C# (CSharp) InternalMonologue InternalMonologueResponse 예제들

예제 #1

 public void AddResponse(InternalMonologueResponse response)
 {
     if (response.Resp1.IsNullOrWhiteSpace())
     {
         return;
     }
     Responses.Add(response);
 }

예제 #2

파일: InternalMonologue.cs 프로젝트: malcomvetter/Internal-Monologue

        //This function parses the NetNTLM response from a type-3 message
        private InternalMonologueResponse ParseNTResponse(byte[] message, string challenge)
        {
            ushort lm_resp_len = BitConverter.ToUInt16(message, 12);
            uint   lm_resp_off = BitConverter.ToUInt32(message, 16);
            ushort nt_resp_len = BitConverter.ToUInt16(message, 20);
            uint   nt_resp_off = BitConverter.ToUInt32(message, 24);
            ushort domain_len  = BitConverter.ToUInt16(message, 28);
            uint   domain_off  = BitConverter.ToUInt32(message, 32);
            ushort user_len    = BitConverter.ToUInt16(message, 36);
            uint   user_off    = BitConverter.ToUInt32(message, 40);

            byte[] lm_resp = new byte[lm_resp_len];
            byte[] nt_resp = new byte[nt_resp_len];
            byte[] domain  = new byte[domain_len];
            byte[] user    = new byte[user_len];
            Array.Copy(message, lm_resp_off, lm_resp, 0, lm_resp_len);
            Array.Copy(message, nt_resp_off, nt_resp, 0, nt_resp_len);
            Array.Copy(message, domain_off, domain, 0, domain_len);
            Array.Copy(message, user_off, user, 0, user_len);

            var result = new InternalMonologueResponse();

            result.NtlmDowngrade        = downgrade;
            result.FromElevated         = isElevated;
            result.Challenge            = challenge;
            result.ImpersonatedIdentity = WindowsIdentity.GetCurrent().Name;
            result.SID = WindowsIdentity.GetCurrent().User.ToString();
            if (nt_resp_len == 24)
            {
                result.UserName = ConvertHex(ByteArrayToString(user));
                result.Domain   = ConvertHex(ByteArrayToString(domain));
                result.Resp1    = ByteArrayToString(lm_resp);
                result.Resp2    = ByteArrayToString(nt_resp);
//                result = ConvertHex(ByteArrayToString(user)) + "::" + ConvertHex(ByteArrayToString(domain)) + ":" + ByteArrayToString(lm_resp) + ":" + ByteArrayToString(nt_resp) + ":" + challenge;
            }
            else if (nt_resp_len > 24)
            {
                result.UserName = ConvertHex(ByteArrayToString(user));
                result.Domain   = ConvertHex(ByteArrayToString(domain));
                result.Resp1    = ByteArrayToString(nt_resp).Substring(0, 32);
                result.Resp2    = ByteArrayToString(nt_resp).Substring(32);
                //result = ConvertHex(ByteArrayToString(user)) + "::" + ConvertHex(ByteArrayToString(domain)) + ":" + challenge + ":" + ByteArrayToString(nt_resp).Substring(0, 32) + ":" + ByteArrayToString(nt_resp).Substring(32);
            }

            return(result);
        }