Home Explore Help
Sign In
SPIN
/
ID2T-toolkit
6
5
Fork 2
Files Issues 20 Pull Requests 0 Wiki
Browse Source

add library for SMB specific functions

move SMB funtions to SMBLib
refactor some stuff
Jonathan Speth 6 years ago
parent
581749ca07
commit
c2215ce080
2 changed files with 113 additions and 103 deletions
Split View Show Diff Stats
  1. 17 103
      code/Attack/SMBScanAttack.py
  2. 96 0
      code/ID2TLib/SMBLib.py

+ 17 - 103
code/Attack/SMBScanAttack.py
View File 

@@ -1,7 +1,5 @@
 
 import logging
 
 
-from os import urandom
 
-from binascii import b2a_hex
 
 from random import shuffle, randint, choice, uniform
 
 from lea import Lea
 
 
@@ -10,7 +8,7 @@ from Attack.AttackParameters import Parameter as Param
 
 from Attack.AttackParameters import ParameterTypes
 
 from ID2TLib.SMB2 import *
 
 from ID2TLib.Utility import *
 
-
 
+from ID2TLib.SMBLib import *
 
 
 
 logging.getLogger("scapy.runtime").setLevel(logging.ERROR)
 
@@ -20,51 +18,6 @@ from scapy.layers.smb import *
 
 from scapy.layers.netbios import *
 
 
 class SMBScanAttack(BaseAttack.BaseAttack):
 
-    # SMB port
 
-    smb_port = 445
 
-    # SMB versions
 
-    smb_versions = {"1", "2.0", "2.1", "3.0", "3.0.2", "3.1.1"}
 
-    smb_versions_per_win = {'win7': "2.1", 'win10': "3.1.1", 'winxp': "1", 'win8.1': "3.0.2", 'win8': "3.0",
 
-                            'winvista': "2.0", 'winnt': "1", "win2000": "1"}
 
-    smb_versions_per_samba = {'3.6': "2.0", '4.0': "2.1", '4.1': "3.0", '4.3': "3.1.1"}
 
-    # SMB dialects
 
-    smb_dialects = ["PC NETWORK PROGRAM 1.0", "LANMAN1.0", "Windows for Workgroups 3.1a", "LM1.2X002", "LANMAN2.1",
 
-                    "NT LM 0.12", "SMB 2.002", "SMB 2.???"]
 
-    # SMB security blobs
 
-    security_blob_windows = "\x60\x82\x01\x3c\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x82\x01\x30" \
 
-                            "\x30\x82\x01\x2c\xa0\x1a\x30\x18\x06\x0a\x2b\x06\x01\x04\x01\x82" \
 
-                            "\x37\x02\x02\x1e\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" \
 
-                            "\xa2\x82\x01\x0c\x04\x82\x01\x08\x4e\x45\x47\x4f\x45\x58\x54\x53" \
 
-                            "\x01\x00\x00\x00\x00\x00\x00\x00\x60\x00\x00\x00\x70\x00\x00\x00" \
 
-                            "\xbc\x84\x03\x97\x6f\x80\x3b\x81\xa6\x45\x1b\x05\x92\x39\xde\x3d" \
 
-                            "\xd6\x91\x85\x49\x8a\xd0\x3b\x58\x87\x99\xb4\x98\xdf\xa6\x1d\x73" \
 
-                            "\x3b\x57\xbf\x05\x63\x5e\x30\xea\xa8\xd8\xd8\x45\xba\x80\x52\xa5" \
 
-                            "\x00\x00\x00\x00\x00\x00\x00\x00\x60\x00\x00\x00\x01\x00\x00\x00" \
 
-                            "\x00\x00\x00\x00\x00\x00\x00\x00\x5c\x33\x53\x0d\xea\xf9\x0d\x4d" \
 
-                            "\xb2\xec\x4a\xe3\x78\x6e\xc3\x08\x4e\x45\x47\x4f\x45\x58\x54\x53" \
 
-                            "\x03\x00\x00\x00\x01\x00\x00\x00\x40\x00\x00\x00\x98\x00\x00\x00" \
 
-                            "\xbc\x84\x03\x97\x6f\x80\x3b\x81\xa6\x45\x1b\x05\x92\x39\xde\x3d" \
 
-                            "\x5c\x33\x53\x0d\xea\xf9\x0d\x4d\xb2\xec\x4a\xe3\x78\x6e\xc3\x08" \
 
