【发布时间】:2020-03-18 19:09:53
【问题描述】:
我正在尝试让 Windows 10 虚拟机通过 SMB 连接到另一个 Windows 10 虚拟机。我正在尝试在 VM1 上创建一个命名管道,允许任何人以所有权限连接到它。然后我尝试将 VM2 连接到该命名管道。
目前我在尝试建立连接时遇到了一些有关 wireshark 的错误。以下是我的服务器、客户端和wireshark 错误。
服务器和客户端都在同一个虚拟机上运行,连接工作正常,我在服务器上得到了预期的消息。
在 VM1 上创建 SMB 命名管道并让 VM2 连接到它的最简单方法是什么?我是不是太复杂了?
在我的命名管道上运行 accesschk 会得到这个结果,显示每个人都可以读/写。
Accesschk v6.12 - Reports effective permissions for securable objects
Copyright (C) 2006-2017 Mark Russinovich
Sysinternals - www.sysinternals.com
\\.\Pipe\MyTestPipe
RW Everyone
Wireshark 输出,带过滤器tcp.port==445
No. Time Source Destination Protocol Length Info
67 13.039161 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 TCP 86 52601 → 445 [SYN] Seq=0 Win=64800 Len=0 MSS=1440 WS=256 SACK_PERM=1
68 13.039260 fe80::8998:c1e0:9490:26f4 fe80::d0ab:b3ed:8e74:a86c TCP 86 445 → 52601 [SYN, ACK] Seq=0 Ack=1 Win=65535 Len=0 MSS=1440 WS=256 SACK_PERM=1
69 13.039659 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 TCP 74 52601 → 445 [ACK] Seq=1 Ack=1 Win=2108160 Len=0
70 13.039817 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 SMB 147 Negotiate Protocol Request
71 13.040240 fe80::8998:c1e0:9490:26f4 fe80::d0ab:b3ed:8e74:a86c SMB2 526 Negotiate Protocol Response
72 13.040755 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 SMB2 252 Negotiate Protocol Request
73 13.041052 fe80::8998:c1e0:9490:26f4 fe80::d0ab:b3ed:8e74:a86c SMB2 586 Negotiate Protocol Response
74 13.042232 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 SMB2 240 Session Setup Request, NTLMSSP_NEGOTIATE
75 13.042386 fe80::8998:c1e0:9490:26f4 fe80::d0ab:b3ed:8e74:a86c SMB2 410 Session Setup Response, Error: STATUS_MORE_PROCESSING_REQUIRED, NTLMSSP_CHALLENGE
76 13.042954 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 SMB2 717 Session Setup Request, NTLMSSP_AUTH, User: WINDEV1905EVAL2\User
77 13.043497 fe80::8998:c1e0:9490:26f4 fe80::d0ab:b3ed:8e74:a86c SMB2 150 Session Setup Response, Error: STATUS_ACCOUNT_RESTRICTION
78 13.043828 fe80::d0ab:b3ed:8e74:a86c fe80::8998:c1e0:9490:26f4 TCP 74 52601 → 445 [RST, ACK] Seq=1061 Ack=1377 Win=0 Len=0
SMB 服务器 C++
使用开发人员命令提示符构建 > cl /EHsc smb-server-prototype.cpp /link AdvAPI32.Lib
#include <windows.h>
#include <stdio.h>
int main(void)
{
HANDLE hPipe;
char buffer[1024];
DWORD dwRead;
SECURITY_ATTRIBUTES sa;
ZeroMemory(&sa, sizeof(sa));
sa.nLength = sizeof(sa);
sa.bInheritHandle = false;
bool bInitOk = false;
bool bSetOk = false;
SECURITY_DESCRIPTOR SD;
bInitOk = InitializeSecurityDescriptor(&SD, SECURITY_DESCRIPTOR_REVISION);
if (bInitOk) {
bSetOk = SetSecurityDescriptorDacl(&SD, TRUE, (PACL)NULL, FALSE);
if (bSetOk) {
sa.lpSecurityDescriptor = &SD;
hPipe = CreateNamedPipe(TEXT("\\\\.\\pipe\\MyTestPipe"),
PIPE_ACCESS_DUPLEX,
PIPE_TYPE_BYTE | PIPE_READMODE_BYTE | PIPE_WAIT,
PIPE_UNLIMITED_INSTANCES,
1024 * 1024,
1024 * 1024,
NMPWAIT_USE_DEFAULT_WAIT,
&sa);
while (hPipe != INVALID_HANDLE_VALUE)
{
if (ConnectNamedPipe(hPipe, NULL) != FALSE) // wait for someone to connect to the pipe
{
while (ReadFile(hPipe, buffer, sizeof(buffer) - 1, &dwRead, NULL) != FALSE)
{
/* add terminating zero */
buffer[dwRead] = '\0';
/* do something with data in buffer */
printf("%s", buffer);
}
}
DisconnectNamedPipe(hPipe);
}
}
}
return 0;
}
SMB 客户端 C++
使用开发人员命令提示符构建 > cl /EHsc smb-client-prototype.cpp /link AdvAPI32.Lib
#include <windows.h>
#include <stdio.h>
int main(void)
{
HANDLE hPipe;
DWORD dwWritten;
hPipe = CreateFile(TEXT("\\\\WINDEV1905EVAL\\pipe\\MyTestPipe"), //WINDEV1905EVAL is the name of the VM serving the named pipe
GENERIC_READ | GENERIC_WRITE,
0,
NULL,
OPEN_EXISTING,
0,
NULL);
if (hPipe != INVALID_HANDLE_VALUE)
{
WriteFile(hPipe,
"Hello Pipe\n",
12, // = length of string + terminating '\0' !!!
&dwWritten,
NULL);
CloseHandle(hPipe);
}
return (0);
}
【问题讨论】:
-
听起来您需要帮助来设置网络,而不是实际代码。 ServerFault 是提出这些问题的地方。
-
您需要在客户端调用
NetUseAdd以获取 "\\\\WINDEV1905EVAL\\IPC$" - 在连接之前在USE_INFO_2中设置用户名/密码 -
@RbMm 我要求对任何用户进行所有权限的身份验证。不是特定的用户和密码。现在只需要它与所有人一起测试即可。
-
我想如果你在创建文件失败后在客户端调用
GetLastError()- 你得到ERROR_LOGON_TYPE_NOT_GRANTED(用户请求的登录类型(例如,交互式或网络)尚未已被授予。管理员可以控制谁可以通过网络以交互方式登录。) -
你需要允许匿名登录
标签: c++ winapi named-pipes smb