internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token) { token = null; NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32(); if (!NtlmUtils.ParseString(NtlmNegotiateFlags.Oem, reader, data, flags.HasFlagSet(NtlmNegotiateFlags.OemDomainSupplied), out string domain)) { return(false); } if (!NtlmUtils.ParseString(NtlmNegotiateFlags.Oem, reader, data, flags.HasFlagSet(NtlmNegotiateFlags.OemWorkstationSupplied), out string workstation)) { return(false); } if (!NtlmUtils.TryParse(reader, out Version version)) { return(false); } token = new NtlmNegotiateAuthenticationToken(data, flags, domain, workstation, version); return(true); }
/// <summary> /// Try and parse data into an NTLM authentication token. /// </summary> /// <param name="data">The data to parse.</param> /// <param name="token">The NTLM authentication token.</param> /// <param name="client">True if this is a token from a client.</param> /// <param name="token_count">The token count number.</param> /// <returns>True if parsed successfully.</returns> internal static bool TryParse(byte[] data, int token_count, bool client, out NtlmAuthenticationToken token) { token = null; if (data.Length < 12) { return(false); } if (BinaryEncoding.Instance.GetString(data, 0, 8) != NTLM_MAGIC) { return(false); } MemoryStream stm = new MemoryStream(data); BinaryReader reader = new BinaryReader(stm); stm.Position = 8; NtlmMessageType type = (NtlmMessageType)reader.ReadInt32(); switch (type) { case NtlmMessageType.Negotiate: return(NtlmNegotiateAuthenticationToken.TryParse(data, reader, out token)); case NtlmMessageType.Challenge: return(NtlmChallengeAuthenticationToken.TryParse(data, reader, out token)); case NtlmMessageType.Authenticate: return(NtlmAuthenticateAuthenticationToken.TryParse(data, reader, out token)); default: return(false); } }
internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token) { token = null; if (!NtlmUtils.TryParseStringValues(reader, out int target_name_length, out int target_name_position)) { return(false); } NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32(); byte[] server_challenge = reader.ReadBytes(8); if (server_challenge.Length < 8) { return(false); } byte[] reserved = reader.ReadBytes(8); if (reserved.Length < 8) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int target_info_length, out int target_info_position)) { return(false); } if (!NtlmUtils.TryParse(reader, out Version version)) { return(false); } string target_name = string.Empty; if (flags.HasFlagSet(NtlmNegotiateFlags.RequestTarget)) { if (!NtlmUtils.ParseString(flags, data, target_name_length, target_name_position, out target_name)) { return(false); } } IEnumerable <NtlmAvPair> pairs = new NtlmAvPair[0]; if (flags.HasFlagSet(NtlmNegotiateFlags.TargetInfo)) { if (!NtlmUtils.ParseBytes(data, target_info_length, target_info_position, out byte[] target_info))
internal static bool TryParse(byte[] data, NtlmNegotiateFlags flags, string domain, string username, string workstation, byte[] lm_response, byte[] nt_response, byte[] session_key, byte[] mic, int mic_offset, Version version, out NtlmAuthenticationToken token) { token = null; if (nt_response?.Length < 44) { return(false); } try { BinaryReader reader = new BinaryReader(new MemoryStream(nt_response)); byte[] nt_proof = reader.ReadBytes(16); byte challenge_ver = reader.ReadByte(); byte max_challenge_ver = reader.ReadByte(); ushort reserved_1 = reader.ReadUInt16(); uint reserved_2 = reader.ReadUInt32(); long timestamp = reader.ReadInt64(); byte[] client_challenge = reader.ReadBytes(8); uint reserved_3 = reader.ReadUInt32(); if (!NtlmUtils.TryParseAvPairs(reader, out List <NtlmAvPair> av_pairs)) { return(false); } token = new NtlmAuthenticateAuthenticationTokenV2(data, flags, domain, username, workstation, lm_response, nt_response, session_key, mic, mic_offset, version, nt_proof, challenge_ver, max_challenge_ver, reserved_1, reserved_2, timestamp, client_challenge, reserved_3, av_pairs); return(true); } catch (EndOfStreamException) { return(false); } }
internal static bool TryParse(byte[] data, BinaryReader reader, out NtlmAuthenticationToken token) { token = null; if (!NtlmUtils.TryParseStringValues(reader, out int lm_length, out int lm_position)) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int nt_length, out int nt_position)) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int domain_length, out int domain_position)) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int username_length, out int username_position)) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int workstation_length, out int workstation_position)) { return(false); } if (!NtlmUtils.TryParseStringValues(reader, out int key_length, out int key_position)) { return(false); } NtlmNegotiateFlags flags = (NtlmNegotiateFlags)reader.ReadInt32(); if (!NtlmUtils.TryParse(reader, out Version version)) { return(false); } long min_pos = MinimumPosition(lm_position, nt_position, domain_position, username_position, workstation_position, key_position); byte[] mic = new byte[0]; int mic_offset = int.MaxValue; if (reader.BaseStream.Position + 16 <= min_pos) { mic_offset = (int)reader.BaseStream.Position; mic = reader.ReadBytes(16); if (mic.Length < 16) { return(false); } } string domain = string.Empty; if (domain_position != 0) { if (!NtlmUtils.ParseString(flags, data, domain_length, domain_position, out domain)) { return(false); } } string workstation = string.Empty; if (workstation_position != 0) { if (!NtlmUtils.ParseString(flags, data, workstation_length, workstation_position, out workstation)) { return(false); } } string username = string.Empty; if (username_position != 0) { if (!NtlmUtils.ParseString(flags, data, username_length, username_position, out username)) { return(false); } } if (!NtlmUtils.ParseBytes(data, lm_length, lm_position, out byte[] lm_response))