diff --git a/SMBLibrary/Authentication/AuthenticateMessage/AuthenticateMessage.cs b/SMBLibrary/Authentication/AuthenticateMessage/AuthenticateMessage.cs
index 1604a90..1cf46f3 100644
--- a/SMBLibrary/Authentication/AuthenticateMessage/AuthenticateMessage.cs
+++ b/SMBLibrary/Authentication/AuthenticateMessage/AuthenticateMessage.cs
@@ -51,7 +51,7 @@ namespace SMBLibrary.Authentication
WorkStation = AuthenticationMessageUtils.ReadUnicodeStringBufferPointer(buffer, 44);
EncryptedRandomSessionKey = AuthenticationMessageUtils.ReadBufferPointer(buffer, 52);
NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 60);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new Version(buffer, 64);
}
@@ -61,7 +61,7 @@ namespace SMBLibrary.Authentication
{
int fixedLength = 64;
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
fixedLength += 8;
}
@@ -71,7 +71,7 @@ namespace SMBLibrary.Authentication
ByteWriter.WriteAnsiString(buffer, 0, ValidSignature, 8);
LittleEndianWriter.WriteUInt32(buffer, 8, (uint)MessageType);
LittleEndianWriter.WriteUInt32(buffer, 60, (uint)NegotiateFlags);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version.WriteBytes(buffer, 64);
}
diff --git a/SMBLibrary/Authentication/AuthenticateMessage/ChallengeMessage.cs b/SMBLibrary/Authentication/AuthenticateMessage/ChallengeMessage.cs
index f70dcb7..d73ad7a 100644
--- a/SMBLibrary/Authentication/AuthenticateMessage/ChallengeMessage.cs
+++ b/SMBLibrary/Authentication/AuthenticateMessage/ChallengeMessage.cs
@@ -40,7 +40,7 @@ namespace SMBLibrary.Authentication
ServerChallenge = ByteReader.ReadBytes(buffer, 24, 8);
// Reserved
TargetInfo = AuthenticationMessageUtils.ReadBufferPointer(buffer, 40);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new Version(buffer, 48);
}
@@ -49,7 +49,7 @@ namespace SMBLibrary.Authentication
public byte[] GetBytes()
{
int fixedLength = 48;
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
fixedLength += 8;
}
@@ -60,7 +60,7 @@ namespace SMBLibrary.Authentication
LittleEndianWriter.WriteUInt32(buffer, 8, (uint)MessageType);
LittleEndianWriter.WriteUInt32(buffer, 20, (uint)NegotiateFlags);
ByteWriter.WriteBytes(buffer, 24, ServerChallenge);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version.WriteBytes(buffer, 48);
}
diff --git a/SMBLibrary/Authentication/AuthenticateMessage/Enums/NegotiateFlags.cs b/SMBLibrary/Authentication/AuthenticateMessage/Enums/NegotiateFlags.cs
index 544a038..7ef9ada 100644
--- a/SMBLibrary/Authentication/AuthenticateMessage/Enums/NegotiateFlags.cs
+++ b/SMBLibrary/Authentication/AuthenticateMessage/Enums/NegotiateFlags.cs
@@ -5,45 +5,43 @@ namespace SMBLibrary.Authentication
[Flags]
public enum NegotiateFlags : uint
{
- NegotiateUnicode = 0x01, // NTLMSSP_NEGOTIATE_UNICODE
- NegotiateOEM = 0x02, // NTLM_NEGOTIATE_OEM
- RequestTarget = 0x04, // NTLMSSP_REQUEST_TARGET
- NegotiateSign = 0x10, // NTLMSSP_NEGOTIATE_SIGN
- NegotiateSeal = 0x20, // NTLMSSP_NEGOTIATE_SEAL
- NegotiateDatagram = 0x40, // NTLMSSP_NEGOTIATE_DATAGRAM
+ UnicodeEncoding = 0x00000001, // NTLMSSP_NEGOTIATE_UNICODE
+ OEMEncoding = 0x00000002, // NTLM_NEGOTIATE_OEM
+ TargetNameSupplied = 0x00000004, // NTLMSSP_REQUEST_TARGET
+ Sign = 0x00000010, // NTLMSSP_NEGOTIATE_SIGN
+ Seal = 0x00000020, // NTLMSSP_NEGOTIATE_SEAL
+ Datagram = 0x00000040, // NTLMSSP_NEGOTIATE_DATAGRAM
///
- /// NegotiateLanManagerKey and NegotiateExtendedSecurity are mutually exclusive
- /// If both are set then NegotiateLanManagerKey must be ignored
+ /// LanManagerKey and ExtendedSecurity are mutually exclusive
+ /// If both are set then LanManagerKey must be ignored
///
