class MSLDAPWSNetNTLMAuth:
def __init__(self, settings):
self.settings = settings
self.mode = None #'CLIENT'
self.sspi = WSNETAuth()
self.operator = None
self.client = None
self.target = None
self.seq_number = 0
self.session_key = None
self.ntlm_ctx = NTLMAUTHHandler(NTLMHandlerSettings(None, 'MANUAL'))
def setup(self):
return
@property
def ntlmChallenge(self):
return self.ntlm_ctx.ntlmChallenge
def get_sealkey(self, mode='Client'):
return self.ntlm_ctx.get_sealkey(mode=mode)
def get_signkey(self, mode='Client'):
return self.ntlm_ctx.get_signkey(mode=mode)
def signing_needed(self):
return self.ntlm_ctx.signing_needed()
def encryption_needed(self):
return self.ntlm_ctx.encryption_needed()
async def encrypt(self, data, message_no):
return await self.ntlm_ctx.encrypt(data, message_no)
async def decrypt(self,
data,
sequence_no,
direction='init',
auth_data=None):
return await self.ntlm_ctx.decrypt(data,
sequence_no,
direction=direction,
auth_data=auth_data)
async def sign(self, data, message_no, direction=None, reset_cipher=False):
return await self.ntlm_ctx.sign(data,
message_no,
direction=None,
reset_cipher=reset_cipher)
def SEAL(self, signingKey, sealingKey, messageToSign, messageToEncrypt,
seqNum, cipher_encrypt):
return self.ntlm_ctx.SEAL(signingKey, sealingKey, messageToSign,
messageToEncrypt, seqNum, cipher_encrypt)
def SIGN(self, signingKey, message, seqNum, cipher_encrypt):
return self.ntlm_ctx.SIGN(signingKey, message, seqNum, cipher_encrypt)
def get_session_key(self):
return self.session_key
def get_seq_number(self):
return self.seq_number
def is_extended_security(self):
return self.ntlm_ctx.is_extended_security()
async def authenticate(self,
authData=b'',
flags=None,
seq_number=0,
cb_data=None):
try:
if flags is None:
flags = ISC_REQ.CONNECTION
if authData is None:
status, ctxattr, data, err = await self.sspi.authenticate(
'NTLM', '', '', 3, flags.value, authdata=b'')
if err is not None:
raise err
self.ntlm_ctx.load_negotiate(data)
return data, True, None
else:
self.ntlm_ctx.load_challenge(authData)
status, ctxattr, data, err = await self.sspi.authenticate(
'NTLM', '', '', 3, flags.value, authdata=authData)
if err is not None:
raise err
if err is None:
self.ntlm_ctx.load_authenticate(data)
self.session_key, err = await self.sspi.get_sessionkey()
if err is not None:
raise err
self.ntlm_ctx.load_sessionkey(self.get_session_key())
await self.sspi.disconnect()
return data, False, None
except Exception as e:
return None, None, e
class SMBNTLMMultiplexor:
def __init__(self, settings):
self.settings = settings
self.mode = None #'CLIENT'
self.sspi = None
self.operator = None
self.client = None
self.target = None
#self.ntlmChallenge = None
self.session_key = None
self.ntlm_ctx = NTLMAUTHHandler(NTLMHandlerSettings(None, 'MANUAL'))
def setup(self):
return
@property
def ntlmChallenge(self):
return self.ntlm_ctx.ntlmChallenge
def get_sealkey(self, mode='Client'):
return self.ntlm_ctx.get_sealkey(mode=mode)
def get_signkey(self, mode='Client'):
return self.ntlm_ctx.get_signkey(mode=mode)
def SEAL(self, signingKey, sealingKey, messageToSign, messageToEncrypt,
seqNum, cipher_encrypt):
return self.ntlm_ctx.SEAL(signingKey, sealingKey, messageToSign,
messageToEncrypt, seqNum, cipher_encrypt)
def SIGN(self, signingKey, message, seqNum, cipher_encrypt):
return self.ntlm_ctx.SIGN(signingKey, message, seqNum, cipher_encrypt)
def get_session_key(self):
return self.session_key
def get_extra_info(self):
return self.ntlm_ctx.get_extra_info()
def is_extended_security(self):
return self.ntlm_ctx.is_extended_security()
#async def encrypt(self, data, message_no):
