diff --git a/SMBLibrary/Authentication/AuthenticateMessage/NTLMv2ClientChallenge.cs b/SMBLibrary/Authentication/AuthenticateMessage/NTLMv2ClientChallenge.cs index adce1ef..2ff5a8b 100644 --- a/SMBLibrary/Authentication/AuthenticateMessage/NTLMv2ClientChallenge.cs +++ b/SMBLibrary/Authentication/AuthenticateMessage/NTLMv2ClientChallenge.cs @@ -16,25 +16,27 @@ namespace SMBLibrary.Authentication /// public class NTLMv2ClientChallenge { + public const byte StructureVersion = 0x01; public static readonly DateTime EpochTime = DateTime.FromFileTimeUtc(0); - public byte ResponseVersion; - public byte ResponseVersionHigh; - // 6 zero bytes - public DateTime Time; - // 4 zero bytes - public byte[] ClientChallenge; // 8-byte challenge message generated by the client + public byte CurrentVersion; + public byte MaximumSupportedVersion; + public ushort Reserved1; + public uint Reserved2; + public DateTime TimeStamp; + public uint Reserved3; + public byte[] ClientChallenge; // 8-byte challenge generated by the client public KeyValuePairList AVPairs; public NTLMv2ClientChallenge() { } - public NTLMv2ClientChallenge(DateTime time, byte[] clientChallenge, string domainName, string computerName) + public NTLMv2ClientChallenge(DateTime timeStamp, byte[] clientChallenge, string domainName, string computerName) { - ResponseVersion = 1; - ResponseVersionHigh = 1; - Time = time; + CurrentVersion = StructureVersion; + MaximumSupportedVersion = StructureVersion; + TimeStamp = timeStamp; ClientChallenge = clientChallenge; AVPairs = new KeyValuePairList(); AVPairs.Add(AVPairKey.NbDomainName, UnicodeEncoding.Unicode.GetBytes(domainName)); @@ -47,24 +49,28 @@ namespace SMBLibrary.Authentication public NTLMv2ClientChallenge(byte[] buffer, int offset) { - ResponseVersion = ByteReader.ReadByte(buffer, offset + 0); - ResponseVersionHigh = ByteReader.ReadByte(buffer, offset + 1); - long temp = LittleEndianConverter.ToInt64(buffer, offset + 8); - Time = DateTime.FromFileTimeUtc(temp); + CurrentVersion = ByteReader.ReadByte(buffer, offset + 0); + MaximumSupportedVersion = ByteReader.ReadByte(buffer, offset + 1); + Reserved1 = LittleEndianConverter.ToUInt16(buffer, offset + 2); + Reserved2 = LittleEndianConverter.ToUInt32(buffer, offset + 4); + TimeStamp = FileTimeHelper.ReadFileTime(buffer, offset + 8); ClientChallenge = ByteReader.ReadBytes(buffer, offset + 16, 8); + Reserved3 = LittleEndianConverter.ToUInt32(buffer, offset + 24); AVPairs = AVPairUtils.ReadAVPairSequence(buffer, offset + 28); } public byte[] GetBytes() { byte[] sequenceBytes = AVPairUtils.GetAVPairSequenceBytes(AVPairs); - byte[] timeBytes = LittleEndianConverter.GetBytes((ulong)Time.ToFileTimeUtc()); - + byte[] buffer = new byte[28 + sequenceBytes.Length]; - ByteWriter.WriteByte(buffer, 0, ResponseVersion); - ByteWriter.WriteByte(buffer, 1, ResponseVersionHigh); - ByteWriter.WriteBytes(buffer, 8, timeBytes); + ByteWriter.WriteByte(buffer, 0, CurrentVersion); + ByteWriter.WriteByte(buffer, 1, MaximumSupportedVersion); + LittleEndianWriter.WriteUInt16(buffer, 2, Reserved1); + LittleEndianWriter.WriteUInt32(buffer, 4, Reserved2); + FileTimeHelper.WriteFileTime(buffer, 8, TimeStamp); ByteWriter.WriteBytes(buffer, 16, ClientChallenge, 8); + LittleEndianWriter.WriteUInt32(buffer, 24, Reserved3); ByteWriter.WriteBytes(buffer, 28, sequenceBytes); return buffer; }