-                            "\x40\x00\x00\x00\x58\x00\x00\x00\x30\x56\xa0\x54\x30\x52\x30\x27" \
 
-                            "\x80\x25\x30\x23\x31\x21\x30\x1f\x06\x03\x55\x04\x03\x13\x18\x54" \
 
-                            "\x6f\x6b\x65\x6e\x20\x53\x69\x67\x6e\x69\x6e\x67\x20\x50\x75\x62" \
 
-                            "\x6c\x69\x63\x20\x4b\x65\x79\x30\x27\x80\x25\x30\x23\x31\x21\x30" \
 
-                            "\x1f\x06\x03\x55\x04\x03\x13\x18\x54\x6f\x6b\x65\x6e\x20\x53\x69" \
 
-                            "\x67\x6e\x69\x6e\x67\x20\x50\x75\x62\x6c\x69\x63\x20\x4b\x65\x79"
 
-    security_blob_ubuntu =  "\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e" \
 
-                            "\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa3\x2a" \
 
-                            "\x30\x28\xa0\x26\x1b\x24\x6e\x6f\x74\x5f\x64\x65\x66\x69\x6e\x65" \
 
-                            "\x64\x5f\x69\x6e\x5f\x52\x46\x43\x34\x31\x37\x38\x40\x70\x6c\x65" \
 
-                            "\x61\x73\x65\x5f\x69\x67\x6e\x6f\x72\x65"
 
-    security_blob_macos =   "\x60\x7e\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x74\x30\x72\xa0\x44" \
 
-                            "\x30\x42\x06\x09\x2a\x86\x48\x82\xf7\x12\x01\x02\x02\x06\x09\x2a" \
 
-                            "\x86\x48\x86\xf7\x12\x01\x02\x02\x06\x06\x2a\x85\x70\x2b\x0e\x03" \
 
-                            "\x06\x06\x2b\x06\x01\x05\x05\x0e\x06\x0a\x2b\x06\x01\x04\x01\x82" \
 
-                            "\x37\x02\x02\x0a\x06\x06\x2b\x05\x01\x05\x02\x07\x06\x06\x2b\x06" \
 
-                            "\x01\x05\x02\x05\xa3\x2a\x30\x28\xa0\x26\x1b\x24\x6e\x6f\x74\x5f" \
 
-                            "\x64\x65\x66\x69\x6e\x65\x64\x5f\x69\x6e\x5f\x52\x46\x43\x34\x31" \
 
-                            "\x37\x38\x40\x70\x6c\x65\x61\x73\x65\x5f\x69\x67\x6e\x6f\x72\x65"
 
-
 
 
     def __init__(self):
 
         """
 
@@ -136,23 +89,11 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
         rnd_ip_count = self.statistics.get_ip_address_count()/2
 
         self.add_param_value(Param.HOSTING_IP, self.statistics.get_random_ip_address(rnd_ip_count))
 
         self.host_os = get_rnd_os()
 
-        self.add_param_value(Param.HOSTING_VERSION, self.get_smb_version(self.host_os))
 
+        self.add_param_value(Param.HOSTING_VERSION, get_smb_version(platform=self.host_os))
 
         self.add_param_value(Param.SOURCE_PLATFORM, get_rnd_os())
 
         self.add_param_value(Param.PROTOCOL_VERSION, "1")
 
         self.add_param_value(Param.IP_DESTINATION_END, "0.0.0.0")
 
 
-    def get_smb_version(self, os: str):
 
-        if os is "linux":
 
-            return random.choice(list(self.smb_versions_per_samba.values()))
 
-        elif os is "macos":
 
-            return "2.1"
 
-        else:
 
-            return self.smb_versions_per_win[os]
 
-
 
-    def get_rnd_smb_version(self):
 
-        os = get_rnd_os()
 
-        return self.get_smb_version(os)
 
-
 
     def generate_attack_pcap(self):
 
         def update_timestamp(timestamp, pps, delay=0):
 
             """
 
@@ -214,29 +155,6 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
 
             return mss_value, ttl_value, win_value
 
 
-        def get_smb_platform_data(platform: str, timestamp=time.time()):
 
-            check_platform(platform)
 
-            if platform == "linux":
 
-                server_Guid = "ubuntu"
 
-                security_blob = self.security_blob_ubuntu
 
-                capabilities = 0x5
 
-                data_size = 0x800000
 
-                server_start_time = 0
 
-            elif platform == "macos":
 
