Module: Net::NTLM
- Defined in:
- lib/net/ntlm.rb,
lib/net/ntlm/blob.rb,
lib/net/ntlm/field.rb,
lib/net/ntlm/client.rb,
lib/net/ntlm/string.rb,
lib/net/ntlm/message.rb,
lib/net/ntlm/version.rb,
lib/net/ntlm/int16_le.rb,
lib/net/ntlm/int32_le.rb,
lib/net/ntlm/int64_le.rb,
lib/net/ntlm/field_set.rb,
lib/net/ntlm/exceptions.rb,
lib/net/ntlm/encode_util.rb,
lib/net/ntlm/target_info.rb,
lib/net/ntlm/message/type0.rb,
lib/net/ntlm/message/type1.rb,
lib/net/ntlm/message/type2.rb,
lib/net/ntlm/message/type3.rb,
lib/net/ntlm/client/session.rb,
lib/net/ntlm/channel_binding.rb,
lib/net/ntlm/security_buffer.rb
Defined Under Namespace
Modules: VERSION Classes: Blob, ChannelBinding, Client, EncodeUtil, Field, FieldSet, Int16LE, Int32LE, Int64LE, InvalidTargetDataError, Message, NtlmError, SecurityBuffer, String, TargetInfo
Constant Summary collapse
- LM_MAGIC =
"KGS!@\#$%"
- TIME_OFFSET =
11644473600
- MAX64 =
0xffffffffffffffff
- LAN_MANAGER_HEX_DIGEST_REGEXP =
Valid format for LAN Manager hex digest portion: 32 hexadecimal characters.
/[0-9a-f]{32}/i
- NT_LAN_MANAGER_HEX_DIGEST_REGEXP =
Valid format for NT LAN Manager hex digest portion: 32 hexadecimal characters.
/[0-9a-f]{32}/i
- DATA_REGEXP =
Valid format for an NTLM hash composed of ‘’<LAN Manager hex digest>:<NT LAN Manager hex digest>‘`.
/\A#{LAN_MANAGER_HEX_DIGEST_REGEXP}:#{NT_LAN_MANAGER_HEX_DIGEST_REGEXP}\z/
- BLOB_SIGN =
0x00000101
- SSP_SIGN =
"NTLMSSP\0"
- FLAGS =
{ :UNICODE => 0x00000001, :OEM => 0x00000002, :REQUEST_TARGET => 0x00000004, :MBZ9 => 0x00000008, :SIGN => 0x00000010, :SEAL => 0x00000020, :NEG_DATAGRAM => 0x00000040, :NETWARE => 0x00000100, :NTLM => 0x00000200, :NEG_NT_ONLY => 0x00000400, :MBZ7 => 0x00000800, :DOMAIN_SUPPLIED => 0x00001000, :WORKSTATION_SUPPLIED => 0x00002000, :LOCAL_CALL => 0x00004000, :ALWAYS_SIGN => 0x00008000, :TARGET_TYPE_DOMAIN => 0x00010000, :NTLM2_KEY => 0x00080000, :TARGET_INFO => 0x00800000, :KEY128 => 0x20000000, :KEY_EXCHANGE => 0x40000000, :KEY56 => 0x80000000 }.freeze
- FLAG_KEYS =
FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
- DEFAULT_FLAGS =
{ :TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY], :TYPE2 => FLAGS[:UNICODE], :TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY] }
Class Method Summary collapse
- .apply_des(plain, keys) ⇒ Object
-
.gen_keys(str) ⇒ Object
private
Not sure what this is doing.
-
.is_ntlm_hash?(data) ⇒ Boolean
Takes a string and determines whether it is a valid NTLM Hash.
-
.lm_hash(password) ⇒ Object
Generates a Lan Manager Hash.
- .lm_response(arg) ⇒ Object
- .lmv2_response(arg, opt = {}) ⇒ Object
- .ntlm2_session(arg, opt = {}) ⇒ Object
-
.ntlm_hash(password, opt = {}) ⇒ Object
Generate a NTLM Hash.
- .ntlm_response(arg) ⇒ Object
-
.ntlmv2_hash(user, password, target, opt = {}) ⇒ Object
Generate a NTLMv2 Hash.
- .ntlmv2_response(arg, opt = {}) ⇒ Object
-
.pack_int64le(val) ⇒ Object
Conver the value to a 64-Bit Little Endian Int.
-
.split7(str) ⇒ Object
private
Builds an array of strings that are 7 characters long.
