protected async override Task OnHandleMessageAsync(Message message, NetworkSession session)
{
ChallengeMessage challengeMessage = (ChallengeMessage)message;
AuthSession authSession = (AuthSession)session;
string decoded = Encoding.UTF8.GetString(Convert.FromBase64String(challengeMessage.Challenge));
Logger.Debug($"Decoded challenge: {decoded}");
switch (App.Instance.AuthStage)
{
case AuthenticationStage.Begin:
await HandleChallengeStateAsync(authSession, decoded).ConfigureAwait(false);
break;
case AuthenticationStage.Challenge:
await HandleResponseStateAsync(authSession, decoded).ConfigureAwait(false);
break;
default:
await authSession.ErrorAsync($"Unexpected auth stage: {App.Instance.AuthStage}").ConfigureAwait(false);
return;
}
}
public List <byte> ParseType2AndCreateType3(byte[] Type2data, string userName, string password)
{
ChallengeMessage type2 = new ChallengeMessage(Type2data);
var type3 = type2.CreateType3(userName, password);
byte[] masterKey;
if (type2.NegotiateFlag.HasFlag(NegotiateFlags.NEGOTIATE_KEY_EXCH))
{
masterKey = type3.NtChallengeResponseField.VariableNTLMv2Response.RandomSessionKey;
}
else
{
masterKey = type3.NtChallengeResponseField.VariableNTLMv2Response.UserSessionKey;
}
var keyLength = 5;
if (type3.NegotiateFlag.HasFlag(NegotiateFlags.NEGOTIATE_128))
{
keyLength = 16;
}
else if (type3.NegotiateFlag.HasFlag(NegotiateFlags.NEGOTIATE_56))
{
keyLength = 7;
}
ComputeSubkeyGeneration(masterKey, keyLength);
return(type3.DumpBinary());
}
public static bool NTLMv2ChallengeMessageTest()
{
byte[] expected = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00,
0x38, 0x00, 0x00, 0x00, 0x33, 0x82, 0x8a, 0xe2, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24, 0x00, 0x24, 0x00, 0x44, 0x00, 0x00, 0x00,
0x06, 0x00, 0x70, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00,
0x65, 0x00, 0x72, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00,
0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00,
0x65, 0x00, 0x72, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte[] serverChallenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
ChallengeMessage message = new ChallengeMessage();
message.ServerChallenge = serverChallenge;
message.Version = new NTLMVersion(6, 0, 6000, 15);
message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMSessionSecurity | NegotiateFlags.AlwaysSign | NegotiateFlags.TargetTypeServer | NegotiateFlags.ExtendedSessionSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption;
message.TargetName = "Server";
byte[] serverAVPair = AVPairUtils.GetAVPairSequence("Domain", "Server");
message.TargetInfo = serverAVPair;
byte[] messageBytes = message.GetBytes();
bool success = ByteUtils.AreByteArraysEqual(expected, messageBytes);
return(success);
}
public byte[] GetChallengeMessageBytes(byte[] negotiateMessageBytes)
{
byte[] challengeMessageBytes = SSPIHelper.GetType2Message(negotiateMessageBytes, out m_serverContext);
ChallengeMessage message = new ChallengeMessage(challengeMessageBytes);
m_serverChallenge = message.ServerChallenge;
return(challengeMessageBytes);
}
public static NtChallengeResponseFields CreateNtChallengeResponseFields(ChallengeMessage challengeMessage, string strUserName, byte[] passwordNTHash, ref uint payloadPointer)
{
var np = NTLMV2Response.CreateNTLMV2Response(challengeMessage, strUserName, passwordNTHash);
