@@ -121,7 +121,7 @@ def __init__(self, args, db, host):
121121 self .output_filename = None
122122 self .smbv1 = None # Check if SMBv1 is supported
123123 self .smbv3 = None # Check if SMBv3 is supported
124- self .is_timeouted = False
124+ self .is_timed_out = False
125125 self .signing = False
126126 self .smb_share_name = smb_share_name
127127 self .pvkbytes = None
@@ -154,10 +154,7 @@ def get_os_arch(self):
154154 dce .set_auth_type (RPC_C_AUTHN_GSS_NEGOTIATE )
155155 dce .connect ()
156156 try :
157- dce .bind (
158- MSRPC_UUID_PORTMAP ,
159- transfer_syntax = ("71710533-BEBA-4937-8319-B5DBEF9CCC36" , "1.0" ),
160- )
157+ dce .bind (MSRPC_UUID_PORTMAP , transfer_syntax = ("71710533-BEBA-4937-8319-B5DBEF9CCC36" , "1.0" ))
161158 except DCERPCException as e :
162159 if str (e ).find ("syntaxes_not_supported" ) >= 0 :
163160 dce .disconnect ()
@@ -274,10 +271,6 @@ def enum_host_info(self):
274271 except Exception as e :
275272 self .logger .debug (f"Error logging off system: { e } )
276273
277- # Check smbv1
278- if not self .args .no_smbv1 :
279- self .smbv1 = self .create_smbv1_conn (check = True )
280-
281274 try :
282275 self .db .add_host (
283276 self .host ,
@@ -565,7 +558,7 @@ def create_smbv1_conn(self, check=False):
565558 if "Connection reset by peer" in str (e ):
566559 self .logger .info (f"SMBv1 might be disabled on { self .host } )
567560 elif "timed out" in str (e ):
568- self .is_timeouted = True
561+ self .is_timed_out = True
569562 self .logger .debug (f"Timeout creating SMBv1 connection to { self .host } )
570563 else :
571564 self .logger .info (f"Error creating SMBv1 connection to { self .host } { e } )
@@ -591,30 +584,36 @@ def create_smbv3_conn(self):
591584 self .smbv3 = True
592585 except (Exception , NetBIOSTimeout , OSError ) as e :
593586 if "timed out" in str (e ):
594- self .is_timeouted = True
587+ self .is_timed_out = True
595588 self .logger .debug (f"Timeout creating SMBv3 connection to { self .host } )
596589 else :
597590 self .logger .info (f"Error creating SMBv3 connection to { self .host } { e } )
598591 return False
599592 return True
600593
601- def create_conn_obj (self ):
594+ def create_conn_obj (self , no_smbv1 = False ):
602595 """
603596 Tries to create a connection object to the target host.
604- On first try, it will try to create a SMBv3 connection.
605- On further tries, it will remember which SMB version is supported and create a connection object accordingly.
597+ On first try, it will try to create a SMBv1 connection to be able to get the plaintext server OS version if available .
598+ On further tries, it will remember which SMB version is supported and create a connection object accordingly, preferably SMBv3 .
606599
607600 :param no_smbv1: If True, it will not try to create a SMBv1 connection
608601 """
609602 # Initial negotiation
610- if self .smbv3 is None :
611- self .smbv3 = self .create_smbv3_conn ()
612- if self .smbv3 :
603+ if self .smbv1 is None and not no_smbv1 and not self .args .no_smbv1 :
604+ if self .create_smbv1_conn ():
613605 return True
614- elif not self .is_timeouted :
606+ elif not self .is_timed_out :
607+ # Fallback if SMBv1 fails
608+ return self .create_smbv3_conn ()
609+ else :
610+ return False
611+ elif self .smbv3 is not False :
612+ if not self .create_smbv3_conn ():
613+ # Fallback if SMBv3 fails
615614 return self .create_smbv1_conn ()
616- elif self . smbv3 :
617- return self . create_smbv3_conn ()
615+ else :
616+ return True
618617 else :
619618 return self .create_smbv1_conn ()
620619
0 commit comments