Added NDPI_SMB_INSECURE_VERSION for detecting insecure SMB versions (e.g. v1)

author: Luca Deri <deri@ntop.org> 2020-07-27 13:05:06 +0200
committer: Luca Deri <deri@ntop.org> 2020-07-27 13:05:06 +0200
commit: da87cc315744914c92cca27725dc87f59f83deec (patch)
tree: 6a15bbcd0aa4ddaf37cade61cf621cb94198c8d4 /src/lib/protocols/smb.c
parent: 69f140878ca61a6ea8077901986e0dbc2e129b2e (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/lib/protocols/smb.c b/src/lib/protocols/smb.c
index a70072853..9a56ead93 100644
--- a/src/lib/protocols/smb.c
+++ b/src/lib/protocols/smb.c
@@ -44,8 +44,9 @@ void ndpi_search_smb_tcp(struct ndpi_detection_module_struct *ndpi_struct, struc
       NDPI_LOG_INFO(ndpi_struct, "found SMB\n");
 
       if(memcmp(&packet->payload[4], smbv1, sizeof(smbv1)) == 0) {
-	if(packet->payload[8] != 0x72) /* Skip Negotiate request */ {
+	if(packet->payload[8] != 0x72) /* Skip Negotiate request */ {	  
 	  ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SMBV1, NDPI_PROTOCOL_NETBIOS);
+	  NDPI_SET_BIT(flow->risk, NDPI_SMB_INSECURE_VERSION);
 	}
       } else
 	ndpi_set_detected_protocol(ndpi_struct, flow, NDPI_PROTOCOL_SMBV23, NDPI_PROTOCOL_NETBIOS);
author	Luca Deri <deri@ntop.org>	2020-07-27 13:05:06 +0200
committer	Luca Deri <deri@ntop.org>	2020-07-27 13:05:06 +0200
commit	da87cc315744914c92cca27725dc87f59f83deec (patch)
tree	6a15bbcd0aa4ddaf37cade61cf621cb94198c8d4 /src/lib/protocols/smb.c
parent	69f140878ca61a6ea8077901986e0dbc2e129b2e (diff)