jborean93/smb_security_descriptor.py

## smb_security_descriptor.py
import smbclient

from smbprotocol.file_info import (
    InfoType,
)

from smbprotocol.open import (
    DirectoryAccessMask,
    FilePipePrinterAccessMask,
    SMB2QueryInfoRequest,
    SMB2QueryInfoResponse,
)

from smbprotocol.security_descriptor import (
    SMB2CreateSDBuffer,
)

# Not needed when using Kerberos auth, can also be set as kwargs when calling open_file.
smbclient.ClientConfig(username='username', password='password')


class SecurityInfo:
    Owner = 0x00000001
    Group = 0x00000002
    Dacl = 0x00000004
    Sacl = 0x00000008
    Label = 0x00000010
    Attribute = 0x00000020
    Scope = 0x00000040
    Backup = 0x00010000


def get_sd(fd, info):
    """ Get the Security Descriptor for the opened file. """
    query_req = SMB2QueryInfoRequest()
    query_req['info_type'] = InfoType.SMB2_0_INFO_SECURITY
    query_req['output_buffer_length'] = 65535
    query_req['additional_information'] = info
    query_req['file_id'] = fd.file_id

    req = fd.connection.send(query_req, sid=fd.tree_connect.session.session_id, tid=fd.tree_connect.tree_connect_id)
    resp = fd.connection.receive(req)
    query_resp = SMB2QueryInfoResponse()
    query_resp.unpack(resp['data'].get_value())

    security_descriptor = SMB2CreateSDBuffer()
    security_descriptor.unpack(query_resp['buffer'].get_value())

    return security_descriptor


# File example
with smbclient.open_file(r'\\dc01.domain.test\c$\temp\file.txt', mode='rb', buffering=0,
                         desired_access=FilePipePrinterAccessMask.READ_CONTROL) as fd:
    sd = get_sd(fd.fd, SecurityInfo.Owner | SecurityInfo.Dacl)
    print(str(sd.get_owner()))
    print(str(sd.get_dacl()['aces']))

# Dir example
with smbclient.open_file(r'\\dc01.domain.test\c$\temp', mode='br', buffering=0,file_type='dir',
                         desired_access=DirectoryAccessMask.READ_CONTROL) as fd:
    sd = get_sd(fd.fd, SecurityInfo.Owner | SecurityInfo.Dacl)
    print(str(sd.get_owner()))
    print(str(sd.get_dacl()['aces']))
	import smbclient

	from smbprotocol.file_info import (
	InfoType,
	)

	from smbprotocol.open import (
	DirectoryAccessMask,
	FilePipePrinterAccessMask,
	SMB2QueryInfoRequest,
	SMB2QueryInfoResponse,
	)

	from smbprotocol.security_descriptor import (
	SMB2CreateSDBuffer,
	)

	# Not needed when using Kerberos auth, can also be set as kwargs when calling open_file.
	smbclient.ClientConfig(username='username', password='password')


	class SecurityInfo:
	Owner = 0x00000001
	Group = 0x00000002
	Dacl = 0x00000004
	Sacl = 0x00000008
	Label = 0x00000010
	Attribute = 0x00000020
	Scope = 0x00000040
	Backup = 0x00010000


	def get_sd(fd, info):
	""" Get the Security Descriptor for the opened file. """
	query_req = SMB2QueryInfoRequest()
	query_req['info_type'] = InfoType.SMB2_0_INFO_SECURITY
	query_req['output_buffer_length'] = 65535
	query_req['additional_information'] = info
	query_req['file_id'] = fd.file_id

	req = fd.connection.send(query_req, sid=fd.tree_connect.session.session_id, tid=fd.tree_connect.tree_connect_id)
	resp = fd.connection.receive(req)
	query_resp = SMB2QueryInfoResponse()
	query_resp.unpack(resp['data'].get_value())

	security_descriptor = SMB2CreateSDBuffer()
	security_descriptor.unpack(query_resp['buffer'].get_value())

	return security_descriptor


	# File example
	with smbclient.open_file(r'\\dc01.domain.test\c$\temp\file.txt', mode='rb', buffering=0,
	desired_access=FilePipePrinterAccessMask.READ_CONTROL) as fd:
	sd = get_sd(fd.fd, SecurityInfo.Owner \| SecurityInfo.Dacl)
	print(str(sd.get_owner()))
	print(str(sd.get_dacl()['aces']))

	# Dir example
	with smbclient.open_file(r'\\dc01.domain.test\c$\temp', mode='br', buffering=0,file_type='dir',
	desired_access=DirectoryAccessMask.READ_CONTROL) as fd:
	sd = get_sd(fd.fd, SecurityInfo.Owner \| SecurityInfo.Dacl)
	print(str(sd.get_owner()))
	print(str(sd.get_dacl()['aces']))