mirror of
https://github.com/TalAloni/SMBLibrary.git
synced 2025-04-30 02:37:49 +02:00
Renamed NTAuthentication to NTLMCryptography
This commit is contained in:
Tal Aloni
parent
d45efdcaa8
commit
6c5600d4fd
5 changed files with 22 additions and 38 deletions
|
|
@ -14,7 +14,7 @@ using Utilities;
|
|||
|
||||
namespace SMBLibrary.Authentication
|
||||
{
|
||||
public class NTAuthentication
|
||||
public class NTLMCryptography
|
||||
{
|
||||
public static byte[] ComputeLMv1Response(byte[] challenge, string password)
|
||||
{
|
||||
|
|
@ -61,22 +61,6 @@ namespace SMBLibrary.Authentication
|
|||
return _NTProof;
|
||||
}
|
||||
|
||||
/// <summary>
|
||||
/// NTLMv2_CLIENT_CHALLENGE
|
||||
/// </summary>
|
||||
[Obsolete]
|
||||
public static byte[] GetNTLMv2ClientChallengeStructure(byte[] clientChallenge, byte responseVersion, byte responseVersionHigh, byte[] time, byte[] serverAVPair)
|
||||
{
|
||||
byte[] temp = new byte[28 + serverAVPair.Length];
|
||||
temp[0] = responseVersion;
|
||||
temp[1] = responseVersionHigh;
|
||||
Array.Copy(time, 0, temp, 8, 8);
|
||||
Array.Copy(clientChallenge, 0, temp, 16, 8);
|
||||
Array.Copy(serverAVPair, 0, temp, 28, serverAVPair.Length);
|
||||
|
||||
return temp;
|
||||
}
|
||||
|
||||
public static byte[] DesEncrypt(byte[] key, byte[] plainText)
|
||||
{
|
||||
return DesEncrypt(key, plainText, 0, plainText.Length);
|
||||
|
|
@ -47,7 +47,7 @@
|
|||
<Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenInit.cs" />
|
||||
<Compile Include="Authentication\GSSAPI\SimpleProtectedNegotiationTokenResponse.cs" />
|
||||
<Compile Include="Authentication\MD4.cs" />
|
||||
<Compile Include="Authentication\NTAuthentication.cs" />
|
||||
<Compile Include="Authentication\NTLMCryptography.cs" />
|
||||
<Compile Include="Client\SMBClient.cs" />
|
||||
<Compile Include="Enums\NTStatus.cs" />
|
||||
<Compile Include="Enums\SMBTransportType.cs" />
|
||||
|
|
|
|||
|
|
@ -37,13 +37,13 @@ namespace SMBLibrary.Server
|
|||
|
||||
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
byte[] expectedLMResponse = NTAuthentication.ComputeLMv1Response(serverChallenge, password);
|
||||
byte[] expectedLMResponse = NTLMCryptography.ComputeLMv1Response(serverChallenge, password);
|
||||
if (ByteUtils.AreByteArraysEqual(expectedLMResponse, lmResponse))
|
||||
{
|
||||
return this[index];
|
||||
}
|
||||
|
||||
byte[] expectedNTResponse = NTAuthentication.ComputeNTLMv1Response(serverChallenge, password);
|
||||
byte[] expectedNTResponse = NTLMCryptography.ComputeNTLMv1Response(serverChallenge, password);
|
||||
if (ByteUtils.AreByteArraysEqual(expectedNTResponse, ntResponse))
|
||||
{
|
||||
return this[index];
|
||||
|
|
@ -66,7 +66,7 @@ namespace SMBLibrary.Server
|
|||
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
byte[] clientChallenge = ByteReader.ReadBytes(lmResponse, 0, 8);
|
||||
byte[] expectedNTLMv1Response = NTAuthentication.ComputeNTLMv1ExtendedSecurityResponse(serverChallenge, clientChallenge, password);
|
||||
byte[] expectedNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSecurityResponse(serverChallenge, clientChallenge, password);
|
||||
|
||||
if (ByteUtils.AreByteArraysEqual(expectedNTLMv1Response, ntResponse))
