Class: Rex::Proto::NTLM::Constants

Inherits:
Object
  • Object
show all
Defined in:
lib/rex/proto/ntlm/constants.rb

Constant Summary collapse

SSP_SIGN =
"NTLMSSP\0"
BLOB_SIGN =
0x00000101
LM_MAGIC =
"[email protected]\#$%"
TIME_OFFSET =
11644473600
MAX64 =
0xffffffffffffffff
FLAGS =
{
:UNICODE              => 0x00000001,
:OEM                  => 0x00000002,
:REQUEST_TARGET       => 0x00000004,
#:UNKNOWN              => 0x00000008,
:SIGN                 => 0x00000010,
:SEAL                 => 0x00000020,
#:UNKNOWN              => 0x00000040,
:NETWARE              => 0x00000100,
:NTLM                 => 0x00000200,
#:UNKNOWN              => 0x00000400,
#:UNKNOWN              => 0x00000800,
:DOMAIN_SUPPLIED      => 0x00001000,
:WORKSTATION_SUPPLIED => 0x00002000,
:LOCAL_CALL           => 0x00004000,
:ALWAYS_SIGN          => 0x00008000,
:TARGET_TYPE_DOMAIN   => 0x00010000,
:TARGET_INFO          => 0x00800000,
:NTLM2_KEY            => 0x00080000,
:KEY128               => 0x20000000,
:KEY56                => 0x80000000
}
FLAG_KEYS =
FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
DEFAULT_FLAGS =
{
:TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
:TYPE2 => FLAGS[:UNICODE],
:TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
}
NTLM_V1_RESPONSE =

NTLM Response Type

1
NTLM_V2_RESPONSE =
2
NTLM_2_SESSION_RESPONSE =
3
NEGOTIATE_UNICODE =

the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility NTLMSSP Message Flags

0x00000001
NEGOTIATE_OEM =
0x00000002
REQUEST_TARGET =
0x00000004
NEGOTIATE_SIGN =
0x00000010
NEGOTIATE_SEAL =
0x00000020
NEGOTIATE_LMKEY =
0x00000080
NEGOTIATE_NTLM =
0x00000200
NEGOTIATE_ANONYMOUS =
0x00000800
NEGOTIATE_DOMAIN =
0x00001000
NEGOTIATE_WORKSTATION =
0x00002000
NEGOTIATE_LOCAL_CALL =
0x00004000
NEGOTIATE_ALWAYS_SIGN =
0x00008000
TARGET_TYPE_DOMAIN =
0x00010000
TARGET_TYPE_SERVER =
0x00020000
TARGET_TYPE_SHARE =
0x00040000
NEGOTIATE_NTLM2_KEY =
0x00080000
NEGOTIATE_TARGET_INFO =
0x00800000
NEGOTIATE_128 =
0x20000000
NEGOTIATE_KEY_EXCH =
0x40000000
NEGOTIATE_56 =

Only set if Type 1 contains it - this or oem, not both Only set if Type 1 contains it - this or unicode, not both If set in Type 1, must return domain or server Session signature required Session seal required LM Session Key should be used for signing and sealing NTLM auth is supported Anonymous context used Sent in Type1, client gives domain info Sent in Type1, client gives workstation info Server and client are on same machine Add signatures to packets If REQUEST_TARGET, we're adding the domain name If REQUEST_TARGET, we're adding the server name Supposed to denote “a share” but for a webserver? NTLMv2 Signature and Key exchanges Server set when sending Target Information Block 128-bit encryption supported Client will supply encrypted master key in Session Key field of Type3 msg 56-bit encryption supported

0x80000000