SMB2 TREE_CONNECT response MaximalAccess: file or directory access mask?

Diederick Niehorster 1 Reputation point
2022-11-23T11:36:17.5+00:00

I have hacked impacket a bit to provide access to the MaximalAccess field in the SMB2 TREE_CONNECT Response. However, I am wondering how to interpret this field. The docs say

Contains the maximal access for the user that establishes the tree connect  
on the share based on the share's permissions. This value takes the form as  
specified in section 2.2.13.1.  

and 2.2.13.1 says:

The SMB2 Access Mask Encoding in SMB2 is a 4-byte bit field value that  
contains an array of flags. An access mask can specify access for one of two  
basic groups: either for a file, pipe, or printer (specified in section  
2.2.13.1.1) or for a directory (specified in section 2.2.13.1.2). Each  
access mask MUST be a combination of zero or more of the bit positions  
that are shown below.  

So is the MaximalAccess mask one for file, pipe, or printer, or for a directory?
This question is also posted at https://stackoverflow.com/questions/74546047

Windows Open Specifications
Windows Open Specifications
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Open Specifications: Technical documents for protocols, computer languages, standards support, and data portability. The goal with Open Specifications is to help developers open new opportunities to interoperate with Windows, SQL, Office, and SharePoint.
41 questions
{count} votes

1 answer

Sort by: Most helpful
  1. Sreekanth Nadendla 401 Reputation points Microsoft Employee
    2022-11-23T14:58:41.063+00:00

    Hello DiederickNiehorster-8895, thank you for your question regarding Microsoft Windows Open Specifications. We will review your question and post an update here soon.

    Regards,
    Sreekanth Nadendla
    Microsoft Windows Open Specifications

    1 person found this answer helpful.
    0 comments No comments