OpenVAS Libraries  9.0.3
nasl_smb.c
Go to the documentation of this file.
1 /* OpenVAS
2  *
3  * $Id$
4  * Description: NASL API implementation for SMB support
5  *
6  * Authors:
7  * Chandrashekhar B <bchandra@secpod.com>
8  *
9  * Copyright:
10  * Copyright (c) 2009 Greenbone Networks GmbH, http://www.greenbone.net
11  *
12  * This program is free software; you can redistribute it and/or
13  * modify it under the terms of the GNU General Public License
14  * as published by the Free Software Foundation; either version 2
15  * of the License, or (at your option) any later version.
16  *
17  * This program is distributed in the hope that it will be useful,
18  * but WITHOUT ANY WARRANTY; without even the implied warranty of
19  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20  * GNU General Public License for more details.
21  *
22  * You should have received a copy of the GNU General Public License
23  * along with this program; if not, write to the Free Software
24  * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
25  */
26 
45 #include <stdio.h>
46 #include <string.h>
47 #include <netinet/in.h>
48 #include <sys/socket.h>
49 #include <arpa/inet.h>
50 
51 #include "nasl_smb.h"
52 #include "openvas_smb_interface.h"
53 #include "../misc/plugutils.h"
54 #include "../misc/openvas_logging.h"
55 
56 #define IMPORT(var) char *var = get_str_local_var_by_name(lexic, #var)
57 
66 tree_cell *
68 {
69  char *version = smb_versioninfo ();
70  tree_cell *retc = alloc_tree_cell (0, NULL);
71 
72  if (!version)
73  {
74  return NULL;
75  }
76 
77  retc->type = CONST_DATA;
78  retc->x.str_val = strdup (version);
79  retc->size = strlen (version);
80 
81  return retc;
82 }
83 
96 tree_cell *
98 {
99  struct arglist *script_infos = lexic->script_infos;
100  struct in6_addr *host = plug_get_host_ip (script_infos);
101  char *ip;
102  char *username = get_str_local_var_by_name (lexic, "username");
103  char *password = get_str_local_var_by_name (lexic, "password");
104  char *share = get_str_local_var_by_name (lexic, "share");
105 
106  tree_cell *retc;
107  SMB_HANDLE handle;
108  int value;
109 
110  if ((host == NULL) || (username == NULL) || (password == NULL)
111  || (share == NULL))
112  {
113  log_legacy_write ("nasl_smb_connect: Invalid input arguments\n");
114  return NULL;
115  }
116 
117  ip = addr6_as_str (host);
118  if ((strlen (password) == 0) || (strlen (username) == 0)
119  || (strlen (ip) == 0) || (strlen (share) == 0))
120  {
121  log_legacy_write ("nasl_smb_connect: Invalid input arguments\n");
122  g_free (ip);
123  return NULL;
124  }
125 
126  retc = alloc_tree_cell (0, NULL);
127  retc->type = CONST_INT;
128  value = smb_connect (ip, share, username, password, &handle);
129  g_free (ip);
130 
131  if (value == -1)
132  {
133  log_legacy_write ("nasl_smb_connect: SMB Connect failed\n");
134  return NULL;
135  }
136 
137  retc->x.i_val = (int) handle;
138  return retc;
139 }
140 
152 tree_cell *
154 {
155  SMB_HANDLE handle =
156  (SMB_HANDLE) get_int_local_var_by_name (lexic, "smb_handle", 0);
157  int ret;
158  tree_cell *retc;
159 
160  retc = alloc_tree_cell (0, NULL);
161  retc->type = CONST_INT;
162 
163  ret = smb_close (handle);
164  if (ret == 0)
165  {
166  retc->x.i_val = 1;
167  return retc;
168  }
169  else
170  return NULL;
171 }
172 
184 tree_cell *
186 {
187  SMB_HANDLE handle =
188  (SMB_HANDLE) get_int_local_var_by_name (lexic, "smb_handle", 0);
189  char *filename = get_str_local_var_by_name (lexic, "filename");
190 
191  if (!filename)
192  {
193  log_legacy_write ("smb_file_SDDL failed: Invalid filename\n");
194  return NULL;
195  }
196 
197  if (!handle)
198  {
199  log_legacy_write ("smb_file_SDDL failed: Invalid smb_handle\n");
200  return NULL;
201  }
202 
203  tree_cell *retc;
204  char *buffer = NULL;
205 
206  buffer = smb_file_SDDL (handle, filename);
207 
208  if (buffer == NULL)
209  return NULL;
210 
211  retc = alloc_tree_cell (0, NULL);
212  retc->type = CONST_DATA;
213  retc->size = strlen (buffer);
214  retc->x.str_val = strdup (buffer);
215  return retc;
216 }
217 
229 tree_cell *
231 {
232  SMB_HANDLE handle =