var t = new NtChallengeResponseFields(payloadPointer, np);
payloadPointer += t.NtChallengeResponseLen;
return(t);
}
public byte[] GenerateServerChallenge()
{
NegotiateMessage negotiateMessage = new NegotiateMessage();
negotiateMessage.NegotiateFlags = NegotiateFlags.NegotiateUnicode | NegotiateFlags.NegotiateOEM | NegotiateFlags.RequestTarget | NegotiateFlags.NegotiateSign | NegotiateFlags.NegotiateSeal | NegotiateFlags.NegotiateLanManagerKey | NegotiateFlags.NegotiateNTLMKey | NegotiateFlags.NegotiateAlwaysSign | NegotiateFlags.NegotiateVersion | NegotiateFlags.Negotiate128 | NegotiateFlags.Negotiate56;
negotiateMessage.Version = Authentication.Version.Server2003;
byte[] negotiateMessageBytes = negotiateMessage.GetBytes();
byte[] challengeMessageBytes = SSPIHelper.GetType2Message(negotiateMessageBytes, out m_serverContext);
ChallengeMessage challengeMessage = new ChallengeMessage(challengeMessageBytes);
m_serverChallenge = challengeMessage.ServerChallenge;
return(m_serverChallenge);
}
internal ClientConnection(ServerView father, TcpClient textTcp, String password, ArrayList name)
{
this._father = father;
this._textTcp = textTcp;
ChallengeMessage auth = new ChallengeMessage();
auth.salt = new Random().Next().ToString();
auth.sendMe(textTcp.GetStream()); //mando il sale
ResponseChallengeMessage respo = ResponseChallengeMessage.recvMe(textTcp.GetStream());
if (name.Contains(respo.username))
{
//connessione fallita
ConfigurationMessage fail = new ConfigurationMessage("Nome utente già utilizzato");
fail.sendMe(textTcp.GetStream());
throw new ClientConnectionFail("Un client ha fornito un nome utente già utilizzato");
}
this._username = respo.username;
if (Pds2Util.createPswMD5(password, auth.salt).Equals(respo.pswMd5))
{
//creo le connessioni per i socket clipboard e video
IPAddress localadd = ((IPEndPoint)textTcp.Client.LocalEndPoint).Address;
TcpListener lvideo = new TcpListener(localadd, 0);
lvideo.Start();
IAsyncResult videores = lvideo.BeginAcceptTcpClient(null, null);
TcpListener lclip = new TcpListener(localadd, 0);
lclip.Start();
IAsyncResult clipres = lclip.BeginAcceptTcpClient(null, null);
int porta_video = ((IPEndPoint)lvideo.LocalEndpoint).Port;
int clip_video = ((IPEndPoint)lclip.LocalEndpoint).Port;
new ConfigurationMessage(porta_video, clip_video, "Benvenuto")
.sendMe(textTcp.GetStream());
_clipTcp = lclip.EndAcceptTcpClient(clipres);
_videoTcp = lvideo.EndAcceptTcpClient(videores);
//now the client is connected
_textReceiver = new Thread(_receiveText);
_textReceiver.IsBackground = true;
_textReceiver.Start();
_clipReceiver = new Thread(_receiveClipboard);
_clipReceiver.IsBackground = true;
_clipReceiver.Start();
}
else
{
//connessione fallita
ConfigurationMessage fail = new ConfigurationMessage("password sbagliata");
fail.sendMe(textTcp.GetStream());
throw new ClientConnectionFail("Un client ha fornito una password sbagliata");
}
}
public void TestNTLMv1ExtendedSessionSecurityKeyExchangeMIC()
{
string password = "******";
byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x97, 0x82, 0x08, 0xe2,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x0a, 0x00, 0x00, 0x28, 0x00, 0x00, 0x00, 0x0f };
byte[] type2 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
0x38, 0x00, 0x00, 0x00, 0x15, 0x82, 0x8a, 0xe2, 0x7a, 0x6d, 0x47, 0x52, 0x11, 0x8b, 0x9f, 0x37,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x60, 0x00, 0x48, 0x00, 0x00, 0x00,
