Ejemplo n.º 1
0
    def test_unpack_long_form_one_octet(self):
        test_data = hex_to_byte('02 81 80') + hex_to_byte('31') * 128
        expected_data = b'1' * 128
        expected_octets = 131

        actual_data, actual_octets = unpack_asn1(test_data)

        assert actual_data == expected_data
        assert actual_octets == expected_octets
Ejemplo n.º 2
0
    def test_pack_unpack_long_form_four_octets(self):
        test_data = b'1' * 16777216

        expected_data = hex_to_byte('31') * 16777216
        expected = hex_to_byte('84 01 00 00 00') + expected_data

        actual = pack_asn1(test_data)

        assert actual == expected
Ejemplo n.º 3
0
    def test_pack_unpack_long_form_two_octets(self):
        test_data = b'1' * 256

        expected_data = hex_to_byte('31') * 256
        expected = hex_to_byte('82 01 00') + expected_data

        actual = pack_asn1(test_data)

        assert actual == expected
Ejemplo n.º 4
0
    def test_unpack_long_form_two_octets(self):
        test_data = hex_to_byte('02 82 01 00') + hex_to_byte('31') * 256
        expected_data = b'1' * 256
        expected_octets = 260

        actual_data, actual_octets = unpack_asn1(test_data)

        assert actual_data == expected_data
        assert actual_octets == expected_octets
Ejemplo n.º 5
0
    def test_pack_long_form_one_octet(self):
        test_data = b'1' * 128

        expected_data = hex_to_byte('31') * 128
        expected = hex_to_byte('81 80') + expected_data

        actual = pack_asn1(test_data)

        assert actual == expected
Ejemplo n.º 6
0
    def test_pack_unpack_long_form_three_octets(self):
        test_data = b'1' * 65536

        expected_data = hex_to_byte('31') * 65536
        expected = hex_to_byte('83 01 00 00') + expected_data

        actual = pack_asn1(test_data)

        assert actual == expected
Ejemplo n.º 7
0
    def test_unpack_long_form_three_octets(self):
        test_data = hex_to_byte('02 83 01 00 00') + hex_to_byte('31') * 65536
        expected_data = b'1' * 65536
        expected_octets = 65541

        actual_data, actual_octets = unpack_asn1(test_data)

        assert actual_data == expected_data
        assert actual_octets == expected_octets
Ejemplo n.º 8
0
    def test_unpack_long_form_fource_octets(self):
        test_data = hex_to_byte(
            '02 84 01 00 00 00') + hex_to_byte('31') * 16777216
        expected_data = b'1' * 16777216
        expected_octets = 16777222

        actual_data, actual_octets = unpack_asn1(test_data)

        assert actual_data == expected_data
        assert actual_octets == expected_octets
Ejemplo n.º 9
0
    def test_pack_short_form(self):
        test_data = b'1'
        expected = hex_to_byte('01 31')

        actual = pack_asn1(test_data)

        assert actual == expected
Ejemplo n.º 10
0
    def test_unpack_short_form(self):
        test_data = hex_to_byte('02 01 31')
        expected_data = b'1'
        expected_octets = 3

        actual_data, actual_octets = unpack_asn1(test_data)

        assert actual_data == expected_data
        assert actual_octets == expected_octets
    def test_parse_nego_data_wrong_sequence(self):
        test_data = hex_to_byte('30 05 A5 03 04 01 03')

        with self.assertRaises(AsnStructureException) as context:
            test_nego_data = NegoData()
            test_nego_data.parse_data(test_data)

        assert context.exception.args[
            0] == 'Expecting sequence (a0) for negoToken, was (a5)'
    def test_parse_ts_request_wrong_type(self):
        test_data = hex_to_byte('A0 00 00 00 00')

        with self.assertRaises(AsnStructureException) as context:
            test_ts_request = TSRequest()
            test_ts_request.parse_data(test_data)

        assert context.exception.args[
            0] == 'Expecting TSRequest type to be (30), was (a0)'
    def test_parse_nego_data_wrong_structure_type(self):
        test_data = hex_to_byte('31 05 A0 03 04 01 03')

        with self.assertRaises(AsnStructureException) as context:
            test_nego_data = NegoData()
            test_nego_data.parse_data(test_data)

        assert context.exception.args[
            0] == 'Expecting NegoData type to be (30), was (31)'
    def test_parse_nego_data_wrong_type(self):
        test_data = hex_to_byte('30 05 A0 03 02 01 03')

