public bool HandleNTLM(ref byte[] bytes, ref bool haveChallenge) { if (haveChallenge) { // FIXME: We don't actually check the result. var message = new Type3Message(bytes); if (message.Type != 3) { throw new InvalidOperationException(); } return(true); } else { var message = new Type1Message(bytes); if (message.Type != 1) { throw new InvalidOperationException(); } var type2 = new Type2Message(); haveChallenge = true; bytes = type2.GetBytes(); return(false); } }
public bool HandleNTLM(ref byte[] bytes) { var type = MessageBase.GetType(bytes); if (type < 0) { throw new InvalidOperationException(); } if (type == 3) { // FIXME: We don't actually check the result. var message = new Type3Message(bytes); if (message.Type != 3) { throw new InvalidOperationException(); } return(true); } if (type == 1) { var message = new Type1Message(bytes); if (message.Type != 1) { throw new InvalidOperationException(); } var type2 = new Type2Message(); bytes = type2.GetBytes(); return(false); } throw new InvalidOperationException(); }
static void AssertNtlmv2(SaslMechanismNtlm sasl, string challenge1, string challenge2) { var challenge = sasl.Challenge(string.Empty); Assert.AreEqual(challenge1, challenge, "Initial challenge"); Assert.IsFalse(sasl.IsAuthenticated, "IsAuthenticated"); challenge = sasl.Challenge(challenge2); var token = Convert.FromBase64String(challenge2); var type2 = new Type2Message(token, 0, token.Length); var type3 = new Type3Message(type2, null, sasl.Level, sasl.Credentials.UserName, sasl.Credentials.Password, sasl.Workstation); var ignoreLength = type2.EncodedTargetInfo.Length + 28 + 16; var actual = Convert.FromBase64String(challenge); var expected = type3.Encode(); var ntlmBufferIndex = expected.Length - ignoreLength; var targetInfoIndex = ntlmBufferIndex + 16 /* md5 hash */ + 28; Assert.AreEqual(expected.Length, actual.Length, "Final challenge differs in length: {0} vs {1}", expected.Length, actual.Length); for (int i = 0; i < expected.Length - ignoreLength; i++) { Assert.AreEqual(expected[i], actual[i], "Final challenge differs at index {0}", i); } // now compare the TargetInfo blobs for (int i = targetInfoIndex; i < expected.Length; i++) { Assert.AreEqual(expected[i], actual[i], "Final challenge differs at index {0}", i); } Assert.IsTrue(sasl.IsAuthenticated, "IsAuthenticated"); }
public void BadType3Message() { byte[] bad = (byte[])data1.Clone(); bad [56] = 0x00; bad [57] = 0x00; Type3Message msg = new Type3Message(bad); }
static void AssertNtlm2Key(SaslMechanismNtlm sasl, string challenge1, string challenge2) { var challenge = sasl.Challenge(string.Empty); Assert.AreEqual(challenge1, challenge, "Initial challenge"); Assert.IsFalse(sasl.IsAuthenticated, "IsAuthenticated"); challenge = sasl.Challenge(challenge2); var token = Convert.FromBase64String(challenge2); var type2 = new Type2Message(token, 0, token.Length); var type3 = new Type3Message(type2, null, sasl.Level, sasl.Credentials.UserName, sasl.Credentials.Password, sasl.Workstation); var ignoreLength = 48; var actual = Convert.FromBase64String(challenge); var expected = type3.Encode(); Assert.AreEqual(expected.Length, actual.Length, "Final challenge differs in length: {0} vs {1}", expected.Length, actual.Length); for (int i = 0; i < expected.Length - ignoreLength; i++) { Assert.AreEqual(expected[i], actual[i], "Final challenge differs at index {0}", i); } Assert.IsTrue(sasl.IsAuthenticated, "IsAuthenticated"); }
