Python Fields.from_buffer Examples

Programming Language: Python

Namespace/Package Name: msldap.authentication.ntlm.structures.fields

Class/Type: Fields

Method/Function: from_buffer

Examples at hotexamples.com: 3

Python Fields.from_buffer - 3 examples found. These are the top rated real world Python examples of msldap.authentication.ntlm.structures.fields.Fields.from_buffer extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

Fields(3)

from_buffer(3)

Frequently Used Methods

Fields (3)

from_buffer (3)

Example #1

Show file

    def from_buffer(buff):
        t = NTLMChallenge()
        t.Signature = buff.read(8)
        t.MessageType = int.from_bytes(buff.read(4),
                                       byteorder='little',
                                       signed=False)
        t.TargetNameFields = Fields.from_buffer(buff)
        t.NegotiateFlags = NegotiateFlags(
            int.from_bytes(buff.read(4), byteorder='little', signed=False))
        t.ServerChallenge = buff.read(8)
        t.Reserved = buff.read(8)
        t.TargetInfoFields = Fields.from_buffer(buff)

        if t.NegotiateFlags & NegotiateFlags.NEGOTIATE_VERSION:
            t.Version = Version.from_buffer(buff)

        currPos = buff.tell()
        t.Payload = buff.read()

        if t.TargetNameFields.length != 0:
            buff.seek(t.TargetNameFields.offset, io.SEEK_SET)
            raw_data = buff.read(t.TargetNameFields.length)
            try:
                t.TargetName = raw_data.decode('utf-16le')
            except UnicodeDecodeError:
                # yet another cool bug.
                t.TargetName = raw_data.decode('utf-8')

        if t.TargetInfoFields.length != 0:
            buff.seek(t.TargetInfoFields.offset, io.SEEK_SET)
            raw_data = buff.read(t.TargetInfoFields.length)
            t.TargetInfo = AVPairs.from_bytes(raw_data)

        return t

Example #2

Show file

File: negotiate.py Project: zhuby1973/msldap

    def from_buffer(buff):
        t = NTLMNegotiate()
        t.Signature = buff.read(8)
        t.MessageType = int.from_bytes(buff.read(4),
                                       byteorder='little',
                                       signed=False)
        t.NegotiateFlags = NegotiateFlags(
            int.from_bytes(buff.read(4), byteorder='little', signed=False))
        t.DomainNameFields = Fields.from_buffer(buff)
        t.WorkstationFields = Fields.from_buffer(buff)

        if t.NegotiateFlags & NegotiateFlags.NEGOTIATE_VERSION:
            t.Version = Version.from_buffer(buff)

        currPos = buff.tell()
        t.Payload = buff.read()

        #currPos = buff.tell()

        if t.DomainNameFields.length != 0:
            buff.seek(t.DomainNameFields.offset, io.SEEK_SET)
            raw_data = buff.read(t.WorkstationFields.length)
            #print(raw_data)
            #print(t.DomainNameFields.length)
            try:
                t.Domain = raw_data.decode('utf-16le')
            except UnicodeDecodeError:
                # yet another cool bug.
                t.Domain = raw_data.decode('utf-8')

        if t.WorkstationFields.length != 0:
            buff.seek(t.WorkstationFields.offset, io.SEEK_SET)
            raw_data = buff.read(t.WorkstationFields.length)
            try:
                t.Workstation = raw_data.decode('utf-16le')
            except UnicodeDecodeError:
                # yet another cool bug.
                t.Workstation = raw_data.decode('utf-8')

        #buff.seek(currPos, io.SEEK_SET)

        return t

Example #3

Show file

    def from_buffer(buff, _use_NTLMv2=True):
        auth = NTLMAuthenticate(_use_NTLMv2)
        auth.Signature = buff.read(8)
        auth.MessageType = int.from_bytes(buff.read(4),
                                          byteorder='little',
                                          signed=False)
        auth.LmChallengeResponseFields = Fields.from_buffer(buff)
        auth.NtChallengeResponseFields = Fields.from_buffer(buff)
        auth.DomainNameFields = Fields.from_buffer(buff)
        auth.UserNameFields = Fields.from_buffer(buff)
        auth.WorkstationFields = Fields.from_buffer(buff)
        auth.EncryptedRandomSessionKeyFields = Fields.from_buffer(buff)
        auth.NegotiateFlags = NegotiateFlags(
            int.from_bytes(buff.read(4), byteorder='little', signed=False))
        if auth.NegotiateFlags & NegotiateFlags.NEGOTIATE_VERSION:
            auth.Version = Version.from_buffer(buff)

        # TODO: I'm not sure about this condition!!! Need to test this!
        if auth.NegotiateFlags & NegotiateFlags.NEGOTIATE_ALWAYS_SIGN:
            auth.MIC = buff.read(16)

        currPos = buff.tell()
        auth.Payload = buff.read()

        if auth._use_NTLMv2 and auth.NtChallengeResponseFields.length > 24:
            buff.seek(auth.LmChallengeResponseFields.offset, io.SEEK_SET)
            auth.LMChallenge = LMv2Response.from_buffer(buff)

            buff.seek(auth.NtChallengeResponseFields.offset, io.SEEK_SET)
            auth.NTChallenge = NTLMv2Response.from_buffer(buff)

        else:
            buff.seek(auth.LmChallengeResponseFields.offset, io.SEEK_SET)
            auth.LMChallenge = LMResponse.from_buffer(buff)

            buff.seek(auth.NtChallengeResponseFields.offset, io.SEEK_SET)
            auth.NTChallenge = NTLMv1Response.from_buffer(buff)

        buff.seek(auth.DomainNameFields.offset, io.SEEK_SET)
        auth.DomainName = buff.read(
            auth.DomainNameFields.length).decode('utf-16le')

        buff.seek(auth.UserNameFields.offset, io.SEEK_SET)
        auth.UserName = buff.read(
            auth.UserNameFields.length).decode('utf-16le')

        buff.seek(auth.WorkstationFields.offset, io.SEEK_SET)
        auth.Workstation = buff.read(
            auth.WorkstationFields.length).decode('utf-16le')

        buff.seek(auth.EncryptedRandomSessionKeyFields.offset, io.SEEK_SET)
        auth.EncryptedRandomSession = buff.read(
            auth.EncryptedRandomSessionKeyFields.length)

        buff.seek(currPos, io.SEEK_SET)

        return auth