0x06, 0x00, 0x71, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x02, 0x00, 0x10, 0x00, 0x54, 0x00, 0x41, 0x00,
0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x01, 0x00, 0x10, 0x00,
0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00,
0x04, 0x00, 0x10, 0x00, 0x54, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00,
0x31, 0x00, 0x30, 0x00, 0x03, 0x00, 0x10, 0x00, 0x54, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x07, 0x00, 0x08, 0x00, 0x28, 0x9a, 0x19, 0xec,
0x8d, 0x92, 0xd2, 0x01, 0x00, 0x00, 0x00, 0x00 };
byte[] type3 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x03, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
0x7c, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00, 0x94, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x58, 0x00, 0x00, 0x00, 0x08, 0x00, 0x08, 0x00, 0x66, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x6e, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0xac, 0x00, 0x00, 0x00, 0x15, 0x82, 0x88, 0xe2,
0x0a, 0x00, 0x00, 0x28, 0x00, 0x00, 0x00, 0x0f, 0xc6, 0x21, 0x82, 0x59, 0x83, 0xda, 0xc7, 0xe7,
0xfa, 0x96, 0x44, 0x67, 0x16, 0xc3, 0xb3, 0x5b, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x54, 0x00,
0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0x90, 0x13, 0xb0, 0x36,
0xa4, 0xa5, 0xf0, 0x2e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x5c, 0x46, 0xea, 0x77, 0x30, 0x44, 0xee, 0xa5, 0x98, 0x26, 0xa0, 0x93,
0x71, 0x5c, 0x83, 0xff, 0x76, 0x70, 0x1d, 0xf0, 0xb8, 0xa0, 0xad, 0x4d, 0xac, 0xe9, 0xf4, 0x5c,
0x3e, 0xb1, 0xb6, 0x48, 0x08, 0xa0, 0x46, 0x8c, 0x31, 0xe1, 0x2d, 0x60 };
byte[] serverChallenge = new ChallengeMessage(type2).ServerChallenge;
AuthenticateMessage authenticateMessage = new AuthenticateMessage(type3);
byte[] sessionBaseKey = new MD4().GetByteHashFromBytes(NTLMCryptography.NTOWFv1(password));
byte[] lmowf = NTLMCryptography.LMOWFv1(password);
byte[] exportedSessionKey = GetExportedSessionKey(sessionBaseKey, authenticateMessage, serverChallenge, lmowf);
// https://msdn.microsoft.com/en-us/library/cc236695.aspx
const int micFieldOffset = 72;
ByteWriter.WriteBytes(type3, micFieldOffset, new byte[16]);
byte[] temp = ByteUtils.Concatenate(ByteUtils.Concatenate(type1, type2), type3);
byte[] mic = new HMACMD5(exportedSessionKey).ComputeHash(temp);
byte[] expected = new byte[] { 0xc6, 0x21, 0x82, 0x59, 0x83, 0xda, 0xc7, 0xe7, 0xfa, 0x96, 0x44, 0x67, 0x16, 0xc3, 0xb3, 0x5b };
Assert.IsTrue(ByteUtils.AreByteArraysEqual(mic, expected));
}
/// <summary>
/// Helper method for legacy implementation.
/// </summary>
public virtual NTStatus GetNtlmChallengeMessage(out GssContext?context, NegotiateMessage negotiateMessage, out ChallengeMessage?challengeMessage)
{
IGssMechanism?ntlmAuthenticationProvider = FindMechanism(NtlmSspIdentifier);
if (ntlmAuthenticationProvider != null)
{
context = new GssContext(ntlmAuthenticationProvider, null);
NTStatus result = ntlmAuthenticationProvider.AcceptSecurityContext(ref context.MechanismContext, negotiateMessage.GetBytes(), out byte[] outputToken);
challengeMessage = new ChallengeMessage(outputToken);
return(result);
}
context = null;
challengeMessage = null;
return(NTStatus.SEC_E_SECPKG_NOT_FOUND);
}
/// <summary>
/// Helper method for legacy implementation.
