def sendClientNewLicenseRequest(self, licenseRequest): """ @summary: Create new license request in response to server license request @param licenseRequest: {ServerLicenseRequest} @see: http://msdn.microsoft.com/en-us/library/cc241989.aspx @see: http://msdn.microsoft.com/en-us/library/cc241918.aspx """ #get server information serverRandom = licenseRequest.serverRandom.value s = Stream(licenseRequest.serverCertificate.blobData.value) serverCertificate = gcc.ServerCertificate() s.readType(serverCertificate) #generate crypto values clientRandom = rsa.random(256) preMasterSecret = rsa.random(384) masterSecret = sec.masterSecret(preMasterSecret, clientRandom, serverRandom) sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom, clientRandom) self._macSalt = sessionKeyBlob[:16] self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom, serverRandom) #format message message = ClientNewLicenseRequest() message.clientRandom.value = clientRandom message.encryptedPreMasterSecret.blobData.value = rsa.encrypt( preMasterSecret[::-1], serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8 message.ClientMachineName.blobData.value = self._hostname + "\x00" message.ClientUserName.blobData.value = self._username + "\x00" self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT, LicPacket(message))
def sendClientNewLicenseRequest(self, licenseRequest): """ @summary: Create new license request in response to server license request @param licenseRequest: {ServerLicenseRequest} @see: http://msdn.microsoft.com/en-us/library/cc241989.aspx @see: http://msdn.microsoft.com/en-us/library/cc241918.aspx """ #get server information serverRandom = licenseRequest.serverRandom.value if self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate._is_readed: serverCertificate = self._transport.getGCCServerSettings().SC_SECURITY.serverCertificate else: s = Stream(licenseRequest.serverCertificate.blobData.value) serverCertificate = gcc.ServerCertificate() s.readType(serverCertificate) #generate crypto values clientRandom = rsa.random(256) preMasterSecret = rsa.random(384) masterSecret = sec.masterSecret(preMasterSecret, clientRandom, serverRandom) sessionKeyBlob = sec.masterSecret(masterSecret, serverRandom, clientRandom) self._macSalt = sessionKeyBlob[:16] self._licenseKey = sec.finalHash(sessionKeyBlob[16:32], clientRandom, serverRandom) #format message message = ClientNewLicenseRequest() message.clientRandom.value = clientRandom message.encryptedPreMasterSecret.blobData.value = rsa.encrypt(preMasterSecret[::-1], serverCertificate.certData.getPublicKey())[::-1] + "\x00" * 8 message.ClientMachineName.blobData.value = self._hostname + "\x00" message.ClientUserName.blobData.value = self._username + "\x00" self._transport.sendFlagged(sec.SecurityFlag.SEC_LICENSE_PKT, LicPacket(message))
def getTargetInfoAsAvPairArray(self): """ @summary: Parse Target info field to retrieve array of AvPair @return: {map(AvId, str)} """ result = {} s = Stream(self.getTargetInfo()) while (True): avPair = AvPair() s.readType(avPair) if avPair.AvId.value == AvId.MsvAvEOL: return result result[avPair.AvId.value] = avPair.Value.value
def getTargetInfoAsAvPairArray(self): """ @summary: Parse Target info field to retrieve array of AvPair @return: {map(AvId, str)} """ result = {} s = Stream(self.getTargetInfo()) while(True): avPair = AvPair() s.readType(avPair) if avPair.AvId.value == AvId.MsvAvEOL: return result result[avPair.AvId.value] = avPair.Value.value
class FileReader(object): """ @summary: RSR File reader """ def __init__(self, f): """ @param f: {file} file pointer use to read """ self._s = Stream(f.read()) def nextEvent(self): """ @summary: read next event and return it """ if self._s.dataLen() == 0: return None e = Event() self._s.readType(e) return e
class FileReader(object): """ @summary: RSR File reader """ def __init__(self, f): """ @param f: {file} file pointer use to read """ self._s = Stream(f.read()) def nextEvent(self): """ @summary: read next event and return it """ if self._s.dataLen() == 0: return None e = Event() self._s.readType(e) return e
def GSS_UnWrapEx(self, data): """ @summary: decrypt data with key exchange in Authentication protocol @param data: {str} """ signature = MessageSignatureEx() message = String() s = Stream(data) s.readType((signature, message)) #decrypt message plaintextMessage = rc4.crypt(self._decryptHandle, message.value) checksum = rc4.crypt(self._decryptHandle, signature.Checksum.value) #recompute checksum t = Stream() t.writeType(signature.SeqNum) verify = HMAC_MD5(self._verifyKey, t.getvalue() + plaintextMessage)[:8] if verify != checksum: raise error.InvalidExpectedDataException("NTLMv2SecurityInterface : Invalid checksum") return plaintextMessage
def GSS_UnWrapEx(self, data): """ @summary: decrypt data with key exchange in Authentication protocol @param data: {str} """ signature = MessageSignatureEx() message = String() s = Stream(data) s.readType((signature, message)) #decrypt message plaintextMessage = rc4.crypt(self._decryptHandle, message.value) checksum = rc4.crypt(self._decryptHandle, signature.Checksum.value) #recompute checksum t = Stream() t.writeType(signature.SeqNum) verify = HMAC_MD5(self._verifyKey, t.getvalue() + plaintextMessage)[:8] if verify != checksum: raise error.InvalidExpectedDataException("NTLMv2SecurityInterface : Invalid checksum") return plaintextMessage