|
||||
{
|
||||
|
|
@ -90,7 +90,7 @@ namespace SMBLibrary.Server
|
|||
if (String.Equals(accountName, accountNameToAuth, StringComparison.InvariantCultureIgnoreCase))
|
||||
{
|
||||
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);
|
||||
byte[] expectedLMv2Response = NTAuthentication.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainNameToAuth);
|
||||
byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainNameToAuth);
|
||||
if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))
|
||||
{
|
||||
return this[index];
|
||||
|
|
@ -100,7 +100,7 @@ namespace SMBLibrary.Server
|
|||
{
|
||||
byte[] clientNTProof = ByteReader.ReadBytes(ntResponse, 0, 16);
|
||||
byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(ntResponse, 16, ntResponse.Length - 16);
|
||||
byte[] expectedNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, password, accountName, domainNameToAuth);
|
||||
byte[] expectedNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, password, accountName, domainNameToAuth);
|
||||
|
||||
if (ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof))
|
||||
{
|
||||
|
|
|
|||
|
|
@ -19,7 +19,7 @@ namespace SMBLibrary
|
|||
{
|
||||
public static bool LMv1HashTest()
|
||||
{
|
||||
byte[] hash = NTAuthentication.LMOWFv1("Password");
|
||||
byte[] hash = NTLMCryptography.LMOWFv1("Password");
|
||||
byte[] expected = new byte[] { 0xe5, 0x2c, 0xac, 0x67, 0x41, 0x9a, 0x9a, 0x22, 0x4a, 0x3b, 0x10, 0x8f, 0x3f, 0xa6, 0xcb, 0x6d };
|
||||
bool success = ByteUtils.AreByteArraysEqual(hash, expected);
|
||||
return success;
|
||||
|
|
@ -27,7 +27,7 @@ namespace SMBLibrary
|
|||
|
||||
public static bool NTv1HashTest()
|
||||
{
|
||||
byte[] hash = NTAuthentication.NTOWFv1("Password");
|
||||
byte[] hash = NTLMCryptography.NTOWFv1("Password");
|
||||
byte[] expected = new byte[] { 0xa4, 0xf4, 0x9c, 0x40, 0x65, 0x10, 0xbd, 0xca, 0xb6, 0x82, 0x4e, 0xe7, 0xc3, 0x0f, 0xd8, 0x52 };
|
||||
bool success = ByteUtils.AreByteArraysEqual(hash, expected);
|
||||
return success;
|
||||
|
|
@ -35,7 +35,7 @@ namespace SMBLibrary
|
|||
|
||||
public static bool NTv2HashTest()
|
||||
{
|
||||
byte[] hash = NTAuthentication.NTOWFv2("Password", "User", "Domain");
|
||||
byte[] hash = NTLMCryptography.NTOWFv2("Password", "User", "Domain");
|
||||
byte[] expected = new byte[] { 0x0c, 0x86, 0x8a, 0x40, 0x3b, 0xfd, 0x7a, 0x93, 0xa3, 0x00, 0x1e, 0xf2, 0x2e, 0xf0, 0x2e, 0x3f };
|
||||
bool success = ByteUtils.AreByteArraysEqual(hash, expected);
|
||||
return success;
|
||||
|
|
@ -44,7 +44,7 @@ namespace SMBLibrary
|
|||
public static bool LMv1ResponseTest()
|
||||
{
|
||||
byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
byte[] response = NTAuthentication.ComputeLMv1Response(challenge, "Password");
|
||||
byte[] response = NTLMCryptography.ComputeLMv1Response(challenge, "Password");
|
||||
byte[] expected = { 0x98, 0xde, 0xf7, 0xb8, 0x7f, 0x88, 0xaa, 0x5d, 0xaf, 0xe2, 0xdf, 0x77, 0x96, 0x88, 0xa1, 0x72, 0xde, 0xf1, 0x1c, 0x7d, 0x5c, 0xcd, 0xef, 0x13 };
|
||||
bool success = ByteUtils.AreByteArraysEqual(response, expected);
|
||||
return success;
|
||||
|
|
@ -53,7 +53,7 @@ namespace SMBLibrary
|
|||
