Server Message Block (SMB) v2
This Integration is part of the Server Message Block (SMB) Pack.#
Files and Directories management with an SMB server. Supports SMB2 and SMB3 protocols.
Configure Server Message Block (SMB) v2 on Cortex XSOAR#
Navigate to Settings > Integrations > Servers & Services.
Search for Server Message Block (SMB) v2.
Click Add instance to create and configure a new integration instance.
Parameter Description Required Server IP / Hostname (e.g. 1.2.3.4) False Port False Domain Controller The domain controller hostname. This is useful for environments with DFS servers as it is used to identify the DFS domain information automatically. False Username False Client GUID The client machine name to identify the client to the server on a new connection. False Force Encryption Force encryption on the connection, requires SMBv3 or newer on the remote server. Default is "false". False Secure Dialect Negotiation Validate the negotiation info when connecting to a share. More information can be found on https://docs.microsoft.com/en-us/archive/blogs/openspecification/smb3-secure-dialect-negotiation False Click Test to validate the URLs, token, and connection.
Commands#
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
smb-download#
Downloads a file from the server.
Base Command#
smb-download
Input#
| Argument Name | Description | Required |
|---|---|---|
| file_path | The path to the file, starting from the share, for example: Share/Folder/File. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| File.Size | number | File size. |
| File.SHA1 | string | SHA1 hash of the file. |
| File.SHA256 | string | SHA256 hash of the file. |
| File.Name | string | File name. |
| File.SSDeep | string | SSDeep hash of the file. |
| File.EntryID | string | File entry ID. |
| File.Info | string | Information about the file. |
| File.Type | string | File type. |
| File.MD5 | string | MD5 hash of the file. |
Command Example#
!smb-download file_path=Shared/Tests/Test.txt
Context Example#
Human Readable Output#
smb-upload#
Uploads a file to the server.
Base Command#
smb-upload
Input#
| Argument Name | Description | Required |
|---|---|---|
| file_path | The path to the file, starting from the share, for example: Share/Folder/File. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
| entryID | EntryID of the file to send to the share. | Optional |
| content | File content to send to the share. Ignored if EntryID argument is specified. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!smb-upload file_path=Shared/Tests/Test.txt content="This is a test"
Human Readable Output#
File Test.txt was uploaded successfully
smb-directory-list#
Returns a list containing the names of the entries in the directory given by path.
Base Command#
smb-directory-list
Input#
| Argument Name | Description | Required |
|---|---|---|
| path | The path to the directory, starting from the share, for example: Share/Folder. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
Context Output#
| Path | Type | Description |
|---|---|---|
| SMB.Path.SharedFolder | String | The full path of the shared folder. |
| SMB.Path.Files | Unknown | List of files under the shared folder. |
| SMB.Path.Directories | Unknown | List of directories under the shared folder. |
Command Example#
!smb-directory-list path=Shared
Context Example#
Human Readable Output#
List Of Entries for 127.0.0.1/Shared#
Directories Files SharedFolder Tests 123.txt,
test.jpg127.0.0.1/Shared
smb-file-remove#
Removes a file from the server.
Base Command#
smb-file-remove
Input#
| Argument Name | Description | Required |
|---|---|---|
| file_path | The path to the file, starting from the share, for example: Share/Folder/File. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!smb-file-remove file_path=Shared/Tests/Test.txt
Human Readable Output#
File Test.txt was deleted successfully
smb-directory-create#
Creates a new directory under the given path.
Base Command#
smb-directory-create
Input#
| Argument Name | Description | Required |
|---|---|---|
| path | The path to the directory, starting from the share, for example: Share/NewFolder. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!smb-directory-create path=Shared/Tests
Human Readable Output#
Directory: 127.0.0.1/Shared/Tests was created successfully
smb-directory-remove#
Removes a directory from the given path.
Base Command#
smb-directory-remove
Input#
| Argument Name | Description | Required |
|---|---|---|
| path | The path to the directory, starting from the share, for example: Share/NewFolder. This field is case-insensitive. | Required |
| hostname | Server IP address / hostname. If empty, the hostname from the instance configuration is used. | Optional |
| username | The username to use when creating a new SMB session. If empty, the username from the instance configuration is used. | Optional |
| password | The password to use for authentication. If empty, the password from the instance configuration is used. | Optional |
Context Output#
There is no context output for this command.
Command Example#
!smb-directory-remove path=Shared/Tests
Human Readable Output#
Directory: 127.0.0.1/Shared/Tests was removed successfully