Exemple #1
0
        /// <summary>
        /// Create DPSP logon information structure
        /// </summary>
        /// <param name="parameterControl">
        /// A set of bit flags that contain information pertaining to the logon validation processing.
        /// </param>
        /// <param name="digestValidationReq">DIGEST_VALIDATION_REQ structure</param>
        /// <returns>Dpsp netlogon information structure</returns>
        public static _NETLOGON_LEVEL CreateDpspLogonInfo(
            NrpcParameterControlFlags parameterControl,
            DIGEST_VALIDATION_REQ digestValidationReq)
        {
            if (digestValidationReq.Payload == null)
            {
                throw new ArgumentException(
                          "invalid digestValidationReq parameter: the payload field is null",
                          "digestValidationReq");
            }

            _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();

            DIGEST_VALIDATION_REQ_Payload payload =
                DIGEST_VALIDATION_REQ_Payload.Parse(digestValidationReq.Payload);

            byte[] logonData = TypeMarshal.ToBytes <DIGEST_VALIDATION_REQ>(digestValidationReq);

            //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
            //that contains information about the logon identity.
            _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
                parameterControl,
                payload.Domain,
                payload.Username,
                payload.ServerName);

            netLogonLevel.LogonGeneric                = new _NETLOGON_GENERIC_INFO[1];
            netLogonLevel.LogonGeneric[0].Identity    = identityInfo;
            netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(DIGEST_PACKAGENAME);
            netLogonLevel.LogonGeneric[0].LogonData   = logonData;
            netLogonLevel.LogonGeneric[0].DataLength  = (uint)logonData.Length;

            return(netLogonLevel);
        }
Exemple #2
0
        /// <summary>
        ///  Construct Kerberos PAC pass-through logon information
        /// </summary>
        /// <param name="parameterControl">
        /// A set of bit flags that contain information pertaining to the logon validation processing.
        /// </param>
        /// <param name="domainName">domain name</param>
        /// <param name="userName">user name</param>
        /// <param name="serverName">NetBIOS name of server </param>
        /// <param name="kerbVerifyPacRequest">KERB_VERIFY_PAC_REQUEST packet</param>
        /// <returns>Kerberos PAC netlogon information structure </returns>
        public static _NETLOGON_LEVEL CreatePacLogonInfo(
            NrpcParameterControlFlags parameterControl,
            string domainName,
            string userName,
            string serverName,
            KERB_VERIFY_PAC_REQUEST kerbVerifyPacRequest)
        {
            _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();

            byte[] logonData = TypeMarshal.ToBytes <KERB_VERIFY_PAC_REQUEST>(kerbVerifyPacRequest);

            //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
            //that contains information about the logon identity.
            _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
                parameterControl,
                domainName,
                userName,
                serverName);

            netLogonLevel.LogonGeneric                = new _NETLOGON_GENERIC_INFO[1];
            netLogonLevel.LogonGeneric[0].Identity    = identityInfo;
            netLogonLevel.LogonGeneric[0].PackageName = DtypUtility.ToRpcUnicodeString(KERBEROS_PACKAGENAME);
            netLogonLevel.LogonGeneric[0].LogonData   = logonData;
            netLogonLevel.LogonGeneric[0].DataLength  = (uint)logonData.Length;

            return(netLogonLevel);
        }
Exemple #3
0
        /// <summary>
        /// Construct Nlmp pass-through interactive logon information structure
        /// from client NTLM authenticate response message
        /// </summary>
        /// <param name="parameterControl">A set of bit flags
        /// that contain information pertaining to the logon validation processing.
        /// </param>
        /// <param name="domainName">domain name</param>
        /// <param name="userName">user name</param>
        /// <param name="password">password</param>
        /// <param name="serverName">NetBIOS name of server </param>
        /// <returns>nlmp interactive logon information structure</returns>
        public static _NETLOGON_LEVEL CreateNlmpInteractiveLogonInfo(
            NrpcParameterControlFlags parameterControl,
            string domainName,
            string userName,
            string password,
            string serverName
            )
        {
            _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();

            //LmOwfPassword: LM_OWF_PASSWORD structure, as specified in section 2.2.1.1.3,
            //that contains the LMOWFv1 of a password.
            //LMOWFv1 is specified in NTLM v1 Authentication in [MS-NLMP] section 3.3.1.
            byte[] lmOwf = NlmpUtility.LmOWF(NlmpVersion.v1, domainName, userName, password);
            //NtOwfPassword: An NT_OWF_PASSWORD structure, as specified in section 2.2.1.1.4,
            //that contains the NTOWFv1 of a password.
            //NTOWFv1 is specified in NTLM v1 Authentication in [MS-NLMP] section 3.3.1.
            byte[] ntOwf = NlmpUtility.NtOWF(NlmpVersion.v1, domainName, userName, password);

