Module: Net::NTLM
- Defined in:
- lib/net/ntlm.rb
Defined Under Namespace
Modules: VERSION
Classes: Field, FieldSet, Int16LE, Int32LE, Int64LE, Message, SecurityBuffer, String
Constant Summary
collapse
- SSP_SIGN =
"NTLMSSP\0"
- BLOB_SIGN =
0x00000101
- LM_MAGIC =
"KGS!@\#$%"
- TIME_OFFSET =
11644473600
- MAX64 =
0xffffffffffffffff
- FLAGS =
{
:UNICODE => 0x00000001,
:OEM => 0x00000002,
:REQUEST_TARGET => 0x00000004,
:SIGN => 0x00000010,
:SEAL => 0x00000020,
:NETWARE => 0x00000100,
:NTLM => 0x00000200,
:DOMAIN_SUPPLIED => 0x00001000,
:WORKSTATION_SUPPLIED => 0x00002000,
:LOCAL_CALL => 0x00004000,
:ALWAYS_SIGN => 0x00008000,
:TARGET_TYPE_DOMAIN => 0x00010000,
:TARGET_INFO => 0x00800000,
:NTLM2_KEY => 0x00080000,
:KEY128 => 0x20000000,
:KEY56 => 0x80000000
}
- FLAG_KEYS =
FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
- DEFAULT_FLAGS =
{
:TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
:TYPE2 => FLAGS[:UNICODE],
:TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
}
- Blob =
FieldSet.define {
int32LE :blob_signature, {:value => BLOB_SIGN}
int32LE :reserved, {:value => 0}
int64LE :timestamp, {:value => 0}
string :challenge, {:value => "", :size => 8}
int32LE :unknown1, {:value => 0}
string :target_info, {:value => "", :size => 0}
int32LE :unknown2, {:value => 0}
}
Class Method Summary
collapse
Class Method Details
.apply_des(plain, keys) ⇒ Object
130
131
132
133
134
135
136
|
# File 'lib/net/ntlm.rb', line 130
def apply_des(plain, keys)
dec = OpenSSL::Cipher::DES.new
keys.map {|k|
dec.key = k
dec.encrypt.update(plain)
}
end
|
.decode_utf16le(str) ⇒ Object
98
99
100
|
# File 'lib/net/ntlm.rb', line 98
def decode_utf16le(str)
Kconv.kconv(swap16(str), Kconv::ASCII, Kconv::UTF16)
end
|
.encode_utf16le(str) ⇒ Object
102
103
104
|
# File 'lib/net/ntlm.rb', line 102
def encode_utf16le(str)
swap16(Kconv.kconv(str, Kconv::UTF16, Kconv::ASCII))
end
|
.gen_keys(str) ⇒ Object
122
123
124
125
126
127
128
|
# File 'lib/net/ntlm.rb', line 122
def gen_keys(str)
split7(str).map{ |str7|
bits = split7(str7.unpack("B*")[0]).inject('')\
{|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s }
[bits].pack("B*")
}
end
|
.lm_hash(password) ⇒ Object
138
139
140
141
|
# File 'lib/net/ntlm.rb', line 138
def lm_hash(password)
keys = gen_keys password.upcase.ljust(14, "\0")
apply_des(LM_MAGIC, keys).join
end
|
.lm_response(arg) ⇒ Object
161
162
163
164
165
166
167
168
169
170
171
|
# File 'lib/net/ntlm.rb', line 161
def lm_response(arg)
begin
hash = arg[:lm_hash]
chal = arg[:challenge]
rescue
raise ArgumentError
end
chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
keys = gen_keys hash.ljust(21, "\0")
apply_des(chal, keys).join
end
|
.lmv2_response(arg, opt = {}) ⇒ Object
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
|
# File 'lib/net/ntlm.rb', line 215
def lmv2_response(arg, opt = {})
key = arg[:ntlmv2_hash]
chal = arg[:challenge]
chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)
if opt[:client_challenge]
cc = opt[:client_challenge]
else
cc = rand(MAX64)
end
cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
end
|
.ntlm2_session(arg, opt = {}) ⇒ Object
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
|
# File 'lib/net/ntlm.rb', line 231
def ntlm2_session(arg, opt = {})
begin
passwd_hash = arg[:ntlm_hash]
chal = arg[:challenge]
rescue
raise ArgumentError
end
if opt[:client_challenge]
cc = opt[:client_challenge]
else
cc = rand(MAX64)
end
cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
keys = gen_keys passwd_hash.ljust(21, "\0")
session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8)
response = apply_des(session_hash, keys).join
[cc.ljust(24, "\0"), response]
end
|
.ntlm_hash(password, opt = {}) ⇒ Object
143
144
145
146
147
148
149
|
# File 'lib/net/ntlm.rb', line 143
def ntlm_hash(password, opt = {})
pwd = password.dup
unless opt[:unicode]
pwd = encode_utf16le(pwd)
end
OpenSSL::Digest::MD4.digest pwd
end
|
.ntlm_response(arg) ⇒ Object
173
174
175
176
177
178
179
|
# File 'lib/net/ntlm.rb', line 173
def ntlm_response(arg)
hash = arg[:ntlm_hash]
chal = arg[:challenge]
chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
keys = gen_keys hash.ljust(21, "\0")
apply_des(chal, keys).join
end
|
.ntlmv2_hash(user, password, target, opt = {}) ⇒ Object
151
152
153
154
155
156
157
158
|
# File 'lib/net/ntlm.rb', line 151
def ntlmv2_hash(user, password, target, opt={})
ntlmhash = ntlm_hash(password, opt)
userdomain = (user + target).upcase
unless opt[:unicode]
userdomain = encode_utf16le(userdomain)
end
OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
end
|
.ntlmv2_response(arg, opt = {}) ⇒ Object
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
|
# File 'lib/net/ntlm.rb', line 181
def ntlmv2_response(arg, opt = {})
begin
key = arg[:ntlmv2_hash]
chal = arg[:challenge]
ti = arg[:target_info]
rescue
raise ArgumentError
end
chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
if opt[:client_challenge]
cc = opt[:client_challenge]
else
cc = rand(MAX64)
end
cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)
if opt[:timestamp]
ts = opt[:timestamp]
else
ts = Time.now.to_i
end
ts = 10000000 * (ts + TIME_OFFSET)
blob = Blob.new
blob.timestamp = ts
blob.challenge = cc
blob.target_info = ti
bb = blob.serialize
OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
end
|
.pack_int64le(val) ⇒ Object
106
107
108
|
# File 'lib/net/ntlm.rb', line 106
def pack_int64le(val)
[val & 0x00000000ffffffff, val >> 32].pack("V2")
end
|
.split7(str) ⇒ Object
114
115
116
117
118
119
120
|
# File 'lib/net/ntlm.rb', line 114
def split7(str)
s = str.dup
until s.empty?
(ret ||= []).push s.slice!(0, 7)
end
ret
end
|
.swap16(str) ⇒ Object
110
111
112
|
# File 'lib/net/ntlm.rb', line 110
def swap16(str)
str.unpack("v*").pack("n*")
end
|