-                server_Guid = b2a_hex(urandom(15)).decode()
 
-                security_blob = self.security_blob_macos
 
-                capabilities = 0x6
 
-                data_size = 0x400000
 
-                server_start_time = 0
 
-            else:
 
-                server_Guid = b2a_hex(urandom(15)).decode()
 
-                security_blob = self.security_blob_windows
 
-                capabilities = 0x7
 
-                data_size = 0x100000
 
-                server_start_time = get_rnd_boot_time(timestamp)
 
-            return server_Guid, security_blob, capabilities, data_size, server_start_time
 
-
 
-
 
         pps = self.get_param_value(Param.PACKETS_PER_SECOND)
 
 
         # Calculate complement packet rates of the background traffic for each interval
 
@@ -258,15 +176,11 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
         mac_dest = self.get_param_value(Param.MAC_DESTINATION)
 
 
         # Check smb version
 
-        def invalid_version(version: str):
 
-            print("\nInvalid smb version: " + version +
 
-                  "\nPlease select one of the following versions: ", self.smb_versions)
 
-            exit(1)
 
         smb_version = self.get_param_value(Param.PROTOCOL_VERSION)
 
-        if smb_version not in self.smb_versions:
 
+        if smb_version not in smb_versions:
 
             invalid_version(smb_version)
 
         hosting_version = self.get_param_value(Param.HOSTING_VERSION)
 
-        if hosting_version not in self.smb_versions:
 
+        if hosting_version not in smb_versions:
 
             invalid_version(hosting_version)
 
         # Check source platform
 
         src_platform = self.get_param_value(Param.SOURCE_PLATFORM).lower()
 
@@ -342,7 +256,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                 # 1) Build request package
 
                 request_ether = Ether(src=mac_source, dst=mac_destination)
 
                 request_ip = IP(src=ip_source, dst=ip, ttl=source_ttl_value, flags='DF')
 
-                request_tcp = TCP(sport=sport, dport=self.smb_port, window=source_win_value, flags='S',
 
+                request_tcp = TCP(sport=sport, dport=smb_port, window=source_win_value, flags='S',
 
                                   seq=attacker_seq, options=[('MSS', source_mss_value)])
 
                 attacker_seq += 1
 
                 request = (request_ether / request_ip / request_tcp)
 
@@ -364,7 +278,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     # destination sends SYN, ACK
 
                     reply_ether = Ether(src=mac_destination, dst=mac_source)
 
                     reply_ip = IP(src=ip, dst=ip_source, ttl=destination_ttl_value, flags='DF')
 
-                    reply_tcp = TCP(sport=self.smb_port, dport=sport, seq=victim_seq, ack=attacker_seq, flags='SA',
 
+                    reply_tcp = TCP(sport=smb_port, dport=sport, seq=victim_seq, ack=attacker_seq, flags='SA',
 
                                     window=destination_win_value, options=[('MSS', destination_mss_value)])
 
                     victim_seq += 1
 
                     reply = (reply_ether / reply_ip / reply_tcp)
 
@@ -374,7 +288,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     # requester confirms, ACK
 
                     confirm_ether = request_ether
 
                     confirm_ip = request_ip
 
-                    confirm_tcp = TCP(sport=sport, dport=self.smb_port, seq=attacker_seq, ack=victim_seq,
 
+                    confirm_tcp = TCP(sport=sport, dport=smb_port, seq=attacker_seq, ack=victim_seq,
 
                                       window=source_win_value, flags='A')
 
                     confirm = (confirm_ether / confirm_ip / confirm_tcp)
 
                     timestamp_confirm = update_timestamp(timestamp_reply, pps, minDelay)
 
@@ -388,9 +302,9 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
 
                     # select dialects based on smb version
 
                     if smb_version is "1":
 
-                        smb_req_dialects = self.smb_dialects[0:6]
 
+                        smb_req_dialects = smb_dialects[0:6]
 
                     else:
 
-                        smb_req_dialects = self.smb_dialects
 
+                        smb_req_dialects = smb_dialects
 
                     if len(smb_req_dialects) == 0:
 
                         smb_req_tail_arr.append(SMBNegociate_Protocol_Request_Tail())
 
                         smb_req_tail_size = len(SMBNegociate_Protocol_Request_Tail())
 
