コード例 #1
0
    def www_ntlm_authentication(self, connection):
        ""
        connection.logger.log("*** Authorization in progress...\n")

        connection.close_rserver()

        # build an environment
        env = self.build_env_dict(connection)

        if env["NTLM_TO_BASIC"]:
            got_credentials = self.translate_to_basic(env, connection, "401")

            if not got_credentials:
                connection.logger.log(
                    "*** Passing modified server's response to clent.\n")
                connection.logger.log(
                    "*** End of firts stage of NTLM translation.\n")
                return

        connection.connect_rserver()

        NTLM_msg1 = ntlm_messages.create_message1(env)
        connection.logger_auth.log(ntlm_messages.debug_message1(NTLM_msg1))

        tmp_client_head_obj = connection.client_head_obj.copy()
        tmp_client_head_obj.replace_param_value("Connection", "Keep-Alive")
        # tmp_client_head_obj.replace_param_value('Authorization', 'Negotiate ' + NTLM_msg1)
        tmp_client_head_obj.replace_param_value("Authorization",
                                                "NTLM " + NTLM_msg1)

        connection.reset_rserver()
        connection.rserver_buffer = ""
        connection.logger.log("*** Remote server buffer flushed.\n")

        # If we are POST/PUT-ing a large chunk of data we don't want
        # to do this at this time, so we change the data to 'abc' with
        # lenght = 3.
        if connection.client_head_obj.get_http_method() in ("POST", "PUT"):
            tmp_client_head_obj.replace_param_value("Content-Length", "3")

        connection.logger.log("*** Fake NTLM header with Msg1:\n=====\n" +
                              tmp_client_head_obj.__repr__())
        connection.logger.log(
            "*** Sending Fake NTLM header (and body) with Msg1...")
        tmp_client_head_obj.send(connection.rserver_socket)

        if connection.client_head_obj.get_http_method() in ("POST", "PUT"):
            try:
                connection.rserver_socket.send("abc")
            except:
                # could not send data to remote server and have to end function
                connection.rserver_socket_closed = 1
                connection.logger.log(
                    "Failed.\n*** Could not send client data to remote server. Exception in send().\n"
                )
                return

        connection.logger.log("Done.\n")

        connection.logger.log(
            "*** Waiting for message 2 from the remote server...\n")
        while (not connection.rserver_all_got) and (
                not connection.rserver_socket_closed):
            select.select([connection.rserver_socket.fileno()], [], [], 2.0)
            connection.run_rserver_loop()
            if connection.config["DEBUG"]["SCR_DEBUG"]:
                print("\b+")

        if connection.rserver_head_obj:
            connection.logger.log("*** Got NTLM message 2 from server.\n")
            # connection.logger.log('*** Remote server header with NTLM Msg2:\n=====\n' + connection.rserver_head_obj.__repr__())
        else:
            # could not get response with msg2 from remote server and have to end function
            connection.logger.log(
                "*** Could not get response with msg2 from server.\n")
            connection.logger.log("*** Stop Request = %d.\n" %
                                  connection.stop_request)
            return

        auth = connection.rserver_head_obj.get_param_values("Www-Authenticate")
        if auth:
            # connection.logger.log('### %s\n' % auth)
            msg2 = string.strip(string.split(auth[0])[1])
            connection.logger_auth.log(ntlm_messages.debug_message2(msg2))
            nonce = ntlm_messages.parse_message2(msg2)
            NTLM_msg3 = ntlm_messages.create_message3(nonce, env)
            connection.logger_auth.log(ntlm_messages.debug_message3(NTLM_msg3))
        else:
            NTLM_msg3 = ""

        tmp_client_head_obj = connection.client_head_obj.copy()
        # tmp_client_head_obj.replace_param_value('Authorization', 'Negotiate ' + NTLM_msg3)
        tmp_client_head_obj.replace_param_value("Authorization",
                                                "NTLM " + NTLM_msg3)

        connection.reset_rserver()
        connection.rserver_buffer = ""
        connection.logger.log("*** Remote server buffer flushed.\n")
        connection.logger.log(
            "*** Sending Fake NTLM header (not body) with Msg3...")
        tmp_client_head_obj.send(connection.rserver_socket)
        connection.logger.log("Done.\n")
        connection.logger.log("*** Fake NTLM header with Msg3:\n=====\n" +
                              tmp_client_head_obj.__repr__())

