zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-04-30 10:47:48 +02:00
Code Issues Projects Releases Packages Wiki Activity

Renamed NTAuthentication to NTLMCryptography

Browse source
This commit is contained in:
Tal Aloni 2017-02-15 13:47:02 +02:00
parent d45efdcaa8
commit 6c5600d4fd
5 changed files with 22 additions and 38 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
SMBLibrary/Authentication/NTAuthentication.cs → SMBLibrary/Authentication/NTLMCryptography.cs
View file

@ -14,7 +14,7 @@ using Utilities;
namespace SMBLibrary.Authentication namespace SMBLibrary.Authentication
{ {
public class NTAuthentication public class NTLMCryptography
{ {
public static byte[] ComputeLMv1Response(byte[] challenge, string password) public static byte[] ComputeLMv1Response(byte[] challenge, string password)
{ {
@ -61,22 +61,6 @@ namespace SMBLibrary.Authentication
return _NTProof; return _NTProof;
} }
/// <summary>
/// NTLMv2_CLIENT_CHALLENGE
/// </summary>
[Obsolete]
public static byte[] GetNTLMv2ClientChallengeStructure(byte[] clientChallenge, byte responseVersion, byte responseVersionHigh, byte[] time, byte[] serverAVPair)
{
byte[] temp = new byte[28 + serverAVPair.Length];
temp[0] = responseVersion;
temp[1] = responseVersionHigh;
Array.Copy(time, 0, temp, 8, 8);
Array.Copy(clientChallenge, 0, temp, 16, 8);
Array.Copy(serverAVPair, 0, temp, 28, serverAVPair.Length);
return temp;
}
public static byte[] DesEncrypt(byte[] key, byte[] plainText) public static byte[] DesEncrypt(byte[] key, byte[] plainText)
{ {
return DesEncrypt(key, plainText, 0, plainText.Length); return DesEncrypt(key, plainText, 0, plainText.Length);

2
SMBLibrary/SMBLibrary.csproj
View file

@ -47,7 +47,7 @@
<Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenInit.cs" /> <Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenInit.cs" />
<Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenResponse.cs" /> <Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenResponse.cs" />
<Compile Include="Authentication\MD4.cs" /> <Compile Include="Authentication\MD4.cs" />
<Compile Include="Authentication\NTAuthentication.cs" /> <Compile Include="Authentication\NTLMCryptography.cs" />
<Compile Include="Client\SMBClient.cs" /> <Compile Include="Client\SMBClient.cs" />
<Compile Include="Enums\NTStatus.cs" /> <Compile Include="Enums\NTStatus.cs" />
<Compile Include="Enums\SMBTransportType.cs" /> <Compile Include="Enums\SMBTransportType.cs" />

10
SMBLibrary/Server/IndependentUserCollection.cs
View file

@ -37,13 +37,13 @@ namespace SMBLibrary.Server
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase)) if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
{ {
byte[] expectedLMResponse = NTAuthentication.ComputeLMv1Response(serverChallenge, password); byte[] expectedLMResponse = NTLMCryptography.ComputeLMv1Response(serverChallenge, password);
if (ByteUtils.AreByteArraysEqual(expectedLMResponse, lmResponse)) if (ByteUtils.AreByteArraysEqual(expectedLMResponse, lmResponse))
{ {
return this[index]; return this[index];
} }
byte[] expectedNTResponse = NTAuthentication.ComputeNTLMv1Response(serverChallenge, password); byte[] expectedNTResponse = NTLMCryptography.ComputeNTLMv1Response(serverChallenge, password);
if (ByteUtils.AreByteArraysEqual(expectedNTResponse, ntResponse)) if (ByteUtils.AreByteArraysEqual(expectedNTResponse, ntResponse))
{ {
return this[index]; return this[index];
@ -66,7 +66,7 @@ namespace SMBLibrary.Server
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase)) if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
{ {
byte[] clientChallenge = ByteReader.ReadBytes(lmResponse, 0, 8); byte[] clientChallenge = ByteReader.ReadBytes(lmResponse, 0, 8);
byte[] expectedNTLMv1Response = NTAuthentication.ComputeNTLMv1ExtendedSecurityResponse(serverChallenge, clientChallenge, password); byte[] expectedNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSecurityResponse(serverChallenge, clientChallenge, password);
if (ByteUtils.AreByteArraysEqual(expectedNTLMv1Response, ntResponse)) if (ByteUtils.AreByteArraysEqual(expectedNTLMv1Response, ntResponse))
{ {
@ -90,7 +90,7 @@ namespace SMBLibrary.Server
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase)) if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
{ {
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8); byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);
byte[] expectedLMv2Response = NTAuthentication.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainNameToAuth); byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainNameToAuth);
if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse)) if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))
{ {
return this[index]; return this[index];
@ -100,7 +100,7 @@ namespace SMBLibrary.Server
{ {
byte[] clientNTProof = ByteReader.ReadBytes(ntResponse, 0, 16); byte[] clientNTProof = ByteReader.ReadBytes(ntResponse, 0, 16);
byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(ntResponse, 16, ntResponse.Length - 16); byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(ntResponse, 16, ntResponse.Length - 16);
byte[] expectedNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, password, accountName, domainNameToAuth); byte[] expectedNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, password, accountName, domainNameToAuth);
if (ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof)) if (ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof))
{ {

