public bool HasMicField() { if (!AuthenticationMessageUtils.IsNTLMv2NTResponse(NtChallengeResponse)) { return(false); } NTLMv2ClientChallenge challenge; try { challenge = new NTLMv2ClientChallenge(NtChallengeResponse, 16); } catch { return(false); } int index = challenge.AVPairs.IndexOfKey(AVPairKey.Flags); if (index >= 0) { byte[] value = challenge.AVPairs[index].Value; if (value.Length == 4) { int flags = LittleEndianConverter.ToInt32(value, 0); return((flags & 0x02) > 0); } } return(false); }
/// <summary> /// LM v2 / NTLM v2 /// </summary> private bool AuthenticateV2(string domainName, string accountName, string password, byte[] serverChallenge, byte[] lmResponse, byte[] ntResponse) { byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8); byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainName); if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse)) { return(true); } if (AuthenticationMessageUtils.IsNTLMv2NTResponse(ntResponse)) { byte[] clientNTProof = ByteReader.ReadBytes(ntResponse, 0, 16); byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(ntResponse, 16, ntResponse.Length - 16); byte[] expectedNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, password, accountName, domainName); return(ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof)); } return(false); }