# return self.sspi.encrypt(data, message_no)
#
#async def decrypt(self, data, message_no):
# return self.sspi.decrypt(data, message_no)
async def authenticate(self,
authData=None,
flags=None,
seq_number=0,
is_rpc=False):
if self.sspi is None:
res = await self.start_remote_sspi()
if res is None:
raise Exception('Failed to start remote SSPI')
if is_rpc is True and flags is None:
flags = ISC_REQ.REPLAY_DETECT | ISC_REQ.CONFIDENTIALITY | ISC_REQ.USE_SESSION_KEY | ISC_REQ.INTEGRITY | ISC_REQ.SEQUENCE_DETECT | ISC_REQ.CONNECTION
flags = int(flags)
if self.settings.mode == 'CLIENT':
if authData is None:
data, res = await self.sspi.authenticate(flags=flags)
if res is None:
self.ntlm_ctx.load_negotiate(data)
return data, res
else:
self.ntlm_ctx.load_challenge(authData)
data, res = await self.sspi.challenge(authData, flags=flags)
if res is None:
self.ntlm_ctx.load_authenticate(data)
self.session_key, res = await self.sspi.get_session_key()
if res is None:
self.ntlm_ctx.load_sessionkey(self.get_session_key())
return data, res
else:
raise Exception('Server mode not implemented!')
async def start_remote_sspi(self):
try:
#print(self.settings.get_url())
self.operator = MultiplexorOperator(self.settings.get_url(),
logging_sink=logger)
await self.operator.connect()
#creating virtual sspi server
server_info = await self.operator.start_sspi(self.settings.agent_id
)
#print(server_info)
sspi_url = 'ws://%s:%s' % (server_info['listen_ip'],
server_info['listen_port'])
#print(sspi_url)
self.sspi = SSPINTLMClient(sspi_url)
await self.sspi.connect()
return True
except Exception as e:
import traceback
traceback.print_exc()
return None
class MSLDAPNTLMMultiplexor:
def __init__(self, settings):
self.settings = settings
self.mode = None #'CLIENT'
self.sspi = None
self.operator = None
self.client = None
self.target = None
self.seq_number = 0
self.session_key = None
self.ntlm_ctx = NTLMAUTHHandler(NTLMHandlerSettings(None, 'MANUAL'))
def setup(self):
return
@property
def ntlmChallenge(self):
return self.ntlm_ctx.ntlmChallenge
def get_sealkey(self, mode='Client'):
return self.ntlm_ctx.get_sealkey(mode=mode)
def get_signkey(self, mode='Client'):
return self.ntlm_ctx.get_signkey(mode=mode)
def get_session_key(self):
return self.session_key
def is_extended_security(self):
return self.ntlm_ctx.is_extended_security()
def get_seq_number(self):
return self.seq_number
def signing_needed(self):
return self.ntlm_ctx.signing_needed()
def encryption_needed(self):
return self.ntlm_ctx.encryption_needed()
async def encrypt(self, data, message_no):
return await self.ntlm_ctx.encrypt(data, message_no)
async def decrypt(self,
data,
sequence_no,
direction='init',
auth_data=None):
return await self.ntlm_ctx.decrypt(data,
sequence_no,
direction=direction,
auth_data=auth_data)
async def sign(self, data, message_no, direction=None, reset_cipher=False):
return await self.ntlm_ctx.sign(data,
message_no,
direction=None,
reset_cipher=reset_cipher)
async def authenticate(self,
authData=None,
flags=None,
seq_number=0,
cb_data=None):
is_rpc = False
if self.sspi is None:
res, err = await self.start_remote_sspi()
if err is not None:
return None, None, err
if is_rpc is True and flags is None:
flags = ISC_REQ.REPLAY_DETECT | ISC_REQ.CONFIDENTIALITY | ISC_REQ.USE_SESSION_KEY | ISC_REQ.INTEGRITY | ISC_REQ.SEQUENCE_DETECT | ISC_REQ.CONNECTION
flags = int(flags)
if authData is None:
data, res = await self.sspi.authenticate(flags=flags)
if res is None:
self.ntlm_ctx.load_negotiate(data)
return data, res, None
else:
self.ntlm_ctx.load_challenge(authData)
data, res = await self.sspi.challenge(authData, flags=flags)
