public void PasswordEncryptionKey_DataStoreNTHash_W2016_TestVector2() { // Win 2016 TP4+ byte[] blob = "1300000000000000E2FCB1CA163BAF47045BEC69E0B9747C100000002973C11ACE6228D4083ADAC2E3C98DB6C613A32C1A52016EA013CED970A1A2D4".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfd02cd74ef843d1010000000001000000000000006a35d3fc0e9949135463ab766cac7dbb0c0c0c0c0c0c0c0c0c0c0c0ca93445b678ce5fbe02de23c3c71ff800".HexToBinary(); var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2016); int rid = 500; string result = pek.DecryptHash(blob, rid).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void PasswordEncryptionKey_DataStoreNTHash_W2016_TestVector1() { // Win 2016 TP4+ byte[] blob = "1300000000000000A548432796CC93BEB01E585C98F5A050100000006095B3BB2F5D39081F98B8FFAE5A8E43D66D763BD25613B44640B4E666DA5208".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfd02cd74ef843d1010000000001000000000000006a35d3fc0e9949135463ab766cac7dbb0c0c0c0c0c0c0c0c0c0c0c0ca93445b678ce5fbe02de23c3c71ff800".HexToBinary(); var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2016); int rid = 1103; string result = pek.DecryptHash(blob, rid).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void PasswordEncryptionKey_DataStoreNTHash_W2k() { // Win 2000 - Win 2012 R2 byte[] blob = "1100000000000000133c2e574dfc2df435671649180617cfb3cc9ef487c99b1d6cda3fb410a021f5".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfb0b0f777efcece0100000000010000000000000004b7b3fd6df689af9d6837e840abdc8c".HexToBinary(); var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2k); int rid = 500; string result = pek.DecryptHash(blob, rid).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void PasswordEncryptionKey_DataStoreNTHash_W2k_Decrypt() { // Win 2000 - Win 2012 R2 byte[] blob = "1100000000000000133c2e574dfc2df435671649180617cfb3cc9ef487c99b1d6cda3fb410a021f5".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfb0b0f777efcece0100000000010000000000000004b7b3fd6df689af9d6837e840abdc8c".HexToBinary(); var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2k); int rid = 500; string result = pek.DecryptHash(blob, rid).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, result); }
public void PasswordEncryptionKey_DataStorePEK_W2016_IFM_Decrypt() { // The data come a Windows Server 2019 DC promoted using IFM byte[] encryptedPEK = "03000000010000005B005859BD413C6ED575DDF5C16DEACD22844A2B1D58A03BB64A67C8EF04BDB961049CFB044B23CC541468B0F368F53D954A52C3A62DADB1B191C4E72CDEC5B76FB91846366A60FBD92CB5BD295A4F116651EFDA51FD11381FDBA97949A769B800000000000000000000000000000000".HexToBinary(); byte[] bootKey = "00f42e2e7b69ec3dee44da4ffe7e98f5".HexToBinary(); byte[] unicodePwd = "1300000000000000313709BF35CF3DEFDFDC37569DABD8F710000000CEFC2BECFB7DD8497773563E121634F8F5F59F803CEE509907E70ED1754351D6".HexToBinary(); int rid = 1000; var pek = new DataStoreSecretDecryptor(encryptedPEK, bootKey); string decryptedHash = pek.DecryptHash(unicodePwd, rid).ToHex(true); string expected = "92937945B518814341DE3F726500D4FF"; Assert.AreEqual(expected, decryptedHash); }
public void PasswordEncryptionKey_DataStoreNTHash_W2016_Encrypt() { // Win 2016 byte[] originalHash = "92937945B518814341DE3F726500D4FF".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfd02cd74ef843d1010000000001000000000000006a35d3fc0e9949135463ab766cac7dbb0c0c0c0c0c0c0c0c0c0c0c0ca93445b678ce5fbe02de23c3c71ff800".HexToBinary(); int rid = 500; // Encrypt the hash and then decrypt it again var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2016); byte[] encryptedHash = pek.EncryptHash(originalHash, rid); byte[] decryptedHash = pek.DecryptHash(encryptedHash, rid); // Now check if we really got the original value. Assert.AreEqual(originalHash.ToHex(), decryptedHash.ToHex()); }
public void PasswordEncryptionKey_DataStoreNTHash_W2k_Encrypt() { // Win 2000 - Win 2012 R2 byte[] originalHash = "92937945B518814341DE3F726500D4FF".HexToBinary(); byte[] binaryPek = "56d98148ec91d111905a00c04fc2d4cfb0b0f777efcece0100000000010000000000000004b7b3fd6df689af9d6837e840abdc8c".HexToBinary(); int rid = 500; // Encrypt the hash and then decrypt it again var pek = new DataStoreSecretDecryptor(binaryPek, PekListVersion.W2k); byte[] encryptedHash = pek.EncryptHash(originalHash, rid); byte[] decryptedHash = pek.DecryptHash(encryptedHash, rid); // Now check if we really got the original value. Assert.AreEqual(originalHash.ToHex(), decryptedHash.ToHex()); }