zeek/testing/btest/Baseline/scripts.base.protocols.smb.smb2-create-delete-on-close at 9e85a0d27da6b65bb50470cc83df2d4b9bf207eb - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00

History

Arne Welzel 3dae8ab086 smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE When a CREATE request contains the FILE_DELETE_ON_CLOSE option and the subsequent CREATE response indicates success, we now raise the smb2_file_delete event to log a delete action in smb_files.log and also give users a way to handle this scenario. The provided pcap was generated locally by recording a smbtorture run of the smb2.delete-on-close-perms test case. Placed the create_options into the CmdInfo record for potential exposure in smb_cmd.log (wasn't sure how that would look so left it for the future). Fixes #2276.	2022-07-16 17:14:13 +02:00
..
smb_cmd.log	smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE	2022-07-16 17:14:13 +02:00
smb_files.log	smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE	2022-07-16 17:14:13 +02:00

Arne Welzel 3dae8ab086 smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE

When a CREATE request contains the FILE_DELETE_ON_CLOSE option and
the subsequent CREATE response indicates success, we now raise the
smb2_file_delete event to log a delete action in smb_files.log and
also give users a way to handle this scenario.

The provided pcap was generated locally by recording a smbtorture run
of the smb2.delete-on-close-perms test case.

Placed the create_options into the CmdInfo record for potential
exposure in smb_cmd.log (wasn't sure how that would look so left it
for the future).

Fixes #2276.

2022-07-16 17:14:13 +02:00

smb_cmd.log

smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE

2022-07-16 17:14:13 +02:00

smb_files.log

smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE

2022-07-16 17:14:13 +02:00