static MessageBase GetChallengeResponse(string userName, string password, string domain, byte[] token, int startIndex, int length) { var type2 = new Type2Message(token, startIndex, length); var type3 = new Type3Message(type2, userName, string.Empty); type3.Password = password; type3.Domain = domain; return(type3); }
public void TestNtlmType3MessageEncode() { const string expected = "TlRMTVNTUAADAAAAGAAYAGoAAAAYABgAggAAAAwADABAAAAACAAIAEwAAAAWABYAVAAAAAAAAACaAAAAAQIAAEQATwBNAEEASQBOAHUAcwBlAHIAVwBPAFIASwBTAFQAQQBUAEkATwBOAJje97h/iKpdr+Lfd5aIoXLe8Rx9XM3vE91UKLAehvTfyr6sOUlG29Q+6I95TdYyVQ=="; const string challenge2 = "TlRMTVNTUAACAAAADAAMADAAAAABAoEAASNFZ4mrze8AAAAAAAAAAGIAYgA8AAAARABPAE0AQQBJAE4AAgAMAEQATwBNAEEASQBOAAEADABTAEUAUgBWAEUAUgAEABQAZABvAG0AYQBpAG4ALgBjAG8AbQADACIAcwBlAHIAdgBlAHIALgBkAG8AbQBhAGkAbgAuAGMAbwBtAAAAAAA="; var token = Convert.FromBase64String(challenge2); var type2 = new Type2Message(token, 0, token.Length); var type3 = new Type3Message(type2, null, NtlmAuthLevel.LM_and_NTLM, "user", "password", "WORKSTATION"); var actual = Convert.ToBase64String(type3.Encode()); Assert.AreEqual(expected, actual, "The encoded Type3Message did not match the expected result."); }
public void SerializeType3Message() { Type2Message m2 = Type2Message.Deserialize(type2MessageVersion3); // Compute the challenge response Type3Message msg = new Type3Message("Testuser", "Testpassword", m2.Challenge, "MyWorkstation"); byte[] serialized = msg.Serialize(); Assert.IsTrue(type3Message.SequenceEqual(serialized)); }
// Example from http://www.innovation.ch/java/ntlm.html public void Encode1() { Type3Message msg = new Type3Message(); msg.Challenge = nonce; msg.Domain = "Ursa-Minor"; msg.Host = "LightCity"; msg.Password = "******"; msg.Username = "******"; AssertEquals("Type", 3, msg.Type); AssertEquals("GetBytes", "4E-54-4C-4D-53-53-50-00-03-00-00-00-18-00-18-00-72-00-00-00-18-00-18-00-8A-00-00-00-14-00-14-00-40-00-00-00-0C-00-0C-00-54-00-00-00-12-00-12-00-60-00-00-00-00-00-00-00-A2-00-00-00-01-82-00-00-55-00-52-00-53-00-41-00-2D-00-4D-00-49-00-4E-00-4F-00-52-00-5A-00-61-00-70-00-68-00-6F-00-64-00-4C-00-49-00-47-00-48-00-54-00-43-00-49-00-54-00-59-00-AD-87-CA-6D-EF-E3-46-85-B9-C4-3C-47-7A-8C-42-D6-00-66-7D-68-92-E7-E8-97-E0-E0-0D-E3-10-4A-1B-F2-05-3F-07-C7-DD-A8-2D-3C-48-9A-E9-89-E1-B0-00-D3", BitConverter.ToString(msg.GetBytes())); }
/// <summary> /// Computes the actual challenge response to an NTLM challenge /// which is sent as part of an NTLM type 2 message. /// </summary> /// <param name="challenge">The challenge sent by the server.</param> /// <returns>The response to the NTLM challenge.</returns> /// <exception cref="SaslException">Thrown if the challenge /// response could not be computed.</exception> protected byte[] ComputeChallengeResponse(byte[] challenge) { try { Type2Message msg = Type2Message.Deserialize(challenge); byte[] data = new Type3Message(Username, Password, msg.Challenge, "Workstation").Serialize(); return(data); } catch (Exception e) { throw new SaslException("The challenge response could not be " + "computed.", e); } }