@@ -403,7 +317,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                         (Flags2=0x2801, PID=smb_PID, MID=smb_MID, ByteCount=smb_req_tail_size)
 
                     smb_req_length = len(smb_req_head) + smb_req_tail_size
 
                     smb_req_net_bio = NBTSession(TYPE=0x00, LENGTH=smb_req_length)
 
-                    smb_req_tcp = TCP(sport=sport, dport=self.smb_port, flags='PA', seq=attacker_seq, ack=victim_seq)
 
+                    smb_req_tcp = TCP(sport=sport, dport=smb_port, flags='PA', seq=attacker_seq, ack=victim_seq)
 
                     smb_req_ip = IP(src=ip_source, dst=ip, ttl=source_ttl_value)
 
                     smb_req_ether = Ether(src=mac_source, dst=mac_destination)
 
                     attacker_seq += len(smb_req_net_bio) + len(smb_req_head) + smb_req_tail_size
 
@@ -418,7 +332,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     packets.append(smb_req_combined)
 
 
                     # destination confirms SMB request package
 
-                    reply_tcp = TCP(sport=self.smb_port, dport=sport, seq=victim_seq, ack=attacker_seq,
 
+                    reply_tcp = TCP(sport=smb_port, dport=sport, seq=victim_seq, ack=attacker_seq,
 
                                     window=destination_win_value, flags='A')
 
                     confirm_smb_req = (reply_ether / reply_ip / reply_tcp)
 
                     timestamp_reply = update_timestamp(timestamp_smb_req, pps, minDelay)
 
@@ -450,7 +364,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                             (Start="\xffSMB", PID=smb_PID, MID=smb_MID, DialectIndex=5, SecurityBlob=security_blob)
 
                         smb_rsp_length = len(smb_rsp_paket)
 
                     smb_rsp_net_bio = NBTSession(TYPE=0x00, LENGTH=smb_rsp_length)
 
-                    smb_rsp_tcp = TCP(sport=self.smb_port, dport=sport, flags='PA', seq=victim_seq, ack=attacker_seq)
 
+                    smb_rsp_tcp = TCP(sport=smb_port, dport=sport, flags='PA', seq=victim_seq, ack=attacker_seq)
 
                     smb_rsp_ip = IP(src=ip, dst=ip_source, ttl=destination_ttl_value)
 
                     smb_rsp_ether = Ether(src=mac_destination, dst=mac_source)
 
                     victim_seq += len(smb_rsp_net_bio) + len(smb_rsp_paket)
 
@@ -466,7 +380,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
 
 
                     # source confirms SMB response package
 
-                    confirm_tcp = TCP(sport=sport, dport=self.smb_port, seq=attacker_seq, ack=victim_seq,
 
+                    confirm_tcp = TCP(sport=sport, dport=smb_port, seq=attacker_seq, ack=victim_seq,
 
                                       window=source_win_value, flags='A')
 
                     confirm_smb_res = (confirm_ether / confirm_ip / confirm_tcp)
 
                     timestamp_confirm = update_timestamp(timestamp_smb_rsp, pps, minDelay)
 
@@ -474,7 +388,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     packets.append(confirm_smb_res)
 
 
                     # attacker sends FIN ACK
 
-                    confirm_tcp = TCP(sport=sport, dport=self.smb_port, seq=attacker_seq, ack=victim_seq,
 
+                    confirm_tcp = TCP(sport=sport, dport=smb_port, seq=attacker_seq, ack=victim_seq,
 
                                       window=source_win_value, flags='FA')
 
                     source_fin_ack = (confirm_ether / confirm_ip / confirm_tcp)
 
                     timestamp_src_fin_ack = update_timestamp(timestamp_confirm, pps, minDelay)
 
@@ -483,7 +397,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     packets.append(source_fin_ack)
 
 
                     # victim sends FIN ACK
 
-                    reply_tcp = TCP(sport=self.smb_port, dport=sport, seq=victim_seq, ack=attacker_seq,
 
+                    reply_tcp = TCP(sport=smb_port, dport=sport, seq=victim_seq, ack=attacker_seq,
 
                                     window=destination_win_value, flags='FA')
 
                     destination_fin_ack = (reply_ether / reply_ip / reply_tcp)
 
                     timestamp_dest_fin_ack = update_timestamp(timestamp_src_fin_ack, pps, minDelay)
 
@@ -492,7 +406,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     packets.append(destination_fin_ack)
 
 
                     # source sends final ACK
 
-                    confirm_tcp = TCP(sport=sport, dport=self.smb_port, seq=attacker_seq, ack=victim_seq,
 