        with self.assertRaises(AsnStructureException) as context:
            test_nego_data = NegoData()
            test_nego_data.parse_data(test_data)

        assert context.exception.args[
            0] == 'Expecting negoToken type to be (4), was (2)'
    def test_parse_ts_request_invalid_sequence(self):
        test_data = hex_to_byte('30 13 A0 03 02 01 03 A6 03 02 01 01')

        with self.assertRaises(AsnStructureException) as context:
            test_ts_request = TSRequest()
            test_ts_request.parse_data(test_data)

        assert context.exception.args[
            0] == 'Unknown sequence byte (a6) in sequence'
Ejemplo n.º 16
0
    def test_verify_public_key_good(self, mock_unwrap):
        test_credssp_context = HttpCredSSPAuth('', '')
        test_ntlm_context = ntlm.Ntlm()
        test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
        test_credssp_context.context = test_ntlm_context
        test_ts_request = TSRequest()
        test_ts_request.parse_data(public_key_ts_request)
        test_public_key = hex_to_byte('00') + server_pub_key_token[1:]

        test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
    def test_check_error_code_undefinied(self):
        expected_byte = b'c000006e'
        test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6E')

        with self.assertRaises(NTStatusException) as context:
            test_ts_request = TSRequest()
            test_ts_request.parse_data(test_data)
            test_ts_request.check_error_code()

        assert context.exception.args[
            0] == 'NTSTATUS error: Not Defined %s' % expected_byte
    def test_check_error_code_logon_failure(self):
        expected_byte = b'c000006d'
        test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6D')

        with self.assertRaises(NTStatusException) as context:
            test_ts_request = TSRequest()
            test_ts_request.parse_data(test_data)
            test_ts_request.check_error_code()

        assert context.exception.args[
            0] == 'STATUS_LOGON_FAILURE - %s' % expected_byte
Ejemplo n.º 19
0
    def test_verify_public_key_invalid(self, mock_unwrap):
        test_credssp_context = HttpCredSSPAuth('', '')
        test_ntlm_context = ntlm.Ntlm()
        test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
        test_credssp_context.context = test_ntlm_context
        test_ts_request = TSRequest()
        test_ts_request.parse_data(public_key_ts_request)

        # Use the wrong first byte to ensure the keys don't match
        test_public_key = hex_to_byte('01') + server_pub_key_token[1:]

        with self.assertRaises(AssertionError) as context:
            test_credssp_context._verify_public_keys(test_public_key, test_ts_request)

        assert context.exception.args[0] == 'Could not verify key sent from the server, possibly man in the middle attack'
Ejemplo n.º 20
0
"""
These values have been computed manually from a working CredSSP implementation. Unfortunately Microsoft
don't have examples in the MS-CSSP document which details the protocol but this is the next best thing.

You can use a program like ASN.1 Editor to view the binary file of these hex strings in an easy to view format.
https://www.sysadmins.lv/blog-en/asn1-editor-wpf-edition.aspx
"""

domain = 'CORP'.encode('utf-16le')
user = '******'.encode('utf-16le')
password = '******'.encode('utf-16le')

# The negotiate token sent to the server first
negotiate_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 01 00 00 00 32 90 88 E2'
                                    '04 00 04 00 28 00 00 00 00 00 00 00 2C 00 00 00'
                                    '06 01 B1 1D 00 00 00 0F 43 4F 52 50')

negotiate_nego_data = utils.hex_to_byte('30 30 A0 2E 04 2C') + negotiate_token

negotiate_ts_request = utils.hex_to_byte('30 3B A0 03 02 01 03 A1 34 30 32') + negotiate_nego_data

# The challenge token received from the server
challenge_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 02 00 00 00 04 00 04 00'
                                    '38 00 00 00 36 82 89 E2 45 80 F2 D5 B4 F3 ED 50'
                                    '00 00 00 00 00 00 00 00 B2 00 B2 00 3C 00 00 00'
                                    '06 01 B1 1D 00 00 00 0F 43 4F 52 50 02 00 08 00'
                                    '43 00 4F 00 52 00 50 00 01 00 1A 00 43 00 4F 00'
                                    '4D 00 50 00 55 00 54 00 45 00 52 00 48 00 4F 00'
                                    '53 00 54 00 31 00 04 00 1E 00 63 00 6F 00 72 00'
                                    '70 00 2E 00 6F 00 72 00 67 00 2E 00 63 00 6F 00'