// Example from http://www.innovation.ch/java/ntlm.html public void Decode1() { Type3Message msg = new Type3Message(data1); AssertEquals("Domain", "URSA-MINOR", msg.Domain); AssertEquals("Host", "LIGHTCITY", msg.Host); AssertEquals("Username", "Zaphod", msg.Username); AssertEquals("Flags", (NtlmFlags)0x8201, msg.Flags); AssertEquals("Type", 3, msg.Type); AssertNull("Password", msg.Password); AssertEquals("LM", "AD-87-CA-6D-EF-E3-46-85-B9-C4-3C-47-7A-8C-42-D6-00-66-7D-68-92-E7-E8-97", BitConverter.ToString(msg.LM)); AssertEquals("NT", "E0-E0-0D-E3-10-4A-1B-F2-05-3F-07-C7-DD-A8-2D-3C-48-9A-E9-89-E1-B0-00-D3", BitConverter.ToString(msg.NT)); }
public void Challenge() { Type3Message msg = new Type3Message(); AssertNull("Challenge", msg.Challenge); byte[] c = new byte [8]; msg.Challenge = c; AssertEquals("Challenge.Length", 8, msg.Challenge.Length); c [0] = 1; AssertEquals("Challenge not directly accessible", 0, msg.Challenge [0]); }
// Example from http://davenport.sourceforge.net/ntlm.html#type3MessageExample public void Decode2() { Type3Message msg = new Type3Message(data2); AssertEquals("Domain", "DOMAIN", msg.Domain); AssertEquals("Host", "WORKSTATION", msg.Host); AssertEquals("Username", "user", msg.Username); AssertEquals("Flags", (NtlmFlags)0x201, msg.Flags); AssertEquals("Type", 3, msg.Type); AssertNull("Password", msg.Password); AssertEquals("LM", "C3-37-CD-5C-BD-44-FC-97-82-A6-67-AF-6D-42-7C-6D-E6-7C-20-C2-D3-E7-7C-56", BitConverter.ToString(msg.LM)); AssertEquals("NT", "25-A9-8C-1C-31-E8-18-47-46-6B-29-B2-DF-46-80-F3-99-58-FB-8C-21-3A-9C-C6", BitConverter.ToString(msg.NT)); }
public void Challenge() { Type3Message msg = new Type3Message(); Assert.IsNull(msg.Challenge, "Challenge"); byte[] c = new byte [8]; msg.Challenge = c; Assert.AreEqual(8, msg.Challenge.Length, "Challenge.Length"); c [0] = 1; Assert.AreEqual(0, msg.Challenge [0], "Challenge not directly accessible"); }
// Example from http://davenport.sourceforge.net/ntlm.html#type3MessageExample public void Decode2() { Type3Message msg = new Type3Message(data2); Assert.AreEqual("DOMAIN", msg.Domain, "Domain"); Assert.AreEqual("WORKSTATION", msg.Host, "Host"); Assert.AreEqual("user", msg.Username, "Username"); Assert.AreEqual((NtlmFlags)0x201, msg.Flags, "Flags"); Assert.AreEqual(3, msg.Type, "Type"); Assert.IsNull(msg.Password, "Password"); Assert.AreEqual("C3-37-CD-5C-BD-44-FC-97-82-A6-67-AF-6D-42-7C-6D-E6-7C-20-C2-D3-E7-7C-56", BitConverter.ToString(msg.LM), "LM"); Assert.AreEqual("25-A9-8C-1C-31-E8-18-47-46-6B-29-B2-DF-46-80-F3-99-58-FB-8C-21-3A-9C-C6", BitConverter.ToString(msg.NT), "NT"); }
// Example from http://www.innovation.ch/java/ntlm.html public void Decode1() { Type3Message msg = new Type3Message(data1); Assert.AreEqual("URSA-MINOR", msg.Domain, "Domain"); Assert.AreEqual("LIGHTCITY", msg.Host, "Host"); Assert.AreEqual("Zaphod", msg.Username, "Username"); Assert.AreEqual((NtlmFlags)0x8201, msg.Flags, "Flags"); Assert.AreEqual(3, msg.Type, "Type"); Assert.IsNull(msg.Password, "Password"); Assert.AreEqual("AD-87-CA-6D-EF-E3-46-85-B9-C4-3C-47-7A-8C-42-D6-00-66-7D-68-92-E7-E8-97", BitConverter.ToString(msg.LM), "LM"); Assert.AreEqual("E0-E0-0D-E3-10-4A-1B-F2-05-3F-07-C7-DD-A8-2D-3C-48-9A-E9-89-E1-B0-00-D3", BitConverter.ToString(msg.NT), "NT"); }