/// </summary>
public virtual NTStatus GetNTLMChallengeMessage(out GSSContext context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage)
{
IGSSMechanism ntlmAuthenticationProvider = FindMechanism(NTLMSSPIdentifier);
if (ntlmAuthenticationProvider != null)
{
context = new GSSContext(ntlmAuthenticationProvider, null);
byte[] outputToken;
NTStatus result = ntlmAuthenticationProvider.AcceptSecurityContext(ref context.MechanismContext, negotiateMessage.GetBytes(), out outputToken);
challengeMessage = new ChallengeMessage(outputToken);
return(result);
}
else
{
context = null;
challengeMessage = null;
return(NTStatus.SEC_E_SECPKG_NOT_FOUND);
}
}
public void TestNTLMv1MIC()
{
string password = "******";
byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x97, 0x82, 0x08, 0xe2,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x0a, 0x00, 0x39, 0x38, 0x00, 0x00, 0x00, 0x0f };
byte[] type2 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x06, 0x00, 0x06, 0x00,
0x38, 0x00, 0x00, 0x00, 0x15, 0x02, 0x82, 0xa2, 0xe8, 0xbe, 0x2f, 0x5b, 0xc5, 0xe9, 0xf7, 0xa7,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00, 0x3e, 0x00, 0x00, 0x00,
0x05, 0x02, 0xce, 0x0e, 0x00, 0x00, 0x00, 0x0f, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x02, 0x00,
0x06, 0x00, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x01, 0x00, 0x06, 0x00, 0x54, 0x00, 0x41, 0x00,
0x4c, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte[] type3 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x03, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
0x7c, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00, 0x94, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x58, 0x00, 0x00, 0x00, 0x08, 0x00, 0x08, 0x00, 0x66, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x6e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xac, 0x00, 0x00, 0x00, 0x15, 0x02, 0x80, 0xa2,
0x0a, 0x00, 0x39, 0x38, 0x00, 0x00, 0x00, 0x0f, 0xae, 0xa7, 0xba, 0x44, 0x4e, 0x93, 0xa7, 0xdb,
0xb3, 0x0c, 0x85, 0x49, 0xc2, 0x2b, 0xba, 0x9a, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x54, 0x00,
0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0xa6, 0x71, 0xbd, 0x94,
0x78, 0x4f, 0x05, 0xf1, 0x3f, 0x3a, 0x7b, 0x41, 0xcf, 0x53, 0x2e, 0x36, 0x73, 0xe2, 0x14, 0x53,
0xbd, 0x42, 0x5e, 0x8f, 0xa6, 0x71, 0xbd, 0x94, 0x78, 0x4f, 0x05, 0xf1, 0x3f, 0x3a, 0x7b, 0x41,
0xcf, 0x53, 0x2e, 0x36, 0x73, 0xe2, 0x14, 0x53, 0xbd, 0x42, 0x5e, 0x8f };
byte[] serverChallenge = new ChallengeMessage(type2).ServerChallenge;
AuthenticateMessage authenticateMessage = new AuthenticateMessage(type3);
byte[] sessionBaseKey = new MD4().GetByteHashFromBytes(NTLMCryptography.NTOWFv1(password));
byte[] lmowf = NTLMCryptography.LMOWFv1(password);
byte[] exportedSessionKey = GetExportedSessionKey(sessionBaseKey, authenticateMessage, serverChallenge, lmowf);
// https://msdn.microsoft.com/en-us/library/cc236695.aspx
const int micFieldOffset = 72;
ByteWriter.WriteBytes(type3, micFieldOffset, new byte[16]);
byte[] temp = ByteUtils.Concatenate(ByteUtils.Concatenate(type1, type2), type3);
byte[] mic = new HMACMD5(exportedSessionKey).ComputeHash(temp);
byte[] expected = new byte[] { 0xae, 0xa7, 0xba, 0x44, 0x4e, 0x93, 0xa7, 0xdb, 0xb3, 0x0c, 0x85, 0x49, 0xc2, 0x2b, 0xba, 0x9a };
Assert.IsTrue(ByteUtils.AreByteArraysEqual(mic, expected));
}
public void TestLMMIC()
{
string password = "******";
byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x97, 0x82, 0x08, 0xe2,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x06, 0x01, 0xb1, 0x1d, 0x00, 0x00, 0x00, 0x0f };
byte[] type2 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x06, 0x00, 0x06, 0x00,
0x38, 0x00, 0x00, 0x00, 0x95, 0x00, 0x82, 0xa2, 0x28, 0x96, 0xe3, 0x6a, 0xd1, 0xb7, 0x74, 0xb8,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00, 0x3e, 0x00, 0x00, 0x00,
0x05, 0x02, 0xce, 0x0e, 0x00, 0x00, 0x00, 0x0f, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x02, 0x00,
0x06, 0x00, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x01, 0x00, 0x06, 0x00, 0x54, 0x00, 0x41, 0x00,
0x4c, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte[] type3 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x03, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
0x7c, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00, 0x94, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x58, 0x00, 0x00, 0x00, 0x08, 0x00, 0x08, 0x00, 0x66, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x6e, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xac, 0x00, 0x00, 0x00, 0x95, 0x00, 0x80, 0xa2,
