximalAccess=self.TREE_MAXIMAL_ACCESS,
             )
         )
@@ -848,7 +945,11 @@ def send_ioctl_response(self, pkt):
                             SMB2_IOCTL_Validate_Negotiate_Info_Response(
                                 GUID=self.GUID,
                                 DialectRevision=self.session.Dialect,
-                                SecurityMode=self.session.SecurityMode,
+                                SecurityMode=(
+                                    "SIGNING_ENABLED+SIGNING_REQUIRED"
+                                    if self.session.SigningRequired
+                                    else "SIGNING_ENABLED"
+                                ),
                                 Capabilities=self.NegotiateCapabilities,
                             ),
                         )

scapy/layers/smbserver.py

@@ -308,8 +308,7 @@ enc_context = SMB2_Negotiate_Context(ContextType = 2, DataLength = len(enc)) / e
 comp = SMB2_Compression_Capabilities()
 comp_context = SMB2_Negotiate_Context(ContextType = 3, DataLength = len(comp)) / comp
 
-netname = SMB2_Netname_Negotiate_Context_ID("192.168.178.21".encode("utf-16le"))
-netname_context = SMB2_Negotiate_Context(ContextType = 5, DataLength = len(netname)) / netname
+netname_context = SMB2_Negotiate_Context(b'\x05\x00\x1c\x00\x00\x00\x00\x001\x009\x002\x00.\x001\x006\x008\x00.\x001\x007\x008\x00.\x002\x001\x00')
 
 pkt = SMB2_Header() / SMB2_Negotiate_Protocol_Request(Dialects=[0x0311], NegotiateContexts=[preauth_context, enc_context, comp_context, netname_context], NegotiateContextsBufferOffset=0x68)
 

test/scapy/layers/smb2.uts

@@ -259,28 +259,31 @@ with (ROOTPATH / "fileScapy").open("w") as fd:
    fd.write("Nice\nData")
 
 class run_smbserver:
-   def __init__(self, guest=False, readonly=True):
+   def __init__(self, guest=False, readonly=True, encryptshare=False, MAX_DIALECT=0x311):
       self.srv = None
       self.guest = guest
       self.readonly = readonly
+      self.encryptshare = encryptshare
+      self.MAX_DIALECT = MAX_DIALECT
 
    def __enter__(self):
       if self.guest:
-         IDENTITIES = None
+         ssp = None
       else:
-         IDENTITIES = {
+         ssp = SPNEGOSSP([NTLMSSP(IDENTITIES={
             "User1": MD4le("Password1"),
             "Administrator": MD4le("Password2")
-         }
+         })])
       self.srv = smbserver(
-         shares=[SMBShare("Scapy", ROOTPATH), SMBShare("test", ROOTPATH)],
+         shares=[SMBShare("Scapy", ROOTPATH, encryptdata=self.encryptshare),
+                 SMBShare("test",  ROOTPATH, encryptdata=self.encryptshare)],
          iface=conf.loopback_name,
          debug=4,
          port=12345,
          bg=True,
          readonly=self.readonly,
-         # NTLMSSP
-         IDENTITIES=IDENTITIES,
+         MAX_DIALECT=self.MAX_DIALECT,
+         ssp=ssp,
       )
 
    def __exit__(self, exc_type, exc_value, traceback):
@@ -290,7 +293,7 @@ class run_smbserver:
 # define client
 
 class run_smbclient:
-   def __init__(self, user=None, password=None, share=None, list=False, cwd=None, debug=None, maxversion=None):
+   def __init__(self, user=None, password=None, share=None, list=False, cwd=None, debug=None, maxversion=None, encrypt=False):
       args = [
          "smbclient",
       ] + (["-L"] if list else []) + [
@@ -308,6 +311,8 @@ class run_smbclient:
          args.append("-N")
       if maxversion:
          args.extend(["-m", maxversion])
+      if encrypt:
+         args.extend(["--client-protection", "encrypt"])
       self.args = args
       self.proc = subprocess.Popen(
          args,
@@ -427,3 +432,51 @@ with run_smbserver(readonly=False):
       raise
    finally:
       cli.close()
+
+= smbserver: SMB 3.0.2 - require global encryption
+
+LOCALPATH = pathlib.Path(get_temp_dir())
+
+nicedata = ("A" * 100 + "\n") * 5
+with open(LOCALPATH / "newCustomFile", "w") as fd:
+    fd.write(nicedata)
+
+with run_smbserver(readonly=False, MAX_DIALECT=0x0302):
+   try:
+      cli = run_smbclient(user="Administrator", password="Password2", share="test", cwd=LOCALPATH, encrypt=True)
+      cli.cmd("put newCustomFile")
+      output = cli.getoutput()
+      print(output)
+      assert "putting file newCustomFile" in output[0], "strange output"
+      assert (ROOTPATH / "newCustomFile").exists(), "file doesn't exist"
+      with (ROOTPATH / "newCustomFile").open("r") as fd:
+         assert fd.read() == nicedata, "invalid data"
+   except Exception:
+      cli.printdebug()
+      raise
+   finally:
+      cli.close()
+
+= smbserver: SMB 3.1.1 - require share encryption
+
+LOCALPATH = pathlib.Path(get_temp_dir())
+
+nicedata = ("A" * 100 + "\n") * 5
+with open(LOCALPATH / "newCustomFile", "w") as fd:
+    fd.write(nicedata)
+
+with run_smbserver(readonly=False, encryptshare=True):
+   try:
+      cli = run_smbclient(user="Administrator", password="Password2", share="test", cwd=LOCALPATH)
+      cli.cmd("put newCustomFile")
+      output = cli.getoutput()
+      print(output)
+      assert "putting file newCustomFile" in output[0], "strange output"
+      assert (ROOTPATH / "newCustomFile").exists(), "file doesn't exist"
+      with (ROOTPATH / "newCustomFile").open("r") as fd:
+         assert fd.read() == nicedata, "invalid data"
+   except Exception:
+      cli.printdebug()
+      raise
+   finally:
+      cli.close()