// Example from http://www.innovation.ch/java/ntlm.html public void Encode1() { Type3Message msg = new Type3Message(); msg.Challenge = nonce; // Type3Message now encodes domain and host case-sensitive. msg.Domain = "URSA-MINOR"; msg.Host = "LIGHTCITY"; msg.Password = "******"; msg.Username = "******"; Assert.AreEqual(3, msg.Type, "Type"); Assert.AreEqual("4E-54-4C-4D-53-53-50-00-03-00-00-00-18-00-18-00-72-00-00-00-18-00-18-00-8A-00-00-00-14-00-14-00-40-00-00-00-0C-00-0C-00-54-00-00-00-12-00-12-00-60-00-00-00-00-00-00-00-A2-00-00-00-01-B2-00-00-55-00-52-00-53-00-41-00-2D-00-4D-00-49-00-4E-00-4F-00-52-00-5A-00-61-00-70-00-68-00-6F-00-64-00-4C-00-49-00-47-00-48-00-54-00-43-00-49-00-54-00-59-00-AD-87-CA-6D-EF-E3-46-85-B9-C4-3C-47-7A-8C-42-D6-00-66-7D-68-92-E7-E8-97-E0-E0-0D-E3-10-4A-1B-F2-05-3F-07-C7-DD-A8-2D-3C-48-9A-E9-89-E1-B0-00-D3", BitConverter.ToString(msg.GetBytes()), "GetBytes"); }
// Example for a password smaller than 8 characters - which implies a weak DES key public void SmallPassword() { Type3Message msg = new Type3Message(); msg.Challenge = new byte [8] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; msg.Domain = "DOMAIN"; msg.Host = "HOST"; msg.Password = "******"; msg.Username = "******"; AssertEquals("Type", 3, msg.Type); AssertEquals("GetBytes", "4E-54-4C-4D-53-53-50-00-03-00-00-00-18-00-18-00-64-00-00-00-18-00-18-00-7C-00-00-00-0C-00-0C-00-40-00-00-00-10-00-10-00-4C-00-00-00-08-00-08-00-5C-00-00-00-00-00-00-00-94-00-00-00-01-82-00-00-44-00-4F-00-4D-00-41-00-49-00-4E-00-75-00-73-00-65-00-72-00-6E-00-61-00-6D-00-65-00-48-00-4F-00-53-00-54-00-CA-12-00-72-3C-41-D5-77-AB-18-C7-64-C6-DE-F3-4F-A6-1B-FA-06-71-EA-5F-C8-7A-CE-90-85-AB-CC-37-59-38-0B-1C-68-62-E3-98-C3-C0-EF-9C-FC-22-E8-A2-C2", BitConverter.ToString(msg.GetBytes())); }
/// <summary> /// Computes the actual challenge response to an NTLM challenge /// which is sent as part of an NTLM type 2 message. /// </summary> /// <param name="challenge">The challenge sent by the server.</param> /// <returns>The response to the NTLM challenge.</returns> /// <exception cref="SaslException">Thrown if the challenge /// response could not be computed.</exception> protected new byte[] ComputeChallengeResponse(byte[] challenge) { try { Type2Message msg = Type2Message.Deserialize(challenge); // This creates an NTLMv2 challenge response. byte[] data = new Type3Message(Username, Password, msg.Challenge, Username, true, msg.TargetName, msg.RawTargetInformation).Serialize(); return(data); } catch (Exception e) { throw new SaslException("The challenge response could not be " + "computed.", e); } }
// Example for a password smaller than 8 characters - which implies a weak DES key public void SmallPassword() { Type3Message msg = new Type3Message(); msg.Challenge = new byte [8] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 }; msg.Domain = "DOMAIN"; msg.Host = "HOST"; // [SuppressMessage("Microsoft.Security", "CS002:SecretInNextLine", Justification="Not a secret.")] msg.Password = "******"; msg.Username = "******"; Assert.AreEqual(3, msg.Type, "Type"); Assert.AreEqual("4E-54-4C-4D-53-53-50-00-03-00-00-00-18-00-18-00-64-00-00-00-18-00-18-00-7C-00-00-00-0C-00-0C-00-40-00-00-00-10-00-10-00-4C-00-00-00-08-00-08-00-5C-00-00-00-00-00-00-00-94-00-00-00-01-B2-00-00-44-00-4F-00-4D-00-41-00-49-00-4E-00-75-00-73-00-65-00-72-00-6E-00-61-00-6D-00-65-00-48-00-4F-00-53-00-54-00-CA-12-00-72-3C-41-D5-77-AB-18-C7-64-C6-DE-F3-4F-A6-1B-FA-06-71-EA-5F-C8-7A-CE-90-85-AB-CC-37-59-38-0B-1C-68-62-E3-98-C3-C0-EF-9C-FC-22-E8-A2-C2", BitConverter.ToString(msg.GetBytes()), "GetBytes"); }
