def test_hNetrServerReqChallenge_hNetrServerAuthenticate(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp.dump()
try:
resp = nrpc.hNetrServerAuthenticate(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_NetrServerReqChallenge_NetrServerAuthenticate(self):
dce, rpctransport = self.connect()
request = nrpc.NetrServerReqChallenge()
request['PrimaryName'] = NULL
request['ComputerName'] = self.serverName + '\x00'
request['ClientChallenge'] = '12345678'
resp = dce.request(request)
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
request = nrpc.NetrServerAuthenticate()
request['PrimaryName'] = NULL
request['AccountName'] = self.username + '\x00'
request[
'SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
try:
resp = dce.request(request)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_hNetrServerReqChallenge_NetrServerAuthenticate2(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
request = nrpc.NetrServerAuthenticate2()
request['PrimaryName'] = NULL
request['AccountName'] = self.username + '\x00'
request[
'SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
request['NegotiateFlags'] = 0x600FFFFF
resp = dce.request(request)
resp.dump()
def connect(self):
rpctransport = transport.DCERPCTransportFactory(self.stringBinding)
if len(self.hashes) > 0:
lmhash, nthash = self.hashes.split(':')
else:
lmhash = ''
nthash = ''
if hasattr(rpctransport, 'set_credentials'):
# This method exists only for selected protocol sequences.
rpctransport.set_credentials(self.username, self.password,
self.domain, lmhash, nthash)
dce = rpctransport.get_dce_rpc()
#dce.set_auth_level(RPC_C_AUTHN_LEVEL_PKT_INTEGRITY)
dce.connect()
dce.bind(nrpc.MSRPC_UUID_NRPC)
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
self.sessionKey = nrpc.ComputeSessionKeyStrongKey(
self.password, '12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', self.sessionKey)
try:
resp = nrpc.hNetrServerAuthenticate3(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp, 0x600FFFFF)
resp.dump()
except Exception, e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_hNetrServerReqChallenge_hNetrServerAuthenticate3(self):
dce, rpctransport = self.connect()
resp = nrpc.hNetrServerReqChallenge(dce, NULL,
self.serverName + '\x00',
'12345678')
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp = nrpc.hNetrServerAuthenticate3(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp, 0x600FFFFF)
resp.dump()
def update_authenticator(self):
authenticator = nrpc.NETLOGON_AUTHENTICATOR()
authenticator['Credential'] = nrpc.ComputeNetlogonCredential(
self.clientStoredCredential, self.sessionKey)
authenticator['Timestamp'] = 10
return authenticator