Represents an NTLMSSP Type-2 message.
Represents an NTLMSSP Type-2 message.
Inheritance: NtlmMessage
示例#1
0
 public static byte[] GetLMv2Response(Type2Message type2, string domain, string user
                                      , string password, byte[] clientChallenge)
 {
     if (type2 == null || domain == null || user == null || password == null || clientChallenge
         == null)
     {
         return(null);
     }
     return(NtlmPasswordAuthentication.GetLMv2Response(domain, user, password, type2.GetChallenge
                                                           (), clientChallenge));
 }
示例#2
0
        /// <summary>
        /// Returns the default flags for a Type-3 message created in response
        /// to the given Type-2 message in the current environment.
        /// </summary>
        /// <remarks>
        /// Returns the default flags for a Type-3 message created in response
        /// to the given Type-2 message in the current environment.
        /// </remarks>
        /// <returns>An <code>int</code> containing the default flags.</returns>
        public static int GetDefaultFlags(Type2Message type2)
        {
            if (type2 == null)
            {
                return(DefaultFlags);
            }
            int flags = NtlmsspNegotiateNtlm;

            flags |= ((type2.GetFlags() & NtlmsspNegotiateUnicode) != 0) ? NtlmsspNegotiateUnicode
                                 : NtlmsspNegotiateOem;
            return(flags);
        }
示例#3
0
        public static byte[] GetNtlMv2Response(Type2Message type2, byte[] responseKeyNt,
                                               byte[] clientChallenge)
        {
            if (type2 == null || responseKeyNt == null || clientChallenge == null)
            {
                return(null);
            }
            long nanos1601 = (Runtime.CurrentTimeMillis() + MillisecondsBetween1970And1601
                              ) * 10000L;

            return(NtlmPasswordAuthentication.GetNtlMv2Response(responseKeyNt, type2.GetChallenge
                                                                    (), clientChallenge, nanos1601, type2.GetTargetInformation()));
        }
示例#4
0
        /// <summary>
        /// Creates a Type-3 message in response to the given Type-2 message
        /// using default values from the current environment.
        /// </summary>
        /// <remarks>
        /// Creates a Type-3 message in response to the given Type-2 message
        /// using default values from the current environment.
        /// </remarks>
        /// <param name="type2">The Type-2 message which this represents a response to.</param>
        public Type3Message(Type2Message type2)
        {
            SetFlags(GetDefaultFlags(type2));
            SetWorkstation(GetDefaultWorkstation());
            string domain = GetDefaultDomain();

            SetDomain(domain);
            string user = GetDefaultUser();

            SetUser(user);
            string password = GetDefaultPassword();

            switch (LmCompatibility)
            {
            case 0:
            case 1:
            {
                SetLmResponse(GetLMResponse(type2, password));
                SetNtResponse(GetNTResponse(type2, password));
                break;
            }

            case 2:
            {
                byte[] nt = GetNTResponse(type2, password);
                SetLmResponse(nt);
                SetNtResponse(nt);
                break;
            }

            case 3:
            case 4:
            case 5:
            {
                byte[] clientChallenge = new byte[8];
                //RANDOM.NextBytes(clientChallenge);
                SetLmResponse(GetLMv2Response(type2, domain, user, password, clientChallenge));
                break;
            }