0x06, 0x01, 0xb1, 0x1d, 0x00, 0x00, 0x00, 0x0f, 0x4e, 0x65, 0x54, 0xe6, 0xb3, 0xdc, 0xdc, 0x16,
0xef, 0xc4, 0xd0, 0x03, 0x3b, 0x81, 0x61, 0x6f, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x37, 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x54, 0x00,
0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x37, 0x00, 0xc1, 0xd1, 0x06, 0x56,
0xa3, 0xa9, 0x64, 0x14, 0x0e, 0x7f, 0x43, 0x19, 0x3f, 0x29, 0xf3, 0x72, 0xa3, 0xc1, 0xbe, 0x02,
0xd0, 0x6f, 0xff, 0x20, 0xc1, 0xd1, 0x06, 0x56, 0xa3, 0xa9, 0x64, 0x14, 0x0e, 0x7f, 0x43, 0x19,
0x3f, 0x29, 0xf3, 0x72, 0xa3, 0xc1, 0xbe, 0x02, 0xd0, 0x6f, 0xff, 0x20 };
byte[] serverChallenge = new ChallengeMessage(type2).ServerChallenge;
AuthenticateMessage authenticateMessage = new AuthenticateMessage(type3);
byte[] sessionBaseKey = new MD4().GetByteHashFromBytes(NTLMCryptography.NTOWFv1(password));
byte[] lmowf = NTLMCryptography.LMOWFv1(password);
byte[] exportedSessionKey = GetExportedSessionKey(sessionBaseKey, authenticateMessage, serverChallenge, lmowf);
// https://msdn.microsoft.com/en-us/library/cc236695.aspx
const int micFieldOffset = 72;
ByteWriter.WriteBytes(type3, micFieldOffset, new byte[16]);
byte[] temp = ByteUtils.Concatenate(ByteUtils.Concatenate(type1, type2), type3);
byte[] mic = new HMACMD5(exportedSessionKey).ComputeHash(temp);
byte[] expected = new byte[] { 0x4e, 0x65, 0x54, 0xe6, 0xb3, 0xdc, 0xdc, 0x16, 0xef, 0xc4, 0xd0, 0x03, 0x3b, 0x81, 0x61, 0x6f };
Assert.IsTrue(ByteUtils.AreByteArraysEqual(mic, expected));
}
public ChallengeMessage GetChallengeMessage(byte[] negotiateMessageBytes)
{
byte[] serverChallenge = GenerateServerChallenge();
ChallengeMessage message = new ChallengeMessage();
message.NegotiateFlags = NegotiateFlags.NegotiateUnicode |
NegotiateFlags.RequestTarget |
NegotiateFlags.NegotiateNTLMKey |
NegotiateFlags.NegotiateExtendedSecurity |
NegotiateFlags.NegotiateTargetInfo |
NegotiateFlags.NegotiateVersion |
NegotiateFlags.Negotiate128 |
NegotiateFlags.Negotiate56;
message.TargetName = Environment.MachineName;
message.ServerChallenge = serverChallenge;
message.TargetInfo = AVPairUtils.GetAVPairSequence(Environment.MachineName, Environment.MachineName);
message.Version = Authentication.Version.Server2003;
return(message);
}
static public AuthenticateMessage CreateAuthenticateMessage(ChallengeMessage challengeMessage, string strUserName, byte[] passwordNTHash)
{
uint payloadPointer = 88 - 16;
MetaDataPayloadHex lcrf = new MetaDataPayloadHex(payloadPointer, new byte[24]);
payloadPointer += lcrf.Len;
NtChallengeResponseFields ncrf = NtChallengeResponseFields.CreateNtChallengeResponseFields(challengeMessage, strUserName, passwordNTHash, ref payloadPointer);
MetaDataPayloadString domainNameField = new MetaDataPayloadString(payloadPointer, challengeMessage.TargetNameField.Buffer);
payloadPointer += domainNameField.Len;
var userNames = Encoding.Unicode.GetBytes(strUserName);
var len = (ushort)userNames.Length;
MetaDataPayloadString userNameField = new MetaDataPayloadString(payloadPointer, userNames);
payloadPointer += userNameField.Len;
MetaDataPayloadString workstationField = new MetaDataPayloadString(payloadPointer, challengeMessage.TargetNameField.Buffer);
payloadPointer += workstationField.Len;
byte[] t = new byte[16];
if (challengeMessage.NegotiateFlag.HasFlag(NegotiateFlags.NEGOTIATE_KEY_EXCH))
{
// EncryptedRandomSessionKey=MasterKey RC4-encrypts SecondaryMasterKey
throw new NotImplementedException();
}
MetaDataPayloadString EncryptedRandomSessionKeyField = new MetaDataPayloadString(payloadPointer, t);
payloadPointer += EncryptedRandomSessionKeyField.Len;
return(new AuthenticateMessage(lcrf, ncrf, domainNameField, userNameField, workstationField,
EncryptedRandomSessionKeyField,
challengeMessage.NegotiateFlag,
new Versions()
));
}
public override NTStatus GetChallengeMessage(out object context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage)
{
byte[] negotiateMessageBytes = negotiateMessage.GetBytes();
SecHandle serverContext;
byte[] challengeMessageBytes;
try
{
challengeMessageBytes = SSPIHelper.GetType2Message(negotiateMessageBytes, out serverContext);
}
catch (Exception)
{
context = null;
challengeMessage = null;
// We assume that the problem is not with our implementation.