if res is None:
self.ntlm_ctx.load_authenticate(data)
self.session_key, res = await self.sspi.get_session_key()
if res is None:
self.ntlm_ctx.load_sessionkey(self.get_session_key())
return data, res, None
async def start_remote_sspi(self):
try:
#print(self.settings.get_url())
self.operator = MultiplexorOperator(self.settings.get_url(),
logging_sink=logger)
await self.operator.connect()
#creating virtual sspi server
server_info = await self.operator.start_sspi(self.settings.agent_id
)
#print(server_info)
sspi_url = 'ws://%s:%s' % (server_info['listen_ip'],
server_info['listen_port'])
#print(sspi_url)
self.sspi = SSPINTLMClient(sspi_url)
await self.sspi.connect()
return True, None
except Exception as e:
import traceback
traceback.print_exc()
return None, e
class MSLDAPNTLMSSPI:
def __init__(self, settings):
self.settings = settings
self.mode = 'CLIENT'
self.username = settings.username
self.password = settings.password
self.domain = settings.domain
self.actual_ctx_flags = None
self.flags = ISC_REQ.CONNECTION
if settings.encrypt is True:
#self.flags = ISC_REQ.REPLAY_DETECT | ISC_REQ.CONFIDENTIALITY| ISC_REQ.USE_SESSION_KEY| ISC_REQ.INTEGRITY| ISC_REQ.SEQUENCE_DETECT| ISC_REQ.CONNECTION
self.flags = ISC_REQ.CONNECTION | ISC_REQ.CONFIDENTIALITY
self.sspi = NTLMMSLDAPSSPI()
self.seq_number = 0
self.session_key = None
self.ntlm_ctx = NTLMAUTHHandler(NTLMHandlerSettings(None, 'MANUAL'))
@property
def ntlmChallenge(self):
return self.ntlm_ctx.ntlmChallenge
def get_seq_number(self):
return self.ntlm_ctx.get_seq_number()
def signing_needed(self):
return self.ntlm_ctx.signing_needed()
def encryption_needed(self):
return self.ntlm_ctx.encryption_needed()
def get_sealkey(self, mode='Client'):
return self.ntlm_ctx.get_sealkey(mode=mode)
def get_signkey(self, mode='Client'):
return self.ntlm_ctx.get_signkey(mode=mode)
#def wrap(self, data, sequence_no):
# self.ntlm_ctx.wrap()
def unwrap(self, data):
return self.ntlm_ctx.unwrap(data)
def SEAL(self, signingKey, sealingKey, messageToSign, messageToEncrypt,
seqNum, cipher_encrypt):
return self.ntlm_ctx.SEAL(signingKey, sealingKey, messageToSign,
messageToEncrypt, seqNum, cipher_encrypt)
def SIGN(self, signingKey, message, seqNum, cipher_encrypt):
return self.ntlm_ctx.SIGN(signingKey, message, seqNum, cipher_encrypt)
def sign(self, data, message_no=0, direction='init', reset_cipher=False):
return self.ntlm_ctx.sign(data,
message_no=message_no,
reset_cipher=reset_cipher)
def verify(self, data, signature):
return self.ntlm_ctx.verify(data, signature)
def get_session_key(self):
if not self.session_key:
self.session_key = self.sspi.get_session_key()
return self.session_key
#def get_extra_info(self):
# return self.ntlm_ctx.get_extra_info()
def is_extended_security(self):
return self.ntlm_ctx.is_extended_security()
def encrypt(self, data, message_no):
return self.ntlm_ctx.encrypt(data, message_no)
def decrypt(self, data, message_no, direction='init', auth_data=None):
return self.ntlm_ctx.decrypt(data,
message_no,
direction=direction,
auth_data=auth_data)
async def authenticate(self,
authData=None,
flags=None,
seq_number=0,
cb_data=None):
if authData is None:
try:
data, res = self.sspi.negotiate(ctx_flags=self.flags)
self.actual_ctx_flags = self.sspi.ctx_outflags
self.ntlm_ctx.load_negotiate(data)
return data, res, None
except Exception as e:
return None, None, e
else:
self.ntlm_ctx.load_challenge(authData)
data, res = self.sspi.authenticate(authData, ctx_flags=self.flags)
self.ntlm_ctx.load_authenticate(data)
self.ntlm_ctx.load_sessionkey(self.get_session_key())
return data, res, None