            default:
            {
                SetLmResponse(GetLMResponse(type2, password));
                SetNtResponse(GetNTResponse(type2, password));
                break;
            }
            }
        }
示例#5
0
        /// <summary>Creates a Type-3 message in response to the given Type-2 message.</summary>
        /// <remarks>Creates a Type-3 message in response to the given Type-2 message.</remarks>
        /// <param name="type2">The Type-2 message which this represents a response to.</param>
        /// <param name="password">The password to use when constructing the response.</param>
        /// <param name="domain">The domain in which the user has an account.</param>
        /// <param name="user">The username for the authenticating user.</param>
        /// <param name="workstation">
        /// The workstation from which authentication is
        /// taking place.
        /// </param>
        public Type3Message(Type2Message type2,
                            string password,
                            string domain,
                            string user,
                            string workstation,
                            int flags)
        {
            SetFlags(flags | GetDefaultFlags(type2));
            if (workstation == null)
            {
                workstation = GetDefaultWorkstation();
            }
            SetWorkstation(workstation);
            SetDomain(domain);
            SetUser(user);
            switch (LmCompatibility)
            {
            case 0:
            case 1:
            {
                if ((GetFlags() & NtlmsspNegotiateNtlm2) == 0)
                {
                    SetLmResponse(GetLMResponse(type2, password));
                    SetNtResponse(GetNTResponse(type2, password));
                }
                else
                {
                    // NTLM2 Session Response
                    byte[] clientChallenge = new byte[24];
                    //RANDOM.NextBytes(clientChallenge);
                    Arrays.Fill(clientChallenge, 8, 24, unchecked ((byte)unchecked (0x00)));
                    // NTLMv1 w/ NTLM2 session sec and key exch all been verified with a debug build of smbclient
                    byte[] responseKeyNt
                        = NtlmPasswordAuthentication.NtowFv1(password);
                    byte[] ntlm2Response
                        = NtlmPasswordAuthentication.GetNtlm2Response(responseKeyNt,
                                                                      type2.GetChallenge(),
                                                                      clientChallenge);
                    SetLmResponse(clientChallenge);
                    SetNtResponse(ntlm2Response);
                    if ((GetFlags() & NtlmsspNegotiateSign) == NtlmsspNegotiateSign)
                    {
                        byte[] sessionNonce = new byte[16];
                        Array.Copy(type2.GetChallenge(), 0, sessionNonce, 0, 8);
                        Array.Copy(clientChallenge, 0, sessionNonce, 8, 8);
                        Md4 md4 = new Md4();
                        md4.Update(responseKeyNt);
                        byte[]  userSessionKey = md4.Digest();
                        Hmact64 hmac           = new Hmact64(userSessionKey);
                        hmac.Update(sessionNonce);
                        byte[] ntlm2SessionKey = hmac.Digest();
                        if ((GetFlags() & NtlmsspNegotiateKeyExch) != 0)
                        {
                            _masterKey = new byte[16];
                            //RANDOM.NextBytes(masterKey);
                            byte[] exchangedKey = new byte[16];
                            Rc4    rc4          = new Rc4(ntlm2SessionKey);
                            rc4.Update(_masterKey, 0, 16, exchangedKey, 0);
                            SetSessionKey(exchangedKey);
                        }
                        else
                        {
                            _masterKey = ntlm2SessionKey;
                            SetSessionKey(_masterKey);
                        }
                    }
                }
                break;
            }

            case 2:
            {
                byte[] nt = GetNTResponse(type2, password);
                SetLmResponse(nt);
                SetNtResponse(nt);
                break;
            }

            case 3:
            case 4:
            case 5:
            {
                byte[] responseKeyNt1
                    = NtlmPasswordAuthentication.NtowFv2(domain, user, password);
                byte[] clientChallenge1 = new byte[8];
                //RANDOM.NextBytes(clientChallenge_1);
                SetLmResponse(GetLMv2Response(type2, domain, user, password, clientChallenge1));
                byte[] clientChallenge2 = new byte[8];
                //RANDOM.NextBytes(clientChallenge2);
                SetNtResponse(GetNtlMv2Response(type2, responseKeyNt1, clientChallenge2));
                if ((GetFlags() & NtlmsspNegotiateSign) == NtlmsspNegotiateSign)
                {
                    Hmact64 hmac = new Hmact64(responseKeyNt1);
                    hmac.Update(_ntResponse, 0, 16);
                    // only first 16 bytes of ntResponse
                    byte[] userSessionKey = hmac.Digest();
                    if ((GetFlags() & NtlmsspNegotiateKeyExch) != 0)
                    {
                        _masterKey = new byte[16];
                        //RANDOM.NextBytes(masterKey);
                        byte[] exchangedKey = new byte[16];
                        Rc4    rc4          = new Rc4(userSessionKey);
                        rc4.Update(_masterKey, 0, 16, exchangedKey, 0);
                        SetSessionKey(exchangedKey);
                    }
                    else
                    {
                        _masterKey = userSessionKey;
                        SetSessionKey(_masterKey);
                    }
                }
                break;
            }