return(NTStatus.SEC_E_INVALID_TOKEN);
}
context = new AuthContext(serverContext);
challengeMessage = new ChallengeMessage(challengeMessageBytes);
return(NTStatus.SEC_I_CONTINUE_NEEDED);
}
public void NTLMv2ChallengeMessageTest()
{
byte[] expected = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00,
0x38, 0x00, 0x00, 0x00, 0x37, 0x82, 0x8a, 0xe2, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24, 0x00, 0x24, 0x00, 0x44, 0x00, 0x00, 0x00,
0x06, 0x00, 0x70, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00,
0x65, 0x00, 0x72, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00,
0x69, 0x00, 0x6e, 0x00, 0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00,
0x65, 0x00, 0x72, 0x00, 0x00, 0x00, 0x00, 0x00 };
byte[] serverChallenge = { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
ChallengeMessage message = new ChallengeMessage
{
ServerChallenge = serverChallenge,
Version = new NtlmVersion(6, 0, 6000, NtlmVersion.NTLMSSP_REVISION_W2K3),
NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMSessionSecurity | NegotiateFlags.AlwaysSign | NegotiateFlags.TargetTypeServer | NegotiateFlags.ExtendedSessionSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption,
TargetName = "Server",
TargetInfo = AVPairUtils.GetAVPairSequence("Domain", "Server")
};
byte[] messageBytes = message.GetBytes();
Assert.True(ByteUtils.AreByteArraysEqual(expected, messageBytes));
}
static public List <byte> CreateType3(byte[] Type2data, string userName, string password)
{
ChallengeMessage type2 = new ChallengeMessage(Type2data);
return(type2.CreateType3(userName, password).DumpBinary());
}
public void TestNTLMv2KeyExchangeMIC()
{
byte[] responseKeyNT = NTLMCryptography.NTOWFv2("Password", "User", "TAL-VM6");
byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x97, 0x82, 0x08, 0xe2,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x0a, 0x00, 0x00, 0x28, 0x00, 0x00, 0x00, 0x0f };
byte[] type2 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00,
0x38, 0x00, 0x00, 0x00, 0x15, 0x82, 0x8a, 0xe2, 0x63, 0x74, 0x79, 0x77, 0xe1, 0xea, 0x35, 0x51,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x60, 0x00, 0x60, 0x00, 0x48, 0x00, 0x00, 0x00,
0x06, 0x00, 0x71, 0x17, 0x00, 0x00, 0x00, 0x0f, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x02, 0x00, 0x10, 0x00, 0x54, 0x00, 0x41, 0x00,
0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x01, 0x00, 0x10, 0x00,
0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00,
0x04, 0x00, 0x10, 0x00, 0x54, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00,
0x31, 0x00, 0x30, 0x00, 0x03, 0x00, 0x10, 0x00, 0x54, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x07, 0x00, 0x08, 0x00, 0x1f, 0x8a, 0xd4, 0xff,
0x01, 0x91, 0xd2, 0x01, 0x00, 0x00, 0x00, 0x00 };
byte[] type3 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x03, 0x00, 0x00, 0x00, 0x18, 0x00, 0x18, 0x00,
0x7c, 0x00, 0x00, 0x00, 0x02, 0x01, 0x02, 0x01, 0x94, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x58, 0x00, 0x00, 0x00, 0x08, 0x00, 0x08, 0x00, 0x66, 0x00, 0x00, 0x00, 0x0e, 0x00, 0x0e, 0x00,
