internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token)
{
token = null;
NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32();
if (!NtlmUtils.ParseString(NtlmNegotiateFlags.Oem, reader,
data, flags.HasFlagSet(NtlmNegotiateFlags.OemDomainSupplied),
out string domain))
{
return(false);
}
if (!NtlmUtils.ParseString(NtlmNegotiateFlags.Oem, reader,
data, flags.HasFlagSet(NtlmNegotiateFlags.OemWorkstationSupplied),
out string workstation))
{
return(false);
}
if (!NtlmUtils.TryParse(reader, out Version version))
{
return(false);
}
token = new NtlmNegotiateAuthenticationToken(data, flags, domain, workstation, version);
return(true);
}
/// <summary>
/// Try and parse data into an NTLM authentication token.
/// </summary>
/// <param name="data">The data to parse.</param>
/// <param name="token">The NTLM authentication token.</param>
/// <param name="client">True if this is a token from a client.</param>
/// <param name="token_count">The token count number.</param>
/// <returns>True if parsed successfully.</returns>
internal static bool TryParse(byte[] data, int token_count, bool client, out NtlmAuthenticationToken token)
{
token = null;
if (data.Length < 12)
{
return(false);
}
if (BinaryEncoding.Instance.GetString(data, 0, 8) != NTLM_MAGIC)
{
return(false);
}
MemoryStream stm = new MemoryStream(data);
BinaryReader reader = new BinaryReader(stm);
stm.Position = 8;
NtlmMessageType type = (NtlmMessageType)reader.ReadInt32();
switch (type)
{
case NtlmMessageType.Negotiate:
return(NtlmNegotiateAuthenticationToken.TryParse(data, reader, out token));
case NtlmMessageType.Challenge:
return(NtlmChallengeAuthenticationToken.TryParse(data, reader, out token));
case NtlmMessageType.Authenticate:
return(NtlmAuthenticateAuthenticationToken.TryParse(data, reader, out token));
default:
return(false);
}
}
internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token)
{
token = null;
if (!NtlmUtils.TryParseStringValues(reader, out int target_name_length, out int target_name_position))
{
return(false);
}
NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32();
byte[] server_challenge = reader.ReadBytes(8);
if (server_challenge.Length < 8)
{
return(false);
}
byte[] reserved = reader.ReadBytes(8);
if (reserved.Length < 8)
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int target_info_length, out int target_info_position))
{
return(false);
}
if (!NtlmUtils.TryParse(reader, out Version version))
{
return(false);
}
string target_name = string.Empty;
if (flags.HasFlagSet(NtlmNegotiateFlags.RequestTarget))
{
if (!NtlmUtils.ParseString(flags, data, target_name_length,
target_name_position, out target_name))
{
return(false);
}
}
IEnumerable <NtlmAvPair> pairs = new NtlmAvPair[0];
if (flags.HasFlagSet(NtlmNegotiateFlags.TargetInfo))
{
if (!NtlmUtils.ParseBytes(data, target_info_length, target_info_position, out byte[] target_info))
internal static bool TryParse(byte[] data,
NtlmNegotiateFlags flags, string domain, string username,
string workstation, byte[] lm_response, byte[] nt_response,
byte[] session_key, byte[] mic, int mic_offset, Version version,
out NtlmAuthenticationToken token)
{
token = null;
if (nt_response?.Length < 44)
{
return(false);
}
try
{
BinaryReader reader = new BinaryReader(new MemoryStream(nt_response));
byte[] nt_proof = reader.ReadBytes(16);
byte challenge_ver = reader.ReadByte();
byte max_challenge_ver = reader.ReadByte();
ushort reserved_1 = reader.ReadUInt16();
uint reserved_2 = reader.ReadUInt32();
long timestamp = reader.ReadInt64();
byte[] client_challenge = reader.ReadBytes(8);
uint reserved_3 = reader.ReadUInt32();
if (!NtlmUtils.TryParseAvPairs(reader, out List <NtlmAvPair> av_pairs))
{
return(false);
}
token = new NtlmAuthenticateAuthenticationTokenV2(data, flags, domain, username, workstation, lm_response, nt_response,
session_key, mic, mic_offset, version, nt_proof, challenge_ver, max_challenge_ver, reserved_1, reserved_2,
timestamp, client_challenge, reserved_3, av_pairs);
return(true);
}
catch (EndOfStreamException)
{
return(false);
}
}
internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token)
{
token = null;
if (!NtlmUtils.TryParseStringValues(reader, out int lm_length, out int lm_position))
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int nt_length, out int nt_position))
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int domain_length, out int domain_position))
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int username_length, out int username_position))
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int workstation_length, out int workstation_position))
{
return(false);
}
if (!NtlmUtils.TryParseStringValues(reader, out int key_length, out int key_position))
{
return(false);
}
NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32();
if (!NtlmUtils.TryParse(reader, out Version version))
{
return(false);
}
long min_pos = MinimumPosition(lm_position, nt_position, domain_position, username_position, workstation_position, key_position);
byte[] mic = new byte[0];
int mic_offset = int.MaxValue;
if (reader.BaseStream.Position + 16 <= min_pos)
{
mic_offset = (int)reader.BaseStream.Position;
mic = reader.ReadBytes(16);
if (mic.Length < 16)
{
return(false);
}
}
string domain = string.Empty;
if (domain_position != 0)
{
if (!NtlmUtils.ParseString(flags, data, domain_length, domain_position, out domain))
{
return(false);
}
}
string workstation = string.Empty;
if (workstation_position != 0)
{
if (!NtlmUtils.ParseString(flags, data, workstation_length, workstation_position, out workstation))
{
return(false);
}
}
string username = string.Empty;
if (username_position != 0)
{
if (!NtlmUtils.ParseString(flags, data, username_length, username_position, out username))
{
return(false);
}
}
if (!NtlmUtils.ParseBytes(data, lm_length, lm_position, out byte[] lm_response))