+                    confirm_tcp = TCP(sport=sport, dport=smb_port, seq=attacker_seq, ack=victim_seq,
 
                                       window=source_win_value, flags='A')
 
                     final_ack = (confirm_ether / confirm_ip / confirm_tcp)
 
                     timestamp_final_ack = update_timestamp(timestamp_dest_fin_ack, pps, minDelay)
 
@@ -503,7 +417,7 @@ class SMBScanAttack(BaseAttack.BaseAttack):
 
                     # Build RST package
 
                     reply_ether = Ether(src=mac_destination, dst=mac_source)
 
                     reply_ip = IP(src=ip, dst=ip_source, ttl=destination_ttl_value, flags='DF')
 
-                    reply_tcp = TCP(sport=self.smb_port, dport=sport, seq=0, ack=attacker_seq, flags='RA',
 
+                    reply_tcp = TCP(sport=smb_port, dport=sport, seq=0, ack=attacker_seq, flags='RA',
 
                                     window=destination_win_value, options=[('MSS', destination_mss_value)])
 
                     reply = (reply_ether / reply_ip / reply_tcp)
 
                     reply.time = timestamp_reply

+ 96 - 0
code/ID2TLib/SMBLib.py
View File 

@@ -0,0 +1,96 @@
 
+from os import urandom
 
+from binascii import b2a_hex
 
+
 
+from ID2TLib.Utility import *
 
+
 
+from scapy.layers.netbios import *
 
+
 
+# SMB port
 
+smb_port = 445
 
+
 
+# SMB versions
 
+smb_versions = {"1", "2.0", "2.1", "3.0", "3.0.2", "3.1.1"}
 
+smb_versions_per_win = {'win7': "2.1", 'win10': "3.1.1", 'winxp': "1", 'win8.1': "3.0.2", 'win8': "3.0",
 
+                        'winvista': "2.0", 'winnt': "1", "win2000": "1"}
 
+smb_versions_per_samba = {'3.6': "2.0", '4.0': "2.1", '4.1': "3.0", '4.3': "3.1.1"}
 
+# SMB dialects
 
+smb_dialects = ["PC NETWORK PROGRAM 1.0", "LANMAN1.0", "Windows for Workgroups 3.1a", "LM1.2X002", "LANMAN2.1",
 
+                "NT LM 0.12", "SMB 2.002", "SMB 2.???"]
 
+# SMB security blobs
 
+security_blob_windows = "\x60\x82\x01\x3c\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x82\x01\x30" \
 
+                        "\x30\x82\x01\x2c\xa0\x1a\x30\x18\x06\x0a\x2b\x06\x01\x04\x01\x82" \
 
+                        "\x37\x02\x02\x1e\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a" \
 
+                        "\xa2\x82\x01\x0c\x04\x82\x01\x08\x4e\x45\x47\x4f\x45\x58\x54\x53" \
 
+                        "\x01\x00\x00\x00\x00\x00\x00\x00\x60\x00\x00\x00\x70\x00\x00\x00" \
 
+                        "\xbc\x84\x03\x97\x6f\x80\x3b\x81\xa6\x45\x1b\x05\x92\x39\xde\x3d" \
 
+                        "\xd6\x91\x85\x49\x8a\xd0\x3b\x58\x87\x99\xb4\x98\xdf\xa6\x1d\x73" \
 
+                        "\x3b\x57\xbf\x05\x63\x5e\x30\xea\xa8\xd8\xd8\x45\xba\x80\x52\xa5" \
 
+                        "\x00\x00\x00\x00\x00\x00\x00\x00\x60\x00\x00\x00\x01\x00\x00\x00" \
 
+                        "\x00\x00\x00\x00\x00\x00\x00\x00\x5c\x33\x53\x0d\xea\xf9\x0d\x4d" \
 
+                        "\xb2\xec\x4a\xe3\x78\x6e\xc3\x08\x4e\x45\x47\x4f\x45\x58\x54\x53" \
 
+                        "\x03\x00\x00\x00\x01\x00\x00\x00\x40\x00\x00\x00\x98\x00\x00\x00" \
 
+                        "\xbc\x84\x03\x97\x6f\x80\x3b\x81\xa6\x45\x1b\x05\x92\x39\xde\x3d" \
 
+                        "\x5c\x33\x53\x0d\xea\xf9\x0d\x4d\xb2\xec\x4a\xe3\x78\x6e\xc3\x08" \
 
