Class: Rex::Proto::NTLM::Constants

Inherits:

Object

Object
Rex::Proto::NTLM::Constants

show all

Defined in:: lib/rex/proto/ntlm/constants.rb

Constant Summary collapse

SSP_SIGN =

"NTLMSSP\0"

BLOB_SIGN =

0x00000101

LM_MAGIC =

"KGS!@\#$%"

TIME_OFFSET =

11644473600

MAX64 =

0xffffffffffffffff

FLAGS =

{
:UNICODE              => 0x00000001,
:OEM                  => 0x00000002,
:REQUEST_TARGET       => 0x00000004,
#:UNKNOWN              => 0x00000008,
:SIGN                 => 0x00000010,
:SEAL                 => 0x00000020,
#:UNKNOWN              => 0x00000040,
:NETWARE              => 0x00000100,
:NTLM                 => 0x00000200,
#:UNKNOWN              => 0x00000400,
#:UNKNOWN              => 0x00000800,
:DOMAIN_SUPPLIED      => 0x00001000,
:WORKSTATION_SUPPLIED => 0x00002000,
:LOCAL_CALL           => 0x00004000,
:ALWAYS_SIGN          => 0x00008000,
:TARGET_TYPE_DOMAIN   => 0x00010000,
:TARGET_INFO          => 0x00800000,
:NTLM2_KEY            => 0x00080000,
:KEY128               => 0x20000000,
:KEY56                => 0x80000000
}

FLAG_KEYS =

FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }

DEFAULT_FLAGS =

{
:TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
:TYPE2 => FLAGS[:UNICODE],
:TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
}

NTLM_V1_RESPONSE = NTLM Response Type

NTLM_V2_RESPONSE =

NTLM_2_SESSION_RESPONSE =

NEGOTIATE_UNICODE = the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility NTLMSSP Message Flags

0x00000001

NEGOTIATE_OEM = Only set if Type 1 contains it - this or oem, not both

0x00000002

REQUEST_TARGET = Only set if Type 1 contains it - this or unicode, not both

0x00000004

NEGOTIATE_SIGN = If set in Type 1, must return domain or server

0x00000010

NEGOTIATE_SEAL = Session signature required

0x00000020

NEGOTIATE_LMKEY = Session seal required

0x00000080

NEGOTIATE_NTLM = LM Session Key should be used for signing and sealing

0x00000200

NEGOTIATE_ANONYMOUS = NTLM auth is supported

0x00000800

NEGOTIATE_DOMAIN = Anonymous context used

0x00001000

NEGOTIATE_WORKSTATION = Sent in Type1, client gives domain info

0x00002000

NEGOTIATE_LOCAL_CALL = Sent in Type1, client gives workstation info

0x00004000

NEGOTIATE_ALWAYS_SIGN = Server and client are on same machine

0x00008000

TARGET_TYPE_DOMAIN = Add signatures to packets

0x00010000

TARGET_TYPE_SERVER = If REQUEST_TARGET, we’re adding the domain name

0x00020000

TARGET_TYPE_SHARE = If REQUEST_TARGET, we’re adding the server name

0x00040000

NEGOTIATE_NTLM2_KEY = Supposed to denote “a share” but for a webserver?

0x00080000

NEGOTIATE_TARGET_INFO = NTLMv2 Signature and Key exchanges

0x00800000

NEGOTIATE_128 = Server set when sending Target Information Block

0x20000000

NEGOTIATE_KEY_EXCH = 128-bit encryption supported

0x40000000

NEGOTIATE_56 = Client will supply encrypted master key in Session Key field of Type3 msg

0x80000000