Exemple #1
0
    def verifyMsChapV2(self, userpwd):
        ms_chap_response = self['MS-CHAP2-Response'][0]
        authenticator_challenge = self['MS-CHAP-Challenge'][0]
        if len(ms_chap_response) != 50:
            raise Exception("Invalid MSCHAPV2-Response attribute length")
        # if isinstance(userpwd, six.text_type):
        #     userpwd = userpwd.strip().encode('utf-8')

        nt_response = ms_chap_response[26:50]
        peer_challenge = ms_chap_response[2:18]
        _user_name = self.get(1)[0]
        nt_resp = mschap.generate_nt_response_mschap2(
            authenticator_challenge,
            peer_challenge,
            _user_name,
            userpwd,
        )
        if nt_resp == nt_response:
            auth_resp = mschap.generate_authenticator_response(
                userpwd, nt_response, peer_challenge, authenticator_challenge,
                _user_name)
            self.ext_attrs['MS-CHAP2-Success'] = auth_resp
            self.ext_attrs['MS-MPPE-Encryption-Policy'] = '\x00\x00\x00\x01'
            self.ext_attrs['MS-MPPE-Encryption-Type'] = '\x00\x00\x00\x06'
            nt_pwd_hash = mschap.nt_password_hash(userpwd)
            mppeSendKey, mppeRecvKey = mppe.mppe_chap2_gen_keys(
                userpwd, peer_challenge)
            self.ext_attrs['MS-MPPE-Send-Key'] = mppeSendKey
            self.ext_attrs['MS-MPPE-Recv-Key'] = mppeRecvKey
            return True
        else:
            return False
Exemple #2
0
 def verifyMsChapV2(self,userpwd):
     ms_chap_response = self['MS-CHAP2-Response'][0]
     authenticator_challenge = self['MS-CHAP-Challenge'][0]
     if len(ms_chap_response)!=50:
         raise Exception("Invalid MSCHAPV2-Response attribute length")
     # if isinstance(userpwd, six.text_type):
     #     userpwd = userpwd.strip().encode('utf-8')
     
     nt_response = ms_chap_response[26:50]
     peer_challenge = ms_chap_response[2:18]
     _user_name = self.get(1)[0]
     nt_resp = mschap.generate_nt_response_mschap2(
         authenticator_challenge,
         peer_challenge,
         _user_name,
         userpwd,
     )
     if nt_resp == nt_response:
         auth_resp = mschap.generate_authenticator_response(
             userpwd,
             nt_response,
             peer_challenge,
             authenticator_challenge,
             _user_name
         )
         self.ext_attrs['MS-CHAP2-Success'] = auth_resp
         self.ext_attrs['MS-MPPE-Encryption-Policy'] = '\x00\x00\x00\x01'
         self.ext_attrs['MS-MPPE-Encryption-Type'] = '\x00\x00\x00\x06'
         nt_pwd_hash = mschap.nt_password_hash(userpwd)
         mppeSendKey,mppeRecvKey = mppe.mppe_chap2_gen_keys(userpwd,peer_challenge)
         self.ext_attrs['MS-MPPE-Send-Key'] = mppeSendKey
         self.ext_attrs['MS-MPPE-Recv-Key'] = mppeRecvKey
         return True
     else:
         return False
Exemple #3
0
    def verifyMsChapV2(self,userpwd):
        ms_chap_response = self['MS-CHAP2-Response'][0]
        authenticator_challenge = self['MS-CHAP-Challenge'][0]
        if len(ms_chap_response)!=50:
            raise Exception("Invalid MSCHAPV2-Response attribute length")
        # if isinstance(userpwd, six.text_type):
        #     userpwd = userpwd.strip().encode('utf-8')
        
        nt_response = ms_chap_response[26:50]
        peer_challenge = ms_chap_response[2:18]
        _user_name = self.get(1)[0]
        nt_resp = mschap.generate_nt_response_mschap2(
            authenticator_challenge,
            peer_challenge,
            _user_name,
            userpwd,
        )