233  (SMB_HANDLE) get_int_local_var_by_name (lexic, "smb_handle", 0);
234  char *filename = get_str_local_var_by_name (lexic, "filename");
235 
236  if (!filename)
237  {
238  log_legacy_write ("smb_file_owner_sid failed: Invalid filename\n");
239  return NULL;
240  }
241 
242  if (!handle)
243  {
244  log_legacy_write ("smb_file_owner_sid failed: Invalid smb_handle\n");
245  return NULL;
246  }
247 
248  tree_cell *retc;
249  char *buffer;
250 
251  buffer = smb_file_OwnerSID (handle, filename);
252 
253  if (buffer == NULL)
254  return NULL;
255 
256  retc = alloc_tree_cell (0, NULL);
257  retc->type = CONST_DATA;
258  retc->size = strlen (buffer);
259  retc->x.str_val = strdup (buffer);
260  return retc;
261 }
262 
274 tree_cell *
276 {
277  SMB_HANDLE handle =
278  (SMB_HANDLE) get_int_local_var_by_name (lexic, "smb_handle", 0);
279  char *filename = get_str_local_var_by_name (lexic, "filename");
280 
281  if (!filename)
282  {
283  log_legacy_write ("smb_file_group_sid failed: Invalid filename\n");
284  return NULL;
285  }
286 
287  if (!handle)
288  {
289  log_legacy_write ("smb_file_group_sid failed: Invalid smb_handle\n");
290  return NULL;
291  }
292 
293  tree_cell *retc;
294  char *buffer;
295 
296  buffer = smb_file_GroupSID (handle, filename);
297 
298  if (buffer == NULL)
299  return NULL;
300 
301  retc = alloc_tree_cell (0, NULL);
302  retc->type = CONST_DATA;
303  retc->size = strlen (buffer);
304  retc->x.str_val = strdup (buffer);
305  return retc;
306 }
307 
308 
320 tree_cell *
322 {
323  SMB_HANDLE handle =
324  (SMB_HANDLE) get_int_local_var_by_name (lexic, "smb_handle", 0);
325  char *filename = get_str_local_var_by_name (lexic, "filename");
326 
327  if (!filename)
328  {
329  log_legacy_write ("smb_file_trustee_rights failed: Invalid filename\n");
330  return NULL;
331  }
332 
333  if (!handle)
334  {
335  log_legacy_write ("smb_file_trustee_rights failed: Invalid smb_handle\n");
336  return NULL;
337  }
338 
339  tree_cell *retc;
340  char *buffer;
341 
342  buffer = smb_file_TrusteeRights (handle, filename);
343 
344  if (buffer == NULL)
345  return NULL;
346 
347  retc = alloc_tree_cell (0, NULL);
348  retc->type = CONST_DATA;
349  retc->size = strlen (buffer);
350  retc->x.str_val = strdup (buffer);
351  return retc;
352 }
353 
354 
368 tree_cell *
370 {
371  struct arglist *script_infos = lexic->script_infos;
372  struct in6_addr *host = plug_get_host_ip (script_infos);
373  char *ip;
374  char *res = NULL;
375  char *argv[5];
376 
377  IMPORT (username);
378  IMPORT (password);
379  IMPORT (cmd);
380 
381  int argc = 5, value;
382  char *argv1 = "winexe";
383  char *argv2 = "-U";
384 
385  if ((host == NULL) || (username == NULL) || (password == NULL) || (cmd == NULL))
386  {
387  log_legacy_write ("win_cmd_exec: Invalid input arguments\n");
388  return NULL;
389  }
390 
391  ip = addr6_as_str (host);
392  if ((strlen (password) == 0) || (strlen (username) == 0)
393  || strlen (ip) == 0)
394  {
395  log_legacy_write ("win_cmd_exec: Invalid input arguments\n");
396  g_free(ip);
397  return NULL;
398  }
399 
400  argv[0] = (char *) g_malloc0 (strlen (argv1) + 1);
401  argv[1] = (char *) g_malloc0 (strlen (argv2) + 1);
402  argv[2] = (char *) g_malloc0 (strlen (username) + strlen (password) + 1 + 1);
403  argv[3] = (char *) g_malloc0 (strlen (ip) + 2 + 1);
404  argv[4] = (char *) g_malloc0 (strlen (cmd) + 1);
405 
406  // Construct the WinCMD query
407  strcpy (argv[0], argv1);
408  strcpy (argv[1], "-U");
409  strcpy (argv[2], username);
410  strcat (argv[2], "%");
411  strcat (argv[2], password);
412  strcpy (argv[3], "//");
413  strcat (argv[3], ip);
414  strcpy (argv[4], cmd);
415 
416  tree_cell *retc = alloc_tree_cell (0, NULL);
417  retc->type = CONST_DATA;
418  retc->x.str_val = NULL;
419  retc->size = 0;
420 
421  value = wincmd (argc, argv, &res);
422  if (value == -1)
423  {
424  log_legacy_write ("win_cmd_exec: WinCMD Connect failed\n");
425  g_free(ip);
426  return NULL;
427  }
428 
429  retc->x.str_val = strdup (res);
430  retc->size = strlen (res);
431  g_free(ip);
432  return retc;
433 }
Protos for NASL SMB API.
