def test_NetrServerReqChallenge_NetrServerAuthenticate(self):
dce, rpctransport = self.connect()
request = nrpc.NetrServerReqChallenge()
request['PrimaryName'] = NULL
request['ComputerName'] = self.serverName + '\x00'
request['ClientChallenge'] = b'12345678'
resp = dce.request(request)
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.machineUserHashes == '':
ntHash = None
else:
ntHash = unhexlify(self.machineUserHashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, b'12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey)
request = nrpc.NetrServerAuthenticate()
request['PrimaryName'] = NULL
request['AccountName'] = self.machineUser + '\x00'
request['SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
try:
resp = dce.request(request)
resp.dump()
except Exception as e:
if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0:
raise
def test_NetrServerReqChallenge_hNetrServerAuthenticate2(self):
dce, rpctransport = self.connect()
request = nrpc.NetrServerReqChallenge()
request['PrimaryName'] = NULL
request['ComputerName'] = self.serverName + '\x00'
request['ClientChallenge'] = '12345678'
resp = dce.request(request)
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.hashes == '':
ntHash = None
else:
ntHash = unhexlify(self.hashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678',
serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey)
resp = nrpc.hNetrServerAuthenticate2(
dce, NULL, self.username + '\x00',
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.serverName + '\x00', ppp, 0x600FFFFF)
resp.dump()
def test_NetrServerReqChallenge_NetrServerAuthenticate3(self):
dce, rpctransport = self.connect()
request = nrpc.NetrServerReqChallenge()
request['PrimaryName'] = NULL
request['ComputerName'] = self.serverName + '\x00'
request['ClientChallenge'] = b'12345678'
resp = dce.request(request)
resp.dump()
serverChallenge = resp['ServerChallenge']
if self.machineUserHashes == '':
ntHash = None
else:
ntHash = unhexlify(self.machineUserHashes.split(':')[1])
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, b'12345678', serverChallenge, ntHash)
ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey)
request = nrpc.NetrServerAuthenticate3()
request['PrimaryName'] = NULL
request['AccountName'] = self.machineUser + '\x00'
request['SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel
request['ComputerName'] = self.serverName + '\x00'
request['ClientCredential'] = ppp
request['NegotiateFlags'] = 0x600FFFFF
resp = dce.request(request)
resp.dump()
def test_NetrServerReqChallenge_hNetrServerAuthenticate2(self):
dce, rpctransport = self.connect()
request = nrpc.NetrServerReqChallenge()
request['PrimaryName'] = self.serverName + '\x00'
request['ComputerName'] = self.machine_user + '\x00'
request['ClientChallenge'] = b'12345678'
resp = dce.request(request)
resp.dump()
serverChallenge = resp['ServerChallenge']
bnthash = self.machine_user_bnthash or None
sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password,
b'12345678',
serverChallenge, bnthash)
ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey)
resp = nrpc.hNetrServerAuthenticate2(
dce, self.serverName, self.machine_user,
nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel,
self.machine_user, ppp, 0x600FFFFF)
resp.dump()
