def test_unpack_long_form_one_octet(self):
test_data = hex_to_byte('02 81 80') + hex_to_byte('31') * 128
expected_data = b'1' * 128
expected_octets = 131
actual_data, actual_octets = unpack_asn1(test_data)
assert actual_data == expected_data
assert actual_octets == expected_octets
def test_pack_unpack_long_form_four_octets(self):
test_data = b'1' * 16777216
expected_data = hex_to_byte('31') * 16777216
expected = hex_to_byte('84 01 00 00 00') + expected_data
actual = pack_asn1(test_data)
assert actual == expected
def test_pack_unpack_long_form_two_octets(self):
test_data = b'1' * 256
expected_data = hex_to_byte('31') * 256
expected = hex_to_byte('82 01 00') + expected_data
actual = pack_asn1(test_data)
assert actual == expected
def test_unpack_long_form_two_octets(self):
test_data = hex_to_byte('02 82 01 00') + hex_to_byte('31') * 256
expected_data = b'1' * 256
expected_octets = 260
actual_data, actual_octets = unpack_asn1(test_data)
assert actual_data == expected_data
assert actual_octets == expected_octets
def test_pack_long_form_one_octet(self):
test_data = b'1' * 128
expected_data = hex_to_byte('31') * 128
expected = hex_to_byte('81 80') + expected_data
actual = pack_asn1(test_data)
assert actual == expected
def test_pack_unpack_long_form_three_octets(self):
test_data = b'1' * 65536
expected_data = hex_to_byte('31') * 65536
expected = hex_to_byte('83 01 00 00') + expected_data
actual = pack_asn1(test_data)
assert actual == expected
def test_unpack_long_form_three_octets(self):
test_data = hex_to_byte('02 83 01 00 00') + hex_to_byte('31') * 65536
expected_data = b'1' * 65536
expected_octets = 65541
actual_data, actual_octets = unpack_asn1(test_data)
assert actual_data == expected_data
assert actual_octets == expected_octets
def test_unpack_long_form_fource_octets(self):
test_data = hex_to_byte(
'02 84 01 00 00 00') + hex_to_byte('31') * 16777216
expected_data = b'1' * 16777216
expected_octets = 16777222
actual_data, actual_octets = unpack_asn1(test_data)
assert actual_data == expected_data
assert actual_octets == expected_octets
def test_pack_short_form(self):
test_data = b'1'
expected = hex_to_byte('01 31')
actual = pack_asn1(test_data)
assert actual == expected
def test_unpack_short_form(self):
test_data = hex_to_byte('02 01 31')
expected_data = b'1'
expected_octets = 3
actual_data, actual_octets = unpack_asn1(test_data)
assert actual_data == expected_data
assert actual_octets == expected_octets
def test_parse_nego_data_wrong_sequence(self):
test_data = hex_to_byte('30 05 A5 03 04 01 03')
with self.assertRaises(AsnStructureException) as context:
test_nego_data = NegoData()
test_nego_data.parse_data(test_data)
assert context.exception.args[
0] == 'Expecting sequence (a0) for negoToken, was (a5)'
def test_parse_ts_request_wrong_type(self):
test_data = hex_to_byte('A0 00 00 00 00')
with self.assertRaises(AsnStructureException) as context:
test_ts_request = TSRequest()
test_ts_request.parse_data(test_data)
assert context.exception.args[
0] == 'Expecting TSRequest type to be (30), was (a0)'
def test_parse_nego_data_wrong_structure_type(self):
test_data = hex_to_byte('31 05 A0 03 04 01 03')
with self.assertRaises(AsnStructureException) as context:
test_nego_data = NegoData()
test_nego_data.parse_data(test_data)
assert context.exception.args[
0] == 'Expecting NegoData type to be (30), was (31)'
def test_parse_nego_data_wrong_type(self):
test_data = hex_to_byte('30 05 A0 03 02 01 03')
with self.assertRaises(AsnStructureException) as context:
test_nego_data = NegoData()
test_nego_data.parse_data(test_data)
assert context.exception.args[
0] == 'Expecting negoToken type to be (4), was (2)'
