// Example from http://davenport.sourceforge.net/ntlm.html#NtlmChallengeMessageExample public void TestEncodeDavenportExample() { var type2 = new NtlmChallengeMessage(NtlmFlags.NegotiateUnicode | NtlmFlags.NegotiateNtlm | NtlmFlags.TargetTypeDomain | NtlmFlags.NegotiateTargetInfo) { TargetInfo = new NtlmTargetInfo() { DomainName = "DOMAIN", ServerName = "SERVER", DnsDomainName = "domain.com", DnsServerName = "server.domain.com" }, ServerChallenge = DavenportExampleNonce, TargetName = "DOMAIN" }; Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x00810201, type2.Flags, "Flags"); Assert.AreEqual("DOMAIN", type2.TargetName, "TargetName"); Assert.AreEqual("SERVER", type2.TargetInfo.ServerName, "ServerName"); Assert.AreEqual("DOMAIN", type2.TargetInfo.DomainName, "DomainName"); Assert.AreEqual("server.domain.com", type2.TargetInfo.DnsServerName, "DnsServerName"); Assert.AreEqual("domain.com", type2.TargetInfo.DnsDomainName, "DnsDomainName"); Assert.AreEqual("01-23-45-67-89-AB-CD-EF", BitConverter.ToString(type2.ServerChallenge), "ServerChallenge"); Assert.AreEqual("4E-54-4C-4D-53-53-50-00-02-00-00-00-0C-00-0C-00-30-00-00-00-01-02-81-00-01-23-45-67-89-AB-CD-EF-00-00-00-00-00-00-00-00-62-00-62-00-3C-00-00-00-44-00-4F-00-4D-00-41-00-49-00-4E-00-02-00-0C-00-44-00-4F-00-4D-00-41-00-49-00-4E-00-01-00-0C-00-53-00-45-00-52-00-56-00-45-00-52-00-04-00-14-00-64-00-6F-00-6D-00-61-00-69-00-6E-00-2E-00-63-00-6F-00-6D-00-03-00-22-00-73-00-65-00-72-00-76-00-65-00-72-00-2E-00-64-00-6F-00-6D-00-61-00-69-00-6E-00-2E-00-63-00-6F-00-6D-00-00-00-00-00", BitConverter.ToString(type2.Encode()), "Encode"); }
NtlmAuthenticateMessage GetChallengeResponse(string domain, string userName, string password, byte[] token, int startIndex, int length) { var challenge = new NtlmChallengeMessage(token, startIndex, length); var authenticate = new NtlmAuthenticateMessage(negotiate, challenge, userName, password, domain, Workstation) { ClientChallenge = Nonce, Timestamp = Timestamp }; byte[] channelBindingToken = null; if (AllowChannelBinding && challenge.TargetInfo != null) { // Only bother with attempting to channel-bind if the CHALLENGE_MESSAGE's TargetInfo is not NULL. // Not sure which channel-binding types are supported by NTLM, but I am told that supposedly the // System.Net.Mail.SmtpClient uses tls-unique, so we'll go with that... negotiatedChannelBinding = TryGetChannelBindingToken(ChannelBindingKind.Endpoint, out channelBindingToken); } authenticate.ComputeNtlmV2(ServicePrincipalName, IsUnverifiedServicePrincipalName, channelBindingToken); if (channelBindingToken != null) { Array.Clear(channelBindingToken, 0, channelBindingToken.Length); } negotiate = null; return(authenticate); }
// Example from http://davenport.sourceforge.net/ntlm.html#NtlmChallengeMessageExample public void TestEncodeDavenportExample() { var type2 = new NtlmChallengeMessage(NtlmFlags.NegotiateUnicode | NtlmFlags.NegotiateNtlm | NtlmFlags.TargetTypeDomain | NtlmFlags.NegotiateTargetInfo) { TargetInfo = new NtlmTargetInfo() { DomainName = "DOMAIN", ServerName = "SERVER", DnsDomainName = "domain.com", DnsServerName = "server.domain.com" }, ServerChallenge = DavenportExampleNonce, TargetName = "DOMAIN" }; Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x00810201, type2.Flags, "Flags"); Assert.AreEqual("DOMAIN", type2.TargetName, "TargetName"); Assert.AreEqual("SERVER", type2.TargetInfo.ServerName, "ServerName"); Assert.AreEqual("DOMAIN", type2.TargetInfo.DomainName, "DomainName"); Assert.AreEqual("server.domain.com", type2.TargetInfo.DnsServerName, "DnsServerName"); Assert.AreEqual("domain.com", type2.TargetInfo.DnsDomainName, "DnsDomainName"); Assert.AreEqual("01-23-45-67-89-AB-CD-EF", BitConverter.ToString(type2.ServerChallenge), "ServerChallenge"); Assert.AreEqual("TlRMTVNTUAACAAAADAAMADgAAAABAoEAASNFZ4mrze8AAAAAAAAAAGIAYgBEAAAAAAAAAAAAAABEAE8ATQBBAEkATgACAAwARABPAE0AQQBJAE4AAQAMAFMARQBSAFYARQBSAAQAFABkAG8AbQBhAGkAbgAuAGMAbwBtAAMAIgBzAGUAcgB2AGUAcgAuAGQAbwBtAGEAaQBuAC4AYwBvAG0AAAAAAA==", Convert.ToBase64String(type2.Encode()), "Encode"); }
