static async Task Authenticate(String uri, bool useNtlm = true)
{
var handler = new SocketsHttpHandler();
var client = new HttpClient(handler);
client.DefaultRequestHeaders.Add("Accept", "*/*");
var ntlm = new Ntlm(nc);
string msg = ntlm.CreateNegotiateMessage(spnego: !useNtlm);
var message = new HttpRequestMessage(HttpMethod.Get, uri);
message.Headers.Add("Authorization", ntlm.CreateNegotiateMessage(spnego: !useNtlm));
HttpResponseMessage response = await client.SendAsync(message, default);
if (response.StatusCode == HttpStatusCode.Unauthorized)
{
foreach (AuthenticationHeaderValue header in response.Headers.WwwAuthenticate)
{
string blob = ntlm.ProcessChallenge(header);
if (!string.IsNullOrEmpty(blob))
{
message = new HttpRequestMessage(HttpMethod.Get, uri);
message.Headers.Add("Authorization", blob);
response = await client.SendAsync(message, default);
}
}
}
Console.WriteLine(response);
}
private static void PrintNtlmSettings()
{
Beaprint.MainPrint($"Enumerating NTLM Settings");
try
{
var info = Ntlm.GetNtlmSettingsInfo();
string lmCompatibilityLevelColor = info.LanmanCompatibilityLevel >= 3 ? Beaprint.ansi_color_good : Beaprint.ansi_color_bad;
Beaprint.ColorPrint($" LanmanCompatibilityLevel : {info.LanmanCompatibilityLevel} ({info.LanmanCompatibilityLevelString})\n", lmCompatibilityLevelColor);
var ntlmSettingsColors = new Dictionary <string, string>
{
{ "True", Beaprint.ansi_color_good },
{ "False", Beaprint.ansi_color_bad },
{ "No signing", Beaprint.ansi_color_bad },
{ "null", Beaprint.ansi_color_bad },
{ "Require Signing", Beaprint.ansi_color_good },
{ "Negotiate signing", Beaprint.ansi_color_yellow },
{ "Unknown", Beaprint.ansi_color_bad },
};
Beaprint.ColorPrint("\n NTLM Signing Settings", Beaprint.LBLUE);
Beaprint.AnsiPrint($" ClientRequireSigning : {info.ClientRequireSigning}\n" +
$" ClientNegotiateSigning : {info.ClientNegotiateSigning}\n" +
$" ServerRequireSigning : {info.ServerRequireSigning}\n" +
$" ServerNegotiateSigning : {info.ServerNegotiateSigning}\n" +
$" LdapSigning : {(info.LdapSigning != null ? info.LdapSigningString : "null")} ({info.LdapSigningString})",
ntlmSettingsColors);
Beaprint.ColorPrint("\n Session Security", Beaprint.LBLUE);
if (info.NTLMMinClientSec != null)
{
var clientSessionSecurity = (SessionSecurity)info.NTLMMinClientSec;
var clientSessionSecurityDescription = clientSessionSecurity.GetDescription();
var color = !clientSessionSecurity.HasFlag(SessionSecurity.NTLMv2) && !clientSessionSecurity.HasFlag(SessionSecurity.Require128BitKey) ?
Beaprint.ansi_color_bad :
Beaprint.ansi_color_good;
Beaprint.ColorPrint($" NTLMMinClientSec : {info.NTLMMinClientSec} ({clientSessionSecurityDescription})", color);
if (info.LanmanCompatibilityLevel < 3 && !clientSessionSecurity.HasFlag(SessionSecurity.NTLMv2))
{
Beaprint.BadPrint(" [!] NTLM clients support NTLMv1!");
}
}
if (info.NTLMMinServerSec != null)
{
var serverSessionSecurity = (SessionSecurity)info.NTLMMinServerSec;
var serverSessionSecurityDescription = serverSessionSecurity.GetDescription();
var color = !serverSessionSecurity.HasFlag(SessionSecurity.NTLMv2) && !serverSessionSecurity.HasFlag(SessionSecurity.Require128BitKey) ?
Beaprint.ansi_color_bad :
Beaprint.ansi_color_good;
Beaprint.ColorPrint($" NTLMMinServerSec : {info.NTLMMinServerSec} ({serverSessionSecurityDescription})\n", color);
if (info.LanmanCompatibilityLevel < 3 && !serverSessionSecurity.HasFlag(SessionSecurity.NTLMv2))
{
Beaprint.BadPrint(" [!] NTLM services on this machine support NTLMv1!");
}
}
var ntlmOutboundRestrictionsColor = info.OutboundRestrictions == 2 ? Beaprint.ansi_color_good : Beaprint.ansi_color_bad;
Beaprint.ColorPrint("\n NTLM Auditing and Restrictions", Beaprint.LBLUE);
Beaprint.NoColorPrint($" InboundRestrictions : {info.InboundRestrictions} ({info.InboundRestrictionsString})");
Beaprint.ColorPrint($" OutboundRestrictions : {info.OutboundRestrictions} ({info.OutboundRestrictionsString})", ntlmOutboundRestrictionsColor);
Beaprint.NoColorPrint($" InboundAuditing : {info.InboundAuditing} ({info.InboundRestrictionsString})");
Beaprint.NoColorPrint($" OutboundExceptions : {info.OutboundExceptions}");
}
catch (Exception ex)
{
Beaprint.PrintException(ex.Message);
}
}
