def test_unpack_long_form_one_octet(self): test_data = hex_to_byte('02 81 80') + hex_to_byte('31') * 128 expected_data = b'1' * 128 expected_octets = 131 actual_data, actual_octets = unpack_asn1(test_data) assert actual_data == expected_data assert actual_octets == expected_octets
def test_pack_unpack_long_form_four_octets(self): test_data = b'1' * 16777216 expected_data = hex_to_byte('31') * 16777216 expected = hex_to_byte('84 01 00 00 00') + expected_data actual = pack_asn1(test_data) assert actual == expected
def test_pack_unpack_long_form_two_octets(self): test_data = b'1' * 256 expected_data = hex_to_byte('31') * 256 expected = hex_to_byte('82 01 00') + expected_data actual = pack_asn1(test_data) assert actual == expected
def test_unpack_long_form_two_octets(self): test_data = hex_to_byte('02 82 01 00') + hex_to_byte('31') * 256 expected_data = b'1' * 256 expected_octets = 260 actual_data, actual_octets = unpack_asn1(test_data) assert actual_data == expected_data assert actual_octets == expected_octets
def test_pack_long_form_one_octet(self): test_data = b'1' * 128 expected_data = hex_to_byte('31') * 128 expected = hex_to_byte('81 80') + expected_data actual = pack_asn1(test_data) assert actual == expected
def test_pack_unpack_long_form_three_octets(self): test_data = b'1' * 65536 expected_data = hex_to_byte('31') * 65536 expected = hex_to_byte('83 01 00 00') + expected_data actual = pack_asn1(test_data) assert actual == expected
def test_unpack_long_form_three_octets(self): test_data = hex_to_byte('02 83 01 00 00') + hex_to_byte('31') * 65536 expected_data = b'1' * 65536 expected_octets = 65541 actual_data, actual_octets = unpack_asn1(test_data) assert actual_data == expected_data assert actual_octets == expected_octets
def test_unpack_long_form_fource_octets(self): test_data = hex_to_byte( '02 84 01 00 00 00') + hex_to_byte('31') * 16777216 expected_data = b'1' * 16777216 expected_octets = 16777222 actual_data, actual_octets = unpack_asn1(test_data) assert actual_data == expected_data assert actual_octets == expected_octets
def test_pack_short_form(self): test_data = b'1' expected = hex_to_byte('01 31') actual = pack_asn1(test_data) assert actual == expected
def test_unpack_short_form(self): test_data = hex_to_byte('02 01 31') expected_data = b'1' expected_octets = 3 actual_data, actual_octets = unpack_asn1(test_data) assert actual_data == expected_data assert actual_octets == expected_octets
def test_parse_nego_data_wrong_sequence(self): test_data = hex_to_byte('30 05 A5 03 04 01 03') with self.assertRaises(AsnStructureException) as context: test_nego_data = NegoData() test_nego_data.parse_data(test_data) assert context.exception.args[ 0] == 'Expecting sequence (a0) for negoToken, was (a5)'
def test_parse_ts_request_wrong_type(self): test_data = hex_to_byte('A0 00 00 00 00') with self.assertRaises(AsnStructureException) as context: test_ts_request = TSRequest() test_ts_request.parse_data(test_data) assert context.exception.args[ 0] == 'Expecting TSRequest type to be (30), was (a0)'
def test_parse_nego_data_wrong_structure_type(self): test_data = hex_to_byte('31 05 A0 03 04 01 03') with self.assertRaises(AsnStructureException) as context: test_nego_data = NegoData() test_nego_data.parse_data(test_data) assert context.exception.args[ 0] == 'Expecting NegoData type to be (30), was (31)'
def test_parse_nego_data_wrong_type(self): test_data = hex_to_byte('30 05 A0 03 02 01 03') with self.assertRaises(AsnStructureException) as context: test_nego_data = NegoData() test_nego_data.parse_data(test_data) assert context.exception.args[ 0] == 'Expecting negoToken type to be (4), was (2)'