def test_parse_ts_request_invalid_sequence(self):
test_data = hex_to_byte('30 13 A0 03 02 01 03 A6 03 02 01 01')
with self.assertRaises(AsnStructureException) as context:
test_ts_request = TSRequest()
test_ts_request.parse_data(test_data)
assert context.exception.args[
0] == 'Unknown sequence byte (a6) in sequence'
def test_verify_public_key_good(self, mock_unwrap):
test_credssp_context = HttpCredSSPAuth('', '')
test_ntlm_context = ntlm.Ntlm()
test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
test_credssp_context.context = test_ntlm_context
test_ts_request = TSRequest()
test_ts_request.parse_data(public_key_ts_request)
test_public_key = hex_to_byte('00') + server_pub_key_token[1:]
test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
def test_check_error_code_undefinied(self):
expected_byte = b'c000006e'
test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6E')
with self.assertRaises(NTStatusException) as context:
test_ts_request = TSRequest()
test_ts_request.parse_data(test_data)
test_ts_request.check_error_code()
assert context.exception.args[
0] == 'NTSTATUS error: Not Defined %s' % expected_byte
def test_check_error_code_logon_failure(self):
expected_byte = b'c000006d'
test_data = hex_to_byte('30 13 A0 03 02 01 03 A4 06 02 04 C0 00 00 6D')
with self.assertRaises(NTStatusException) as context:
test_ts_request = TSRequest()
test_ts_request.parse_data(test_data)
test_ts_request.check_error_code()
assert context.exception.args[
0] == 'STATUS_LOGON_FAILURE - %s' % expected_byte
def test_verify_public_key_invalid(self, mock_unwrap):
test_credssp_context = HttpCredSSPAuth('', '')
test_ntlm_context = ntlm.Ntlm()
test_ntlm_context.session_security = session_security.SessionSecurity(1, 'key'.encode())
test_credssp_context.context = test_ntlm_context
test_ts_request = TSRequest()
test_ts_request.parse_data(public_key_ts_request)
# Use the wrong first byte to ensure the keys don't match
test_public_key = hex_to_byte('01') + server_pub_key_token[1:]
with self.assertRaises(AssertionError) as context:
test_credssp_context._verify_public_keys(test_public_key, test_ts_request)
assert context.exception.args[0] == 'Could not verify key sent from the server, possibly man in the middle attack'
"""
These values have been computed manually from a working CredSSP implementation. Unfortunately Microsoft
don't have examples in the MS-CSSP document which details the protocol but this is the next best thing.
You can use a program like ASN.1 Editor to view the binary file of these hex strings in an easy to view format.
https://www.sysadmins.lv/blog-en/asn1-editor-wpf-edition.aspx
"""
domain = 'CORP'.encode('utf-16le')
user = '******'.encode('utf-16le')
password = '******'.encode('utf-16le')
# The negotiate token sent to the server first
negotiate_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 01 00 00 00 32 90 88 E2'
'04 00 04 00 28 00 00 00 00 00 00 00 2C 00 00 00'
'06 01 B1 1D 00 00 00 0F 43 4F 52 50')
negotiate_nego_data = utils.hex_to_byte('30 30 A0 2E 04 2C') + negotiate_token
negotiate_ts_request = utils.hex_to_byte('30 3B A0 03 02 01 03 A1 34 30 32') + negotiate_nego_data
# The challenge token received from the server
challenge_token = utils.hex_to_byte('4E 54 4C 4D 53 53 50 00 02 00 00 00 04 00 04 00'
'38 00 00 00 36 82 89 E2 45 80 F2 D5 B4 F3 ED 50'
'00 00 00 00 00 00 00 00 B2 00 B2 00 3C 00 00 00'
'06 01 B1 1D 00 00 00 0F 43 4F 52 50 02 00 08 00'
'43 00 4F 00 52 00 50 00 01 00 1A 00 43 00 4F 00'
'4D 00 50 00 55 00 54 00 45 00 52 00 48 00 4F 00'
'53 00 54 00 31 00 04 00 1E 00 63 00 6F 00 72 00'
'70 00 2E 00 6F 00 72 00 67 00 2E 00 63 00 6F 00'