Module: Net::NTLM

Defined in:: lib/watobo/external/ntlm/ntlm.rb

Defined Under Namespace

Modules: VERSION Classes: Field, FieldSet, Int16LE, Int32LE, Int64LE, Message, SecurityBuffer, String

Constant Summary collapse

SSP_SIGN =

"NTLMSSP\0"

BLOB_SIGN =

0x00000101

LM_MAGIC =

"KGS!@\#$%"

TIME_OFFSET =

11644473600

MAX64 =

0xffffffffffffffff

FLAGS =

{
  :UNICODE              => 0x00000001,
  :OEM                  => 0x00000002,
  :REQUEST_TARGET       => 0x00000004,
  #   :UNKNOWN              => 0x00000008,
  :SIGN                 => 0x00000010,
  :SEAL                 => 0x00000020,
  #   :UNKNOWN              => 0x00000040,
  :NETWARE              => 0x00000100,
  :NTLM                 => 0x00000200,
  #   :UNKNOWN              => 0x00000400,
  #   :UNKNOWN              => 0x00000800,
  :DOMAIN_SUPPLIED      => 0x00001000,
  :WORKSTATION_SUPPLIED => 0x00002000,
  :LOCAL_CALL           => 0x00004000,
  :ALWAYS_SIGN          => 0x00008000,
  :TARGET_TYPE_DOMAIN   => 0x00010000,
  :TARGET_INFO          => 0x00800000,
  :NTLM2_KEY            => 0x00080000,
  :KEY128               => 0x20000000,
  :KEY56                => 0x80000000
}

FLAG_KEYS =

FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }

DEFAULT_FLAGS =

{
  :TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
  :TYPE2 => FLAGS[:UNICODE],
  :TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
}

Blob =

FieldSet.define {
  int32LE    :blob_signature,   {:value => BLOB_SIGN}
  int32LE    :reserved,         {:value => 0}
  int64LE    :timestamp,      {:value => 0}
  string     :challenge,      {:value => "", :size => 8}
  int32LE    :unknown1,     {:value => 0}
  string     :target_info,      {:value => "", :size => 0}
  int32LE    :unknown2,         {:value => 0}
}

Class Method Summary collapse

Class Method Details

.apply_des(plain, keys) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 153

def apply_des(plain, keys)
  dec = OpenSSL::Cipher::DES.new
  keys.map {|k|
    dec.key = k
    dec.encrypt.update(plain)
  }
end

.decode_utf16le(str) ⇒ `Object`



121
122
123

# File 'lib/watobo/external/ntlm/ntlm.rb', line 121

def decode_utf16le(str)
  Kconv.kconv(swap16(str), Kconv::ASCII, Kconv::UTF16)
end

.encode_utf16le(str) ⇒ `Object`



125
126
127

# File 'lib/watobo/external/ntlm/ntlm.rb', line 125

def encode_utf16le(str)
  swap16(Kconv.kconv(str, Kconv::UTF16, Kconv::ASCII))
end

.gen_keys(str) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 145

def gen_keys(str)
  split7(str).map{ |str7| 
    bits = split7(str7.unpack("B*")[0]).inject('')\
      {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s }
    [bits].pack("B*")
  }
end

.lm_hash(password) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 161

def lm_hash(password)
  keys = gen_keys password.upcase.ljust(14, "\0")
  apply_des(LM_MAGIC, keys).join
end

.lm_response(arg) ⇒ `Object`

responses

# File 'lib/watobo/external/ntlm/ntlm.rb', line 184

def lm_response(arg)
  begin
    hash = arg[:lm_hash]
    chal = arg[:challenge]
  rescue
    raise ArgumentError
  end
  chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
  keys = gen_keys hash.ljust(21, "\0")
  apply_des(chal, keys).join
end

.lmv2_response(arg, opt = {}) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 238

def lmv2_response(arg, opt = {})
  key = arg[:ntlmv2_hash]
  chal = arg[:challenge]
  
  chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer)

  if opt[:client_challenge]
    cc  = opt[:client_challenge]
  else
    cc = rand(MAX64)
  end
  cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)

  OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc
end

.ntlm2_session(arg, opt = {}) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 254

def ntlm2_session(arg, opt = {})
  begin
    passwd_hash = arg[:ntlm_hash]
    chal = arg[:challenge]
  rescue
    raise ArgumentError
  end

  if opt[:client_challenge]
    cc  = opt[:client_challenge]
  else
    cc = rand(MAX64)
  end
  cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)

  keys = gen_keys passwd_hash.ljust(21, "\0")
  session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8)
  response = apply_des(session_hash, keys).join
  [cc.ljust(24, "\0"), response]
end