- NegotiateLanManagerKey = 0x80, // NTLMSSP_NEGOTIATE_LM_KEY
- NegotiateNTLMKey = 0x200, // NTLMSSP_NEGOTIATE_NTLM
- //NegotiateNTOnly = 0x400, // Unused, must be clear
+ LanManagerKey = 0x00000080, // NTLMSSP_NEGOTIATE_LM_KEY
+ NTLMKey = 0x00000200, // NTLMSSP_NEGOTIATE_NTLM
///
/// If set, the connection SHOULD be anonymous
///
- NegotiateAnonymous = 0x800,
+ Anonymous = 0x00000800,
- NegotiateOEMDomainSupplied = 0x1000, // NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
- NegotiateOEMWorkstationSupplied = 0x2000, // NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
- NegotiateAlwaysSign = 0x8000, // NTLMSSP_NEGOTIATE_ALWAYS_SIGN
- NegotiateTargetTypeDomain = 0x10000, // NTLMSSP_TARGET_TYPE_DOMAIN
- NegotiateTargetTypeServer = 0x20000, // NTLMSSP_TARGET_TYPE_SERVER
- NegotiateTargetTypeShare = 0x40000, // Unused, must be clear
+ DomainNameSupplied = 0x00001000, // NTLMSSP_NEGOTIATE_OEM_DOMAIN_SUPPLIED
+ WorkstationNameSupplied = 0x00002000, // NTLMSSP_NEGOTIATE_OEM_WORKSTATION_SUPPLIED
+ AlwaysSign = 0x00008000, // NTLMSSP_NEGOTIATE_ALWAYS_SIGN
+ TargetTypeDomain = 0x00010000, // NTLMSSP_TARGET_TYPE_DOMAIN
+ TargetTypeServer = 0x00020000, // NTLMSSP_TARGET_TYPE_SERVER
///
- /// NegotiateLanManagerKey and NegotiateExtendedSecurity are mutually exclusive
- /// If both are set then NegotiateLanManagerKey must be ignored.
+ /// LanManagerKey and ExtendedSecurity are mutually exclusive
+ /// If both are set then LanManagerKey must be ignored.
/// NTLM v2 requires this flag to be set.
///
- NegotiateExtendedSecurity = 0x80000, // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
- NegotiateIdentify = 0x100000, // NTLMSSP_NEGOTIATE_IDENTIFY
- RequestNonNTSession = 0x400000, // NTLMSSP_REQUEST_NON_NT_SESSION_KEY
- NegotiateTargetInfo = 0x800000, // NTLMSSP_NEGOTIATE_TARGET_INFO
- NegotiateVersion = 0x2000000, // NTLMSSP_NEGOTIATE_VERSION
- Negotiate128 = 0x20000000, // NTLMSSP_NEGOTIATE_128
- NegotiateKeyExchange = 0x40000000, // NTLMSSP_NEGOTIATE_KEY_EXCH
- Negotiate56 = 0x80000000, // NTLMSSP_NEGOTIATE_56
+ ExtendedSecurity = 0x00080000, // NTLMSSP_NEGOTIATE_EXTENDED_SESSIONSECURITY
+ Identify = 0x00100000, // NTLMSSP_NEGOTIATE_IDENTIFY
+ RequestLMSessionKey = 0x00400000, // NTLMSSP_REQUEST_NON_NT_SESSION_KEY
+ TargetInfo = 0x00800000, // NTLMSSP_NEGOTIATE_TARGET_INFO
+ Version = 0x02000000, // NTLMSSP_NEGOTIATE_VERSION
+ Use128BitEncryption = 0x20000000, // NTLMSSP_NEGOTIATE_128
+ KeyExchange = 0x40000000, // NTLMSSP_NEGOTIATE_KEY_EXCH
+ Use56BitEncryption = 0x80000000, // NTLMSSP_NEGOTIATE_56
}
}
diff --git a/SMBLibrary/Authentication/AuthenticateMessage/NegotiateMessage.cs b/SMBLibrary/Authentication/AuthenticateMessage/NegotiateMessage.cs
index b48d380..5cd7b8e 100644
--- a/SMBLibrary/Authentication/AuthenticateMessage/NegotiateMessage.cs
+++ b/SMBLibrary/Authentication/AuthenticateMessage/NegotiateMessage.cs
@@ -38,7 +38,7 @@ namespace SMBLibrary.Authentication
NegotiateFlags = (NegotiateFlags)LittleEndianConverter.ToUInt32(buffer, 12);
DomainName = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 16);
Workstation = AuthenticationMessageUtils.ReadAnsiStringBufferPointer(buffer, 24);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version = new Version(buffer, 32);
}
@@ -47,7 +47,7 @@ namespace SMBLibrary.Authentication
public byte[] GetBytes()
{
int fixedLength = 32;
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
fixedLength += 8;
}
@@ -57,7 +57,7 @@ namespace SMBLibrary.Authentication
LittleEndianWriter.WriteUInt32(buffer, 8, (uint)MessageType);
LittleEndianWriter.WriteUInt32(buffer, 12, (uint)NegotiateFlags);
- if ((NegotiateFlags & NegotiateFlags.NegotiateVersion) > 0)