/// <summary> /// Computes the actual challenge response to an NTLM challenge /// which is sent as part of an NTLM type 2 message. /// </summary> /// <param name="challenge">The challenge sent by the server.</param> /// <returns>The response to the NTLM challenge.</returns> /// <exception cref="SaslException">Thrown if the challenge /// response could not be computed.</exception> protected new byte[] ComputeChallengeResponse(byte[] challenge) { try { Type2Message msg = Type2Message.Deserialize(challenge); // This creates an NTLMv2 challenge response. var type3Message = new Type3Message(Credential, msg.Challenge, Credential.UserName, _additionalFlags, true, msg.TargetName, msg.RawTargetInformation); SessionKey = type3Message.SessionKey; return(type3Message.Serialize()); } catch (Exception e) { throw new SaslException("The challenge response could not be " + "computed.", e); } }
public byte [] ProcessMessageType3(string user, string password) { TargetName = Environment.MachineName; ServerName = Environment.MachineName; // FIXME DomainName = ServerName; // IPGlobalProperties.GetIPGlobalProperties ().DomainName; DnsHostName = Dns.GetHostName(); DnsDomainName = DnsHostName; // FIXME type3 = new Type3Message(NtlmVersion.Version3); type3.Flags = (NtlmFlags)(unchecked ((int)0xE2188235)); type3.Domain = DomainName; type3.Host = DnsHostName; type3.Challenge = type2.Nonce; type3.Username = user; type3.Password = password; return(type3.GetBytes()); }
public void TestNtlmType3MessageDecode() { const string challenge3 = "TlRMTVNTUAADAAAAGAAYAGoAAAAYABgAggAAAAwADABAAAAACAAIAEwAAAAWABYAVAAAAAAAAACaAAAAAQIAAEQATwBNAEEASQBOAHUAcwBlAHIAVwBPAFIASwBTAFQAQQBUAEkATwBOAJje97h/iKpdr+Lfd5aIoXLe8Rx9XM3vE91UKLAehvTfyr6sOUlG29Q+6I95TdYyVQ=="; var flags = NtlmFlags.NegotiateNtlm | NtlmFlags.NegotiateUnicode; var token = Convert.FromBase64String(challenge3); var type3 = new Type3Message(token, 0, token.Length); Assert.AreEqual(flags, type3.Flags, "The expected flags do not match."); Assert.AreEqual("DOMAIN", type3.Domain, "The expected Domain does not match."); Assert.AreEqual("WORKSTATION", type3.Host, "The expected Host does not match."); Assert.AreEqual("user", type3.Username, "The expected Username does not match."); var nt = HexEncode(type3.NT); Assert.AreEqual("dd5428b01e86f4dfcabeac394946dbd43ee88f794dd63255", nt, "The NT payload does not match."); var lm = HexEncode(type3.LM); Assert.AreEqual("98def7b87f88aa5dafe2df779688a172def11c7d5ccdef13", lm, "The LM payload does not match."); }
public void ProcessMessageType3(byte [] raw) { /* * MemoryStream ms = new MemoryStream (raw); * if (!Verify (NtlmSSP, raw, 0, 8)) * throw new SecurityNegotiationException ("Expected NTLM SSPI header not found"); * BinaryReader reader = new BinaryReader (ms); * reader.ReadInt64 (); // skip 8 bytes * if (reader.ReadInt32 () != 3) * throw new SecurityNegotiationException ("SSPI type 3 message is expected"); * SspiSecurityBufferStruct lmResInfo = ReadSecurityBuffer (reader); * SspiSecurityBufferStruct ntlmResInfo = ReadSecurityBuffer (reader); * SspiSecurityBufferStruct targetNameInfo = ReadSecurityBuffer (reader); * SspiSecurityBufferStruct userNameInfo = ReadSecurityBuffer (reader); * SspiSecurityBufferStruct wsNameInfo = ReadSecurityBuffer (reader); * SspiSecurityBufferStruct sessionKeyInfo = ReadSecurityBuffer (reader); * int flags = reader.ReadInt32 (); * ServerOSVersion = reader.ReadInt64 (); */ type3 = new Type3Message(raw, NtlmVersion.Version3); }
