Class: PacketGen::Plugin::NTLM::Authenticate

Inherits:
PacketGen::Plugin::NTLM show all
Defined in:
lib/packetgen/plugin/ntlm/authenticate.rb

Overview

NTLM Challenge message

Author:

  • Sylvain Daubert

Constant Summary collapse

VOID_MIC =

void MIC

([0] * 16).pack('C').freeze

Constants inherited from PacketGen::Plugin::NTLM

AVPAIR_TYPES, EOLAvPair, Int32leAvPair, SIGNATURE, StringAvPair, TYPES, TimestampAvPair, VOID_CHALLENGE, VOID_VERSION

Negotiate flags collapse

Instance Attribute Summary collapse

Attributes inherited from PacketGen::Plugin::NTLM

#payload, #signature, #type

Method Summary

Methods inherited from PacketGen::Plugin::NTLM

#calc_length, define_in_payload, define_negotiate_flags, #initialize, read, #read, #to_s

Constructor Details

This class inherits a constructor from PacketGen::Plugin::NTLM

Instance Attribute Details

#always_sign?Boolean

Also known as flags_m?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#anonymous?Boolean

Also known as flags_j?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#datagram?Boolean

Also known as flags_f?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#domain_nameSMB::String

Name of the client authentication domain.

Returns:



65
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 65

define_in_payload :domain_name, SMB::String, null_terminated: false

#domain_name_lenInteger

2-byte #domain_name length

Returns:

  • (Integer) 


65
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 65

define_in_payload :domain_name, SMB::String, null_terminated: false

#domain_name_maxlenInteger

2-byte #domain_name max length. Should be equal to #domain_name_len.

Returns:

  • (Integer) 


65
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 65

define_in_payload :domain_name, SMB::String, null_terminated: false

#domain_name_offsetInteger

4-byte #domain_name offset from the beginning of the AUTHENTICATE MESSAGE in PacketGen::Plugin::NTLM#payload

Returns:

  • (Integer) 


65
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 65

define_in_payload :domain_name, SMB::String, null_terminated: false

#ext_session_security?Boolean

Also known as flags_p?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#flagsInteger

Negotiate flags

Returns:

  • (Integer) 



# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 112

#identify?Boolean

Also known as flags_q

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#key_exch?Boolean

Also known as flags_v?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#lm_key?Boolean

Also known as flags_g?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#lm_responsePacketGen::Types::String

A LM_RESPONSE or LMV2_RESPONSE structure that contains the computed LM response to the challenge.

Returns:

  • (PacketGen::Types::String) 


33
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 33

define_in_payload :lm_response, PacketGen::Types::String

#lm_response_lenInteger

16-bit unsigned integer that defines the size in bytes of #lm_response in PacketGen::Plugin::NTLM#payload.

Returns:

  • (Integer) 


33
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 33

define_in_payload :lm_response, PacketGen::Types::String

#lm_response_maxlenInteger

16-bit unsigned integer that should be equal to #lm_response_len.

Returns:

  • (Integer) 


33
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 33

define_in_payload :lm_response, PacketGen::Types::String

#lm_response_offsetInteger

A 32-bit unsigned integer that defines the offset, in bytes, from the beginning of the AUTHENTICATE MESSAGE to #lm_response in PacketGen::Plugin::NTLM#payload.

Returns:

  • (Integer) 


33
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 33

define_in_payload :lm_response, PacketGen::Types::String

#micString

16-byte message integrity code

Returns:

  • (String) 


194
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 194

define_field_before :payload, :mic, PacketGen::Types::String, static_length: 16, default: VOID_MIC

#nego128?Boolean

Also known as flags_u?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#nego56?Boolean

Also known as flags_w?.

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#non_nt_session_key?Boolean

Also known as flags_r?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#nt_responseNtlmv2Response

A NTLM_RESPONSE or NTLMV2_RESPONSE structure that contains the computed NT response to the challenge.

Returns:



50
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 50

define_in_payload :nt_response, Ntlmv2Response

#nt_response_lenInteger

16-bit unsigned integer that defines the size in bytes of #nt_response in PacketGen::Plugin::NTLM#payload.