+ if ((NegotiateFlags & NegotiateFlags.Version) > 0)
{
Version.WriteBytes(buffer, 32);
}
diff --git a/SMBLibrary/Server/IndependentUserCollection.cs b/SMBLibrary/Server/IndependentUserCollection.cs
index 1c68fa6..000da2a 100644
--- a/SMBLibrary/Server/IndependentUserCollection.cs
+++ b/SMBLibrary/Server/IndependentUserCollection.cs
@@ -123,14 +123,14 @@ namespace SMBLibrary.Server
byte[] serverChallenge = GenerateServerChallenge();
ChallengeMessage message = new ChallengeMessage();
- message.NegotiateFlags = NegotiateFlags.NegotiateUnicode |
- NegotiateFlags.RequestTarget |
- NegotiateFlags.NegotiateNTLMKey |
- NegotiateFlags.NegotiateExtendedSecurity |
- NegotiateFlags.NegotiateTargetInfo |
- NegotiateFlags.NegotiateVersion |
- NegotiateFlags.Negotiate128 |
- NegotiateFlags.Negotiate56;
+ message.NegotiateFlags = NegotiateFlags.UnicodeEncoding |
+ NegotiateFlags.TargetNameSupplied |
+ NegotiateFlags.NTLMKey |
+ NegotiateFlags.ExtendedSecurity |
+ NegotiateFlags.TargetInfo |
+ NegotiateFlags.Version |
+ NegotiateFlags.Use128BitEncryption |
+ NegotiateFlags.Use56BitEncryption;
message.TargetName = Environment.MachineName;
message.ServerChallenge = serverChallenge;
message.TargetInfo = AVPairUtils.GetAVPairSequence(Environment.MachineName, Environment.MachineName);
@@ -140,13 +140,13 @@ namespace SMBLibrary.Server
public bool Authenticate(AuthenticateMessage message)
{
- if ((message.NegotiateFlags & NegotiateFlags.NegotiateAnonymous) > 0)
+ if ((message.NegotiateFlags & NegotiateFlags.Anonymous) > 0)
{
return this.EnableGuestLogin;
}
User user;
- if ((message.NegotiateFlags & NegotiateFlags.NegotiateExtendedSecurity) > 0)
+ if ((message.NegotiateFlags & NegotiateFlags.ExtendedSecurity) > 0)
{
user = AuthenticateV1Extended(message.UserName, m_serverChallenge, message.LmChallengeResponse, message.NtChallengeResponse);
if (user == null)
diff --git a/SMBLibrary/Server/SMB1/NegotiateHelper.cs b/SMBLibrary/Server/SMB1/NegotiateHelper.cs
index 0a5bb6a..df956d1 100644
--- a/SMBLibrary/Server/SMB1/NegotiateHelper.cs
+++ b/SMBLibrary/Server/SMB1/NegotiateHelper.cs
@@ -72,7 +72,7 @@ namespace SMBLibrary.Server.SMB1
private static NegotiateMessage CreateNegotiateMessage()
{
NegotiateMessage negotiateMessage = new NegotiateMessage();
- negotiateMessage.NegotiateFlags = NegotiateFlags.NegotiateUnicode | NegotiateFlags.NegotiateOEM | NegotiateFlags.NegotiateSign | NegotiateFlags.NegotiateLanManagerKey | NegotiateFlags.NegotiateNTLMKey | NegotiateFlags.NegotiateAlwaysSign | NegotiateFlags.NegotiateVersion | NegotiateFlags.Negotiate128 | NegotiateFlags.Negotiate56;
+ negotiateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.LanManagerKey | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.Use56BitEncryption;
negotiateMessage.Version = Authentication.Version.Server2003;
return negotiateMessage;
}
diff --git a/SMBLibrary/Server/SMB1/SessionSetupHelper.cs b/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
index c8c88c2..57cd602 100644
--- a/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
+++ b/SMBLibrary/Server/SMB1/SessionSetupHelper.cs
@@ -174,7 +174,7 @@ namespace SMBLibrary.Server.SMB1
private static AuthenticateMessage CreateAuthenticateMessage(string accountNameToAuth, byte[] lmResponse, byte[] ntlmResponse)
{
AuthenticateMessage authenticateMessage = new AuthenticateMessage();
- authenticateMessage.NegotiateFlags = NegotiateFlags.NegotiateUnicode | NegotiateFlags.NegotiateOEM | NegotiateFlags.NegotiateSign | NegotiateFlags.NegotiateLanManagerKey | NegotiateFlags.NegotiateNTLMKey | NegotiateFlags.NegotiateAlwaysSign | NegotiateFlags.NegotiateVersion | NegotiateFlags.Negotiate128 | NegotiateFlags.Negotiate56;