        print 'username',_user_name
        print 'passwd',userpwd
        print 'authenticator_challenge',mschap.convert_to_hex_string(authenticator_challenge),len(
            authenticator_challenge)
        print 'peer_challenge',mschap.convert_to_hex_string(peer_challenge),len(peer_challenge)
        print 'nt_response', mschap.convert_to_hex_string(nt_response),len(nt_response)
        print 'my_nt_resp', mschap.convert_to_hex_string(nt_resp), len(nt_resp)

        if nt_resp == nt_response:
            auth_resp = mschap.generate_authenticator_response(
                userpwd,
                nt_response,
                peer_challenge,
                authenticator_challenge,
                _user_name
            )
            self.ext_attrs['MS-CHAP2-Success'] = auth_resp
            self.ext_attrs['MS-MPPE-Encryption-Policy'] = '\x00\x00\x00\x01'
            self.ext_attrs['MS-MPPE-Encryption-Type'] = '\x00\x00\x00\x06'
            mppeSendKey,mppeRecvKey = mppe.mppe_chap2_gen_keys(userpwd,peer_challenge)
            send_salt, recv_salt = mppe.create_salts()
            send_key = mppe.radius_encrypt_keys(
                mppe.create_plain_text(mppeSendKey),
                self.secret,
                self.authenticator,
                send_salt
            )
            recv_key = mppe.radius_encrypt_keys(
                mppe.create_plain_text(mppeRecvKey),
                self.secret,
                self.authenticator,
                recv_salt
            )
            print 'send_key',mschap.convert_to_hex_string(send_key),len(send_key)
            print 'recv_key',mschap.convert_to_hex_string(recv_key),len(recv_key)
            self.ext_attrs['MS-MPPE-Send-Key'] = send_key
            self.ext_attrs['MS-MPPE-Recv-Key'] = recv_key
            return True
        else:
            self.ext_attrs['Reply-Message'] = "E=691 R=1 C=%s V=3 M=<password error>" % ('\0' * 32)
            return False
Exemple #4
0
    def verifyMsChapV2(self,userpwd):
        ms_chap_response = self['MS-CHAP2-Response'][0]
        authenticator_challenge = self['MS-CHAP-Challenge'][0]
        if len(ms_chap_response)!=50:
            raise Exception("Invalid MSCHAPV2-Response attribute length")
        # if isinstance(userpwd, six.text_type):
        #     userpwd = userpwd.strip().encode('utf-8')
        
        nt_response = ms_chap_response[26:50]
        peer_challenge = ms_chap_response[2:18]
        _user_name = self.get(1)[0]
        nt_resp = mschap.generate_nt_response_mschap2(
            authenticator_challenge,
            peer_challenge,
            _user_name,
            userpwd,
        )

        if nt_resp == nt_response:
            auth_resp = mschap.generate_authenticator_response(
                userpwd,
                nt_response,
                peer_challenge,
                authenticator_challenge,
                _user_name
            )
            self.ext_attrs['MS-CHAP2-Success'] = auth_resp
            self.ext_attrs['MS-MPPE-Encryption-Policy'] = '\x00\x00\x00\x01'
            self.ext_attrs['MS-MPPE-Encryption-Type'] = '\x00\x00\x00\x06'
            mppeSendKey,mppeRecvKey = mppe.mppe_chap2_gen_keys(userpwd,peer_challenge)
            send_key, recv_key = mppe.gen_radius_encrypt_keys(mppeSendKey,mppeRecvKey,self.secret,self.authenticator)
            self.ext_attrs['MS-MPPE-Send-Key'] = send_key
            self.ext_attrs['MS-MPPE-Recv-Key'] = recv_key
            return True
        else:
            self.ext_attrs['Reply-Message'] = "E=691 R=1 C=%s V=3 M=<password error>" % ('\0' * 32)
            return False