        # upon exit all the remote server variables are reset
        # so new remote server response will be taken by the usual way in connection.run()
        connection.logger.log("*** End of NTLM authorization process.\n")
コード例 #2
0
ファイル: ntlm_auth.py プロジェクト: sidoruka/ntlmaps
    def proxy_ntlm_authentication(self, connection):
        ""
        connection.logger.log('*** Authorization in progress...\n')

        connection.close_rserver()

        # build an environment
        env = self.build_env_dict(connection)

        if env['NTLM_TO_BASIC']:
            got_credentials = self.translate_to_basic(env, connection, '407')

            if not got_credentials:
                connection.logger.log("*** Passing modified server's response to clent.\n")
                connection.logger.log('*** End of firts stage of NTLM translation.\n')
                return

        connection.connect_rserver()

        NTLM_msg1 = ntlm_messages.create_message1(env)
        connection.logger_auth.log(ntlm_messages.debug_message1(NTLM_msg1))

        tmp_client_head_obj = connection.client_head_obj.copy()
        tmp_client_head_obj.replace_param_value('Proxy-Connection', 'Keep-Alive')
        tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg1)

        connection.reset_rserver()
        connection.rserver_buffer = ''
        connection.logger.log('*** Remote server buffer flushed.\n')

        # If we are POST/PUT-ing a large chunk of data we don't want
        # to do this at this time, so we change the data to 'abc' with
        # lenght = 3.
        if connection.client_head_obj.get_http_method() in ('POST', 'PUT'):
            tmp_client_head_obj.replace_param_value('Content-Length', '3')

        connection.logger.log('*** Fake NTLM header with Msg1:\n=====\n' + tmp_client_head_obj.__repr__())
        connection.logger.log('*** Sending Fake NTLM header with Msg1...')
        tmp_client_head_obj.send(connection.rserver_socket)
        connection.logger.log('Done.\n')

        if connection.client_head_obj.get_http_method() in ('POST', 'PUT'):
            try:
                connection.logger.log("*** Sending fake 'abc' bytes body...")
                connection.rserver_socket.send('abc')
                connection.logger.log("Done.\n")
            except:
                # could not send data to remote server and have to end function
                connection.rserver_socket_closed = 1
                connection.logger.log('Failed.\n*** Could not send client data to remote server. Exception in send().\n')
                return
        else:
            connection.logger.log("*** There must be no body to send.\n")


        connection.logger.log('*** Waiting for message 2 from remote server...\n')
        while((not connection.rserver_all_got) and (not connection.rserver_socket_closed)):
            select.select([connection.rserver_socket.fileno()], [], [], 2.0)
            connection.run_rserver_loop()
            if connection.config['DEBUG']['SCR_DEBUG']: print ' +',

        if connection.rserver_head_obj:
            connection.logger.log('*** Got NTLM message 2 from remote server.\n')
        else:
            # could not get response with msg2 from remote server and have to end function
            connection.logger.log('*** Could not get response with msg2 from remote server.\n')
            connection.logger.log('*** Stop Request = %d.\n' % connection.stop_request)
            return

        auth = connection.rserver_head_obj.get_param_values('Proxy-Authenticate')
        if auth:
            msg2 = string.strip(string.split(auth[0])[1])
            connection.logger_auth.log(ntlm_messages.debug_message2(msg2))
            nonce = ntlm_messages.parse_message2(msg2)
            NTLM_msg3 = ntlm_messages.create_message3(nonce, env)
            connection.logger_auth.log(ntlm_messages.debug_message3(NTLM_msg3))
        else:
            NTLM_msg3 = ''

        tmp_client_head_obj = connection.client_head_obj.copy()
        tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg3)

        connection.reset_rserver()
        connection.rserver_buffer = ''
        connection.logger.log('*** Remote server buffer flushed.\n')
        connection.logger.log('*** Sending Fake NTLM header (not body) with Msg3...')
        tmp_client_head_obj.send(connection.rserver_socket)
        connection.logger.log('Done.\n')
        connection.logger.log('*** Fake NTLM header with Msg3:\n=====\n' + tmp_client_head_obj.__repr__())