public void TestCreateChallengeMessage() { var data = Convert.FromBase64String("TlRMTVNTUAACAAAACAAIADgAAAAFgoqiNDsqUEfiH5QAAAAAAAAAAEAAQABAAAAABgGxHQAAAA9EAFAAQwAyAAIACABEAFAAQwAyAAEACABEAFAAQwAyAAQACABEAFAAQwAyAAMACABEAFAAQwAyAAcACADK7TsuuPvSAQAAAAA="); var message = new NtlmChallengeMessage(data); Assert.IsTrue(message.Type == MessageType.Challenge); }
// Example from http://www.innovation.ch/java/ntlm.html public void TestDecodeJavaExample() { byte[] rawData = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x82, 0x00, 0x00, 0x53, 0x72, 0x76, 0x4e, 0x6f, 0x6e, 0x63, 0x65, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; var type2 = new NtlmChallengeMessage(rawData, 0, rawData.Length); Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x8201, type2.Flags, "Flags"); Assert.AreEqual(BitConverter.ToString(JavaExampleNonce), BitConverter.ToString(type2.ServerChallenge), "ServerChallenge"); }
// Example from http://www.innovation.ch/java/ntlm.html public void TestEncodeJavaExample() { var type2 = new NtlmChallengeMessage(NtlmFlags.NegotiateUnicode | NtlmFlags.NegotiateNtlm | NtlmFlags.NegotiateAlwaysSign) { ServerChallenge = JavaExampleNonce }; Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x8201, type2.Flags, "Flags"); Assert.AreEqual("4E-54-4C-4D-53-53-50-00-02-00-00-00-00-00-00-00-00-00-00-00-01-82-00-00-53-72-76-4E-6F-6E-63-65-00-00-00-00-00-00-00-00", BitConverter.ToString(type2.Encode()), "Encode"); }
// Example from http://www.innovation.ch/java/ntlm.html public void TestEncodeJavaExample() { var type2 = new NtlmChallengeMessage(NtlmFlags.NegotiateUnicode | NtlmFlags.NegotiateNtlm | NtlmFlags.NegotiateAlwaysSign) { ServerChallenge = JavaExampleNonce }; Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x8201, type2.Flags, "Flags"); Assert.AreEqual("TlRMTVNTUAACAAAAAAAAAAAAAAABggAAU3J2Tm9uY2UAAAAAAAAAAAAAAAAAAAAA", Convert.ToBase64String(type2.Encode()), "Encode"); }
public void TestArgumentExceptions() { byte[] badMessageData = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x01, 0x00, 0x00, 0x00, 0x00 }; var type2 = new NtlmChallengeMessage(); Assert.Throws <ArgumentNullException> (() => new NtlmChallengeMessage(null, 0, 16)); Assert.Throws <ArgumentOutOfRangeException> (() => new NtlmChallengeMessage(new byte[8], 0, 8)); Assert.Throws <ArgumentOutOfRangeException> (() => new NtlmChallengeMessage(new byte[8], -1, 8)); Assert.Throws <ArgumentException> (() => new NtlmChallengeMessage(badMessageData, 0, badMessageData.Length)); Assert.Throws <ArgumentNullException> (() => type2.ServerChallenge = null); Assert.Throws <ArgumentException> (() => type2.ServerChallenge = new byte[9]); }
// Example from http://davenport.sourceforge.net/ntlm.html#NtlmChallengeMessageExample public void TestDecodeDavenportExample() { byte[] rawData = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x02, 0x00, 0x00, 0x00, 0x0c, 0x00, 0x0c, 0x00, 0x30, 0x00, 0x00, 0x00, 0x01, 0x02, 0x81, 0x00, 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x62, 0x00, 0x62, 0x00, 0x3c, 0x00, 0x00, 0x00, 0x44, 0x00, 0x4f, 0x00, 0x4d, 0x00, 0x41, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x02, 0x00, 0x0c, 0x00, 0x44, 0x00, 0x4f, 0x00, 0x4d, 0x00, 0x41, 0x00, 0x49, 0x00, 0x4e, 0x00, 0x01, 0x00, 0x0c, 0x00, 0x53, 0x00, 0x45, 0x00, 0x52, 0x00, 0x56, 0x00, 0x45, 0x00, 0x52, 0x00, 0x04, 0x00, 0x14, 0x00, 0x64, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x2e, 0x00, 0x63, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x03, 0x00, 0x22, 0x00, 0x73, 0x00, 0x65, 0x00, 0x72, 0x00, 0x76, 0x00, 0x65, 0x00, 0x72, 0x00, 0x2e, 0x00, 0x64, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x61, 0x00, 0x69, 0x00, 0x6e, 0x00, 0x2e, 0x00, 0x63, 0x00, 0x6f, 0x00, 0x6d, 0x00, 0x00, 0x00, 0x00, 0x00 }; var type2 = new NtlmChallengeMessage(rawData, 0, rawData.Length); Assert.AreEqual(2, type2.Type, "Type"); Assert.AreEqual((NtlmFlags)0x00810201, type2.Flags, "Flags"); Assert.AreEqual("DOMAIN", type2.TargetName, "TargetName"); Assert.AreEqual("SERVER", type2.TargetInfo.ServerName, "ServerName"); Assert.AreEqual("DOMAIN", type2.TargetInfo.DomainName, "DomainName"); Assert.AreEqual("server.domain.com", type2.TargetInfo.DnsServerName, "DnsServerName"); Assert.AreEqual("domain.com", type2.TargetInfo.DnsDomainName, "DnsDomainName"); Assert.AreEqual("01-23-45-67-89-AB-CD-EF", BitConverter.ToString(type2.ServerChallenge), "ServerChallenge"); }
