def test_NetrServerReqChallenge_NetrServerAuthenticate(self): dce, rpctransport = self.connect() request = nrpc.NetrServerReqChallenge() request['PrimaryName'] = NULL request['ComputerName'] = self.serverName + '\x00' request['ClientChallenge'] = b'12345678' resp = dce.request(request) resp.dump() serverChallenge = resp['ServerChallenge'] if self.machineUserHashes == '': ntHash = None else: ntHash = unhexlify(self.machineUserHashes.split(':')[1]) sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, b'12345678', serverChallenge, ntHash) ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey) request = nrpc.NetrServerAuthenticate() request['PrimaryName'] = NULL request['AccountName'] = self.machineUser + '\x00' request['SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel request['ComputerName'] = self.serverName + '\x00' request['ClientCredential'] = ppp try: resp = dce.request(request) resp.dump() except Exception as e: if str(e).find('STATUS_DOWNGRADE_DETECTED') < 0: raise
def test_NetrServerReqChallenge_hNetrServerAuthenticate2(self): dce, rpctransport = self.connect() request = nrpc.NetrServerReqChallenge() request['PrimaryName'] = NULL request['ComputerName'] = self.serverName + '\x00' request['ClientChallenge'] = '12345678' resp = dce.request(request) resp.dump() serverChallenge = resp['ServerChallenge'] if self.hashes == '': ntHash = None else: ntHash = unhexlify(self.hashes.split(':')[1]) sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, '12345678', serverChallenge, ntHash) ppp = nrpc.ComputeNetlogonCredential('12345678', sessionKey) resp = nrpc.hNetrServerAuthenticate2( dce, NULL, self.username + '\x00', nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel, self.serverName + '\x00', ppp, 0x600FFFFF) resp.dump()
def test_NetrServerReqChallenge_NetrServerAuthenticate3(self): dce, rpctransport = self.connect() request = nrpc.NetrServerReqChallenge() request['PrimaryName'] = NULL request['ComputerName'] = self.serverName + '\x00' request['ClientChallenge'] = b'12345678' resp = dce.request(request) resp.dump() serverChallenge = resp['ServerChallenge'] if self.machineUserHashes == '': ntHash = None else: ntHash = unhexlify(self.machineUserHashes.split(':')[1]) sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, b'12345678', serverChallenge, ntHash) ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey) request = nrpc.NetrServerAuthenticate3() request['PrimaryName'] = NULL request['AccountName'] = self.machineUser + '\x00' request['SecureChannelType'] = nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel request['ComputerName'] = self.serverName + '\x00' request['ClientCredential'] = ppp request['NegotiateFlags'] = 0x600FFFFF resp = dce.request(request) resp.dump()
def test_NetrServerReqChallenge_hNetrServerAuthenticate2(self): dce, rpctransport = self.connect() request = nrpc.NetrServerReqChallenge() request['PrimaryName'] = self.serverName + '\x00' request['ComputerName'] = self.machine_user + '\x00' request['ClientChallenge'] = b'12345678' resp = dce.request(request) resp.dump() serverChallenge = resp['ServerChallenge'] bnthash = self.machine_user_bnthash or None sessionKey = nrpc.ComputeSessionKeyStrongKey(self.password, b'12345678', serverChallenge, bnthash) ppp = nrpc.ComputeNetlogonCredential(b'12345678', sessionKey) resp = nrpc.hNetrServerAuthenticate2( dce, self.serverName, self.machine_user, nrpc.NETLOGON_SECURE_CHANNEL_TYPE.WorkstationSecureChannel, self.machine_user, ppp, 0x600FFFFF) resp.dump()