add some checking when trying to parse an NTLMv1 auth message as NTLMv1
This commit is contained in:
Conor Hunt
parent
7d7e8661ae
commit
b6450042ef
@ -84,9 +84,13 @@ func ParseAuthenticateMessage(body []byte, ntlmVersion int) (*Authenticate, erro
|
|||||||
|
|
||||||
// Check to see if this is a v1 or v2 response
|
// Check to see if this is a v1 or v2 response
|
||||||
if ntlmVersion == 2 {
|
if ntlmVersion == 2 {
|
||||||
am.NtlmV2Response = ReadNtlmV2Response(am.NtChallengeResponseFields.Payload)
|
am.NtlmV2Response, err = ReadNtlmV2Response(am.NtChallengeResponseFields.Payload)
|
||||||
} else {
|
} else {
|
||||||
am.NtlmV1Response = ReadNtlmV1Response(am.NtChallengeResponseFields.Payload)
|
am.NtlmV1Response, err = ReadNtlmV1Response(am.NtChallengeResponseFields.Payload)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
}
|
}
|
||||||
|
|
||||||
am.DomainName, err = ReadStringPayload(28, body)
|
am.DomainName, err = ReadStringPayload(28, body)
|
||||||
|
|||||||
@ -13,6 +13,19 @@ func checkPayloadStruct(t *testing.T, payloadStruct *PayloadStruct, len uint16,
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func TestParseNTLMv1AsV2(t *testing.T) {
|
||||||
|
ntlmv1data := "TlRMTVNTUAADAAAAGAAYALYAAAAYABgAzgAAADQANABIAAAAIAAgAHwAAAAaABoAnAAAABAAEADmAAAAVYKQQgUCzg4AAAAPYQByAHIAYQB5ADEAMgAuAG0AcwBnAHQAcwB0AC4AcgBlAHUAdABlAHIAcwAuAGMAbwBtAHUAcwBlAHIAcwB0AHIAZQBzAHMAMQAwADAAMAAwADgATgBZAEMAVgBBADEAMgBTADIAQwBNAFMAQQDguXWdC2hLH+C5dZ0LaEsf4Ll1nQtoSx9nI+fkE73qtElnkDiSQbxfcDN9zbtO1qfyK3ZTI6CUhvjxmXnpZEjY"
|
||||||
|
authBytes, err := base64.StdEncoding.DecodeString(ntlmv1data)
|
||||||
|
_, err = ParseAuthenticateMessage(authBytes, 2)
|
||||||
|
if err == nil {
|
||||||
|
t.Error("Should have returned error when tring to parse an NTLMv1 authenticate message as NTLMv2")
|
||||||
|
}
|
||||||
|
_, err = ParseAuthenticateMessage(authBytes, 1)
|
||||||
|
if err != nil {
|
||||||
|
t.Error("Should not have returned error when tring to parse an NTLMv1 authenticate message")
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func TestAuthenticateNtlmV1(t *testing.T) {
|
func TestAuthenticateNtlmV1(t *testing.T) {
|
||||||
authenticateMessage := "TlRMTVNTUAADAAAAGAAYAIgAAAAYABgAoAAAAAAAAABYAAAAIAAgAFgAAAAQABAAeAAAABAAEAC4AAAAVYKQYgYBsR0AAAAP2BgW++b14Dh6Z5B4Xs1DiHAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQAVwBJAE4ANwBfAEkARQA4ACugxZFzvHB4P6LdKbbZpiYHo2ErZURLiSugxZFzvHB4P6LdKbbZpiYHo2ErZURLibmpCUlnbq2I4LAdEhLdg7I="
|
authenticateMessage := "TlRMTVNTUAADAAAAGAAYAIgAAAAYABgAoAAAAAAAAABYAAAAIAAgAFgAAAAQABAAeAAAABAAEAC4AAAAVYKQYgYBsR0AAAAP2BgW++b14Dh6Z5B4Xs1DiHAAYQB1AGwAQABwAGEAdQBsAGQAaQB4AC4AbgBlAHQAVwBJAE4ANwBfAEkARQA4ACugxZFzvHB4P6LdKbbZpiYHo2ErZURLiSugxZFzvHB4P6LdKbbZpiYHo2ErZURLibmpCUlnbq2I4LAdEhLdg7I="
|
||||||
authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
|
authenticateData, err := base64.StdEncoding.DecodeString(authenticateMessage)
|
||||||
|
|||||||
@ -3,6 +3,7 @@ package messages
|
|||||||
import (
|
import (
|
||||||
"bytes"
|
"bytes"
|
||||||
"encoding/hex"
|
"encoding/hex"
|
||||||
|
"errors"
|
||||||
"fmt"
|
"fmt"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -17,10 +18,10 @@ func (n *NtlmV1Response) String() string {
|
|||||||
return fmt.Sprintf("NtlmV1Response: %s", hex.EncodeToString(n.Response))
|
return fmt.Sprintf("NtlmV1Response: %s", hex.EncodeToString(n.Response))
|
||||||
}
|
}
|
||||||
|
|
||||||
func ReadNtlmV1Response(bytes []byte) *NtlmV1Response {
|
func ReadNtlmV1Response(bytes []byte) (*NtlmV1Response, error) {
|
||||||
r := new(NtlmV1Response)
|
r := new(NtlmV1Response)
|
||||||
r.Response = bytes[0:24]
|
r.Response = bytes[0:24]
|
||||||
return r
|
return r, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// *** NTLMv2
|
// *** NTLMv2
|
||||||
@ -80,13 +81,18 @@ func (n *NtlmV2Response) String() string {
|
|||||||
return buffer.String()
|
return buffer.String()
|
||||||
}
|
}
|
||||||
|
|
||||||
func ReadNtlmV2Response(bytes []byte) *NtlmV2Response {
|
func ReadNtlmV2Response(bytes []byte) (*NtlmV2Response, error) {
|
||||||
r := new(NtlmV2Response)
|
r := new(NtlmV2Response)
|
||||||
r.Response = bytes[0:16]
|
r.Response = bytes[0:16]
|
||||||
r.NtlmV2ClientChallenge = new(NtlmV2ClientChallenge)
|
r.NtlmV2ClientChallenge = new(NtlmV2ClientChallenge)
|
||||||
c := r.NtlmV2ClientChallenge
|
c := r.NtlmV2ClientChallenge
|
||||||
c.RespType = bytes[16]
|
c.RespType = bytes[16]
|
||||||
c.HiRespType = bytes[17]
|
c.HiRespType = bytes[17]
|
||||||
|
|
||||||
|
if c.RespType != 1 || c.HiRespType != 1 {
|
||||||
|
return nil, errors.New("Does not contain a valid NTLM v2 client challenge - could be NTLMv1.")
|
||||||
|
}
|
||||||
|
|
||||||
// Ignoring - 2 bytes reserved
|
// Ignoring - 2 bytes reserved
|
||||||
// c.Reserved1
|
// c.Reserved1
|
||||||
// Ignoring - 4 bytes reserved
|
// Ignoring - 4 bytes reserved
|
||||||
@ -96,7 +102,7 @@ func ReadNtlmV2Response(bytes []byte) *NtlmV2Response {
|
|||||||
// Ignoring - 4 bytes reserved
|
// Ignoring - 4 bytes reserved
|
||||||
// c.Reserved3
|
// c.Reserved3
|
||||||
c.AvPairs = ReadAvPairs(bytes[44:])
|
c.AvPairs = ReadAvPairs(bytes[44:])
|
||||||
return r
|
return r, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
// LMv1
|
// LMv1
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user