+                        "\x40\x00\x00\x00\x58\x00\x00\x00\x30\x56\xa0\x54\x30\x52\x30\x27" \
 
+                        "\x80\x25\x30\x23\x31\x21\x30\x1f\x06\x03\x55\x04\x03\x13\x18\x54" \
 
+                        "\x6f\x6b\x65\x6e\x20\x53\x69\x67\x6e\x69\x6e\x67\x20\x50\x75\x62" \
 
+                        "\x6c\x69\x63\x20\x4b\x65\x79\x30\x27\x80\x25\x30\x23\x31\x21\x30" \
 
+                        "\x1f\x06\x03\x55\x04\x03\x13\x18\x54\x6f\x6b\x65\x6e\x20\x53\x69" \
 
+                        "\x67\x6e\x69\x6e\x67\x20\x50\x75\x62\x6c\x69\x63\x20\x4b\x65\x79"
 
+security_blob_ubuntu = "\x60\x48\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x3e\x30\x3c\xa0\x0e" \
 
+                       "\x30\x0c\x06\x0a\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a\xa3\x2a" \
 
+                       "\x30\x28\xa0\x26\x1b\x24\x6e\x6f\x74\x5f\x64\x65\x66\x69\x6e\x65" \
 
+                       "\x64\x5f\x69\x6e\x5f\x52\x46\x43\x34\x31\x37\x38\x40\x70\x6c\x65" \
 
+                       "\x61\x73\x65\x5f\x69\x67\x6e\x6f\x72\x65"
 
+security_blob_macos = "\x60\x7e\x06\x06\x2b\x06\x01\x05\x05\x02\xa0\x74\x30\x72\xa0\x44" \
 
+                      "\x30\x42\x06\x09\x2a\x86\x48\x82\xf7\x12\x01\x02\x02\x06\x09\x2a" \
 
+                      "\x86\x48\x86\xf7\x12\x01\x02\x02\x06\x06\x2a\x85\x70\x2b\x0e\x03" \
 
+                      "\x06\x06\x2b\x06\x01\x05\x05\x0e\x06\x0a\x2b\x06\x01\x04\x01\x82" \
 
+                      "\x37\x02\x02\x0a\x06\x06\x2b\x05\x01\x05\x02\x07\x06\x06\x2b\x06" \
 
+                      "\x01\x05\x02\x05\xa3\x2a\x30\x28\xa0\x26\x1b\x24\x6e\x6f\x74\x5f" \
 
+                      "\x64\x65\x66\x69\x6e\x65\x64\x5f\x69\x6e\x5f\x52\x46\x43\x34\x31" \
 
+                      "\x37\x38\x40\x70\x6c\x65\x61\x73\x65\x5f\x69\x67\x6e\x6f\x72\x65"
 
+
 
+
 
+def get_smb_version(platform: str):
 
+    if platform is "linux":
 
+        return random.choice(list(smb_versions_per_samba.values()))
 
+    elif platform is "macos":
 
+        return "2.1"
 
+    else:
 
+        return smb_versions_per_win[platform]
 
+
 
+
 
+def get_rnd_smb_version():
 
+    platform = get_rnd_os()
 
+    return get_smb_version(platform)
 
+
 
+
 
+def get_smb_platform_data(platform: str, timestamp=time.time()):
 
+    check_platform(platform)
 
+    if platform == "linux":
 
+        server_guid = "ubuntu"
 
+        security_blob = security_blob_ubuntu
 
+        capabilities = 0x5
 
+        data_size = 0x800000
 
+        server_start_time = 0
 
+    elif platform == "macos":
 
+        server_guid = b2a_hex(urandom(15)).decode()
 
+        security_blob = security_blob_macos
 
+        capabilities = 0x6
 
+        data_size = 0x400000
 
+        server_start_time = 0
 
+    else:
 
+        server_guid = b2a_hex(urandom(15)).decode()
 
+        security_blob = security_blob_windows
 
+        capabilities = 0x7
 
+        data_size = 0x100000
 
+        server_start_time = get_rnd_boot_time(timestamp)
 
+    return server_guid, security_blob, capabilities, data_size, server_start_time
 
+
 
+
 
+# Check smb version
 
+def invalid_version(version: str):
 
+    print("\nInvalid smb version: " + version +
 
+          "\nPlease select one of the following versions: ", smb_versions)
 
+    exit(1)