tree_cell * nasl_smb_file_trustee_rights(lex_ctxt *lexic)
Obtain File Trustee SID with Access Mask.
Definition: nasl_smb.c:321
tree_cell * nasl_smb_close(lex_ctxt *lexic)
Close SMB service handle.
Definition: nasl_smb.c:153
tree_cell * nasl_smb_file_SDDL(lex_ctxt *lexic)
Obtain Security Descriptor in SDDL format.
Definition: nasl_smb.c:185
char * smb_versioninfo(void)
Return version info for SMB implementation.
short type
Definition: nasl_tree.h:107
char * str_val
Definition: nasl_tree.h:113
tree_cell * nasl_smb_file_group_sid(lex_ctxt *lexic)
Obtain File Group SID.
Definition: nasl_smb.c:275
#define IMPORT(var)
Definition: nasl_smb.c:56
void log_legacy_write(const char *format,...)
Legacy function to write a log message.
long int get_int_local_var_by_name(lex_ctxt *, const char *, int)
Definition: nasl_var.c:1240
char * get_str_local_var_by_name(lex_ctxt *, const char *)
Definition: nasl_var.c:1262
union TC::@7 x
tree_cell * nasl_win_cmd_exec(lex_ctxt *lexic)
Execute the command in windows.
Definition: nasl_smb.c:369
int SMB_HANDLE
tree_cell * nasl_smb_versioninfo(lex_ctxt *lexic)
Get a version string of the SMB implementation.
Definition: nasl_smb.c:67
char * addr6_as_str(const struct in6_addr *addr6)
Definition: nasl_tree.h:105
API protos describing the interface of a smb interface implementation.
struct in6_addr * plug_get_host_ip(struct arglist *desc)
Definition: plugutils.c:216
tree_cell * nasl_smb_connect(lex_ctxt *lexic)
Connect to SMB service and return a handle for it.
Definition: nasl_smb.c:97
tree_cell * nasl_smb_file_owner_sid(lex_ctxt *lexic)
Obtain File Owner SID.
Definition: nasl_smb.c:230
char * smb_file_OwnerSID(SMB_HANDLE, const char *)
Obtain the SID of the Owner for a given file/path.
int smb_close(SMB_HANDLE)
Close the connection handle for SMB service.
char * smb_file_SDDL(SMB_HANDLE, const char *)
Obtain Windows file rights in SDDL format.
long int i_val
Definition: nasl_tree.h:114
tree_cell * alloc_tree_cell(int lnb, char *s)
Definition: nasl_tree.c:37
struct arglist * script_infos
Definition: nasl_lex_ctxt.h:39
char * smb_file_TrusteeRights(SMB_HANDLE, const char *)
Obtain the Trustee SID and their rights for a given file/path.
int smb_connect(const char *, const char *, const char *, const char *, SMB_HANDLE *)
Establish connection to a SMB service.
char * smb_file_GroupSID(SMB_HANDLE, const char *)
Obtain the SID of the Group for a given file/path.
int size
Definition: nasl_tree.h:110
int wincmd(int argc, char *argv[], char **res)
Command Execution in Windows.