0x6e, 0x00, 0x00, 0x00, 0x10, 0x00, 0x10, 0x00, 0x96, 0x01, 0x00, 0x00, 0x15, 0x82, 0x88, 0xe2,
0x0a, 0x00, 0x00, 0x28, 0x00, 0x00, 0x00, 0x0f, 0x82, 0x3c, 0xff, 0x48, 0xa9, 0x03, 0x13, 0x4c,
0x33, 0x3c, 0x09, 0x87, 0xf3, 0x16, 0x59, 0x89, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0x55, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x54, 0x00,
0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x36, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0xb3, 0x06, 0x65, 0xe3, 0x9f, 0x03, 0xe1, 0xc3, 0xd8, 0x28, 0x7c, 0x9c,
0x35, 0x0d, 0x32, 0x4c, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x1f, 0x8a, 0xd4, 0xff,
0x01, 0x91, 0xd2, 0x01, 0x77, 0x71, 0x91, 0x94, 0xb1, 0x6e, 0x66, 0x28, 0x00, 0x00, 0x00, 0x00,
0x02, 0x00, 0x10, 0x00, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00,
0x31, 0x00, 0x30, 0x00, 0x01, 0x00, 0x10, 0x00, 0x54, 0x00, 0x41, 0x00, 0x4c, 0x00, 0x2d, 0x00,
0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x04, 0x00, 0x10, 0x00, 0x54, 0x00, 0x61, 0x00,
0x6c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x03, 0x00, 0x10, 0x00,
0x54, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00,
0x07, 0x00, 0x08, 0x00, 0x1f, 0x8a, 0xd4, 0xff, 0x01, 0x91, 0xd2, 0x01, 0x06, 0x00, 0x04, 0x00,
0x02, 0x00, 0x00, 0x00, 0x08, 0x00, 0x30, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x01, 0x00, 0x00, 0x00, 0x00, 0x20, 0x00, 0x00, 0x19, 0x0d, 0x73, 0xca, 0x97, 0x30, 0x2a, 0xa7,
0x7a, 0x1f, 0xb6, 0xad, 0xe2, 0xe5, 0x4a, 0x59, 0x4a, 0x93, 0x7e, 0x37, 0xcd, 0x0c, 0xd7, 0x90,
0x25, 0xc4, 0xaf, 0x8a, 0x17, 0x99, 0x69, 0x56, 0x0a, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x09, 0x00, 0x1a, 0x00,
0x63, 0x00, 0x69, 0x00, 0x66, 0x00, 0x73, 0x00, 0x2f, 0x00, 0x54, 0x00, 0x61, 0x00, 0x6c, 0x00,
0x2d, 0x00, 0x56, 0x00, 0x4d, 0x00, 0x31, 0x00, 0x30, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x71, 0x7c, 0xce, 0x0b, 0x92, 0x46, 0x46, 0x0d, 0x5b, 0x3b,
0x11, 0xb4, 0xde, 0x86, 0x28, 0x11 };
byte[] serverChallenge = new ChallengeMessage(type2).ServerChallenge;
AuthenticateMessage authenticateMessage = new AuthenticateMessage(type3);
byte[] ntProofStr = ByteReader.ReadBytes(authenticateMessage.NtChallengeResponse, 0, 16);
byte[] sessionBaseKey = new HMACMD5(responseKeyNT).ComputeHash(ntProofStr);
byte[] exportedSessionKey = GetExportedSessionKey(sessionBaseKey, authenticateMessage, serverChallenge, null);
// https://msdn.microsoft.com/en-us/library/cc236695.aspx
const int micFieldOffset = 72;
ByteWriter.WriteBytes(type3, micFieldOffset, new byte[16]);
byte[] temp = ByteUtils.Concatenate(ByteUtils.Concatenate(type1, type2), type3);
byte[] mic = new HMACMD5(exportedSessionKey).ComputeHash(temp);
byte[] expected = new byte[] { 0x82, 0x3c, 0xff, 0x48, 0xa9, 0x03, 0x13, 0x4c, 0x33, 0x3c, 0x09, 0x87, 0xf3, 0x16, 0x59, 0x89 };
Assert.IsTrue(ByteUtils.AreByteArraysEqual(mic, expected));
}
public byte[] GetChallengeMessageBytes(byte[] negotiateMessageBytes)
{
ChallengeMessage message = GetChallengeMessage(negotiateMessageBytes);
return(message.GetBytes());
}
