/// <summary>
/// Create DPSP logon information structure
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
/// <returns>Dpsp netlogon information structure</returns>
public static _NETLOGON_LEVEL CreateDpspLogonInfo(
NrpcParameterControlFlags parameterControl,
DIGEST_VALIDATION_REQ digestValidationReq)
{
if (digestValidationReq.Payload == null)
{
throw new ArgumentException(
"invalid digestValidationReq parameter: the payload field is null",
"digestValidationReq");
}
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
DIGEST_VALIDATION_REQ_Payload payload =
DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);
byte[] logonData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
payload.Domain,
payload.Username,
payload.ServerName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return(netLogonLevel);
}
/// <summary>
/// Construct Kerberos PAC pass-through logon information
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="domainName">domain name</param>
/// <param name="userName">user name</param>
/// <param name="serverName">NetBIOS name of server </param>
/// <param name="kerbVerifyPacRequest">KERB_VERIFY_PAC_REQUEST packet</param>
/// <returns>Kerberos PAC netlogon information structure </returns>
public static _NETLOGON_LEVEL CreatePacLogonInfo(
NrpcParameterControlFlags parameterControl,
string domainName,
string userName,
string serverName,
KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest)
{
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
byte[] logonData = TypeMarshal.ToBytes <KERB_VERIFY_PAC_REQUEST>(kerbVerifyPacRequest);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
domainName,
userName,
serverName);
netLogonLevel.LogonGeneric = new _NETLOGON_GENERIC_INFO[1];
netLogonLevel.LogonGeneric[0].Identity = identityInfo;
netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(KERBEROS_PACKAGENAME);
netLogonLevel.LogonGeneric[0].LogonData = logonData;
netLogonLevel.LogonGeneric[0].DataLength = (uint)logonData.Length;
return(netLogonLevel);
}
/// <summary>
/// Construct Nlmp pass-through interactive logon information structure
/// from client NTLM authenticate response message
/// </summary>
/// <param name="parameterControl">A set of bit flags
/// that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="domainName">domain name</param>
/// <param name="userName">user name</param>
/// <param name="password">password</param>
/// <param name="serverName">NetBIOS name of server </param>
/// <returns>nlmp interactive logon information structure</returns>
public static _NETLOGON_LEVEL CreateNlmpInteractiveLogonInfo(
NrpcParameterControlFlags parameterControl,
string domainName,
string userName,
string password,
string serverName
)
{
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
//LmOwfPassword: LM_OWF_PASSWORD structure, as specified in section 2.2.1.1.3,
//that contains the LMOWFv1 of a password.
//LMOWFv1 is specified in NTLM v1 Authentication in [MS-NLMP] section 3.3.1.
byte[] lmOwf = NlmpUtility.LmOWF(NlmpVersion.v1, domainName, userName, password);
//NtOwfPassword: An NT_OWF_PASSWORD structure, as specified in section 2.2.1.1.4,
//that contains the NTOWFv1 of a password.
//NTOWFv1 is specified in NTLM v1 Authentication in [MS-NLMP] section 3.3.1.
byte[] ntOwf = NlmpUtility.NtOWF(NlmpVersion.v1, domainName, userName, password);
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
domainName,
userName,
serverName);
netLogonLevel.LogonInteractive = new _NETLOGON_INTERACTIVE_INFO[1];
netLogonLevel.LogonInteractive[0].Identity = identityInfo;
netLogonLevel.LogonInteractive[0].LmOwfPassword = new _LM_OWF_PASSWORD();
netLogonLevel.LogonInteractive[0].LmOwfPassword.data = NrpcUtility.CreateCypherBlocks(lmOwf);
netLogonLevel.LogonInteractive[0].NtOwfPassword = new _NT_OWF_PASSWORD();
netLogonLevel.LogonInteractive[0].NtOwfPassword.data = NrpcUtility.CreateCypherBlocks(ntOwf);
return(netLogonLevel);
}
/// <summary>
/// Construct Nlmp pass-through network logon information structure
/// from client NTLM authenticate response message
/// </summary>
/// <param name="parameterControl">
/// A set of bit flags that contain information pertaining to the logon validation processing.
/// </param>
/// <param name="nlmpAuthenticatePacket">
/// nlmp authenticate response packet sent from client machine
/// </param>
/// <param name="lmChallenge">
/// nlmp challenge sent from server to client
/// </param>
/// <returns>
/// Nlmp pass-through network logon information
/// </returns>
/// <exception cref="ArgumentNullException">
/// Thrown when nlmpAuthenticatePacket or lmChallenge is null.
/// </exception>
/// <exception cref="ArgumentException">
/// Thrown when the length of lmChallenge is not equal to 8 bytes
/// </exception>
public static _NETLOGON_LEVEL CreateNlmpNetworkLogonInfo(
NrpcParameterControlFlags parameterControl,
NlmpAuthenticatePacket nlmpAuthenticatePacket,
byte[] lmChallenge
)
{
if (nlmpAuthenticatePacket == null)
{
throw new ArgumentNullException("nlmpAuthenticatePacket");
}
if (lmChallenge == null)
{
throw new ArgumentNullException("lmChallenge");
}
// ServerChallenge (8 bytes): A 64-bit value that contains the NTLM challenge.
// The challenge is a 64-bit nonce. The processing of the
// ServerChallenge is specified in sections 3.1.5 and 3.2.5.
if (lmChallenge.Length != NLMP_SERVER_CHALLENGE_LENGTH)
{
throw new ArgumentException(
"the length of lmChallenge should be 8 bytes",
"lmChallenge");
}
string domainName;
string userName;
string logonWorkStation;
_NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();
if (nlmpAuthenticatePacket.Payload.DomainName != null)
{
domainName = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.DomainName);
}
else
{
throw new ArgumentException(
"DomainName field should not be null",
"nlmpAuthenticatePacket");
}
if (nlmpAuthenticatePacket.Payload.UserName != null)
{
userName = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.UserName);
}
else
{
throw new ArgumentException(
"UserName field should not be null",
"nlmpAuthenticatePacket");
}
if (nlmpAuthenticatePacket.Payload.Workstation != null)
{
logonWorkStation = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.Workstation);
}
else
{
throw new ArgumentException(
"WorkStation field should not be null",
"nlmpAuthenticatePacket");
}
//Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
//that contains information about the logon identity.
_NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
parameterControl,
domainName,
userName,
logonWorkStation);
netLogonLevel.LogonNetwork = new _NETLOGON_NETWORK_INFO[1];
netLogonLevel.LogonNetwork[0].Identity = identityInfo;
netLogonLevel.LogonNetwork[0].LmChallenge = new LM_CHALLENGE();
netLogonLevel.LogonNetwork[0].LmChallenge.data = lmChallenge;
netLogonLevel.LogonNetwork[0].LmChallengeResponse =
NrpcUtility.CreateString(nlmpAuthenticatePacket.Payload.LmChallengeResponse);
netLogonLevel.LogonNetwork[0].NtChallengeResponse =
NrpcUtility.CreateString(nlmpAuthenticatePacket.Payload.NtChallengeResponse);
return(netLogonLevel);
}