public static bool NTLMv1ResponseTest()
|
||||
{
|
||||
byte[] challenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
byte[] response = NTAuthentication.ComputeNTLMv1Response(challenge, "Password");
|
||||
byte[] response = NTLMCryptography.ComputeNTLMv1Response(challenge, "Password");
|
||||
byte[] expected = { 0x67, 0xc4, 0x30, 0x11, 0xf3, 0x02, 0x98, 0xa2, 0xad, 0x35, 0xec, 0xe6, 0x4f, 0x16, 0x33, 0x1c, 0x44, 0xbd, 0xbe, 0xd9, 0x27, 0x84, 0x1f, 0x94};
|
||||
bool success = ByteUtils.AreByteArraysEqual(response, expected);
|
||||
return success;
|
||||
|
|
@ -63,7 +63,7 @@ namespace SMBLibrary
|
|||
{
|
||||
byte[] serverChallenge = new byte[] { 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef };
|
||||
byte[] clientChallenge = new byte[] { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa };
|
||||
byte[] response = NTAuthentication.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
|
||||
byte[] response = NTLMCryptography.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
|
||||
byte[] expected = new byte[] { 0x86, 0xc3, 0x50, 0x97, 0xac, 0x9c, 0xec, 0x10, 0x25, 0x54, 0x76, 0x4a, 0x57, 0xcc, 0xcc, 0x19, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa};
|
||||
bool success = ByteUtils.AreByteArraysEqual(response, expected);
|
||||
return success;
|
||||
|
|
@ -76,7 +76,7 @@ namespace SMBLibrary
|
|||
DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8]
|
||||
NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server");
|
||||
byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded();
|
||||
byte[] clientNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
|
||||
byte[] clientNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
|
||||
|
||||
byte[] expectedNTProof = new byte[] { 0x68, 0xcd, 0x0a, 0xb8, 0x51, 0xe5, 0x1c, 0x96, 0xaa, 0xbc, 0x92, 0x7b, 0xeb, 0xef, 0x6a, 0x1c };
|
||||
bool success = ByteUtils.AreByteArraysEqual(clientNTProof, expectedNTProof);
|
||||
|
|
@ -134,16 +134,16 @@ namespace SMBLibrary
|
|||
DateTime time = DateTime.FromFileTimeUtc(0); // same as new byte[8]
|
||||
NTLMv2ClientChallenge clientChallengeStructure = new NTLMv2ClientChallenge(time, clientChallenge, "Domain", "Server");
|
||||
byte[] clientChallengeStructurePadded = clientChallengeStructure.GetBytesPadded();
|
||||
byte[] clientNTProof = NTAuthentication.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
|
||||
byte[] clientNTProof = NTLMCryptography.ComputeNTLMv2Proof(serverChallenge, clientChallengeStructurePadded, "Password", "User", "Domain");
|
||||
|
||||
AuthenticateMessage message = new AuthenticateMessage();
|
||||
message.EncryptedRandomSessionKey = sessionKey;
|
||||
message.Version = new NTLMVersion(5, 1, 2600, Authentication.NTLMVersion.NTLMSSP_REVISION_W2K3);
|
||||
message.Version = new NTLMVersion(5, 1, 2600, NTLMVersion.NTLMSSP_REVISION_W2K3);
|
||||
message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.ExtendedSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption;
|
||||
message.DomainName = "Domain";
|
||||
message.WorkStation = "COMPUTER";
|
||||
message.UserName = "User";
|
||||
message.LmChallengeResponse = NTAuthentication.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
|
||||
