add ntlm_auth and debug init

2023-10-22 15:14:09 +01:00 · 2023-10-22 15:14:09 +01:00 · 89738a42b3
commit 89738a42b3
parent 4872a0799e
1 changed files with 13 additions and 4 deletions
--- a/ntlm/ntlmv2.go
+++ b/ntlm/ntlmv2.go
@ -8,6 +8,7 @@ import (
 	"encoding/binary"
 	"fmt"
 	"log"
+	"os/exec"
 	"strings"
 	"time"

@ -231,10 +232,6 @@ func (n *V2ServerSession) ProcessAuthenticateMessage(am *AuthenticateMessage) (e
 	n.workstation = am.Workstation.String()
 	log.Printf("(ProcessAuthenticateMessage) NTLM v2 User %s Domain %s Workstation %s", n.user, n.userDomain, n.workstation)

-	log.Printf("DEBUG: Show user complete info (from auth message): %v", am)
-
-	log.Printf("DEBUG: Password is showed as %s", n.password)
-
 	err = n.fetchResponseKeys()
 	if err != nil {
 		return err
@ -248,6 +245,18 @@ func (n *V2ServerSession) ProcessAuthenticateMessage(am *AuthenticateMessage) (e
 		return err
 	}

+	// Execute ntlm_auth to check user auth
+	cmd := exec.Command("ntlm_auth", "--domain="+n.userDomain, "--username="+n.user, "--challenge="+string(n.challengeMessage.ServerChallenge), "--nt-response="+string(n.ntChallengeResponse))
+	output, err := cmd.CombinedOutput()
+	if err != nil {
+		fmt.Printf("Failed to execute command: %s\n", err)
+		return
+	}
+
+	log.Printf("DEBUG: challenge: %s\n", string(n.challengeMessage.ServerChallenge))
+	log.Printf("DEBUG: ntChallengeResponse: %s\n", string(n.ntChallengeResponse))
+	log.Printf("ntlm_auth Output: %s\n", output)
+
 	// Check user auth using LDAP
 	if n.password != "" {
 		_, err = authLdap(n.user, n.password)