public void TestParseNtlmChallengeMessage() { const string originHex = "4e544c4d53535000020000000c000c0030000000010281000123456789abcdef0000000000000000620062003c00000044004f004d00410049004e0002000c0044004f004d00410049004e0001000c005300450052005600450052000400140064006f006d00610069006e002e0063006f006d00030022007300650072007600650072002e0064006f006d00610069006e002e0063006f006d0000000000"; var message = NtlmChallengeMessage.Parse(originHex.HexToBytes()); Assert.IsTrue(message.Signature == Constants.Ntlmssp); Assert.IsTrue(message.Type == MessageType.Challenge); Assert.IsTrue(message.Flags == (MessageFlag.NegotiateUnicode | MessageFlag.NegotiateNtlm | MessageFlag.TargetTypeDomain | MessageFlag.NegotiateTargetInfo)); const string challengeHex = "0123456789abcdef"; Assert.IsTrue(message.Message.Challenge.BytesToHex() .Equals(challengeHex, StringComparison.InvariantCultureIgnoreCase)); Assert.IsTrue(message.Message.TargetNameLength == 12); Assert.IsTrue(message.Message.TargetNameSpace == 12); Assert.IsTrue(message.Message.TargetNameOffset == 48); Assert.IsTrue(message.TargetName == "DOMAIN"); Assert.IsTrue(message.Message.TargetInfosLength == 98); Assert.IsTrue(message.Message.TargetInfosSpace == 98); Assert.IsTrue(message.Message.TargetInfosOffset == 60); var info = message.TargetInfoList; Assert.IsTrue(info.Count == 5); Assert.IsTrue(info[0].TargetInfoType == TargetInfoType.DomainName); Assert.IsTrue(info[0].TargetContent == "DOMAIN"); Assert.IsTrue(info[1].TargetInfoType == TargetInfoType.ServerName); Assert.IsTrue(info[1].TargetContent == "SERVER"); Assert.IsTrue(info[2].TargetInfoType == TargetInfoType.DnsDomainName); Assert.IsTrue(info[2].TargetContent == "domain.com"); Assert.IsTrue(info[3].TargetInfoType == TargetInfoType.FQDN); Assert.IsTrue(info[3].TargetContent == "server.domain.com"); Assert.IsTrue(info[4].TargetInfoType == TargetInfoType.Terminator); Assert.IsTrue(info[4].TargetContent == null); var actualHex = message.ToBytes().BytesToHex(); Assert.IsTrue(originHex.Equals(actualHex, StringComparison.InvariantCultureIgnoreCase)); }
public void TestArgumentExceptions() { byte[] badMessageData = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x01, 0x00, 0x00, 0x00, 0x00 }; var NtlmNegotiate = new NtlmNegotiateMessage(); var NtlmChallenge = new NtlmChallengeMessage(); var NtlmAuthenticate = new NtlmAuthenticateMessage(NtlmNegotiate, NtlmChallenge, "username", "password", "domain", "workstation"); Assert.Throws <ArgumentNullException> (() => new NtlmAuthenticateMessage(null, NtlmChallenge, "username", "password", "domain", "workstation")); Assert.Throws <ArgumentNullException> (() => new NtlmAuthenticateMessage(NtlmNegotiate, null, "username", "password", "domain", "workstation")); Assert.Throws <ArgumentNullException> (() => new NtlmAuthenticateMessage(NtlmNegotiate, NtlmChallenge, null, "password", "domain", "workstation")); Assert.Throws <ArgumentNullException> (() => new NtlmAuthenticateMessage(NtlmNegotiate, NtlmChallenge, "username", null, "domain", "workstation")); Assert.Throws <ArgumentNullException> (() => new NtlmAuthenticateMessage(null, 0, 16)); Assert.Throws <ArgumentOutOfRangeException> (() => new NtlmAuthenticateMessage(new byte[8], 0, 8)); Assert.Throws <ArgumentOutOfRangeException> (() => new NtlmAuthenticateMessage(new byte[8], -1, 8)); Assert.Throws <ArgumentException> (() => new NtlmAuthenticateMessage(badMessageData, 0, badMessageData.Length)); Assert.DoesNotThrow(() => NtlmAuthenticate.ClientChallenge = null); Assert.Throws <ArgumentException> (() => NtlmAuthenticate.ClientChallenge = new byte[9]); }