Improve fingerprinting of SMB endpoints via native_lm + recog

[jhart-r7]

This is a WIP for #8451. I have not fully tested it and realize there may be important fingerprinting bits in other modules that may break because of this or the particulars of how this fingerprinting is supposed to work. Posting here to get feedback and get assistance from others.

The idea here is to update smb_fingerprint to account for fingerprints first from native_os and then from native_lm, and merge them together, taking what comes from native_os in the event of conflicts.

This utilizes the recog native_lm fingerprints (https://github.com/rapid7/recog/blob/master/xml/smb_native_lm.xml) to attempt to obtain more complete/accurate fingerprints when necessary in relevant smb modules:

https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_enumshares.rb#L157
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_uninit_cred.rb#L155
https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/smb/smb_version.rb#L56
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/brightstor/ca_arcserve_342.rb#L60
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/smb/ms08_067_netapi.rb#L860
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/samba/is_known_pipename.rb#L426

This will require updates to MDM (rapid7/metasploit_data_models#170)

[busterb]

Anything we should still be holding for here @jhart-r7 ?

[jhart-r7]

@busterb yes -- as mentioned in the current description, there are several modules that rely on the SMB fingerprinting that is being changed here. We need to be sure that these continue to function and that we aren't missing out on any possible improvements to these module as a side effect of the improved fingerprinting. I believe some of the affected modules are very important from a Pro perspective and am wary of breaking a key module.

There is also the necessary updates to metasploit_data_models in rapid7/metasploit_data_models#170

[sempervictus]

I've had this in my fork for months, hasn't run over my dog or set my house on fire (yet).
@jhart-r7: There are a few PRs which improve communication facilities outstanding. The data changes around those do suck to integrate, but stalling out several merges of function due to uncertainty about data is kind of a catch 22 (obviously not intended, but seems to be a recurring theme in discussions). My $0.02 is we merge in as much as we can and do a conflict resolution push via the community (they'll report issues soon as we break all the things). For max effect, master would be awesome, but that might require cherry picking for releases for a bit.

[bwatters-r7]

Is this still delayed? What needs to happen?

[jhart-r7]

@bwatters-r7 there is a dependent PR rapid7/metasploit_data_models#170 that needs to get reviewed and landed, and then someone needs to review and land this PR.

[acammack-r7]

Sorry @jhart-r7 , looks like we haven't been able make progress on this. To help our PR queue reflect stuff that is in flight, I am closing this and adding the attic label. You can learn about our new PR label on our wiki. I hope that we can reopen and land this once @bwatters-r7 has a chance to test.