/// <summary>
/// [MS-NLMP] 3.4.5.1 - KXKEY - NTLM v1
/// </summary>
/// <remarks>
/// If NTLM v2 is used, KeyExchangeKey MUST be set to the value of SessionBaseKey.
/// </remarks>
public static byte[] KXKey(byte[] sessionBaseKey, NegotiateFlags negotiateFlags, byte[] lmChallengeResponse, byte[] serverChallenge, byte[] lmowf)
{
if ((negotiateFlags & NegotiateFlags.ExtendedSessionSecurity) == 0)
{
if ((negotiateFlags & NegotiateFlags.LanManagerSessionKey) > 0)
{
byte[] k1 = ByteReader.ReadBytes(lmowf, 0, 7);
byte[] k2 = ByteUtils.Concatenate(ByteReader.ReadBytes(lmowf, 7, 1), new byte[] { 0xBD, 0xBD, 0xBD, 0xBD, 0xBD, 0xBD });
byte[] temp1 = DesEncrypt(ExtendDESKey(k1), ByteReader.ReadBytes(lmChallengeResponse, 0, 8));
byte[] temp2 = DesEncrypt(ExtendDESKey(k2), ByteReader.ReadBytes(lmChallengeResponse, 0, 8));
byte[] keyExchangeKey = ByteUtils.Concatenate(temp1, temp2);
return(keyExchangeKey);
}
else
{
if ((negotiateFlags & NegotiateFlags.RequestLMSessionKey) > 0)
{
byte[] keyExchangeKey = ByteUtils.Concatenate(ByteReader.ReadBytes(lmowf, 0, 8), new byte[8]);
return(keyExchangeKey);
}
else
{
return(sessionBaseKey);
}
}
}
else
{
byte[] buffer = ByteUtils.Concatenate(serverChallenge, ByteReader.ReadBytes(lmChallengeResponse, 0, 8));
byte[] keyExchangeKey = new HMACMD5(sessionBaseKey).ComputeHash(buffer);
return(keyExchangeKey);
}
}
public ChallengeMessage(byte[] cm)
{
if (cm.Length < 56)
{
throw new ArgumentOutOfRangeException();
}
if (!Signature.CompareArray(cm, 0, 8))//0-8
{
throw new Exception("ChallengeMessage Signature Error");
}
if (MessageType != BitConverter.ToUInt32(cm, 8))//8-4
{
throw new Exception("ChallengeMessage MessageType Error");
}
TargetNameField = new MetaDataPayloadString(cm, 12); //12-8
NegotiateFlag = (NegotiateFlags)BitConverter.ToUInt32(cm, 20); //20-4
Array.Copy(cm, 24, ServerChallenge, 0, 8); //24-8
if (!Reserved.CompareArray(cm, 32, 8)) //32-8
{
throw new Exception("ChallengeMessage Reserved Error");
}
TargetInfoField = new MetaDataVariableTargetInfos(cm, 40); //40-8
Version = new Versions(cm, 48); //48-8
}
public NegotiateMessage(byte[] buffer)
{
Signature = ByteReader.ReadAnsiString(buffer, 0, 8);
MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8);
NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 12);
DomainName = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 16);
Workstation = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 24);
if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new NTLMVersion(buffer, 32);
}
}
public ChallengeMessage(byte[] buffer)
{
Signature = ByteReader.ReadAnsiString(buffer, 0, 8);
MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8);
TargetName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 12);
NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 20);
ServerChallenge = ByteReader.ReadBytes(buffer, 24, 8);
// Reserved
TargetInfo = AuthenticationMessageUtils.ReadBufferPointer(buffer, 40);
if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new NTLMVersion(buffer, 48);
}
}
protected override void InitMessageFromData(byte[] data)
{
this._messageData = data;
this.Signature = Encoding.ASCII.GetString(this._messageData, 0, 7);
this.MessageType = BitConverter.ToInt32(this._messageData, 8);
this.SetLmChallengeResponse();
this.SetNtChallengeResponse();
this.DomainName = this.ConvertNtlmMessageByteArrayToString(28);
this.UserName = this.ConvertNtlmMessageByteArrayToString(36);
this.Workstation = this.ConvertNtlmMessageByteArrayToString(44);
this.SetEncryptedRandomSessionKey();
this.NegotiateFlags = (NegotiateFlags)BitConverter.ToUInt32(this._messageData, 60);
this.SetVersion();
this.SetMic();
}
public static bool HasFlag(this NegotiateFlags t, NegotiateFlags negotiateFlags)
{
if (negotiateFlags == 0)
{
throw new ArgumentException("Can't be Zero");
}
if ((t & negotiateFlags) == negotiateFlags)
{
return(true);
}
else
{
return(false);
}
}
public AuthenticateMessage(byte[] buffer)
{
Signature = ByteReader.ReadAnsiString(buffer, 0, 8);
MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8);
LmChallengeResponse = AuthenticationMessageUtils.ReadBufferPointer(buffer, 12);
NtChallengeResponse = AuthenticationMessageUtils.ReadBufferPointer(buffer, 20);
DomainName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 28);
UserName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 36);
WorkStation = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 44);
EncryptedRandomSessionKey = AuthenticationMessageUtils.ReadBufferPointer(buffer, 52);
NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 60);
if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new NTLMVersion(buffer, 64);
}
}
public AuthenticateMessage(
MetaDataPayloadHex lmChallengeResponseField,
NtChallengeResponseFields ntChallengeResponseField,
MetaDataPayloadString domainNameField,
MetaDataPayloadString userNameField,
MetaDataPayloadString workstationField,
MetaDataPayloadString encryptedRandomSessionKeyField,
NegotiateFlags negotiateFlag,
Versions version
)
{
LmChallengeResponseField = lmChallengeResponseField;
NtChallengeResponseField = ntChallengeResponseField;
DomainNameField = domainNameField;
UserNameField = userNameField;
WorkstationField = workstationField;
EncryptedRandomSessionKeyField = encryptedRandomSessionKeyField;
NegotiateFlag = negotiateFlag;
Version = version;
}
public static byte[] GetBytes(this NegotiateFlags t)
{
return(BitConverter.GetBytes((uint)t));
}