        # upon exit all the remote server variables are reset
        # so new remote server response will be taken by the usual way in connection.run()
        connection.logger.log('*** End of NTLM authorization process.\n')
コード例 #3
0
    def proxy_ntlm_authentication(self, connection):
        ""
        connection.logger.log('*** Authorization in progress...\n')

        connection.close_rserver()

        # build an environment
        env = self.build_env_dict(connection)

        if env['NTLM_TO_BASIC']:
            got_credentials = self.translate_to_basic(env, connection, '407')

            if not got_credentials:
                connection.logger.log("*** Passing modified server's response to clent.\n")
                connection.logger.log('*** End of firts stage of NTLM translation.\n')
                return

        connection.connect_rserver()

        NTLM_msg1 = ntlm_messages.create_message1(env)
        connection.logger_auth.log(ntlm_messages.debug_message1(NTLM_msg1))

        tmp_client_head_obj = connection.client_head_obj.copy()
        tmp_client_head_obj.replace_param_value('Proxy-Connection', 'Keep-Alive')
        tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg1)

        connection.reset_rserver()
        connection.rserver_buffer = ''
        connection.logger.log('*** Remote server buffer flushed.\n')

        # If we are POST/PUT-ing a large chunk of data we don't want
        # to do this at this time, so we change the data to 'abc' with
        # lenght = 3.
        if connection.client_head_obj.get_http_method() in ('POST', 'PUT'):
            tmp_client_head_obj.replace_param_value('Content-Length', '3')

        connection.logger.log('*** Fake NTLM header with Msg1:\n=====\n' + tmp_client_head_obj.__repr__())
        connection.logger.log('*** Sending Fake NTLM header with Msg1...')
        tmp_client_head_obj.send(connection.rserver_socket)
        connection.logger.log('Done.\n')

        if connection.client_head_obj.get_http_method() in ('POST', 'PUT'):
            try:
                connection.logger.log("*** Sending fake 'abc' bytes body...")
                connection.rserver_socket.send('abc')
                connection.logger.log("Done.\n")
            except:
                # could not send data to remote server and have to end function
                connection.rserver_socket_closed = 1
                connection.logger.log('Failed.\n*** Could not send client data to remote server. Exception in send().\n')
                return
        else:
            connection.logger.log("*** There must be no body to send.\n")


        connection.logger.log('*** Waiting for message 2 from remote server...\n')
        while((not connection.rserver_all_got) and (not connection.rserver_socket_closed)):
            select.select([connection.rserver_socket.fileno()], [], [], 2.0)
            connection.run_rserver_loop()
            if connection.config['DEBUG']['SCR_DEBUG']: print '\b+',

        if connection.rserver_head_obj:
            connection.logger.log('*** Got NTLM message 2 from remote server.\n')
        else:
            # could not get response with msg2 from remote server and have to end function
            connection.logger.log('*** Could not get response with msg2 from remote server.\n')
            connection.logger.log('*** Stop Request = %d.\n' % connection.stop_request)
            return

        auth = connection.rserver_head_obj.get_param_values('Proxy-Authenticate')
        if auth:
            msg2 = string.strip(string.split(auth[0])[1])
            connection.logger_auth.log(ntlm_messages.debug_message2(msg2))
            nonce = ntlm_messages.parse_message2(msg2)
            NTLM_msg3 = ntlm_messages.create_message3(nonce, env)
            connection.logger_auth.log(ntlm_messages.debug_message3(NTLM_msg3))
        else:
            NTML_msg3 = ''

        tmp_client_head_obj = connection.client_head_obj.copy()
        tmp_client_head_obj.replace_param_value('Proxy-Authorization', 'NTLM ' + NTLM_msg3)

        connection.reset_rserver()
        connection.rserver_buffer = ''
        connection.logger.log('*** Remote server buffer flushed.\n')
        connection.logger.log('*** Sending Fake NTLM header (not body) with Msg3...')
        tmp_client_head_obj.send(connection.rserver_socket)
        connection.logger.log('Done.\n')
        connection.logger.log('*** Fake NTLM header with Msg3:\n=====\n' + tmp_client_head_obj.__repr__())

        # upon exit all the remote server variables are reset
        # so new remote server response will be taken by the usual way in connection.run()
        connection.logger.log('*** End of NTLM authorization process.\n')