Returns:

  • (Integer) 


50
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 50

define_in_payload :nt_response, Ntlmv2Response

#nt_response_maxlenInteger

16-bit unsigned integer that should be equal to #nt_response_len.

Returns:

  • (Integer) 


50
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 50

define_in_payload :nt_response, Ntlmv2Response

#nt_response_offsetInteger

A 32-bit unsigned integer that defines the offset, in bytes, from the beginning of the AUTHENTICATE MESSAGE to #nt_response in PacketGen::Plugin::NTLM#payload.

Returns:

  • (Integer) 


50
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 50

define_in_payload :nt_response, Ntlmv2Response

#ntlm?Boolean

Also known as flags_h?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#oem?Boolean

Also known as flags_b?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#oem_domain_supplied?Boolean

Also known as flags_k?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#oem_target_info_supplied?Boolean

Also known as flags_l?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#request_target?Boolean

Also known as flags_c?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#seal?Boolean

Also known as flags_e?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#session_keyPacketGen::Types::String

The client’s encrypted random session key. On

Returns:

  • (PacketGen::Types::String) 


110
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 110

define_in_payload :session_key, PacketGen::Types::String

#session_key_lenInteger

2-byte #session_key length

Returns:

  • (Integer) 


110
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 110

define_in_payload :session_key, PacketGen::Types::String

#session_key_maxlenInteger

2-byte #session_key max length. Should be equal to #session_key_len.

Returns:

  • (Integer) 


110
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 110

define_in_payload :session_key, PacketGen::Types::String

#session_key_offsetInteger

4-byte #session_key offset from the beginning of the AUTHENTICATE MESSAGE in PacketGen::Plugin::NTLM#payload.

Returns:

  • (Integer) 


110
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 110

define_in_payload :session_key, PacketGen::Types::String

#sign?Boolean

Also known as flags_d?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#target_info?Boolean

Also known as flags_s?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#target_type_domain?Boolean

Also known as flags_n?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#target_type_server?Boolean

Also known as flags_o?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#unicode?Boolean

Also known as flags_a?

Returns:

  • (Boolean) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#user_nameSMB::String

Name of the user to be authenticated.

Returns:



80
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 80

define_in_payload :user_name, SMB::String, null_terminated: false

#user_name_lenInteger

2-byte #user_name length

Returns:

  • (Integer) 


80
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 80

define_in_payload :user_name, SMB::String, null_terminated: false

#user_name_maxlenInteger

2-byte #user_name max length. Should be equal to #user_name_len.

Returns:

  • (Integer) 


80
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 80

define_in_payload :user_name, SMB::String, null_terminated: false

#user_name_offsetInteger

4-byte #user_name offset from the beginning of the AUTHENTICATE MESSAGE in PacketGen::Plugin::NTLM#payload

Returns:

  • (Integer) 


80
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 80

define_in_payload :user_name, SMB::String, null_terminated: false

#versionString

8-byte version information

Returns:

  • (String) 


189
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 189

define_field_before :payload, :version, PacketGen::Types::String, static_length: 8, default: VOID_VERSION

#version?Integer

Also known as flags_t

Returns:

  • (Integer) 


183
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 183

define_negotiate_flags

#workstationSMB::String

Name of the client machine.

Returns:



95
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 95

define_in_payload :workstation, SMB::String, null_terminated: false

#workstation_lenInteger

2-byte #workstation length

Returns:

  • (Integer) 


95
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 95

define_in_payload :workstation, SMB::String, null_terminated: false

#workstation_maxlenInteger

2-byte #workstation max length. Should be equal to #workstation_len.

Returns:

  • (Integer) 


95
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 95

define_in_payload :workstation, SMB::String, null_terminated: false

#workstation_offsetInteger

4-byte #workstation offset from the beginning of the AUTHENTICATE MESSAGE in PacketGen::Plugin::NTLM#payload

Returns:

  • (Integer) 


95
 
# File 'lib/packetgen/plugin/ntlm/authenticate.rb', line 95

define_in_payload :workstation, SMB::String, null_terminated: false