message.LmChallengeResponse = NTLMCryptography.ComputeLMv2Response(serverChallenge, clientChallenge, "Password", "User", "Domain");
|
||||
message.NtChallengeResponse = ByteUtils.Concatenate(clientNTProof, clientChallengeStructurePadded);
|
||||
|
||||
byte[] messageBytes = message.GetBytes();
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ namespace SMBLibrary.Server.Win32
|
|||
{
|
||||
// NTLM v1 extended security:
|
||||
byte[] clientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 0, 8);
|
||||
byte[] emptyPasswordNTLMv1Response = NTAuthentication.ComputeNTLMv1ExtendedSecurityResponse(m_serverChallenge, clientChallenge, String.Empty);
|
||||
byte[] emptyPasswordNTLMv1Response = NTLMCryptography.ComputeNTLMv1ExtendedSecurityResponse(m_serverChallenge, clientChallenge, String.Empty);
|
||||
if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse))
|
||||
{
|
||||
return true;
|
||||
|
|
@ -102,7 +102,7 @@ namespace SMBLibrary.Server.Win32
|
|||
{
|
||||
// NTLM v2:
|
||||
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 16, 8);
|
||||
byte[] emptyPasswordLMv2Response = NTAuthentication.ComputeLMv2Response(m_serverChallenge, _LMv2ClientChallenge, String.Empty, message.UserName, message.DomainName);
|
||||
byte[] emptyPasswordLMv2Response = NTLMCryptography.ComputeLMv2Response(m_serverChallenge, _LMv2ClientChallenge, String.Empty, message.UserName, message.DomainName);
|
||||
if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv2Response, message.LmChallengeResponse))
|
||||
{
|
||||
return true;
|
||||
|
|
@ -112,7 +112,7 @@ namespace SMBLibrary.Server.Win32
|
|||
{
|
||||
byte[] clientNTProof = ByteReader.ReadBytes(message.NtChallengeResponse, 0, 16);
|
||||
byte[] clientChallengeStructurePadded = ByteReader.ReadBytes(message.NtChallengeResponse, 16, message.NtChallengeResponse.Length - 16);
|
||||
byte[] emptyPasswordNTProof = NTAuthentication.ComputeNTLMv2Proof(m_serverChallenge, clientChallengeStructurePadded, String.Empty, message.UserName, message.DomainName);
|
||||
byte[] emptyPasswordNTProof = NTLMCryptography.ComputeNTLMv2Proof(m_serverChallenge, clientChallengeStructurePadded, String.Empty, message.UserName, message.DomainName);
|
||||
if (ByteUtils.AreByteArraysEqual(clientNTProof, emptyPasswordNTProof))
|
||||
{
|
||||
return true;
|
||||
|
|
@ -123,13 +123,13 @@ namespace SMBLibrary.Server.Win32
|
|||
else
|
||||
{
|
||||
// NTLM v1:
|
||||
byte[] emptyPasswordLMv1Response = NTAuthentication.ComputeLMv1Response(m_serverChallenge, String.Empty);
|
||||
byte[] emptyPasswordLMv1Response = NTLMCryptography.ComputeLMv1Response(m_serverChallenge, String.Empty);
|
||||
if (ByteUtils.AreByteArraysEqual(emptyPasswordLMv1Response, message.LmChallengeResponse))
|
||||
{
|
||||
return true;
|
||||
}
|
||||
|
||||
byte[] emptyPasswordNTLMv1Response = NTAuthentication.ComputeNTLMv1Response(m_serverChallenge, String.Empty);
|
||||
byte[] emptyPasswordNTLMv1Response = NTLMCryptography.ComputeNTLMv1Response(m_serverChallenge, String.Empty);
|
||||
if (ByteUtils.AreByteArraysEqual(emptyPasswordNTLMv1Response, message.NtChallengeResponse))
|
||||
{
|
||||
return true;
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue