Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/scripts/base/protocols/smb
History
Arne Welzel 3dae8ab086 smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE 
When a CREATE request contains the FILE_DELETE_ON_CLOSE option and
the subsequent CREATE response indicates success, we now raise the
smb2_file_delete event to log a delete action in smb_files.log and
also give users a way to handle this scenario.

The provided pcap was generated locally by recording a smbtorture run
of the smb2.delete-on-close-perms test case.

Placed the create_options into the CmdInfo record for potential
exposure in smb_cmd.log (wasn't sure how that would look so left it
for the future).

Fixes #2276.
2022-07-16 17:14:13 +02:00
..
compression-cap.zeek GH-865: fix parsing of SMB NegotiateContextList 2020-03-16 19:00:01 -07:00
disabled-dce-rpc.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
raw-ntlm.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction-dcerpc.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction-request.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction-response.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction-secondary-request.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction2-request.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1-transaction2-secondary-request.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb1.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb2-create-delete-on-close.zeek smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE 2022-07-16 17:14:13 +02:00
smb2-read-write.zeek GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb2-write-response.test General btest cleanup 2020-08-11 11:26:22 -07:00
smb2.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb3-multichannel.test Merge remote-tracking branch 'origin/topic/vlad/gh-1286' 2020-12-07 16:08:04 -08:00
smb3-negotiate-context.test Merge branch '555-smb3-negotiate-context-fix' of https://github.com/mad/zeek 2019-08-27 10:08:42 -07:00
smb3.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
smb311.test GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00