Пример #1
0
def create_message1(environment_dict):
    ""
    ed = environment_dict
    # overall lenght = 48 bytes
    protocol = 'NTLMSSP\000'    #name
    type = '\001\000'               #type 1
    zeros1 = '\000\000'

    flags = ntlmutils.hex2str(ed['FLAGS'])

    zeros2 = '\000\000\000\000\000\000\000\000\000'
    zeros3 = '\000\000\000\000\000\000\000\000\000\000\000'
    smthg1 = '0\000\000\000\000\000\000\000'    # something with chr(48) length?
    smthg2 = '0\000\000\000'                    # something with chr(48) lenght?

    msg1 = protocol + type + zeros1 + flags + zeros2 + zeros3 + smthg1 + smthg2
    msg1 = base64.encodestring(msg1)
    msg1 = string.replace(msg1, '\012', '')

    return msg1
Пример #2
0
def create_message1(environment_dict):
    ""
    ed = environment_dict
    # overall lenght = 48 bytes
    protocol = 'NTLMSSP\000'  #name
    type = '\001\000'  #type 1
    zeros1 = '\000\000'

    flags = ntlmutils.hex2str(ed['FLAGS'])

    zeros2 = '\000\000\000\000\000\000\000\000\000'
    zeros3 = '\000\000\000\000\000\000\000\000\000\000\000'
    smthg1 = '0\000\000\000\000\000\000\000'  # something with chr(48) length?
    smthg2 = '0\000\000\000'  # something with chr(48) lenght?

    msg1 = protocol + type + zeros1 + flags + zeros2 + zeros3 + smthg1 + smthg2
    msg1 = base64.encodestring(msg1)
    msg1 = string.replace(msg1, '\012', '')

    return msg1
Пример #3
0
def create_message3(nonce, environment_dict):
    ""
    ed = environment_dict

    flags = ntlmutils.hex2str(ed['FLAGS'])

    protocol = 'NTLMSSP\000'            #name
    type = '\003\000'                   #type 3
    head = protocol + type + '\000\000'

    domain_rec = record(ed['DOMAIN'])
    user_rec = record(ed['USER'])
    host_rec = record(ed['HOST'])

    additional_rec = record('')

    if ed['LM']:
        lm_rec = record(ntlm_procs.calc_resp(ed['LM_HASHED_PW'], nonce))
    else:
        lm_rec = record('')

    if ed['NT']:
        nt_rec = record(ntlm_procs.calc_resp(ed['NT_HASHED_PW'], nonce))
    else:
        nt_rec = record('')

    # length of the head and five infos for LM, NT, Domain, User, Host
    domain_offset = len(head) + 5 * 8

    # and unknown record info and flags' lenght
    if ed['NTLM_MODE'] == 0:
        domain_offset = domain_offset + 8 + len(flags)

    # create info fields
    domain_rec.create_record_info(domain_offset)
    user_rec.create_record_info(domain_rec.next_offset)
    host_rec.create_record_info(user_rec.next_offset)
    lm_rec.create_record_info(host_rec.next_offset)
    nt_rec.create_record_info(lm_rec.next_offset)
    additional_rec.create_record_info(nt_rec.next_offset)

    # data part of the message 3
    data_part = domain_rec.data + user_rec.data + host_rec.data + lm_rec.data + nt_rec.data

    # build message 3
    m3 = head + lm_rec.record_info + nt_rec.record_info + domain_rec.record_info + \
         user_rec.record_info + host_rec.record_info

    # Experimental feature !!!
    if ed['NTLM_MODE'] == 0:
        m3 = m3 + additional_rec.record_info + flags

    m3 = m3 + data_part

    # Experimental feature !!!
    if ed['NTLM_MODE'] == 0:
        m3 = m3 + additional_rec.data

    # base64 encode
    m3 = base64.encodestring(m3)
    m3 = string.replace(m3, '\012', '')

    return m3
Пример #4
0
def create_message3(nonce, environment_dict):
    ""
    ed = environment_dict

    flags = ntlmutils.hex2str(ed['FLAGS'])

    protocol = 'NTLMSSP\000'  #name
    type = '\003\000'  #type 3
    head = protocol + type + '\000\000'

    domain_rec = record(ed['DOMAIN'])
    user_rec = record(ed['USER'])
    host_rec = record(ed['HOST'])

    additional_rec = record('')

    if ed['LM']:
        lm_rec = record(ntlm_procs.calc_resp(ed['LM_HASHED_PW'], nonce))
    else:
        lm_rec = record('')

    if ed['NT']:
        nt_rec = record(ntlm_procs.calc_resp(ed['NT_HASHED_PW'], nonce))
    else:
        nt_rec = record('')

    # length of the head and five infos for LM, NT, Domain, User, Host
    domain_offset = len(head) + 5 * 8

    # and unknown record info and flags' lenght
    if ed['NTLM_MODE'] == 0:
        domain_offset = domain_offset + 8 + len(flags)

    # create info fields
    domain_rec.create_record_info(domain_offset)
    user_rec.create_record_info(domain_rec.next_offset)
    host_rec.create_record_info(user_rec.next_offset)
    lm_rec.create_record_info(host_rec.next_offset)
    nt_rec.create_record_info(lm_rec.next_offset)
    additional_rec.create_record_info(nt_rec.next_offset)

    # data part of the message 3
    data_part = domain_rec.data + user_rec.data + host_rec.data + lm_rec.data + nt_rec.data

    # build message 3
    m3 = head + lm_rec.record_info + nt_rec.record_info + domain_rec.record_info + \
         user_rec.record_info + host_rec.record_info

    # Experimental feature !!!
    if ed['NTLM_MODE'] == 0:
        m3 = m3 + additional_rec.record_info + flags

    m3 = m3 + data_part

    # Experimental feature !!!
    if ed['NTLM_MODE'] == 0:
        m3 = m3 + additional_rec.data

    # base64 encode
    m3 = base64.encodestring(m3)
    m3 = string.replace(m3, '\012', '')

    return m3