def test_parse_ts_request_invalid_sequence(self): test_data = hex_to_byte('30 13 A0 03 02 01 03 A6 03 02 01 01') with self.assertRaises(AsnStructureException) as context: test_ts_request = TSRequest() test_ts_request.parse_data(test_data) assert context.exception.args[ 0] == 'Unknown sequence byte (a6) in sequence'
def test_verify_public_key_good(self, mock_unwrap): test_credssp_context = HttpCredSSPAuth('', '') test_ntlm_context = ntlm.Ntlm() test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode()) test_credssp_context.context = test_ntlm_context test_ts_request = TSRequest() test_ts_request.parse_data(public_key_ts_request) test_public_key = hex_to_byte('00') + server_pub_key_token[1:] test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
def test_check_error_code_undefinied(self): expected_byte = b'c000006e' test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6E') with self.assertRaises(NTStatusException) as context: test_ts_request = TSRequest() test_ts_request.parse_data(test_data) test_ts_request.check_error_code() assert context.exception.args[ 0] == 'NTSTATUS error: Not Defined %s' % expected_byte
def test_check_error_code_logon_failure(self): expected_byte = b'c000006d' test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6D') with self.assertRaises(NTStatusException) as context: test_ts_request = TSRequest() test_ts_request.parse_data(test_data) test_ts_request.check_error_code() assert context.exception.args[ 0] == 'STATUS_LOGON_FAILURE - %s' % expected_byte
def test_verify_public_key_invalid(self, mock_unwrap): test_credssp_context = HttpCredSSPAuth('', '') test_ntlm_context = ntlm.Ntlm() test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode()) test_credssp_context.context = test_ntlm_context test_ts_request = TSRequest() test_ts_request.parse_data(public_key_ts_request) # Use the wrong first byte to ensure the keys don't match test_public_key = hex_to_byte('01') + server_pub_key_token[1:] with self.assertRaises(AssertionError) as context: test_credssp_context._verify_public_keys(test_public_key, test_ts_request) assert context.exception.args[0] == 'Could not verify key sent from the server, possibly man in the middle attack'
""" These values have been computed manually from a working CredSSP implementation. Unfortunately Microsoft don't have examples in the MS-CSSP document which details the protocol but this is the next best thing. You can use a program like ASN.1 Editor to view the binary file of these hex strings in an easy to view format. https://www.sysadmins.lv/blog-en/asn1-editor-wpf-edition.aspx """ domain = 'CORP'.encode('utf-16le') user = '******'.encode('utf-16le') password = '******'.encode('utf-16le') # The negotiate token sent to the server first negotiate_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 01 00 00 00 32 90 88 E2' '04 00 04 00 28 00 00 00 00 00 00 00 2C 00 00 00' '06 01 B1 1D 00 00 00 0F 43 4F 52 50') negotiate_nego_data = utils.hex_to_byte('30 30 A0 2E 04 2C') + negotiate_token negotiate_ts_request = utils.hex_to_byte('30 3B A0 03 02 01 03 A1 34 30 32') + negotiate_nego_data # The challenge token received from the server challenge_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 02 00 00 00 04 00 04 00' '38 00 00 00 36 82 89 E2 45 80 F2 D5 B4 F3 ED 50' '00 00 00 00 00 00 00 00 B2 00 B2 00 3C 00 00 00' '06 01 B1 1D 00 00 00 0F 43 4F 52 50 02 00 08 00' '43 00 4F 00 52 00 50 00 01 00 1A 00 43 00 4F 00' '4D 00 50 00 55 00 54 00 45 00 52 00 48 00 4F 00' '53 00 54 00 31 00 04 00 1E 00 63 00 6F 00 72 00' '70 00 2E 00 6F 00 72 00 67 00 2E 00 63 00 6F 00'