Domovská stránka Prehľadávať Pomoc
Prihlásiť sa
coder
/
SMBLibrary-Fork
1
0
Fork 0
Súbory Issues 0 Pull requesty 0 Wiki
Prechádzať zdrojové kódy

Renamed NTLMv1 Extended Security to NTLMv1 Extended Session Security

Tal Aloni 7 rokov pred
rodič
f973e56d25
commit
d996cf430c
6 zmenil súbory, kde vykonal 14 pridanie a 14 odobranie
Rozdelené zobrazenie Ukázať štatistiku rozdielnych dát
  1. 5 5
      SMBLibrary/Authentication/NTLM/Helpers/AuthenticationMessageUtils.cs
  2. 1 1
      SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs
  3. 4 4
      SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs
  4. 2 2
      SMBLibrary/Authentication/NTLM/Structures/AuthenticateMessage.cs
  5. 1 1
      SMBLibrary/Server/SMB1/SessionSetupHelper.cs
  6. 1 1
      SMBLibrary/Tests/NTLMSigningTests.cs

+ 5 - 5
SMBLibrary/Authentication/NTLM/Helpers/AuthenticationMessageUtils.cs
Zobraziť súbor 

@@ -59,18 +59,18 @@ namespace SMBLibrary.Authentication.NTLM
 
         }

 

         /// <summary>

-        /// If NTLM v1 Extended Security is used, LMResponse starts with 8-byte challenge, followed by 16 bytes of padding (set to zero).

+        /// If NTLM v1 Extended Session Security is used, LMResponse starts with 8-byte challenge, followed by 16 bytes of padding (set to zero).

         /// </summary>

         /// <remarks>

-        /// LMResponse is 24 bytes for NTLM v1, NTLM v1 Extended Security and NTLM v2.

+        /// LMResponse is 24 bytes for NTLM v1, NTLM v1 Extended Session Security and NTLM v2.

         /// </remarks>

-        public static bool IsNTLMv1ExtendedSecurity(byte[] lmResponse)

+        public static bool IsNTLMv1ExtendedSessionSecurity(byte[] lmResponse)

         {

             if (lmResponse.Length == 24)

             {

                 if (ByteUtils.AreByteArraysEqual(ByteReader.ReadBytes(lmResponse, 0, 8), new byte[8]))

                 {

-                    // Challenge not present, cannot be NTLM v1 Extended Security

+                    // Challenge not present, cannot be NTLM v1 Extended Session Security

                     return false;

                 }

                 return ByteUtils.AreByteArraysEqual(ByteReader.ReadBytes(lmResponse, 8, 16), new byte[16]);

@@ -79,7 +79,7 @@ namespace SMBLibrary.Authentication.NTLM
 
         }

 

         /// <remarks>

-        /// NTLM v1 / NTLM v1 Extended Security NTResponse is 24 bytes.

+        /// NTLM v1 / NTLM v1 Extended Session Security NTResponse is 24 bytes.

         /// </remarks>

         public static bool IsNTLMv2NTResponse(byte[] ntResponse)

         {

+ 1 - 1
SMBLibrary/Authentication/NTLM/Helpers/NTLMCryptography.cs
Zobraziť súbor 

@@ -28,7 +28,7 @@ namespace SMBLibrary.Authentication.NTLM
 
             return DesLongEncrypt(hash, challenge);

         }

 

-        public static byte[] ComputeNTLMv1ExtendedSecurityResponse(byte[] serverChallenge, byte[] clientChallenge, string password)

+        public static byte[] ComputeNTLMv1ExtendedSessionSecurityResponse(byte[] serverChallenge, byte[] clientChallenge, string password)

         {

             byte[] passwordHash = NTOWFv1(password);

             byte[] challengeHash = MD5.Create().ComputeHash(ByteUtils.Concatenate(serverChallenge, clientChallenge));

+ 4 - 4
SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs
Zobraziť súbor 

@@ -194,9 +194,9 @@ namespace SMBLibrary.Authentication.NTLM
 
             byte[] keyExchangeKey = null;

             if ((message.NegotiateFlags & NegotiateFlags.ExtendedSessionSecurity) > 0)

