6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
# File 'lib/watobo/sockets/ntlm_auth.rb', line 6
def do_ntlm_auth()
= nil
auth_request = @request.copy
ntlm_challenge = nil
t1 = Watobo::NTLM::Message::Type1.new()
msg = "NTLM " + t1.encode64
auth_request.("Connection")
auth_request.("Authorization")
auth_request.("Authorization", msg)
auth_request.("Connection", "Keep-Alive")
if $DEBUG
puts "============= T1 ======================="
puts auth_request
end
data = auth_request.join + "\r\n"
@connection.send data
puts "-----------------" if $DEBUG
= []
rcode = nil
clen = nil
ntlm_challenge = nil
= connection.
.each do |line|
if line =~ /^HTTP\/\d\.\d (\d+) (.*)/ then
rcode = $1.to_i
rmsg = $2
end
if line =~ /^WWW-Authenticate: (NTLM) (.+)\r\n/
ntlm_challenge = $2
end
if line =~ /^Content-Length: (\d{1,})\r\n/
clen = $1.to_i
end
break if line.strip.empty?
end
if $DEBUG
puts "--- T1 RESPONSE HEADERS ---"
puts
puts "---"
end
if rcode == 401 puts "[NTLM] got ntlm challenge: #{ntlm_challenge}" if $DEBUG
return socket, if ntlm_challenge.nil?
elsif rcode == 200 puts "[NTLM] seems request doesn't need authentication" if $DEBUG
return socket, Watobo::Response.new()
else
if $DEBUG
puts "[NTLM] ... !#*+.!*peep* ...."
puts
end
return socket, Watobo::Response.new()
end
rest = ''
Watobo::HTTPSocket.read_body(socket, :max_bytes => clen){ |d|
rest += d
}
if $DEBUG
puts "--- T1 RESPONSE BODY ---"
puts rest
puts "---"
end
t2 = Watobo::NTLM::Message.decode64(ntlm_challenge)
t3 = t2.response({:user => ntlm_credentials[:username],
:password => ntlm_credentials[:password],
:domain => ntlm_credentials[:domain]},
{:workstation => ntlm_credentials[:workstation], :ntlmv2 => true})
auth_request.("Authorization")
auth_request.("Connection")
msg = "NTLM " + t3.encode64
auth_request.("Authorization", msg)
data = auth_request.join + "\r\n"
if $DEBUG
puts "= NTLM Type 3 ="
puts data
end
@connection.send data
= []
= connection.
.each do |line|
if line =~ /^HTTP\/\d\.\d (\d+) (.*)/ then
rcode = $1.to_i
rmsg = $2
end
break if line.strip.empty?
end
if rcode == 200 puts "[NTLM] Authentication Successfull" if $DEBUG
elsif rcode == 401 puts "[NTLM] could not authenticate. Bad credentials?"
puts ntlm_credentials.to_yaml
end
return socket, Watobo::Response.new()
end
|