def __init__(self,
ipdc,
domain,
socketFactory=socket,
smbFactory=None,
verbose=False):
NTLM_Proxy.__init__(self, ipdc, self._portdc, domain,
lambda: SMB_Context(), socketFactory)
self.debug = verbose
def __init__(self,
ipad,
domain,
socketFactory=socket,
ldapFactory=None,
base='',
verbose=False):
global debug
NTLM_Proxy.__init__(self, ipad, self._portad, domain,
lambda: LDAP_Context(), socketFactory)
self.base = base
self.debug = verbose
def __init__(self,
ipad,
domain,
socketFactory=socket,
ldapFactory=None,
base='',
portAD=389,
logFn=None):
NTLM_Proxy.__init__(self, ipad, portAD, domain, lambda: LDAP_Context(),
socketFactory)
self.logFn = logFn
self.log('Enabled AD membership checking')
self.base = base
if o in ['-h', '--help']:
print_help()
elif o in ['-u', '--user']:
config['user'] = v
elif o in ['-p', '--password']:
config['password'] = v
elif o in ['-d', '--domain']:
config['domain'] = v
elif o in ['-a', '--address']:
config['address'] = v
if len(config)!=4:
print "Too few options specified."
print_help()
proxy = NTLM_Proxy(config['address'], config['domain'])
client = NTLM_Client(config['user'],config['domain'],config['password'])
type1 = client.make_ntlm_negotiate()
challenge = proxy.negotiate(type1)
if not challenge:
print "Did not get the challenge!"
sys.exit(-2)
client.parse_ntlm_challenge(challenge)
authenticate = client.make_ntlm_authenticate()
if proxy.authenticate(authenticate):
print "User %s\\%s was authenticated." % (config['user'], config['domain'])
else:
print "User %s\\%s was NOT authenticated." % (config['user'], config['domain'])
def __init__(self, ipad, domain, socketFactory=socket, ldapFactory=None, base="", verbose=False):
global debug
NTLM_Proxy.__init__(self, ipad, self._portad, domain, lambda: LDAP_Context(), socketFactory)
self.base = base
self.debug = verbose
def __init__(self, ipad, domain, socketFactory=socket, ldapFactory=None, base='', portAD=389, logFn=None):
NTLM_Proxy.__init__(self, ipad, portAD, domain, lambda: LDAP_Context(), socketFactory)
self.logFn = logFn
self.log('Enabled AD membership checking')
self.base = base
@return A tuple with a NTLM_Proxy object and a NTLM challenge (Type 2).'''
# Get configuration entries in Apache file
try:
domain = req.get_options()['Domain']
pdc = req.get_options()['PDC']
bdc = req.get_options().get('BDC', False)
except KeyError, e:
req.log_error('PYNTLM: Incorrect configuration for pyntlm = %s' % str(e), apache.APLOG_CRIT)
raise
ntlm_challenge = None
for server in (pdc, bdc):
if not server: continue
try:
proxy = NTLM_Proxy(server, domain)
ntlm_challenge = proxy.negotiate(type1)
except Exception, e:
req.log_error('PYNTLM: Error when retrieving Type 2 message from DC(%s) = %s' % (server,str(e)), apache.APLOG_CRIT)
if ntlm_challenge: break
proxy.close()
else:
raise RunTimeError
return (proxy, ntlm_challenge)
def handle_type1(req, ntlm_message):
'''Handle a Type1 NTLM message. Send it to the Domain Controller
and get back the challenge (the Type2 NTLM message that is).
@req The request that carried the message
@ntlm_message The actual Type1 message, in binary format
def __init__(self, ipdc, domain, socketFactory=socket, smbFactory=None, verbose=False):
NTLM_Proxy.__init__(self, ipdc, self._portdc, domain, lambda: SMB_Context(), socketFactory)
self.debug = verbose
