Пример #1
0
        public static bool LMv1ResponseTest()
        {
            byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
            byte[] response  = NTAuthentication.ComputeLMv1Response(challenge, "Password");
            byte[] expected  = { 0x98, 0xde, 0xf7, 0xb8, 0x7f, 0x88, 0xaa, 0x5d, 0xaf, 0xe2, 0xdf, 0x77, 0x96, 0x88, 0xa1, 0x72, 0xde, 0xf1, 0x1c, 0x7d, 0x5c, 0xcd, 0xef, 0x13 };
            bool   success   = ByteUtils.AreByteArraysEqual(response, expected);

            return(success);
        }
Пример #2
0
        public bool IsPasswordEmpty(byte[] lmResponse, byte[] ntlmResponse)
        {
            // Special case for anonymous authentication
            // Windows NT4 SP6 will send 1 null byte OEMPassword and 0 bytes UnicodePassword for anonymous authentication
            if (lmResponse.Length == 0 || ByteUtils.AreByteArraysEqual(lmResponse, new byte[] { 0x00 }) || ntlmResponse.Length == 0)
            {
                return(true);
            }

            byte[] emptyPasswordLMv1Response = NTAuthentication.ComputeLMv1Response(m_serverChallenge, String.Empty);
            if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv1Response, lmResponse))
            {
                return(true);
            }

            byte[] emptyPasswordNTLMv1Response = NTAuthentication.ComputeNTLMv1Response(m_serverChallenge, String.Empty);
            if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, ntlmResponse))
            {
                return(true);
            }

            return(false);
        }
Пример #3
0
        /// <summary>
        /// LM v1 / NTLM v1
        /// </summary>
        public User AuthenticateV1(string accountNameToAuth, byte[] serverChallenge, byte[] lmResponse, byte[] ntlmResponse)
        {
            for (int index = 0; index < this.Count; index++)
            {
                string accountName = this[index].AccountName;
                string password    = this[index].Password;

                if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
                {
                    byte[] expectedLMResponse = NTAuthentication.ComputeLMv1Response(serverChallenge, password);
                    if (ByteUtils.AreByteArraysEqual(expectedLMResponse, lmResponse))
                    {
                        return(this[index]);
                    }

                    byte[] expectedNTLMResponse = NTAuthentication.ComputeNTLMv1Response(serverChallenge, password);
                    if (ByteUtils.AreByteArraysEqual(expectedNTLMResponse, ntlmResponse))
                    {
                        return(this[index]);
                    }
                }
            }
            return(null);
        }