Class: Rex::Proto::LDAP::AuthAdapter::RexNTLM

Inherits:
Net::LDAP::AuthAdapter
  • Object
show all
Defined in:
lib/rex/proto/ldap/auth_adapter/rex_ntlm.rb,
lib/rex/proto/ldap/auth_adapter/rex_ntlm/encryptor.rb

Defined Under Namespace

Classes: Encryptor

Instance Method Summary collapse

Instance Method Details

#bind(auth) ⇒ Object 



9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/rex/proto/ldap/auth_adapter/rex_ntlm.rb', line 9

def bind(auth)
  flags = 0 |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:UNICODE] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:REQUEST_TARGET] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:NTLM] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:ALWAYS_SIGN] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:EXTENDED_SECURITY] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY_EXCHANGE] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:TARGET_INFO] |
      RubySMB::NTLM::NEGOTIATE_FLAGS[:VERSION_INFO]

  if auth[:sign_and_seal]
    flags = flags |
        RubySMB::NTLM::NEGOTIATE_FLAGS[:SIGN] |
        RubySMB::NTLM::NEGOTIATE_FLAGS[:SEAL] |
        RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY128] |
        RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY56]
  end

  ntlm_client = RubySMB::NTLM::Client.new(
    (auth[:username].nil? ? '' : auth[:username]),
    (auth[:password].nil? ? '' : auth[:password]),
    workstation: 'WORKSTATION',
    domain: auth[:domain].blank? ? '.' : auth[:domain],
    flags: flags
  )

  challenge_response = proc do |challenge|
    challenge.force_encoding(Encoding::BINARY)
    type2_message = Net::NTLM::Message.parse(challenge)
    channel_binding = nil
    if @connection.socket.respond_to?(:peer_cert)
      channel_binding = Rex::Proto::Gss::ChannelBinding.from_tls_cert(@connection.socket.peer_cert)
    end

    type3_message = ntlm_client.init_context(type2_message.encode64, channel_binding)
    type3_message.serialize
  end

  result = Net::LDAP::AuthAdapter::Sasl.new(@connection).bind(
    method: :sasl,
    mechanism: 'GSS-SPNEGO',
    initial_credential: ntlm_client.init_context.serialize,
    challenge_response: challenge_response
  )

  if auth[:sign_and_seal]
    encryptor = Encryptor.new(ntlm_client)
    encryptor.setup(@connection)
  end

  result
end