C:/Web/smbrelay3/src/smbrelay.h File Reference

#include <stdio.h>
#include "misc.h"
#include "smb.h"
#include "ntlm.h"

Include dependency graph for smbrelay.h:

This graph shows which files directly or indirectly include this file:

Go to the source code of this file.

Defines

#define _SMBRELAY_H_
#define _CRT_SECURE_NO_DEPRECATE
#define GetNTLMPacketFromSmbPacket(a)   ((char*)a+0x2b+4)
#define GetNTLMPacket3FromSmbPacket(a)   ((char*)a+ sizeof(smheader) -sizeof(((smheader*)a)->buffer) +sizeof(SessionSetupAndX))
#define SmbPacketLen(a)   (SREV(a->SmbMessageLength)+4)
#define ATTACK_NONE   0x00
#define REPLAY_HTTP   0x01
#define REPLAY_SMB   0x02
#define REPLAY_POP3   0x03
#define REPLAY_IMAP   0x04
#define REPLAY_SMTP   0x05
#define REPLAY_DNS   0x06
#define REPLAY_TELNET   0x07
#define REPLAY_MSSQL   0x08
#define PSEXEC   0x10
#define debug   (verbose==2)

Functions

int HandleIncommingSmbRequest (RELAY *relay, char *destinationhostname, int destinationport)
int ReplayAttackAgainst (int Protocol, char *hostname, int port)
int StablishNTLMSession (RELAY relay, char *host, char *lpUserName, char *lpPassword)
int ExecuteCode (RELAY relay)

Define Documentation

#define _CRT_SECURE_NO_DEPRECATE

Definition at line 4 of file smbrelay.h.

#define _SMBRELAY_H_

Definition at line 2 of file smbrelay.h.

#define ATTACK_NONE   0x00

Definition at line 22 of file smbrelay.h.

#define debug   (verbose==2)

Definition at line 34 of file smbrelay.h.

Referenced by ExecuteCode(), HandleIncommingHTTPRequest(), HandleIncommingIMAPRequest(), HandleIncommingPOP3Request(), HandleIncommingSmbRequest(), HandleIncommingSMTPRequest(), SendBytesAndWaitForResponse(), StablishNTLMSession(), and WriteRemoteFile().

#define GetNTLMPacket3FromSmbPacket (  )     ((char*)a+ sizeof(smheader) -sizeof(((smheader*)a)->buffer) +sizeof(SessionSetupAndX))

Definition at line 16 of file smbrelay.h.

Referenced by HandleIncommingSmbRequest().

#define GetNTLMPacketFromSmbPacket (  )     ((char*)a+0x2b+4)

Definition at line 15 of file smbrelay.h.

Referenced by GetSmbPacket3(), HandleIncommingHTTPRequest(), HandleIncommingIMAPRequest(), HandleIncommingPOP3Request(), HandleIncommingSmbRequest(), HandleIncommingSMTPRequest(), and StablishNTLMSession().

#define PSEXEC   0x10

Definition at line 32 of file smbrelay.h.

Referenced by main().

#define REPLAY_DNS   0x06

Definition at line 28 of file smbrelay.h.

#define REPLAY_HTTP   0x01

Definition at line 23 of file smbrelay.h.

Referenced by main(), and ReplayAttackAgainst().

#define REPLAY_IMAP   0x04

Definition at line 26 of file smbrelay.h.

Referenced by main(), and ReplayAttackAgainst().

#define REPLAY_MSSQL   0x08

Definition at line 30 of file smbrelay.h.

#define REPLAY_POP3   0x03

Definition at line 25 of file smbrelay.h.

Referenced by main(), and ReplayAttackAgainst().

#define REPLAY_SMB   0x02

Definition at line 24 of file smbrelay.h.

Referenced by main(), and ReplayAttackAgainst().

#define REPLAY_SMTP   0x05

Definition at line 27 of file smbrelay.h.

Referenced by main(), and ReplayAttackAgainst().

#define REPLAY_TELNET   0x07

Definition at line 29 of file smbrelay.h.

#define SmbPacketLen (  )     (SREV(a->SmbMessageLength)+4)

Definition at line 18 of file smbrelay.h.

Referenced by AttackWeakServices(), ExecuteCode(), GetSmbPacket2(), HandleIncommingHTTPRequest(), HandleIncommingIMAPRequest(), HandleIncommingPOP3Request(), HandleIncommingSmbRequest(), HandleIncommingSMTPRequest(), StablishNTLMSession(), and WriteRemoteFile().

Function Documentation

int ExecuteCode ( RELAY  relay  ) 

Definition at line 557 of file smbrelay3.cpp.

References CtxItem::AbstractSyntaxis, AttackWeakServices(), BuildSmbPacket(), BuildTreeConnectAndXStub(), CtxItem::ContextID, CREATESERVICE, CreateServiceWStub(), debug, RELAY::destination, RELAY::destinationaddr, DumpMem(), ftphost, ftppass, ftpport, ftpusername, GenerateFTPTransfer(), GetDceRpcPacketFromBuffer, RELAY::hostname, lpBackdoorFile, DceInterface::MayorVersion, DceInterface::MinorVersion, NTCREATEANDX, CtxItem::NumberOfTransItems, OPENSCMANAGER, OpenScManagerWStub(), OPENSERVICEW, OpenServiceWStub(), CtxItem::padding, READANDX, RPC_RESPONSE, RPCBIND, SC_MANAGER_CREATE_SERVICE, SendBytesAndWaitForResponse(), SERVICE_AUTO_START, SERVICE_START, SERVICE_WIN32_OWN_PROCESS, Sleep, SMB_COM_TRANSACTION, SmbPacketLen, SMBWAITTIMEOUT, STARTSERVICE, TREECONNETANDX, verbose, WRITEANDX, and WriteRemoteFile().

Referenced by HandleIncommingHTTPRequest(), HandleIncommingIMAPRequest(), HandleIncommingPOP3Request(), HandleIncommingSmbRequest(), HandleIncommingSMTPRequest(), and main().

Here is the call graph for this function:

int HandleIncommingSmbRequest ( RELAY relay,
char *  destinationhostname,
int  destinationport 
)

Referenced by HandleIncommingSmbRequest(), and ReplayAttackAgainst().

int ReplayAttackAgainst ( int  Protocol,
char *  hostname,
int  port 
)

Referenced by main().

int StablishNTLMSession ( RELAY  relay,
char *  host,
char *  lpUserName,
char *  lpPassword 
)

Definition at line 451 of file smbrelay3.cpp.

References AddDialect(), BuildSmbPacket(), BuildSmbPacket1(), debug, RELAY::destination, dumpAuthChallenge(), DumpMem(), GetNTLMPacketFromSmbPacket, GetSmbPacket2(), GetSmbPacket3(), lpSrcHostname, NEGOTIATEPROTOCOLREQUEST, smheader::NtStatus, SendBytesAndWaitForResponse(), SetEnviroment(), SmbPacketLen, SMBWAITTIMEOUT, UserID, and verbose.

Referenced by main().

Here is the call graph for this function:

Generated on Wed Nov 12 22:04:28 2008 for Smbrelay version 3 by  doxygen 1.5.4