20
SMBLibrary/Tests/AuthenticationTests.cs
View file

@ -19,7 +19,7 @@ namespace SMBLibrary
{ {
public static bool LMv1HashTest() public static bool LMv1HashTest()
{ {
byte[] hash = NTAuthentication.LMOWFv1("Password"); byte[] hash = NTLMCryptography.LMOWFv1("Password");
byte[] expected = new byte[] { 0xe5, 0x2c, 0xac, 0x67, 0x41, 0x9a, 0x9a, 0x22, 0x4a, 0x3b, 0x10, 0x8f, 0x3f, 0xa6, 0xcb, 0x6d }; byte[] expected = new byte[] { 0xe5, 0x2c, 0xac, 0x67, 0x41, 0x9a, 0x9a, 0x22, 0x4a, 0x3b, 0x10, 0x8f, 0x3f, 0xa6, 0xcb, 0x6d };
bool success = ByteUtils.AreByteArraysEqual(hash, expected); bool success = ByteUtils.AreByteArraysEqual(hash, expected);
return success; return success;
@ -27,7 +27,7 @@ namespace SMBLibrary
public static bool NTv1HashTest() public static bool NTv1HashTest()
{ {
byte[] hash = NTAuthentication.NTOWFv1("Password"); byte[] hash = NTLMCryptography.NTOWFv1("Password");
byte[] expected = new byte[] { 0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca, 0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52 }; byte[] expected = new byte[] { 0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca, 0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52 };
bool success = ByteUtils.AreByteArraysEqual(hash, expected); bool success = ByteUtils.AreByteArraysEqual(hash, expected);
return success; return success;
@ -35,7 +35,7 @@ namespace SMBLibrary
public static bool NTv2HashTest() public static bool NTv2HashTest()
{ {
byte[] hash = NTAuthentication.NTOWFv2("Password", "User", "Domain"); byte[] hash = NTLMCryptography.NTOWFv2("Password", "User", "Domain");
byte[] expected = new byte[] { 0x0c, 0x86, 0x8a, 0x40, 0x3b, 0xfd, 0x7a, 0x93, 0xa3, 0x00, 0x1e, 0xf2, 0x2e, 0xf0, 0x2e, 0x3f }; byte[] expected = new byte[] { 0x0c, 0x86, 0x8a, 0x40, 0x3b, 0xfd, 0x7a, 0x93, 0xa3, 0x00, 0x1e, 0xf2, 0x2e, 0xf0, 0x2e, 0x3f };
bool success = ByteUtils.AreByteArraysEqual(hash, expected); bool success = ByteUtils.AreByteArraysEqual(hash, expected);
return success; return success;
@ -44,7 +44,7 @@ namespace SMBLibrary
public static bool LMv1ResponseTest() public static bool LMv1ResponseTest()
{ {
byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
byte[] response = NTAuthentication.ComputeLMv1Response(challenge, "Password"); byte[] response = NTLMCryptography.ComputeLMv1Response(challenge, "Password");
byte[] expected = { 0x98, 0xde, 0xf7, 0xb8, 0x7f, 0x88, 0xaa, 0x5d, 0xaf, 0xe2, 0xdf, 0x77, 0x96, 0x88, 0xa1, 0x72, 0xde, 0xf1, 0x1c, 0x7d, 0x5c, 0xcd, 0xef, 0x13 }; byte[] expected = { 0x98, 0xde, 0xf7, 0xb8, 0x7f, 0x88, 0xaa, 0x5d, 0xaf, 0xe2, 0xdf, 0x77, 0x96, 0x88, 0xa1, 0x72, 0xde, 0xf1, 0x1c, 0x7d, 0x5c, 0xcd, 0xef, 0x13 };
bool success = ByteUtils.AreByteArraysEqual(response, expected); bool success = ByteUtils.AreByteArraysEqual(response, expected);
return success; return success;
@ -53,7 +53,7 @@ namespace SMBLibrary
public static bool NTLMv1ResponseTest() public static bool NTLMv1ResponseTest()
{ {
byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
byte[] response = NTAuthentication.ComputeNTLMv1Response(challenge, "Password"); byte[] response = NTLMCryptography.ComputeNTLMv1Response(challenge, "Password");
byte[] expected = { 0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6, 0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94}; byte[] expected = { 0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6, 0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94};
bool success = ByteUtils.AreByteArraysEqual(response, expected); bool success = ByteUtils.AreByteArraysEqual(response, expected);
return success; return success;
@ -63,7 +63,7 @@ namespace SMBLibrary
{ {
byte[] serverChallenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef }; byte[] serverChallenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