             {

-                if (AuthenticationMessageUtils.IsNTLMv1ExtendedSecurity(message.LmChallengeResponse))

+                if (AuthenticationMessageUtils.IsNTLMv1ExtendedSessionSecurity(message.LmChallengeResponse))

                 {

-                    // NTLM v1 Extended Security:

+                    // NTLM v1 Extended Session Security:

                     success = AuthenticateV1Extended(password, serverChallenge, message.LmChallengeResponse, message.NtChallengeResponse);

                     if (success)

                     {

@@ -314,12 +314,12 @@ namespace SMBLibrary.Authentication.NTLM
 
         }

 

         /// <summary>

-        /// LM v1 / NTLM v1 Extended Security

+        /// LM v1 / NTLM v1 Extended Session Security

         /// </summary>

         private static bool AuthenticateV1Extended(string password, byte[] serverChallenge, byte[] lmResponse, byte[] ntResponse)

         {

             byte[] clientChallenge = ByteReader.ReadBytes(lmResponse, 0, 8);

-            byte[] expectedNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSecurityResponse(serverChallenge, clientChallenge, password);

+            byte[] expectedNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSessionSecurityResponse(serverChallenge, clientChallenge, password);

 

             return ByteUtils.AreByteArraysEqual(expectedNTLMv1Response, ntResponse);

         }

+ 2 - 2
SMBLibrary/Authentication/NTLM/Structures/AuthenticateMessage.cs
Zobraziť súbor 

@@ -20,8 +20,8 @@ namespace SMBLibrary.Authentication.NTLM
 
 

         public string Signature; // 8 bytes

         public MessageTypeName MessageType;

-        public byte[] LmChallengeResponse; // 1 byte for anonymous authentication, 24 bytes for NTLM v1, NTLM v1 Extended Security and NTLM v2.

-        public byte[] NtChallengeResponse; // 0 bytes for anonymous authentication, 24 bytes for NTLM v1 and NTLM v1 Extended Security, >= 48 bytes for NTLM v2.

+        public byte[] LmChallengeResponse; // 1 byte for anonymous authentication, 24 bytes for NTLM v1, NTLM v1 Extended Session Security and NTLM v2.

+        public byte[] NtChallengeResponse; // 0 bytes for anonymous authentication, 24 bytes for NTLM v1 and NTLM v1 Extended Session Security, >= 48 bytes for NTLM v2.

         public string DomainName;

         public string UserName;

         public string WorkStation;

+ 1 - 1
SMBLibrary/Server/SMB1/SessionSetupHelper.cs
Zobraziť súbor 

@@ -149,7 +149,7 @@ namespace SMBLibrary.Server.SMB1
 
                                                  NegotiateFlags.Version |

                                                  NegotiateFlags.Use128BitEncryption |

                                                  NegotiateFlags.Use56BitEncryption;

-            if (AuthenticationMessageUtils.IsNTLMv1ExtendedSecurity(lmChallengeResponse) ||

+            if (AuthenticationMessageUtils.IsNTLMv1ExtendedSessionSecurity(lmChallengeResponse) ||

                 AuthenticationMessageUtils.IsNTLMv2NTResponse(ntChallengeResponse))

             {

                 authenticateMessage.NegotiateFlags |= NegotiateFlags.ExtendedSessionSecurity;

+ 1 - 1
SMBLibrary/Tests/NTLMSigningTests.cs
Zobraziť súbor 

@@ -94,7 +94,7 @@ namespace SMBLibrary
 
             return ByteUtils.AreByteArraysEqual(mic, expected);

         }

 

-        public static bool TestNTLMv1ExtendedSecurityKeyExchangeMIC()

+        public static bool TestNTLMv1ExtendedSessionSecurityKeyExchangeMIC()

         {

             string password = "Password";

             byte[] type1 = new byte[] { 0x4e, 0x54, 0x4c, 0x4d, 0x53, 0x53, 0x50, 0x00, 0x01, 0x00, 0x00, 0x00, 0x97, 0x82, 0x08, 0xe2,