            default:
            {
                SetLmResponse(GetLMResponse(type2, password));
                SetNtResponse(GetNTResponse(type2, password));
                break;
            }
            }
        }
示例#6
0
        /// <exception cref="SharpCifs.Smb.SmbException"></exception>
        public virtual byte[] InitSecContext(byte[] token, int offset, int len)
        {
            switch (State)
            {
                case 1:
                {
                    Type1Message msg1 = new Type1Message(NtlmsspFlags, Auth.GetDomain(), Workstation);
                    token = msg1.ToByteArray();
                    if (Log.Level >= 4)
                    {
                        Log.WriteLine(msg1);
                        if (Log.Level >= 6)
                        {
                            Hexdump.ToHexdump(Log, token, 0, token.Length);
                        }
                    }
                    State++;
                    break;
                }

                case 2:
                {
                    try
                    {
                        Type2Message msg2 = new Type2Message(token);
                        if (Log.Level >= 4)
                        {
                            Log.WriteLine(msg2);
                            if (Log.Level >= 6)
                            {
                                Hexdump.ToHexdump(Log, token, 0, token.Length);
                            }
                        }
                        ServerChallenge = msg2.GetChallenge();
                        NtlmsspFlags &= msg2.GetFlags();
                        //                  netbiosName = getNtlmsspListItem(token, 0x0001);
                        Type3Message msg3 = new Type3Message(msg2, Auth.GetPassword(), Auth.GetDomain(),
                            Auth.GetUsername(), Workstation, NtlmsspFlags);
                        token = msg3.ToByteArray();
                        if (Log.Level >= 4)
                        {
                            Log.WriteLine(msg3);
                            if (Log.Level >= 6)
                            {
                                Hexdump.ToHexdump(Log, token, 0, token.Length);
                            }
                        }
                        if ((NtlmsspFlags & NtlmFlags.NtlmsspNegotiateSign) != 0)
                        {
                            SigningKey = msg3.GetMasterKey();
                        }
                        isEstablished = true;
                        State++;
                        break;
                    }
                    catch (Exception e)
                    {
                        throw new SmbException(e.Message, e);
                    }
                }

                default:
                {
                    throw new SmbException("Invalid state");
                }
            }
            return token;
        }
示例#7
0
		/// <summary>
		/// Constructs the NT response to the given Type-2 message using
		/// the supplied password.
		/// </summary>
		/// <remarks>
		/// Constructs the NT response to the given Type-2 message using
		/// the supplied password.
		/// </remarks>
		/// <param name="type2">The Type-2 message.</param>
		/// <param name="password">The password.</param>
		/// <returns>A <code>byte[]</code> containing the NT response.</returns>
		public static byte[] GetNTResponse(Type2Message type2, string password)
		{
			if (type2 == null || password == null)
			{
				return null;
			}
			return NtlmPasswordAuthentication.GetNtlmResponse(password, type2.GetChallenge());
		}
示例#8
0
		public static byte[] GetNtlMv2Response(Type2Message type2, byte[] responseKeyNt, 
			byte[] clientChallenge)
		{
			if (type2 == null || responseKeyNt == null || clientChallenge == null)
			{
				return null;
			}
			long nanos1601 = (Runtime.CurrentTimeMillis() + MillisecondsBetween1970And1601
				) * 10000L;
			return NtlmPasswordAuthentication.GetNtlMv2Response(responseKeyNt, type2.GetChallenge
				(), clientChallenge, nanos1601, type2.GetTargetInformation());
		}
示例#9
0
		public static byte[] GetLMv2Response(Type2Message type2, string domain, string user
			, string password, byte[] clientChallenge)
		{
			if (type2 == null || domain == null || user == null || password == null || clientChallenge
				 == null)
			{
				return null;
			}
			return NtlmPasswordAuthentication.GetLMv2Response(domain, user, password, type2.GetChallenge
				(), clientChallenge);
		}
示例#10
0
		/// <summary>
		/// Returns the default flags for a Type-3 message created in response
		/// to the given Type-2 message in the current environment.
		/// </summary>
		/// <remarks>
		/// Returns the default flags for a Type-3 message created in response
		/// to the given Type-2 message in the current environment.
		/// </remarks>
		/// <returns>An <code>int</code> containing the default flags.</returns>
		public static int GetDefaultFlags(Type2Message type2)
		{
			if (type2 == null)
			{
				return DefaultFlags;
			}
			int flags = NtlmsspNegotiateNtlm;
			flags |= ((type2.GetFlags() & NtlmsspNegotiateUnicode) != 0) ? NtlmsspNegotiateUnicode
				 : NtlmsspNegotiateOem;
			return flags;
		}
示例#11
0
		/// <summary>Creates a Type-3 message in response to the given Type-2 message.</summary>
		/// <remarks>Creates a Type-3 message in response to the given Type-2 message.</remarks>
		/// <param name="type2">The Type-2 message which this represents a response to.</param>
		/// <param name="password">The password to use when constructing the response.</param>
		/// <param name="domain">The domain in which the user has an account.</param>
		/// <param name="user">The username for the authenticating user.</param>
		/// <param name="workstation">
		/// The workstation from which authentication is
		/// taking place.
		/// </param>
		public Type3Message(Type2Message type2, string password, string domain, string user
			, string workstation, int flags)
		{
			SetFlags(flags | GetDefaultFlags(type2));
			if (workstation == null)
			{
				workstation = GetDefaultWorkstation();
			}
			SetWorkstation(workstation);
			SetDomain(domain);
			SetUser(user);
			switch (LmCompatibility)
			{
				case 0:
				case 1:
				{
					if ((GetFlags() & NtlmsspNegotiateNtlm2) == 0)
					{
						SetLmResponse(GetLMResponse(type2, password));
						SetNtResponse(GetNTResponse(type2, password));
					}
					else
					{
						// NTLM2 Session Response
						byte[] clientChallenge = new byte[24];
						//RANDOM.NextBytes(clientChallenge);
						Arrays.Fill(clientChallenge, 8, 24, unchecked((byte)unchecked(0x00)));
						// NTLMv1 w/ NTLM2 session sec and key exch all been verified with a debug build of smbclient
						byte[] responseKeyNt = NtlmPasswordAuthentication.NtowFv1(password);
						byte[] ntlm2Response = NtlmPasswordAuthentication.GetNtlm2Response(responseKeyNt, 
							type2.GetChallenge(), clientChallenge);
						SetLmResponse(clientChallenge);
						SetNtResponse(ntlm2Response);
						if ((GetFlags() & NtlmsspNegotiateSign) == NtlmsspNegotiateSign)
						{
							byte[] sessionNonce = new byte[16];
							Array.Copy(type2.GetChallenge(), 0, sessionNonce, 0, 8);
							Array.Copy(clientChallenge, 0, sessionNonce, 8, 8);
							Md4 md4 = new Md4();
							md4.Update(responseKeyNt);
							byte[] userSessionKey = md4.Digest();
							Hmact64 hmac = new Hmact64(userSessionKey);
							hmac.Update(sessionNonce);
							byte[] ntlm2SessionKey = hmac.Digest();
							if ((GetFlags() & NtlmsspNegotiateKeyExch) != 0)
							{
								_masterKey = new byte[16];
								//RANDOM.NextBytes(masterKey);
								byte[] exchangedKey = new byte[16];
								Rc4 rc4 = new Rc4(ntlm2SessionKey);
								rc4.Update(_masterKey, 0, 16, exchangedKey, 0);
								SetSessionKey(exchangedKey);
							}
							else
							{
								_masterKey = ntlm2SessionKey;
								SetSessionKey(_masterKey);
							}
						}
					}
					break;
				}

				case 2:
				{
					byte[] nt = GetNTResponse(type2, password);
					SetLmResponse(nt);
					SetNtResponse(nt);
					break;
				}

				case 3:
				case 4:
				case 5:
				{
					byte[] responseKeyNt1 = NtlmPasswordAuthentication.NtowFv2(domain, user, password
						);
					byte[] clientChallenge1 = new byte[8];
					//RANDOM.NextBytes(clientChallenge_1);
					SetLmResponse(GetLMv2Response(type2, domain, user, password, clientChallenge1));
					byte[] clientChallenge2 = new byte[8];
					//RANDOM.NextBytes(clientChallenge2);
					SetNtResponse(GetNtlMv2Response(type2, responseKeyNt1, clientChallenge2));
					if ((GetFlags() & NtlmsspNegotiateSign) == NtlmsspNegotiateSign)
					{
						Hmact64 hmac = new Hmact64(responseKeyNt1);
						hmac.Update(_ntResponse, 0, 16);
						// only first 16 bytes of ntResponse
						byte[] userSessionKey = hmac.Digest();
						if ((GetFlags() & NtlmsspNegotiateKeyExch) != 0)
						{
							_masterKey = new byte[16];
							//RANDOM.NextBytes(masterKey);
							byte[] exchangedKey = new byte[16];
							Rc4 rc4 = new Rc4(userSessionKey);
							rc4.Update(_masterKey, 0, 16, exchangedKey, 0);
							SetSessionKey(exchangedKey);
						}
						else
						{
							_masterKey = userSessionKey;
							SetSessionKey(_masterKey);
						}
					}
					break;
				}

				default:
				{
					SetLmResponse(GetLMResponse(type2, password));
					SetNtResponse(GetNTResponse(type2, password));
					break;
				}
			}
		}
示例#12
0
		/// <summary>
		/// Creates a Type-3 message in response to the given Type-2 message
		/// using default values from the current environment.
		/// </summary>
		/// <remarks>
		/// Creates a Type-3 message in response to the given Type-2 message
		/// using default values from the current environment.
		/// </remarks>
		/// <param name="type2">The Type-2 message which this represents a response to.</param>
		public Type3Message(Type2Message type2)
		{
			SetFlags(GetDefaultFlags(type2));
			SetWorkstation(GetDefaultWorkstation());
			string domain = GetDefaultDomain();
			SetDomain(domain);
			string user = GetDefaultUser();
			SetUser(user);
			string password = GetDefaultPassword();
			switch (LmCompatibility)
			{
				case 0:
				case 1:
				{
					SetLmResponse(GetLMResponse(type2, password));
					SetNtResponse(GetNTResponse(type2, password));
					break;
				}

				case 2:
				{
					byte[] nt = GetNTResponse(type2, password);
					SetLmResponse(nt);
					SetNtResponse(nt);
					break;
				}

				case 3:
				case 4:
				case 5:
				{
					byte[] clientChallenge = new byte[8];
					//RANDOM.NextBytes(clientChallenge);
					SetLmResponse(GetLMv2Response(type2, domain, user, password, clientChallenge));
					break;
				}

				default:
				{
					SetLmResponse(GetLMResponse(type2, password));
					SetNtResponse(GetNTResponse(type2, password));
					break;
				}
			}
		}