mirrors/copyparty
1
0
Fork 0
mirror of https://github.com/9001/copyparty.git synced 2025-08-17 09:02:15 -06:00
Code Issues Actions Packages Projects Releases Wiki Activity

smb: too many clients get confused by blank password

Browse source
This commit is contained in:
ed 2022-11-03 23:08:04 +00:00
parent 9638267b4c
commit 8650ce1295
2 changed files with 4 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
README.md
View file

@ -704,7 +704,7 @@ an FTP server can be started using `--ftp 3921`, and/or `--ftps` for explicit T
with read-write support, supports winXP and later, macos, nautilus/gvfs
general usage:
* login with any username + your password, or put your password in the username field and leave password empty
* login with any username + your password, or put your password in the username field (password field can be empty/whatever)
on macos, connect from finder:
* [Go] -> [Connect to Server...] -> http://192.168.123.1:3923/
@ -751,6 +751,7 @@ some **BIG WARNINGS** specific to SMB/CIFS, in decreasing importance:
* the smb backend is not fully integrated with vfs, meaning there could be security issues (path traversal). Please use `--smb-port` (see below) and [prisonparty](./bin/prisonparty.sh)
* account passwords work per-volume as expected, but account permissions are coalesced; all accounts have read-access to all volumes, and if a single account has write-access to some volume then all other accounts also do
* if no accounts have write-access to a specific volume, or if `--smbw` is not set, then writing to that volume from smb *should* be impossible
* will be fixed once [impacket v0.11.0](https://github.com/SecureAuthCorp/impacket/commit/d923c00f75d54b972bca573a211a82f09b55261a) is released
* [shadowing](#shadowing) probably works as expected but no guarantees
and some minor issues,
@ -772,7 +773,7 @@ the smb protocol listens on TCP port 445, which is a privileged port on linux an
authenticate with one of the following:
* username `$username`, password `$password`
* username `$password`, password blank
* username `$password`, password `k`
on windows 7+, connect using command prompt (`wark`=password):
* `net use w: \\192.168.123.1\a k /user:wark`

2
copyparty/smbd.py
View file

@ -102,7 +102,7 @@ class SMB(object):
srv.setSMB2Support(not self.args.smb1)
for name, pwd in self.asrv.acct.items():
for u, p in ((name, pwd), (pwd, "")):
for u, p in ((name, pwd), (pwd, "k")):
lmhash = compute_lmhash(p)
nthash = compute_nthash(p)
srv.addCredential(u, 0, lmhash, nthash)