public NTLMv2ClientChallenge(byte[] buffer, int offset) { CurrentVersion = ByteReader.ReadByte(buffer, offset + 0); MaximumSupportedVersion = ByteReader.ReadByte(buffer, offset + 1); Reserved1 = LittleEndianConverter.ToUInt16(buffer, offset + 2); Reserved2 = LittleEndianConverter.ToUInt32(buffer, offset + 4); TimeStamp = FileTimeHelper.ReadFileTime(buffer, offset + 8); ClientChallenge = ByteReader.ReadBytes(buffer, offset + 16, 8); Reserved3 = LittleEndianConverter.ToUInt32(buffer, offset + 24); AVPairs = AVPairUtils.ReadAVPairSequence(buffer, offset + 28); }
public byte[] GetBytes() { byte[] sequenceBytes = AVPairUtils.GetAVPairSequenceBytes(AVPairs); byte[] buffer = new byte[28 + sequenceBytes.Length]; ByteWriter.WriteByte(buffer, 0, CurrentVersion); ByteWriter.WriteByte(buffer, 1, MaximumSupportedVersion); LittleEndianWriter.WriteUInt16(buffer, 2, Reserved1); LittleEndianWriter.WriteUInt32(buffer, 4, Reserved2); FileTimeHelper.WriteFileTime(buffer, 8, TimeStamp); ByteWriter.WriteBytes(buffer, 16, ClientChallenge, 8); LittleEndianWriter.WriteUInt32(buffer, 24, Reserved3); ByteWriter.WriteBytes(buffer, 28, sequenceBytes); return(buffer); }
public ChallengeMessage(byte[] buffer) { Signature = ByteReader.ReadAnsiString(buffer, 0, 8); MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8); TargetName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 12); NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 20); ServerChallenge = ByteReader.ReadBytes(buffer, 24, 8); // Reserved byte[] targetInfoBytes = AuthenticationMessageUtils.ReadBufferPointer(buffer, 40); if (targetInfoBytes.Length > 0) { TargetInfo = AVPairUtils.ReadAVPairSequence(targetInfoBytes, 0); } if ((NegotiateFlags & NegotiateFlags.Version) > 0) { Version = new NTLMVersion(buffer, 48); } }
public byte[] GetBytes() { if ((NegotiateFlags & NegotiateFlags.TargetNameSupplied) == 0) { TargetName = String.Empty; } byte[] targetInfoBytes = AVPairUtils.GetAVPairSequenceBytes(TargetInfo); if ((NegotiateFlags & NegotiateFlags.TargetInfo) == 0) { targetInfoBytes = new byte[0]; } int fixedLength = 48; if ((NegotiateFlags & NegotiateFlags.Version) > 0) { fixedLength += 8; } int payloadLength = TargetName.Length * 2 + targetInfoBytes.Length; byte[] buffer = new byte[fixedLength + payloadLength]; ByteWriter.WriteAnsiString(buffer, 0, AuthenticateMessage.ValidSignature, 8); LittleEndianWriter.WriteUInt32(buffer, 8, (uint)MessageType); LittleEndianWriter.WriteUInt32(buffer, 20, (uint)NegotiateFlags); ByteWriter.WriteBytes(buffer, 24, ServerChallenge); if ((NegotiateFlags & NegotiateFlags.Version) > 0) { Version.WriteBytes(buffer, 48); } int offset = fixedLength; AuthenticationMessageUtils.WriteBufferPointer(buffer, 12, (ushort)(TargetName.Length * 2), (uint)offset); ByteWriter.WriteUTF16String(buffer, ref offset, TargetName); AuthenticationMessageUtils.WriteBufferPointer(buffer, 40, (ushort)targetInfoBytes.Length, (uint)offset); ByteWriter.WriteBytes(buffer, ref offset, targetInfoBytes); return(buffer); }
public override NTStatus GetChallengeMessage(out object context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage) { byte[] serverChallenge = GenerateServerChallenge(); context = new AuthContext(serverChallenge); challengeMessage = new ChallengeMessage(); // https://msdn.microsoft.com/en-us/library/cc236691.aspx challengeMessage.NegotiateFlags = NegotiateFlags.TargetTypeServer | NegotiateFlags.TargetInfo | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Version; // [MS-NLMP] NTLMSSP_NEGOTIATE_NTLM MUST be set in the [..] CHALLENGE_MESSAGE to the client. challengeMessage.NegotiateFlags |= NegotiateFlags.NTLMSessionSecurity; if ((negotiateMessage.NegotiateFlags & NegotiateFlags.UnicodeEncoding) > 0) { challengeMessage.NegotiateFlags |= NegotiateFlags.UnicodeEncoding; } else if ((negotiateMessage.NegotiateFlags & NegotiateFlags.OEMEncoding) > 0) { challengeMessage.NegotiateFlags |= NegotiateFlags.OEMEncoding; } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.ExtendedSessionSecurity) > 0) { challengeMessage.NegotiateFlags |= NegotiateFlags.ExtendedSessionSecurity; } else if ((negotiateMessage.NegotiateFlags & NegotiateFlags.LanManagerSessionKey) > 0) { challengeMessage.NegotiateFlags |= NegotiateFlags.LanManagerSessionKey; } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.Sign) > 0) { // [MS-NLMP] If the client sends NTLMSSP_NEGOTIATE_SIGN to the server in the NEGOTIATE_MESSAGE, // the server MUST return NTLMSSP_NEGOTIATE_SIGN to the client in the CHALLENGE_MESSAGE. challengeMessage.NegotiateFlags |= NegotiateFlags.Sign; } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.Seal) > 0) { // [MS-NLMP] If the client sends NTLMSSP_NEGOTIATE_SEAL to the server in the NEGOTIATE_MESSAGE, // the server MUST return NTLMSSP_NEGOTIATE_SEAL to the client in the CHALLENGE_MESSAGE. challengeMessage.NegotiateFlags |= NegotiateFlags.Seal; } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.Sign) > 0 || (negotiateMessage.NegotiateFlags & NegotiateFlags.Seal) > 0) { if ((negotiateMessage.NegotiateFlags & NegotiateFlags.Use56BitEncryption) > 0) { // [MS-NLMP] If the client sends NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN with // NTLMSSP_NEGOTIATE_56 to the server in the NEGOTIATE_MESSAGE, the server MUST return // NTLMSSP_NEGOTIATE_56 to the client in the CHALLENGE_MESSAGE. challengeMessage.NegotiateFlags |= NegotiateFlags.Use56BitEncryption; } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.Use128BitEncryption) > 0) { // [MS-NLMP] If the client sends NTLMSSP_NEGOTIATE_128 to the server in the NEGOTIATE_MESSAGE, // the server MUST return NTLMSSP_NEGOTIATE_128 to the client in the CHALLENGE_MESSAGE only if // the client sets NTLMSSP_NEGOTIATE_SEAL or NTLMSSP_NEGOTIATE_SIGN. challengeMessage.NegotiateFlags |= NegotiateFlags.Use128BitEncryption; } } if ((negotiateMessage.NegotiateFlags & NegotiateFlags.KeyExchange) > 0) { challengeMessage.NegotiateFlags |= NegotiateFlags.KeyExchange; } challengeMessage.TargetName = Environment.MachineName; challengeMessage.ServerChallenge = serverChallenge; challengeMessage.TargetInfo = AVPairUtils.GetAVPairSequence(Environment.MachineName, Environment.MachineName); challengeMessage.Version = NTLMVersion.Server2003; return(NTStatus.SEC_I_CONTINUE_NEEDED); }