byte[] clientChallenge = new byte[] { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }; byte[] clientChallenge = new byte[] { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
byte[] response = NTAuthentication.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain"); byte[] response = NTLMCryptography.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
byte[] expected = new byte[] { 0x86, 0xc3, 0x50, 0x97, 0xac, 0x9c, 0xec, 0x10, 0x25, 0x54, 0x76, 0x4a, 0x57, 0xcc, 0xcc, 0x19, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa}; byte[] expected = new byte[] { 0x86, 0xc3, 0x50, 0x97, 0xac, 0x9c, 0xec, 0x10, 0x25, 0x54, 0x76, 0x4a, 0x57, 0xcc, 0xcc, 0x19, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa};
bool success = ByteUtils.AreByteArraysEqual(response, expected); bool success = ByteUtils.AreByteArraysEqual(response, expected);
return success; return success;
@ -76,7 +76,7 @@ namespace SMBLibrary
DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8] DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8]
NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server"); NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server");
byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded(); byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded();
byte[] clientNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain"); byte[] clientNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
byte[] expectedNTProof = new byte[] { 0x68, 0xcd, 0x0a, 0xb8, 0x51, 0xe5, 0x1c, 0x96, 0xaa, 0xbc, 0x92, 0x7b, 0xeb, 0xef, 0x6a, 0x1c }; byte[] expectedNTProof = new byte[] { 0x68, 0xcd, 0x0a, 0xb8, 0x51, 0xe5, 0x1c, 0x96, 0xaa, 0xbc, 0x92, 0x7b, 0xeb, 0xef, 0x6a, 0x1c };
bool success = ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof); bool success = ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof);
@ -134,16 +134,16 @@ namespace SMBLibrary
DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8] DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8]
NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server"); NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server");
byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded(); byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded();
byte[] clientNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain"); byte[] clientNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
AuthenticateMessage message = new AuthenticateMessage(); AuthenticateMessage message = new AuthenticateMessage();
message.EncryptedRandomSessionKey = sessionKey; message.EncryptedRandomSessionKey = sessionKey;
message.Version = new NTLMVersion(5, 1, 2600, Authentication.NTLMVersion.NTLMSSP_REVISION_W2K3); message.Version = new NTLMVersion(5, 1, 2600, NTLMVersion.NTLMSSP_REVISION_W2K3);
message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.ExtendedSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption; message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.ExtendedSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption;
message.DomainName = "Domain"; message.DomainName = "Domain";
message.WorkStation = "COMPUTER"; message.WorkStation = "COMPUTER";
message.UserName = "User"; message.UserName = "User";
message.LmChallengeResponse = NTAuthentication.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain"); message.LmChallengeResponse = NTLMCryptography.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
message.NtChallengeResponse = ByteUtils.Concatenate(clientNTProof, clientChallengeStructurePadded); message.NtChallengeResponse = ByteUtils.Concatenate(clientNTProof, clientChallengeStructurePadded);
byte[] messageBytes = message.GetBytes(); byte[] messageBytes = message.GetBytes();