public Authorization Authenticate(string challenge, WebRequest webRequest, ICredentials credentials) { HttpWebRequest request = webRequest as HttpWebRequest; if (request == null) { return(null); } NetworkCredential cred = credentials.GetCredential(request.RequestUri, "NTLM"); if (cred == null) { return(null); } string userName = cred.UserName; string domain = cred.Domain; string password = cred.Password; if (userName == null || userName == "") { return(null); } domain = domain != null && domain.Length > 0 ? domain : request.Headers ["Host"]; bool completed = false; if (message == null) { Type1Message type1 = new Type1Message(); type1.Domain = domain; message = type1; } else if (message.Type == 1) { // Should I check the credentials? if (challenge == null) { message = null; return(null); } Type2Message type2 = new Type2Message(Convert.FromBase64String(challenge)); if (password == null) { password = ""; } Type3Message type3 = new Type3Message(); type3.Domain = domain; type3.Username = userName; type3.Challenge = type2.Nonce; type3.Password = password; message = type3; completed = true; } else { // Should I check the credentials? // type must be 3 here if (challenge == null || challenge == String.Empty) { Type1Message type1 = new Type1Message(); type1.Domain = domain; message = type1; } else { completed = true; } } string token = "NTLM " + Convert.ToBase64String(message.GetBytes()); return(new Authorization(token, completed)); }
public void Decode_BadHeader() { byte[] header = { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x01, 0x00, 0x00, 0x00, 0x00 }; Type3Message msg = new Type3Message(header); }
public Authorization Authenticate(string challenge, WebRequest webRequest, ICredentials credentials) { HttpWebRequest request = webRequest as HttpWebRequest; if (request == null) { return(null); } NetworkCredential cred = credentials.GetCredential(request.RequestUri, "NTLM"); if (cred == null) { return(null); } string userName = cred.UserName; string domain = cred.Domain; string password = cred.Password; if (userName == null || userName == "") { return(null); } if (String.IsNullOrEmpty(domain)) { int idx = userName.IndexOf('\\'); if (idx == -1) { idx = userName.IndexOf('/'); } if (idx >= 0) { domain = userName.Substring(0, idx); userName = userName.Substring(idx + 1); } } bool completed = false; if (message == null) { Type1Message type1 = new Type1Message(); type1.Domain = domain; type1.Host = ""; // MS does not send it type1.Flags |= NtlmFlags.NegotiateNtlm2Key; message = type1; } else if (message.Type == 1) { // Should I check the credentials? if (challenge == null) { message = null; return(null); } Type2Message type2 = new Type2Message(Convert.FromBase64String(challenge)); if (password == null) { password = ""; } Type3Message type3 = new Type3Message(type2); type3.Username = userName; type3.Password = password; message = type3; completed = true; } else { // Should I check the credentials? // type must be 3 here if (challenge == null || challenge == String.Empty) { Type1Message type1 = new Type1Message(); type1.Domain = domain; type1.Host = ""; // MS does not send it message = type1; } else { completed = true; } } string token = "NTLM " + Convert.ToBase64String(message.GetBytes()); return(new Authorization(token, completed)); }
