Module: RubySMB::Dcerpc::Netlogon

Defined in:

lib/ruby_smb/dcerpc/netlogon.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_request.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_request.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_request.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_authenticate3_response.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_password_set2_response.rb,
lib/ruby_smb/dcerpc/netlogon/netr_server_req_challenge_response.rb

Defined Under Namespace

Classes: LogonsrvHandle, NetlogonAuthenticator, NetlogonCredential, NetlogonSecureChannelType, NetrServerAuthenticate3Request, NetrServerAuthenticate3Response, NetrServerPasswordSet2Request, NetrServerPasswordSet2Response, NetrServerReqChallengeRequest, NetrServerReqChallengeResponse

Constant Summary

UUID =

see: https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nrpc/592edbc8-f6f1-40c0-9ab3-fe6725ac6d7e

'12345678-1234-abcd-ef00-01234567cffb'

VER_MAJOR =

1

VER_MINOR =

0

NETR_SERVER_REQ_CHALLENGE =

Operation numbers

4

NETR_SERVER_AUTHENTICATE3 =

26

NETR_SERVER_PASSWORD_SET2 =

30

Class Method Summary

• .calculate_session_key(shared_secret, client_challenge, server_challenge) ⇒ String

  Calculate the netlogon session key from the provided shared secret and challenges.

• .encrypt_credential(session_key, input_data) ⇒ String

  Encrypt the input data using the specified session key.

Class Method Details

.calculate_session_key(shared_secret, client_challenge, server_challenge) ⇒ String

Calculate the netlogon session key from the provided shared secret and challenges. The shared secret is an NTLM hash.

Parameters:

• shared_secret (String) —

  the share secret between the client and the server

• client_challenge (String) —

  the client challenge portion of the negotiation

• server_challenge (String) —

  the server challenge portion of the negotiation

Returns:

• (String) —

  the session key for encryption

# File 'lib/ruby_smb/dcerpc/netlogon.rb', line 76

def self.calculate_session_key(shared_secret, client_challenge, server_challenge)
  client_challenge = client_challenge.to_binary_s if client_challenge.is_a? NetlogonCredential
  server_challenge = server_challenge.to_binary_s if server_challenge.is_a? NetlogonCredential

  hmac = OpenSSL::HMAC.new(shared_secret, OpenSSL::Digest::SHA256.new)
  hmac << client_challenge
  hmac << server_challenge
  hmac.digest.first(16)
end

.encrypt_credential(session_key, input_data) ⇒ String

Encrypt the input data using the specified session key. This is used for certain Netlogon service operations including the authentication process. Per the specification, this uses AES-128-CFB8 with an all zero initialization vector.

Parameters:

• session_key (String) —

  the session key to use for encryption (must be 16 bytes long)

• input_data (String) —

  the data to encrypt

Returns:

• (String) —

  the encrypted data

# File 'lib/ruby_smb/dcerpc/netlogon.rb', line 94

def self.encrypt_credential(session_key, input_data)
  cipher = OpenSSL::Cipher.new('AES-128-CFB8').encrypt
  cipher.iv = "\x00" * 16
  cipher.key = session_key
  cipher.update(input_data) + cipher.final
end