diff --git a/SMBLibrary.Win32/Security/IntegratedNTLMAuthenticationProvider.cs b/SMBLibrary.Win32/Security/IntegratedNTLMAuthenticationProvider.cs index 7da1a9f..e2d615c 100644 --- a/SMBLibrary.Win32/Security/IntegratedNTLMAuthenticationProvider.cs +++ b/SMBLibrary.Win32/Security/IntegratedNTLMAuthenticationProvider.cs @@ -1,4 +1,4 @@ -/* Copyright (C) 2014-2017 Tal Aloni . All rights reserved. +/* Copyright (C) 2014-2020 Tal Aloni . All rights reserved. * * You can redistribute this program and/or modify it under the terms of * the GNU Lesser Public License as published by the Free Software Foundation, @@ -33,11 +33,9 @@ namespace SMBLibrary.Win32.Security } } - public override NTStatus GetChallengeMessage(out object context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage) + public override NTStatus GetChallengeMessage(out object context, byte[] negotiateMessageBytes, out byte[] challengeMessageBytes) { - byte[] negotiateMessageBytes = negotiateMessage.GetBytes(); SecHandle serverContext; - byte[] challengeMessageBytes; try { challengeMessageBytes = SSPIHelper.GetType2Message(negotiateMessageBytes, out serverContext); @@ -45,13 +43,12 @@ namespace SMBLibrary.Win32.Security catch (Exception) { context = null; - challengeMessage = null; + challengeMessageBytes = null; // We assume that the problem is not with our implementation. return NTStatus.SEC_E_INVALID_TOKEN; } context = new AuthContext(serverContext); - challengeMessage = new ChallengeMessage(challengeMessageBytes); return NTStatus.SEC_I_CONTINUE_NEEDED; } @@ -60,8 +57,18 @@ namespace SMBLibrary.Win32.Security /// 1. The correct password is blank and 'limitblankpassworduse' is set to 1. /// 2. The user is listed in the "Deny access to this computer from the network" list. /// - public override NTStatus Authenticate(object context, AuthenticateMessage message) + public override NTStatus Authenticate(object context, byte[] authenticateMessageBytes) { + AuthenticateMessage message; + try + { + message = new AuthenticateMessage(authenticateMessageBytes); + } + catch(Exception) + { + return NTStatus.SEC_E_INVALID_TOKEN; + } + AuthContext authContext = context as AuthContext; if (authContext == null) { @@ -95,11 +102,10 @@ namespace SMBLibrary.Win32.Security } } - byte[] messageBytes = message.GetBytes(); bool success; try { - success = SSPIHelper.AuthenticateType3Message(authContext.ServerContext, messageBytes); + success = SSPIHelper.AuthenticateType3Message(authContext.ServerContext, authenticateMessageBytes); } catch (Exception) { diff --git a/SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs b/SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs index 33c0d56..194f91a 100644 --- a/SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs +++ b/SMBLibrary/Authentication/NTLM/IndependentNTLMAuthenticationProvider.cs @@ -1,4 +1,4 @@ -/* Copyright (C) 2014-2017 Tal Aloni . All rights reserved. +/* Copyright (C) 2014-2020 Tal Aloni . All rights reserved. * * You can redistribute this program and/or modify it under the terms of * the GNU Lesser Public License as published by the Free Software Foundation, @@ -61,12 +61,24 @@ namespace SMBLibrary.Authentication.NTLM m_loginCounter = new LoginCounter(maxLoginAttemptsInWindow, loginWindowDuration); } - public override NTStatus GetChallengeMessage(out object context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage) + public override NTStatus GetChallengeMessage(out object context, byte[] negotiateMessageBytes, out byte[] challengeMessageBytes) { + NegotiateMessage negotiateMessage; + try + { + negotiateMessage = new NegotiateMessage(negotiateMessageBytes); + } + catch + { + context = null; + challengeMessageBytes = null; + return NTStatus.SEC_E_INVALID_TOKEN; + } + byte[] serverChallenge = GenerateServerChallenge(); context = new AuthContext(serverChallenge); - challengeMessage = new ChallengeMessage(); + ChallengeMessage challengeMessage = new ChallengeMessage(); // https://msdn.microsoft.com/en-us/library/cc236691.aspx challengeMessage.NegotiateFlags = NegotiateFlags.TargetTypeServer | NegotiateFlags.TargetInfo | @@ -135,11 +147,22 @@ namespace SMBLibrary.Authentication.NTLM challengeMessage.ServerChallenge = serverChallenge; challengeMessage.TargetInfo = AVPairUtils.GetAVPairSequence(Environment.MachineName, Environment.MachineName); challengeMessage.Version = NTLMVersion.Server2003; + challengeMessageBytes = challengeMessage.GetBytes(); return NTStatus.SEC_I_CONTINUE_NEEDED; } - public override NTStatus Authenticate(object context, AuthenticateMessage message) + public override NTStatus Authenticate(object context, byte[] authenticateMessageBytes) { + AuthenticateMessage message; + try + { + message = new AuthenticateMessage(authenticateMessageBytes); + } + catch + { + return NTStatus.SEC_E_INVALID_TOKEN; + } + AuthContext authContext = context as AuthContext; if (authContext == null) { diff --git a/SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs b/SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs index 82b4ebc..88783c8 100644 --- a/SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs +++ b/SMBLibrary/Authentication/NTLM/NTLMAuthenticationProviderBase.cs @@ -1,4 +1,4 @@ -/* Copyright (C) 2014-2017 Tal Aloni . All rights reserved. +/* Copyright (C) 2014-2020 Tal Aloni . All rights reserved. * * You can redistribute this program and/or modify it under the terms of * the GNU Lesser Public License as published by the Free Software Foundation, @@ -25,32 +25,12 @@ namespace SMBLibrary.Authentication.NTLM MessageTypeName messageType = AuthenticationMessageUtils.GetMessageType(inputToken); if (messageType == MessageTypeName.Negotiate) { - NegotiateMessage negotiateMessage; - try - { - negotiateMessage = new NegotiateMessage(inputToken); - } - catch - { - return NTStatus.SEC_E_INVALID_TOKEN; - } - ChallengeMessage challengeMessage; - NTStatus status = GetChallengeMessage(out context, negotiateMessage, out challengeMessage); - outputToken = challengeMessage.GetBytes(); + NTStatus status = GetChallengeMessage(out context, inputToken, out outputToken); return status; } else if (messageType == MessageTypeName.Authenticate) { - AuthenticateMessage authenticateMessage; - try - { - authenticateMessage = new AuthenticateMessage(inputToken); - } - catch - { - return NTStatus.SEC_E_INVALID_TOKEN; - } - return Authenticate(context, authenticateMessage); + return Authenticate(context, inputToken); } else { @@ -58,9 +38,9 @@ namespace SMBLibrary.Authentication.NTLM } } - public abstract NTStatus GetChallengeMessage(out object context, NegotiateMessage negotiateMessage, out ChallengeMessage challengeMessage); + public abstract NTStatus GetChallengeMessage(out object context, byte[] negotiateMessageBytes, out byte[] challengeMessageBytes); - public abstract NTStatus Authenticate(object context, AuthenticateMessage authenticateMessage); + public abstract NTStatus Authenticate(object context, byte[] authenticateMessageBytes); public abstract bool DeleteSecurityContext(ref object context);