static async Task Authenticate(String uri, bool useNtlm = true) { var handler = new SocketsHttpHandler(); var client = new HttpClient(handler); client.DefaultRequestHeaders.Add("Accept", "*/*"); var ntlm = new Ntlm(nc); string msg = ntlm.CreateNegotiateMessage(spnego: !useNtlm); var message = new HttpRequestMessage(HttpMethod.Get, uri); message.Headers.Add("Authorization", ntlm.CreateNegotiateMessage(spnego: !useNtlm)); HttpResponseMessage response = await client.SendAsync(message, default); if (response.StatusCode == HttpStatusCode.Unauthorized) { foreach (AuthenticationHeaderValue header in response.Headers.WwwAuthenticate) { string blob = ntlm.ProcessChallenge(header); if (!string.IsNullOrEmpty(blob)) { message = new HttpRequestMessage(HttpMethod.Get, uri); message.Headers.Add("Authorization", blob); response = await client.SendAsync(message, default); } } } Console.WriteLine(response); }
private static void PrintNtlmSettings() { Beaprint.MainPrint($"Enumerating NTLM Settings"); try { var info = Ntlm.GetNtlmSettingsInfo(); string lmCompatibilityLevelColor = info.LanmanCompatibilityLevel >= 3 ? Beaprint.ansi_color_good : Beaprint.ansi_color_bad; Beaprint.ColorPrint($" LanmanCompatibilityLevel : {info.LanmanCompatibilityLevel} ({info.LanmanCompatibilityLevelString})\n", lmCompatibilityLevelColor); var ntlmSettingsColors = new Dictionary <string, string> { { "True", Beaprint.ansi_color_good }, { "False", Beaprint.ansi_color_bad }, { "No signing", Beaprint.ansi_color_bad }, { "null", Beaprint.ansi_color_bad }, { "Require Signing", Beaprint.ansi_color_good }, { "Negotiate signing", Beaprint.ansi_color_yellow }, { "Unknown", Beaprint.ansi_color_bad }, }; Beaprint.ColorPrint("\n NTLM Signing Settings", Beaprint.LBLUE); Beaprint.AnsiPrint($" ClientRequireSigning : {info.ClientRequireSigning}\n" + $" ClientNegotiateSigning : {info.ClientNegotiateSigning}\n" + $" ServerRequireSigning : {info.ServerRequireSigning}\n" + $" ServerNegotiateSigning : {info.ServerNegotiateSigning}\n" + $" LdapSigning : {(info.LdapSigning != null ? info.LdapSigningString : "null")} ({info.LdapSigningString})", ntlmSettingsColors); Beaprint.ColorPrint("\n Session Security", Beaprint.LBLUE); if (info.NTLMMinClientSec != null) { var clientSessionSecurity = (SessionSecurity)info.NTLMMinClientSec; var clientSessionSecurityDescription = clientSessionSecurity.GetDescription(); var color = !clientSessionSecurity.HasFlag(SessionSecurity.NTLMv2) && !clientSessionSecurity.HasFlag(SessionSecurity.Require128BitKey) ? Beaprint.ansi_color_bad : Beaprint.ansi_color_good; Beaprint.ColorPrint($" NTLMMinClientSec : {info.NTLMMinClientSec} ({clientSessionSecurityDescription})", color); if (info.LanmanCompatibilityLevel < 3 && !clientSessionSecurity.HasFlag(SessionSecurity.NTLMv2)) { Beaprint.BadPrint(" [!] NTLM clients support NTLMv1!"); } } if (info.NTLMMinServerSec != null) { var serverSessionSecurity = (SessionSecurity)info.NTLMMinServerSec; var serverSessionSecurityDescription = serverSessionSecurity.GetDescription(); var color = !serverSessionSecurity.HasFlag(SessionSecurity.NTLMv2) && !serverSessionSecurity.HasFlag(SessionSecurity.Require128BitKey) ? Beaprint.ansi_color_bad : Beaprint.ansi_color_good; Beaprint.ColorPrint($" NTLMMinServerSec : {info.NTLMMinServerSec} ({serverSessionSecurityDescription})\n", color); if (info.LanmanCompatibilityLevel < 3 && !serverSessionSecurity.HasFlag(SessionSecurity.NTLMv2)) { Beaprint.BadPrint(" [!] NTLM services on this machine support NTLMv1!"); } } var ntlmOutboundRestrictionsColor = info.OutboundRestrictions == 2 ? Beaprint.ansi_color_good : Beaprint.ansi_color_bad; Beaprint.ColorPrint("\n NTLM Auditing and Restrictions", Beaprint.LBLUE); Beaprint.NoColorPrint($" InboundRestrictions : {info.InboundRestrictions} ({info.InboundRestrictionsString})"); Beaprint.ColorPrint($" OutboundRestrictions : {info.OutboundRestrictions} ({info.OutboundRestrictionsString})", ntlmOutboundRestrictionsColor); Beaprint.NoColorPrint($" InboundAuditing : {info.InboundAuditing} ({info.InboundRestrictionsString})"); Beaprint.NoColorPrint($" OutboundExceptions : {info.OutboundExceptions}"); } catch (Exception ex) { Beaprint.PrintException(ex.Message); } }