            //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
            //that contains information about the logon identity.
            _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
                parameterControl,
                domainName,
                userName,
                serverName);

            netLogonLevel.LogonInteractive                       = new _NETLOGON_INTERACTIVE_INFO[1];
            netLogonLevel.LogonInteractive[0].Identity           = identityInfo;
            netLogonLevel.LogonInteractive[0].LmOwfPassword      = new _LM_OWF_PASSWORD();
            netLogonLevel.LogonInteractive[0].LmOwfPassword.data = NrpcUtility.CreateCypherBlocks(lmOwf);
            netLogonLevel.LogonInteractive[0].NtOwfPassword      = new _NT_OWF_PASSWORD();
            netLogonLevel.LogonInteractive[0].NtOwfPassword.data = NrpcUtility.CreateCypherBlocks(ntOwf);

            return(netLogonLevel);
        }
Exemple #4
0
        /// <summary>
        /// Construct Nlmp pass-through network logon information structure
        /// from client NTLM authenticate response message
        /// </summary>
        /// <param name="parameterControl">
        /// A set of bit flags that contain information pertaining to the logon validation processing.
        /// </param>
        /// <param name="nlmpAuthenticatePacket">
        /// nlmp authenticate response packet sent from client machine
        /// </param>
        /// <param name="lmChallenge">
        /// nlmp challenge sent from server to client
        /// </param>
        /// <returns>
        /// Nlmp pass-through network logon information
        /// </returns>
        /// <exception cref="ArgumentNullException">
        /// Thrown when nlmpAuthenticatePacket or lmChallenge is null.
        /// </exception>
        /// <exception cref="ArgumentException">
        /// Thrown when the length of lmChallenge is not equal to 8 bytes
        /// </exception>
        public static _NETLOGON_LEVEL CreateNlmpNetworkLogonInfo(
            NrpcParameterControlFlags parameterControl,
            NlmpAuthenticatePacket nlmpAuthenticatePacket,
            byte[] lmChallenge
            )
        {
            if (nlmpAuthenticatePacket == null)
            {
                throw new ArgumentNullException("nlmpAuthenticatePacket");
            }

            if (lmChallenge == null)
            {
                throw new ArgumentNullException("lmChallenge");
            }

            // ServerChallenge (8 bytes): A 64-bit value that contains the NTLM challenge.
            // The challenge is a 64-bit nonce. The processing of the
            // ServerChallenge is specified in sections 3.1.5 and 3.2.5.
            if (lmChallenge.Length != NLMP_SERVER_CHALLENGE_LENGTH)
            {
                throw new ArgumentException(
                          "the length of lmChallenge should be 8 bytes",
                          "lmChallenge");
            }

            string domainName;
            string userName;
            string logonWorkStation;

            _NETLOGON_LEVEL netLogonLevel = new _NETLOGON_LEVEL();

            if (nlmpAuthenticatePacket.Payload.DomainName != null)
            {
                domainName = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.DomainName);
            }
            else
            {
                throw new ArgumentException(
                          "DomainName field should not be null",
                          "nlmpAuthenticatePacket");
            }

            if (nlmpAuthenticatePacket.Payload.UserName != null)
            {
                userName = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.UserName);
            }
            else
            {
                throw new ArgumentException(
                          "UserName field should not be null",
                          "nlmpAuthenticatePacket");
            }

            if (nlmpAuthenticatePacket.Payload.Workstation != null)
            {
                logonWorkStation = Encoding.Unicode.GetString(nlmpAuthenticatePacket.Payload.Workstation);
            }
            else
            {
                throw new ArgumentException(
                          "WorkStation field should not be null",
                          "nlmpAuthenticatePacket");
            }

            //Identity: A NETLOGON_LOGON_IDENTITY_INFO structure, as specified in section MS-NRPC 2.2.1.4.15,
            //that contains information about the logon identity.
            _NETLOGON_LOGON_IDENTITY_INFO identityInfo = NrpcUtility.CreateNetlogonIdentityInfo(
                parameterControl,
                domainName,
                userName,
                logonWorkStation);

            netLogonLevel.LogonNetwork                        = new _NETLOGON_NETWORK_INFO[1];
            netLogonLevel.LogonNetwork[0].Identity            = identityInfo;
            netLogonLevel.LogonNetwork[0].LmChallenge         = new LM_CHALLENGE();
            netLogonLevel.LogonNetwork[0].LmChallenge.data    = lmChallenge;
            netLogonLevel.LogonNetwork[0].LmChallengeResponse =
                NrpcUtility.CreateString(nlmpAuthenticatePacket.Payload.LmChallengeResponse);
            netLogonLevel.LogonNetwork[0].NtChallengeResponse =
                NrpcUtility.CreateString(nlmpAuthenticatePacket.Payload.NtChallengeResponse);

            return(netLogonLevel);
        }