/// <exception cref="SharpCifs.Smb.SmbException"></exception> public virtual byte[] InitSecContext(byte[] token, int offset, int len) { switch (State) { case 1: { Type1Message msg1 = new Type1Message(NtlmsspFlags, Auth.GetDomain(), Workstation); token = msg1.ToByteArray(); if (Log.Level >= 4) { Log.WriteLine(msg1); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } State++; break; } case 2: { try { Type2Message msg2 = new Type2Message(token); if (Log.Level >= 4) { Log.WriteLine(msg2); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } ServerChallenge = msg2.GetChallenge(); NtlmsspFlags &= msg2.GetFlags(); //netbiosName = getNtlmsspListItem(token, 0x0001); Type3Message msg3 = new Type3Message(msg2, Auth.GetPassword(), Auth.GetDomain(), Auth.GetUsername(), Workstation, NtlmsspFlags); token = msg3.ToByteArray(); if (Log.Level >= 4) { Log.WriteLine(msg3); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } if ((NtlmsspFlags & NtlmFlags.NtlmsspNegotiateSign) != 0) { SigningKey = msg3.GetMasterKey(); } isEstablished = true; State++; break; } catch (Exception e) { throw new SmbException(e.Message, e); } } default: { throw new SmbException("Invalid state"); } } return token; }
/// <exception cref="SharpCifs.Smb.SmbException"></exception> internal SmbComSessionSetupAndX(SmbSession session, ServerMessageBlock andx, object cred) : base(andx) { Command = SmbComSessionSetupAndx; this.Session = session; this.Cred = cred; _sessionKey = session.transport.SessionKey; _capabilities = session.transport.Capabilities; if (session.transport.Server.Security == SmbConstants.SecurityUser) { if (cred is NtlmPasswordAuthentication) { NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred; if (auth == NtlmPasswordAuthentication.Anonymous) { _lmHash = new byte[0]; _ntHash = new byte[0]; _capabilities &= ~SmbConstants.CapExtendedSecurity; } else { if (session.transport.Server.EncryptedPasswords) { _lmHash = auth.GetAnsiHash(session.transport.Server.EncryptionKey); _ntHash = auth.GetUnicodeHash(session.transport.Server.EncryptionKey); // prohibit HTTP auth attempts for the null session if (_lmHash.Length == 0 && _ntHash.Length == 0) { throw new RuntimeException("Null setup prohibited."); } } else { if (DisablePlainTextPasswords) { throw new RuntimeException("Plain text passwords are disabled"); } if (UseUnicode) { // plain text string password = auth.GetPassword(); _lmHash = new byte[0]; _ntHash = new byte[(password.Length + 1) * 2]; WriteString(password, _ntHash, 0); } else { // plain text string password = auth.GetPassword(); _lmHash = new byte[(password.Length + 1) * 2]; _ntHash = new byte[0]; WriteString(password, _lmHash, 0); } } } _accountName = auth.Username; if (UseUnicode) { _accountName = _accountName.ToUpper(); } _primaryDomain = auth.Domain.ToUpper(); } else { if (cred is byte[]) { _blob = (byte[])cred; } else { throw new SmbException("Unsupported credential type"); } } } else { if (session.transport.Server.Security == SmbConstants.SecurityShare) { if (cred is NtlmPasswordAuthentication) { NtlmPasswordAuthentication auth = (NtlmPasswordAuthentication)cred; _lmHash = new byte[0]; _ntHash = new byte[0]; _accountName = auth.Username; if (UseUnicode) { _accountName = _accountName.ToUpper(); } _primaryDomain = auth.Domain.ToUpper(); } else { throw new SmbException("Unsupported credential type"); } } else { throw new SmbException("Unsupported"); } } }