+ authenticateMessage.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.LanManagerKey | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.Use56BitEncryption;
authenticateMessage.UserName = accountNameToAuth;
authenticateMessage.LmChallengeResponse = lmResponse;
authenticateMessage.NtChallengeResponse = ntlmResponse;
diff --git a/SMBLibrary/Tests/AuthenticationTests.cs b/SMBLibrary/Tests/AuthenticationTests.cs
index 0ec441c..fa3657f 100644
--- a/SMBLibrary/Tests/AuthenticationTests.cs
+++ b/SMBLibrary/Tests/AuthenticationTests.cs
@@ -98,7 +98,7 @@ namespace SMBLibrary
ChallengeMessage message = new ChallengeMessage();
message.ServerChallenge = serverChallenge;
message.Version = new Authentication.Version(6, 0, 6000, 15);
- message.NegotiateFlags = NegotiateFlags.NegotiateUnicode | NegotiateFlags.NegotiateOEM | NegotiateFlags.NegotiateSign | NegotiateFlags.NegotiateSeal | NegotiateFlags.NegotiateNTLMKey | NegotiateFlags.NegotiateAlwaysSign | NegotiateFlags.NegotiateTargetTypeServer | NegotiateFlags.NegotiateExtendedSecurity | NegotiateFlags.NegotiateTargetInfo | NegotiateFlags.NegotiateVersion | NegotiateFlags.Negotiate128 | NegotiateFlags.NegotiateKeyExchange | NegotiateFlags.Negotiate56;
+ message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.OEMEncoding | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.TargetTypeServer | NegotiateFlags.ExtendedSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption;
message.TargetName = "Server";
byte[] serverAVPair = AVPairUtils.GetAVPairSequence("Domain", "Server");
message.TargetInfo = serverAVPair;
@@ -139,7 +139,7 @@ namespace SMBLibrary
AuthenticateMessage message = new AuthenticateMessage();
message.EncryptedRandomSessionKey = sessionKey;
message.Version = new Authentication.Version(5, 1, 2600, Authentication.Version.NTLMSSP_REVISION_W2K3);
- message.NegotiateFlags = NegotiateFlags.NegotiateUnicode | NegotiateFlags.RequestTarget | NegotiateFlags.NegotiateSign | NegotiateFlags.NegotiateSeal | NegotiateFlags.NegotiateNTLMKey | NegotiateFlags.NegotiateAlwaysSign | NegotiateFlags.NegotiateExtendedSecurity | NegotiateFlags.NegotiateTargetInfo | NegotiateFlags.NegotiateVersion | NegotiateFlags.Negotiate128 | NegotiateFlags.NegotiateKeyExchange | NegotiateFlags.Negotiate56;
+ message.NegotiateFlags = NegotiateFlags.UnicodeEncoding | NegotiateFlags.TargetNameSupplied | NegotiateFlags.Sign | NegotiateFlags.Seal | NegotiateFlags.NTLMKey | NegotiateFlags.AlwaysSign | NegotiateFlags.ExtendedSecurity | NegotiateFlags.TargetInfo | NegotiateFlags.Version | NegotiateFlags.Use128BitEncryption | NegotiateFlags.KeyExchange | NegotiateFlags.Use56BitEncryption;
message.DomainName = "Domain";
message.WorkStation = "COMPUTER";
message.UserName = "User";
diff --git a/SMBLibrary/Win32/Win32UserCollection.cs b/SMBLibrary/Win32/Win32UserCollection.cs
index 375536f..66e32a0 100644
--- a/SMBLibrary/Win32/Win32UserCollection.cs
+++ b/SMBLibrary/Win32/Win32UserCollection.cs
@@ -45,7 +45,7 @@ namespace SMBLibrary.Server.Win32
///
public bool Authenticate(AuthenticateMessage message)
{
- if ((message.NegotiateFlags & NegotiateFlags.NegotiateAnonymous) > 0)
+ if ((message.NegotiateFlags & NegotiateFlags.Anonymous) > 0)
{
return this.EnableGuestLogin;
}
@@ -80,7 +80,7 @@ namespace SMBLibrary.Server.Win32
return true;
}
- if ((message.NegotiateFlags & NegotiateFlags.NegotiateExtendedSecurity) > 0)
+ if ((message.NegotiateFlags & NegotiateFlags.ExtendedSecurity) > 0)
{
// NTLM v1 extended security:
byte[] clientChallenge = ByteReader.ReadBytes(message.LmChallengeResponse, 0, 8);