zydronium/SMBLibrary
1
0
Fork 0
mirror of https://github.com/TalAloni/SMBLibrary.git synced 2025-07-24 18:08:16 +02:00
Code Issues Projects Releases Packages Wiki Activity

IndependentNTLMAuthenticationProvider: Workaround for NTLMv2 with LmChallengeResponse length of 0 bytes

Browse source
This commit is contained in:
Tal Aloni 2017-05-20 10:50:37 +03:00
parent efce34f5d6
commit af50099f22
1 changed files with 8 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

12
SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs
View file

@ -301,11 +301,15 @@ namespace SMBLibrary.Authentication.NTLM
/// </summary>
private bool AuthenticateV2(string domainName, string accountName, string password, byte[] serverChallenge, byte[] lmResponse, byte[] ntResponse)
{
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);
byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainName);
if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))
// Note: Linux CIFS VFS 3.10 will send LmChallengeResponse with length of 0 bytes
if (lmResponse.Length == 24)
{
return true;
byte[] _LMv2ClientChallenge = ByteReader.ReadBytes(lmResponse, 16, 8);
byte[] expectedLMv2Response = NTLMCryptography.ComputeLMv2Response(serverChallenge, _LMv2ClientChallenge, password, accountName, domainName);
if (ByteUtils.AreByteArraysEqual(expectedLMv2Response, lmResponse))
{
return true;
}
}
if (AuthenticationMessageUtils.IsNTLMv2NTResponse(ntResponse))