public NegotiateMessage(byte[] buffer) { Signature = ByteReader.ReadAnsiString(buffer, 0, 8); MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8); NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 12); DomainName = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 16); Workstation = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 24); if ((NegotiateFlags & NegotiateFlags.Version) > 0) { Version = new NTLMVersion(buffer, 32); } }
public AuthenticateMessage(byte[] buffer) { Signature = ByteReader.ReadAnsiString(buffer, 0, 8); MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8); LmChallengeResponse = AuthenticationMessageUtils.ReadBufferPointer(buffer, 12); NtChallengeResponse = AuthenticationMessageUtils.ReadBufferPointer(buffer, 20); DomainName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 28); UserName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 36); WorkStation = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 44); EncryptedRandomSessionKey = AuthenticationMessageUtils.ReadBufferPointer(buffer, 52); NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 60); if ((NegotiateFlags & NegotiateFlags.Version) > 0) { Version = new NTLMVersion(buffer, 64); } }
public ChallengeMessage(byte[] buffer) { Signature = ByteReader.ReadAnsiString(buffer, 0, 8); MessageType = (MessageTypeName)LittleEndianConverter.ToUInt32(buffer, 8); TargetName = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 12); NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 20); ServerChallenge = ByteReader.ReadBytes(buffer, 24, 8); // Reserved byte[] targetInfoBytes = AuthenticationMessageUtils.ReadBufferPointer(buffer, 40); if (targetInfoBytes.Length > 0) { TargetInfo = AVPairUtils.ReadAVPairSequence(targetInfoBytes, 0); } if ((NegotiateFlags & NegotiateFlags.Version) > 0) { Version = new NTLMVersion(buffer, 48); } }