public void Challenge_Null() { Type3Message msg = new Type3Message(); msg.Challenge = null; }
/// <exception cref="SharpCifs.Smb.SmbException"></exception> public virtual byte[] InitSecContext(byte[] token, int offset, int len) { switch (State) { case 1: { Type1Message msg1 = new Type1Message(NtlmsspFlags, Auth.GetDomain(), Workstation); token = msg1.ToByteArray(); if (Log.Level >= 4) { Log.WriteLine(msg1); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } State++; break; } case 2: { try { Type2Message msg2 = new Type2Message(token); if (Log.Level >= 4) { Log.WriteLine(msg2); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } ServerChallenge = msg2.GetChallenge(); NtlmsspFlags &= msg2.GetFlags(); //netbiosName = getNtlmsspListItem(token, 0x0001); Type3Message msg3 = new Type3Message(msg2, Auth.GetPassword(), Auth.GetDomain(), Auth.GetUsername(), Workstation, NtlmsspFlags); token = msg3.ToByteArray(); if (Log.Level >= 4) { Log.WriteLine(msg3); if (Log.Level >= 6) { Hexdump.ToHexdump(Log, token, 0, token.Length); } } if ((NtlmsspFlags & NtlmFlags.NtlmsspNegotiateSign) != 0) { SigningKey = msg3.GetMasterKey(); } isEstablished = true; State++; break; } catch (Exception e) { throw new SmbException(e.Message, e); } } default: { throw new SmbException("Invalid state"); } } return token; }
public void Challenge_InvalidLength() { Type3Message msg = new Type3Message(); msg.Challenge = new byte [9]; }
public Authorization Authenticate (string challenge, WebRequest webRequest, ICredentials credentials) { HttpWebRequest request = webRequest as HttpWebRequest; if (request == null) return null; NetworkCredential cred = credentials.GetCredential (request.RequestUri, "NTLM"); if (cred == null) return null; string userName = cred.UserName; string domain = cred.Domain; string password = cred.Password; if (userName == null || userName == "") return null; if (String.IsNullOrEmpty (domain)) { int idx = userName.IndexOf ('\\'); if (idx == -1) { idx = userName.IndexOf ('/'); } if (idx >= 0) { domain = userName.Substring (0, idx); userName = userName.Substring (idx + 1); } } bool completed = false; if (message == null) { Type1Message type1 = new Type1Message (); type1.Domain = domain; type1.Host = ""; // MS does not send it type1.Flags |= NtlmFlags.NegotiateNtlm2Key; message = type1; } else if (message.Type == 1) { // Should I check the credentials? if (challenge == null) { message = null; return null; } Type2Message type2 = new Type2Message (Convert.FromBase64String (challenge)); if (password == null) password = ""; Type3Message type3 = new Type3Message (type2); type3.Username = userName; type3.Password = password; type3.Domain = domain; message = type3; completed = true; } else { // Should I check the credentials? // type must be 3 here if (challenge == null || challenge == String.Empty) { Type1Message type1 = new Type1Message (); type1.Domain = domain; type1.Host = ""; // MS does not send it message = type1; } else { completed = true; } } string token = "NTLM " + Convert.ToBase64String (message.GetBytes ()); return new Authorization (token, completed); }