private static AuthenticateMessage CreateAuthenticateMessage(string accountNameToAuth, byte[] lmChallengeResponse, byte[] ntChallengeResponse) { AuthenticateMessage authenticateMessage = new AuthenticateMessage(); authenticateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.NTLMSessionSecurity | NegotiateFlags.AlwaysSign | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.Use56BitEncryption; if (AuthenticationMessageUtils.IsNTLMv1ExtendedSessionSecurity(lmChallengeResponse) || AuthenticationMessageUtils.IsNTLMv2NTResponse(ntChallengeResponse)) { authenticateMessage.NegotiateFlags |= NegotiateFlags.ExtendedSessionSecurity; } else { authenticateMessage.NegotiateFlags |= NegotiateFlags.LanManagerSessionKey; } authenticateMessage.UserName = accountNameToAuth; authenticateMessage.LmChallengeResponse = lmChallengeResponse; authenticateMessage.NtChallengeResponse = ntChallengeResponse; authenticateMessage.Version = NTLMVersion.Server2003; return(authenticateMessage); }
private static byte[] GetExportedSessionKey(byte[] sessionBaseKey, AuthenticateMessage message, byte[] serverChallenge, byte[] lmowf) { byte[] keyExchangeKey; if (AuthenticationMessageUtils.IsNTLMv2NTResponse(message.NtChallengeResponse)) { keyExchangeKey = sessionBaseKey; } else { keyExchangeKey = NtlmCryptography.KXKey(sessionBaseKey, message.NegotiateFlags, message.LmChallengeResponse, serverChallenge, lmowf); } if ((message.NegotiateFlags & NegotiateFlags.KeyExchange) > 0) { return(RC4.Decrypt(keyExchangeKey, message.EncryptedRandomSessionKey)); } return(keyExchangeKey); }