def AcquireCredentialsHandle(client_name,
package_name,
tragetspn,
cred_usage,
pluid=None,
authdata=None):
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return result
raise Exception('%s failed with error code %s (%s)' %
('AcquireCredentialsHandle', result, SEC_E(result)))
_AcquireCredentialsHandle = windll.Secur32.AcquireCredentialsHandleA
_AcquireCredentialsHandle.argtypes = [
PSEC_CHAR, PSEC_CHAR, ULONG, PLUID, PVOID, PVOID, PVOID, PCredHandle,
PTimeStamp
]
_AcquireCredentialsHandle.restype = DWORD
_AcquireCredentialsHandle.errcheck = errc
#TODO: package_name might be different from version to version. implement functionality to poll it properly!
cn = None
if client_name:
cn = LPSTR(client_name.encode('ascii'))
pn = LPSTR(package_name.encode('ascii'))
creds = CredHandle()
ts = TimeStamp()
res = _AcquireCredentialsHandle(cn, pn, cred_usage, pluid, authdata, None,
None, byref(creds), byref(ts))
return creds
def DecryptMessage(ctx, token, data, message_no=0):
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('DecryptMessage', result, SEC_E(result)))
_DecryptMessage = windll.Secur32.DecryptMessage
_DecryptMessage.argtypes = [PCtxtHandle, PSecBufferDesc, ULONG, PULONG]
_DecryptMessage.restype = DWORD
_DecryptMessage.errcheck = errc
secbuffers = []
secbuffers.append(
SecBuffer(token=token, buffer_type=SECBUFFER_TYPE.SECBUFFER_TOKEN))
secbuffers.append(
SecBuffer(token=data[:-1], buffer_type=SECBUFFER_TYPE.SECBUFFER_DATA))
secbuffers.append(
SecBuffer(token=data[-1:],
buffer_type=SECBUFFER_TYPE.SECBUFFER_PADDING))
data = SecBufferDesc(secbuffers)
flags = ULONG()
message_no = ULONG(message_no)
res = _DecryptMessage(byref(ctx), byref(data), message_no, byref(flags))
return data.Buffers
def QueryContextAttributes(ctx, attr, sec_struct):
#attr = SECPKG_ATTR enum
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('QueryContextAttributes', result, SEC_E(result)))
_QueryContextAttributes = windll.Secur32.QueryContextAttributesW
_QueryContextAttributes.argtypes = [PCtxtHandle, ULONG, PVOID]
_QueryContextAttributes.restype = DWORD
_QueryContextAttributes.errcheck = errc
res = _QueryContextAttributes(byref(ctx), attr.value, byref(sec_struct))
return
def EncryptMessage(ctx, data, message_no=0, fQOP=None):
#raise NotImplementedError()
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('EncryptMessage', result, SEC_E(result)))
_EncryptMessage = windll.Secur32.EncryptMessage
_EncryptMessage.argtypes = [PCtxtHandle, ULONG, PSecBufferDesc, ULONG]
_EncryptMessage.restype = DWORD
_EncryptMessage.errcheck = errc
secbuffers = []
#secbuffers.append(SecBuffer(token=b'\x00'*1024, buffer_type = SECBUFFER_TYPE.SECBUFFER_STREAM_HEADER))
secbuffers.append(
SecBuffer(token=b'\x00' * 1024,
buffer_type=SECBUFFER_TYPE.SECBUFFER_TOKEN))
secbuffers.append(
SecBuffer(token=data, buffer_type=SECBUFFER_TYPE.SECBUFFER_DATA))
secbuffers.append(
SecBuffer(token=b'\x00' * 1024,
buffer_type=SECBUFFER_TYPE.SECBUFFER_PADDING))
#secbuffers.append(SecBuffer(token = b'',buffer_type = SECBUFFER_TYPE.SECBUFFER_EMPTY))
data = SecBufferDesc(secbuffers)
print(data)
flags = ULONG(1)
message_no = ULONG(message_no)
res = _EncryptMessage(ctx, flags, byref(data), message_no)
print(data)
return res, data.Buffers
def GetSequenceNumberFromEncryptdataKerberos(ctx):
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('EncryptMessage', result, SEC_E(result)))
_EncryptMessage = windll.Secur32.EncryptMessage
_EncryptMessage.argtypes = [PCtxtHandle, ULONG, PSecBufferDesc, ULONG]
_EncryptMessage.restype = DWORD
_EncryptMessage.errcheck = errc
data = b'HAHAHAHAHAHAHAHA'
secbuffers = []
secbuffers.append(
SecBuffer(token=b'\x00' * 1024,
buffer_type=SECBUFFER_TYPE.SECBUFFER_TOKEN)
) #tthe correct size should be checked but that's another api call..