10
SMBLibrary/Win32/Win32UserCollection.cs
View file

@ -92,7 +92,7 @@ namespace SMBLibrary.Server.Win32
{ {
// NTLM v1 extended security: // NTLM v1 extended security:
byte[] clientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 0, 8); byte[] clientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 0, 8);
byte[] emptyPasswordNTLMv1Response = NTAuthentication.ComputeNTLMv1ExtendedSecurityResponse(m_serverChallenge, clientChallenge, String.Empty); byte[] emptyPasswordNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSecurityResponse(m_serverChallenge, clientChallenge, String.Empty);
if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse)) if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse))
{ {
return true; return true;
@ -102,7 +102,7 @@ namespace SMBLibrary.Server.Win32
{ {
// NTLM v2: // NTLM v2:
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 16, 8); byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 16, 8);
byte[] emptyPasswordLMv2Response = NTAuthentication.ComputeLMv2Response(m_serverChallenge, _LMv2ClientChallenge, String.Empty, message.UserName, message.DomainName); byte[] emptyPasswordLMv2Response = NTLMCryptography.ComputeLMv2Response(m_serverChallenge, _LMv2ClientChallenge, String.Empty, message.UserName, message.DomainName);
if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv2Response, message.LmChallengeResponse)) if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv2Response, message.LmChallengeResponse))
{ {
return true; return true;
@ -112,7 +112,7 @@ namespace SMBLibrary.Server.Win32
{ {
byte[] clientNTProof = ByteReader.ReadBytes(message.NtChallengeResponse, 0, 16); byte[] clientNTProof = ByteReader.ReadBytes(message.NtChallengeResponse, 0, 16);
byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(message.NtChallengeResponse, 16, message.NtChallengeResponse.Length - 16); byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(message.NtChallengeResponse, 16, message.NtChallengeResponse.Length - 16);
byte[] emptyPasswordNTProof = NTAuthentication.ComputeNTLMv2Proof(m_serverChallenge, clientChallengeStructurePadded, String.Empty, message.UserName, message.DomainName); byte[] emptyPasswordNTProof = NTLMCryptography.ComputeNTLMv2Proof(m_serverChallenge, clientChallengeStructurePadded, String.Empty, message.UserName, message.DomainName);
if (ByteUtils.AreByteArraysEqual(clientNTProof, emptyPasswordNTProof)) if (ByteUtils.AreByteArraysEqual(clientNTProof, emptyPasswordNTProof))
{ {
return true; return true;
@ -123,13 +123,13 @@ namespace SMBLibrary.Server.Win32
else else
{ {
// NTLM v1: // NTLM v1:
byte[] emptyPasswordLMv1Response = NTAuthentication.ComputeLMv1Response(m_serverChallenge, String.Empty); byte[] emptyPasswordLMv1Response = NTLMCryptography.ComputeLMv1Response(m_serverChallenge, String.Empty);
if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv1Response, message.LmChallengeResponse)) if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv1Response, message.LmChallengeResponse))
{ {
return true; return true;
} }
byte[] emptyPasswordNTLMv1Response = NTAuthentication.ComputeNTLMv1Response(m_serverChallenge, String.Empty); byte[] emptyPasswordNTLMv1Response = NTLMCryptography.ComputeNTLMv1Response(m_serverChallenge, String.Empty);
if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse)) if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse))
{ {
return true; return true;