diff --git a/src/ntlm/ntlmv1.go b/src/ntlm/ntlmv1.go index b3c6a79..183ba1a 100644 --- a/src/ntlm/ntlmv1.go +++ b/src/ntlm/ntlmv1.go @@ -2,9 +2,11 @@ package ntlm import ( - rc4P "crypto/rc4" "bytes" + // l4g "code.google.com/p/log4go" + rc4P "crypto/rc4" "errors" + "fmt" "ntlm/messages" "strings" ) @@ -160,6 +162,11 @@ func (n *V1ServerSession) ProcessAuthenticateMessage(am *messages.Authenticate) n.negotiateFlags = am.NegotiateFlags n.clientChallenge = am.ClientChallenge() n.encryptedRandomSessionKey = am.EncryptedRandomSessionKey.Payload + // Ignore the values used in SetUserInfo and use these instead from the authenticate message + // They should always be correct (I hope) + n.user = am.UserName.String() + n.userDomain = am.DomainName.String() + fmt.Printf("(ProcessAuthenticateMessage)NTLM v1 User %s Domain %s \n", n.user, n.userDomain) err = n.fetchResponseKeys() if err != nil { diff --git a/src/ntlm/ntlmv2.go b/src/ntlm/ntlmv2.go index 0af7328..4343773 100644 --- a/src/ntlm/ntlmv2.go +++ b/src/ntlm/ntlmv2.go @@ -177,7 +177,7 @@ func (n *V2ServerSession) ProcessAuthenticateMessage(am *messages.Authenticate) // They should always be correct (I hope) n.user = am.UserName.String() n.userDomain = am.DomainName.String() - l4g.Info("NTLM User %s Domain %s", n.user, n.userDomain) + l4g.Info("(ProcessAuthenticateMessage)NTLM v2 User %s Domain %s", n.user, n.userDomain) err = n.fetchResponseKeys() if err != nil { diff --git a/utils/test_auth.go b/utils/test_auth.go index c8af484..a8fb122 100644 --- a/utils/test_auth.go +++ b/utils/test_auth.go @@ -8,11 +8,24 @@ import ( ) func main() { - challengeMessage := "TlRMTVNTUAACAAAAAAAAADgAAABVgphiPXSy0E6+HrMAAAAAAAAAAKIAogA4AAAABQEoCgAAAA8CAA4AUgBFAFUAVABFAFIAUwABABwAVQBLAEIAUAAtAEMAQgBUAFIATQBGAEUAMAA2AAQAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAwA0AHUAawBiAHAALQBjAGIAdAByAG0AZgBlADAANgAuAFIAZQB1AHQAZQByAHMALgBuAGUAdAAFABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAAAAAA=" - authenticateMessage := "TlRMTVNTUAADAAAAGAAYALYAAADSANIAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEACgAQAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQBPYrLjU4h0YlWZeEoNvTJtBQMnnJuAeUwsP+vGmAHNRBpgZ+4ChQLqAQEAAAAAAACPFEIFjx7OAQUDJ5ybgHlMAAAAAAIADgBSAEUAVQBUAEUAUgBTAAEAHABVAEsAQgBQAC0AQwBCAFQAUgBNAEYARQAwADYABAAWAFIAZQB1AHQAZQByAHMALgBuAGUAdAADADQAdQBrAGIAcAAtAGMAYgB0AHIAbQBmAGUAMAA2AC4AUgBlAHUAdABlAHIAcwAuAG4AZQB0AAUAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAAAAAAAAAAANuvnqD3K88ZpjkLleL0NW" + // ntlm v2 + // challengeMessage := "TlRMTVNTUAACAAAAAAAAADgAAABVgphiPXSy0E6+HrMAAAAAAAAAAKIAogA4AAAABQEoCgAAAA8CAA4AUgBFAFUAVABFAFIAUwABABwAVQBLAEIAUAAtAEMAQgBUAFIATQBGAEUAMAA2AAQAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAwA0AHUAawBiAHAALQBjAGIAdAByAG0AZgBlADAANgAuAFIAZQB1AHQAZQByAHMALgBuAGUAdAAFABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAAAAAA=" + // authenticateMessage := "TlRMTVNTUAADAAAAGAAYALYAAADSANIAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEACgAQAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQBPYrLjU4h0YlWZeEoNvTJtBQMnnJuAeUwsP+vGmAHNRBpgZ+4ChQLqAQEAAAAAAACPFEIFjx7OAQUDJ5ybgHlMAAAAAAIADgBSAEUAVQBUAEUAUgBTAAEAHABVAEsAQgBQAC0AQwBCAFQAUgBNAEYARQAwADYABAAWAFIAZQB1AHQAZQByAHMALgBuAGUAdAADADQAdQBrAGIAcAAtAGMAYgB0AHIAbQBmAGUAMAA2AC4AUgBlAHUAdABlAHIAcwAuAG4AZQB0AAUAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAAAAAAAAAAANuvnqD3K88ZpjkLleL0NW" + + //LCS v1 + //challengeMessage := "TlRMTVNTUAACAAAAAAAAADgAAADzgpjid08w9p89DLUAAAAAAAAAAPAA8AA4AAAABQLODgAAAA8CAA4AQQBSAFIAQQBZADEAMgABABYATgBZAEMAUwBNAFMARwA5ADkAMQAyAAQANABhAHIAcgBhAHkAMQAyAC4AbQBzAGcAdABzAHQALgByAGUAdQB0AGUAcgBzAC4AYwBvAG0AAwBMAE4AWQBDAFMATQBTAEcAOQA5ADEAMgAuAGEAcgByAGEAeQAxADIALgBtAHMAZwB0AHMAdAAuAHIAZQB1AHQAZQByAHMALgBjAG8AbQAFADQAYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAAAAAAA=" + //authenticateMessage := "TlRMTVNTUAADAAAAGAAYAKwAAAAYABgAxAAAAAAAAABYAAAANgA2AFgAAAAeAB4AjgAAABAAEADcAAAAVYKQYgYBsR0AAAAPUJSCwwcYcGpE0Zp9GsD3RDAANQAwADAANAA1AC4AcgBtAHcAYQB0AGUAcwB0AEAAcgBlAHUAdABlAHIAcwAuAGMAbwBtAFcASQBOAC0AMABEAEQAQQBCAEsAQwAxAFUASQA4ALIsDLYZktr3YlJDLyVT6GHgwNA+DFdM87IsDLYZktr3YlJDLyVT6GHgwNA+DFdM851g+vaa4CHvomwyYmjbB1M=" + + //US + //challengeMessage := "TlRMTVNTUAACAAAAAAAAADgAAABVgphisF5WgZrWn4MAAAAAAAAAAKIAogA4AAAABQEoCgAAAA8CAA4AUgBFAFUAVABFAFIAUwABABwAVQBLAEIAUAAtAEMAQgBUAFIATQBGAEUAMAA2AAQAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAwA0AHUAawBiAHAALQBjAGIAdAByAG0AZgBlADAANgAuAFIAZQB1AHQAZQByAHMALgBuAGUAdAAFABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAAAAAA=" + //authenticateMessage := "TlRMTVNTUAADAAAAGAAYAKwAAAAYABgAxAAAAAAAAABYAAAANgA2AFgAAAAeAB4AjgAAABAAEADcAAAAVYKQYgYBsR0AAAAPJc+NGJ4qgACnkkGb9J8RezAANQAwADAANAA1AC4AcgBtAHcAYQB0AGUAcwB0AEAAcgBlAHUAdABlAHIAcwAuAGMAbwBtAFcASQBOAC0AMABEAEQAQQBCAEsAQwAxAFUASQA4AJLPhCq8UHZjb5sEjtoaJtWBY2ZwNZyujpLPhCq8UHZjb5sEjtoaJtWBY2ZwNZyujtW8TsZdZ6PMc1ipWbL7VgY=" + + //US again + challengeMessage := "TlRMTVNTUAACAAAAAAAAADgAAABVgphiMx43owKH33MAAAAAAAAAAKIAogA4AAAABQEoCgAAAA8CAA4AUgBFAFUAVABFAFIAUwABABwAVQBLAEIAUAAtAEMAQgBUAFIATQBGAEUAMAA2AAQAFgBSAGUAdQB0AGUAcgBzAC4AbgBlAHQAAwA0AHUAawBiAHAALQBjAGIAdAByAG0AZgBlADAANgAuAFIAZQB1AHQAZQByAHMALgBuAGUAdAAFABYAUgBlAHUAdABlAHIAcwAuAG4AZQB0AAAAAAA=" + authenticateMessage := "TlRMTVNTUAADAAAAGAAYAKwAAAAYABgAxAAAAAAAAABYAAAANgA2AFgAAAAeAB4AjgAAABAAEADcAAAAVYKQYgYBsR0AAAAPukU9WmBJLdSLU2NvXjNgUzAANQAwADAANAA1AC4AcgBtAHcAYQB0AGUAcwB0AEAAcgBlAHUAdABlAHIAcwAuAGMAbwBtAFcASQBOAC0AMABEAEQAQQBCAEsAQwAxAFUASQA4AOLIAEYvI6zgw2+MBf8xHSTZhIfVaKIIFuLIAEYvI6zgw2+MBf8xHSTZhIfVaKIIFroZDwl770tY/oFQk38nnuI=" server, err := ntlm.CreateServerSession(ntlm.Version2, ntlm.ConnectionlessMode) - server.SetUserInfo("userstress100008", "Welcome1", "") + server.SetUserInfo("050045.rmwatest@reuters.com", "Welcome1", "") challengeData, _ := base64.StdEncoding.DecodeString(challengeMessage) c, _ := messages.ParseChallengeMessage(challengeData) @@ -22,18 +35,54 @@ func main() { fmt.Println("----- END Challenge Message ----- ") authenticateData, _ := base64.StdEncoding.DecodeString(authenticateMessage) - a, _ := messages.ParseAuthenticateMessage(authenticateData, 2) + var context ntlm.ServerSession - fmt.Println("----- Authenticate Message ----- ") - fmt.Println(a.String()) - fmt.Println("----- END Authenticate Message ----- ") - - // Need the server challenge to be set - server.SetServerChallenge(c.ServerChallenge) - err = server.ProcessAuthenticateMessage(a) + msg, err := messages.ParseAuthenticateMessage(authenticateData, 2) if err != nil { - fmt.Printf("Could not process authenticate message: %s\n", err) - return + msg2, newErr := messages.ParseAuthenticateMessage(authenticateData, 1) + if newErr != nil { + fmt.Printf("Error ParseAuthenticateMessage , %s", err) + return + } + + // Message parsed correctly as NTLMv1 so assume the session is v1 and reset the server session + newContext, err := ntlm.CreateServerSession(ntlm.Version1, ntlm.ConnectionlessMode) + newContext.SetUserInfo("050045.rmwatest@reuters.com", "Welcome1", "") + if err != nil { + fmt.Println("Could not create NTLMv1 session") + return + } + + // Need the originally generated server challenge so we can process the response + newContext.SetServerChallenge(c.ServerChallenge) + // err = server.ProcessAuthenticateMessage(msg) + err = newContext.ProcessAuthenticateMessage(msg2) + if err != nil { + fmt.Printf("Could not process authenticate v1 message: %s\n", err) + return + } + // Set the security context to now be NTLMv1 + context = newContext + fmt.Println("----- Authenticate Message ----- ") + fmt.Println(msg2.String()) + fmt.Println("----- END Authenticate Message ----- ") + + } else { + context = server + // Need the server challenge to be set + server.SetServerChallenge(c.ServerChallenge) + + // err = server.ProcessAuthenticateMessage(msg) + err = context.ProcessAuthenticateMessage(msg) + if err != nil { + fmt.Printf("Could not process authenticate message: %s\n", err) + return + } + fmt.Println("----- Authenticate Message ----- ") + fmt.Println(msg.String()) + fmt.Println("----- END Authenticate Message ----- ") + } + fmt.Println("success") }