.ntlm_hash(password, opt = {}) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 166

def ntlm_hash(password, opt = {})
  pwd = password.dup
  unless opt[:unicode]
    pwd = encode_utf16le(pwd)
  end
  OpenSSL::Digest::MD4.digest pwd
end

.ntlm_response(arg) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 196

def ntlm_response(arg)
  hash = arg[:ntlm_hash]
  chal = arg[:challenge]
  chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
  keys = gen_keys hash.ljust(21, "\0")
  apply_des(chal, keys).join
end

.ntlmv2_hash(user, password, target, opt = {}) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 174

def ntlmv2_hash(user, password, target, opt={})
  ntlmhash = ntlm_hash(password, opt)
  userdomain = (user + target).upcase
  unless opt[:unicode]
    userdomain = encode_utf16le(userdomain)
  end
  OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain)
end

.ntlmv2_response(arg, opt = {}) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 204

def ntlmv2_response(arg, opt = {})
  begin
    key = arg[:ntlmv2_hash]
    chal = arg[:challenge]
    ti = arg[:target_info]
  rescue
    raise ArgumentError
  end
  chal = NTL::pack_int64le(chal) if chal.is_a?(Integer)
  
  if opt[:client_challenge]
    cc  = opt[:client_challenge]
  else
    cc = rand(MAX64)
  end
  cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer)

  if opt[:timestamp]
    ts = opt[:timestamp]
  else
    ts = Time.now.to_i
  end
  # epoch -> milsec from Jan 1, 1601
  ts = 10000000 * (ts + TIME_OFFSET)

  blob = Blob.new
  blob.timestamp = ts
  blob.challenge = cc
  blob.target_info = ti
  
  bb = blob.serialize
  OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb
end

.pack_int64le(val) ⇒ `Object`



129
130
131

# File 'lib/watobo/external/ntlm/ntlm.rb', line 129

def pack_int64le(val)
    [val & 0x00000000ffffffff, val >> 32].pack("V2")
end

.split7(str) ⇒ `Object`

# File 'lib/watobo/external/ntlm/ntlm.rb', line 137

def split7(str)
  s = str.dup
  until s.empty?
    (ret ||= []).push s.slice!(0, 7)
  end
  ret
end

.swap16(str) ⇒ `Object`



133
134
135

# File 'lib/watobo/external/ntlm/ntlm.rb', line 133

def swap16(str)
  str.unpack("v*").pack("n*")
end

Module: Net::NTLM

Defined Under Namespace

Constant Summary collapse

Class Method Summary collapse

Class Method Details

.apply_des(plain, keys) ⇒ Object

.decode_utf16le(str) ⇒ Object

.encode_utf16le(str) ⇒ Object

.gen_keys(str) ⇒ Object

.lm_hash(password) ⇒ Object

.lm_response(arg) ⇒ Object

.lmv2_response(arg, opt = {}) ⇒ Object

.ntlm2_session(arg, opt = {}) ⇒ Object

.ntlm_hash(password, opt = {}) ⇒ Object

.ntlm_response(arg) ⇒ Object

.ntlmv2_hash(user, password, target, opt = {}) ⇒ Object

.ntlmv2_response(arg, opt = {}) ⇒ Object

.pack_int64le(val) ⇒ Object

.split7(str) ⇒ Object

.swap16(str) ⇒ Object

.apply_des(plain, keys) ⇒ `Object`

.decode_utf16le(str) ⇒ `Object`

.encode_utf16le(str) ⇒ `Object`

.gen_keys(str) ⇒ `Object`

.lm_hash(password) ⇒ `Object`

.lm_response(arg) ⇒ `Object`

.lmv2_response(arg, opt = {}) ⇒ `Object`

.ntlm2_session(arg, opt = {}) ⇒ `Object`

.ntlm_hash(password, opt = {}) ⇒ `Object`

.ntlm_response(arg) ⇒ `Object`

.ntlmv2_hash(user, password, target, opt = {}) ⇒ `Object`

.ntlmv2_response(arg, opt = {}) ⇒ `Object`

.pack_int64le(val) ⇒ `Object`

.split7(str) ⇒ `Object`

.swap16(str) ⇒ `Object`