Module: RubySMB::Gss

Defined in:
lib/ruby_smb/gss.rb

Overview

module containing methods required for using the GSS-API for Secure Protected Negotiation(SPNEGO) in SMB Authentication.

Class Method Summary collapse

Class Method Details

.asn1encode(str = '') ⇒ Object

TODO:

Document these magic numbers

Cargo culted from Rex. Hacked Together ASN1 encoding that works for our GSS purposes



7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
 
# File 'lib/ruby_smb/gss.rb', line 7

def self.asn1encode(str = '')
  # If the high bit of the first byte is 1, it contains the number of
  # length bytes that follow
  case str.length
  when 0..0x7F
    encoded_string = [str.length].pack('C') + str
  when 0x80..0xFF
    encoded_string = [0x81, str.length].pack('CC') + str
  when 0x100..0xFFFF
    encoded_string = [0x82, str.length].pack('Cn') + str
  when  0x10000..0xffffff
    encoded_string = [0x83, str.length >> 16, str.length & 0xFFFF].pack('CCn') + str
  when  0x1000000..0xffffffff
    encoded_string = [0x84, str.length].pack('CN') + str
  else
    raise RubySMB::Error::ASN1Encoding, "Source string is too long. Size is #{str.length}"
  end
  encoded_string
end

.gss_type1(type1) ⇒ Object

TODO:

Refactor this into non-magical code

Create a GSS Security Blob of an NTLM Type 1 Message. This code has been cargo culted and needs to be researched and refactored into something better later.



31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
 
# File 'lib/ruby_smb/gss.rb', line 31

def self.gss_type1(type1)
  "\x60".force_encoding('binary') + asn1encode(
    "\x06".force_encoding('binary') + asn1encode(
      "\x2b\x06\x01\x05\x05\x02".force_encoding('binary')
    ) +
      "\xa0".force_encoding('binary') + asn1encode(
        "\x30".force_encoding('binary') + asn1encode(
          "\xa0".force_encoding('binary') + asn1encode(
            "\x30".force_encoding('binary') + asn1encode(
              "\x06".force_encoding('binary') + asn1encode(
                "\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a".force_encoding('binary')
              )
            )
          ) +
            "\xa2".force_encoding('binary') + asn1encode(
              "\x04".force_encoding('binary') + asn1encode(
                type1
              )
            )
        )
      )
  )
end

.gss_type2(type2) ⇒ Object

Create a GSS Security Blob of an NTLM Type 2 Message. This code has been cargo culted and needs to be researched and refactored into something better later.



58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/ruby_smb/gss.rb', line 58

def self.gss_type2(type2)
  blob =
    "\xa1" + asn1encode(
      "\x30" + asn1encode(
        "\xa0" + asn1encode(
          "\x0a" + asn1encode(
            "\x01"
          )
        ) +
          "\xa1" + asn1encode(
            "\x06" + asn1encode(
              "\x2b\x06\x01\x04\x01\x82\x37\x02\x02\x0a"
            )
          ) +
          "\xa2" + asn1encode(
            "\x04" + asn1encode(
              type2
            )
          )
      )
    )

  blob
end

.gss_type3(type3) ⇒ Object

TODO:

Refactor this into non-magical code

Create a GSS Security Blob of an NTLM Type 3 Message. This code has been cargo culted and needs to be researched and refactored into something better later.



87
88
89
90
91
92
93
94
95
96
97
98
99
100
 
# File 'lib/ruby_smb/gss.rb', line 87

def self.gss_type3(type3)
  gss =
    "\xa1".force_encoding('binary') + asn1encode(
      "\x30".force_encoding('binary') + asn1encode(
        "\xa2".force_encoding('binary') + asn1encode(
          "\x04".force_encoding('binary') + asn1encode(
            type3
          )
        )
      )
    )

  gss
end