secbuffers.append(
SecBuffer(token=data, buffer_type=SECBUFFER_TYPE.SECBUFFER_DATA))
data = SecBufferDesc(secbuffers)
flags = ULONG(1)
message_no = ULONG(0)
res = _EncryptMessage(ctx, flags, byref(data), message_no)
tok = GSSWrapToken.from_bytes(data.Buffers[0][1])
return tok.SND_SEQ
def __init__(self, secbuffers=None):
#secbuffers = a list of security buffers (SecBuffer)
if secbuffers is not None:
Structure.__init__(self, 0, len(secbuffers),
(SecBuffer * len(secbuffers))(*secbuffers))
else:
Structure.__init__(self, 0, 1, byref(SecBuffer()))
def FreeContextBuffer(secbuff):
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('DecryptMessage', result, SEC_E(result)))
_FreeContextBuffer = windll.Secur32.FreeContextBuffer
_FreeContextBuffer.argtypes = [PVOID]
_FreeContextBuffer.restype = DWORD
_FreeContextBuffer.errcheck = errc
res = _FreeContextBuffer(byref(secbuff))
return
def SetContextAttributes(ctx, attr, data):
#attr = SECPKG_ATTR enum
def errc(result, func, arguments):
if SEC_E(result) == SEC_E.OK:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('SetContextAttributes', result, SEC_E(result)))
_SetContextAttributes = windll.Secur32.SetContextAttributesW
_SetContextAttributes.argtypes = [PCtxtHandle, ULONG, PVOID, ULONG]
_SetContextAttributes.restype = DWORD
_SetContextAttributes.errcheck = errc
print('set data: %s' % data)
print('set attr: %s' % attr)
data_len = ULONG(len(data))
data_buff = ctypes.create_string_buffer(data, len(data))
res = _SetContextAttributes(byref(ctx), attr.value, data_buff, data_len)
return
def InitializeSecurityContext(creds,
target,
ctx=None,
flags=ISC_REQ.INTEGRITY | ISC_REQ.CONFIDENTIALITY
| ISC_REQ.SEQUENCE_DETECT
| ISC_REQ.REPLAY_DETECT,
TargetDataRep=0,
token=None):
#print('==== InitializeSecurityContext ====')
#print('Creds: %s' % creds)
#print('Target: %s' % target)
#print('ctx: %s' % ctx)
#print('token: %s' % token)
def errc(result, func, arguments):
if SEC_E(result) in [
SEC_E.OK, SEC_E.COMPLETE_AND_CONTINUE, SEC_E.COMPLETE_NEEDED,
SEC_E.CONTINUE_NEEDED, SEC_E.INCOMPLETE_CREDENTIALS
]:
return SEC_E(result)
raise Exception('%s failed with error code %s (%s)' %
('InitializeSecurityContext', result, SEC_E(result)))
_InitializeSecurityContext = windll.Secur32.InitializeSecurityContextA
_InitializeSecurityContext.argtypes = [
PCredHandle, PCtxtHandle, PSEC_CHAR, ULONG, ULONG, ULONG,
PSecBufferDesc, ULONG, PCtxtHandle, PSecBufferDesc, PULONG, PTimeStamp
]
_InitializeSecurityContext.restype = DWORD
_InitializeSecurityContext.errcheck = errc
if target:
ptarget = LPSTR(target.encode('ascii'))
else:
ptarget = None
newbuf = SecBufferDesc()
outputflags = ULONG()
expiry = TimeStamp()
if token:
token = SecBufferDesc([SecBuffer(token)])
if not ctx:
ctx = CtxtHandle()
res = _InitializeSecurityContext(byref(creds), None, ptarget,
int(flags), 0, TargetDataRep,
byref(token) if token else None, 0,
byref(ctx), byref(newbuf),
byref(outputflags), byref(expiry))
else:
res = _InitializeSecurityContext(byref(creds), byref(ctx), ptarget,
int(flags), 0, TargetDataRep,
byref(token) if token else None, 0,
byref(ctx), byref(newbuf),
byref(outputflags), byref(expiry))
data = newbuf.Buffers
return res, ctx, data, ISC_REQ(outputflags.value), expiry
def __init__(self,
token=b'\x00' * maxtoken_size,
buffer_type=SECBUFFER_TYPE.SECBUFFER_TOKEN):
buf = ctypes.create_string_buffer(token, size=len(token))
Structure.__init__(self, sizeof(buf), buffer_type.value,
ctypes.cast(byref(buf), PVOID))
def __init__(
self
): # populate deeply (empty memory fields) rather than shallow null POINTERs.
super(Structure, self).__init__(byref(ULONG()), byref(ULONG()))