Class Method Details
.apply_des(plain, keys) ⇒ Object
125 126 127 128 129 130 131 132 |
# File 'lib/net/ntlm.rb', line 125 def apply_des(plain, keys) dec = OpenSSL::Cipher.new("des-cbc") dec.padding = 0 keys.map {|k| dec.key = k dec.encrypt.update(plain) + dec.final } end |
.gen_keys(str) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Not sure what this is doing
117 118 119 120 121 122 123 |
# File 'lib/net/ntlm.rb', line 117 def gen_keys(str) split7(str).map{ |str7| bits = split7(str7.unpack("B*")[0]).inject('')\ {|ret, tkn| ret += tkn + (tkn.gsub('1', '').size % 2).to_s } [bits].pack("B*") } end |
.is_ntlm_hash?(data) ⇒ Boolean
Takes a string and determines whether it is a valid NTLM Hash
87 88 89 90 91 92 93 94 95 |
# File 'lib/net/ntlm.rb', line 87 def is_ntlm_hash?(data) decoded_data = data.dup decoded_data = EncodeUtil.decode_utf16le(decoded_data) if DATA_REGEXP.match(decoded_data) true else false end end |
.lm_hash(password) ⇒ Object
Generates a Lan Manager Hash
136 137 138 139 |
# File 'lib/net/ntlm.rb', line 136 def lm_hash(password) keys = gen_keys password.upcase.ljust(14, "\0") apply_des(LM_MAGIC, keys).join end |
.lm_response(arg) ⇒ Object
171 172 173 174 175 176 177 178 179 180 181 |
# File 'lib/net/ntlm.rb', line 171 def lm_response(arg) begin hash = arg[:lm_hash] chal = arg[:challenge] rescue raise ArgumentError end chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) keys = gen_keys hash.ljust(21, "\0") apply_des(chal, keys).join end |
.lmv2_response(arg, opt = {}) ⇒ Object
226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 |
# File 'lib/net/ntlm.rb', line 226 def lmv2_response(arg, opt = {}) key = arg[:ntlmv2_hash] chal = arg[:challenge] chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) if opt[:client_challenge] cc = opt[:client_challenge] else cc = rand(MAX64) end cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + cc) + cc end |
.ntlm2_session(arg, opt = {}) ⇒ Object
242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 |
# File 'lib/net/ntlm.rb', line 242 def ntlm2_session(arg, opt = {}) begin passwd_hash = arg[:ntlm_hash] chal = arg[:challenge] rescue raise ArgumentError end chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) if opt[:client_challenge] cc = opt[:client_challenge] else cc = rand(MAX64) end cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) keys = gen_keys(passwd_hash.ljust(21, "\0")) session_hash = OpenSSL::Digest::MD5.digest(chal + cc).slice(0, 8) response = apply_des(session_hash, keys).join [cc.ljust(24, "\0"), response] end |
.ntlm_hash(password, opt = {}) ⇒ Object
Generate a NTLM Hash
144 145 146 147 148 149 150 |
# File 'lib/net/ntlm.rb', line 144 def ntlm_hash(password, opt = {}) pwd = password.dup unless opt[:unicode] pwd = EncodeUtil.encode_utf16le(pwd) end OpenSSL::Digest::MD4.digest pwd end |
.ntlm_response(arg) ⇒ Object
183 184 185 186 187 188 189 |
# File 'lib/net/ntlm.rb', line 183 def ntlm_response(arg) hash = arg[:ntlm_hash] chal = arg[:challenge] chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) keys = gen_keys hash.ljust(21, "\0") apply_des(chal, keys).join end |
.ntlmv2_hash(user, password, target, opt = {}) ⇒ Object
Generate a NTLMv2 Hash
157 158 159 160 161 162 163 164 165 166 167 168 169 |
# File 'lib/net/ntlm.rb', line 157 def ntlmv2_hash(user, password, target, opt={}) if is_ntlm_hash? password decoded_password = EncodeUtil.decode_utf16le(password) ntlmhash = [decoded_password.upcase[33,65]].pack('H32') else ntlmhash = ntlm_hash(password, opt) end userdomain = user.upcase + target unless opt[:unicode] userdomain = EncodeUtil.encode_utf16le(userdomain) end OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmhash, userdomain) end |
.ntlmv2_response(arg, opt = {}) ⇒ Object
191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 |
# File 'lib/net/ntlm.rb', line 191 def ntlmv2_response(arg, opt = {}) begin key = arg[:ntlmv2_hash] chal = arg[:challenge] ti = arg[:target_info] rescue raise ArgumentError end chal = NTLM::pack_int64le(chal) if chal.is_a?(Integer) if opt[:client_challenge] cc = opt[:client_challenge] else cc = rand(MAX64) end cc = NTLM::pack_int64le(cc) if cc.is_a?(Integer) if opt[:timestamp] ts = opt[:timestamp] else ts = Time.now.to_i end # epoch -> milsec from Jan 1, 1601 ts = 10_000_000 * (ts + TIME_OFFSET) blob = Blob.new blob. = ts blob.challenge = cc blob.target_info = ti bb = blob.serialize OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, key, chal + bb) + bb end |
.pack_int64le(val) ⇒ Object
Conver the value to a 64-Bit Little Endian Int
99 100 101 |
# File 'lib/net/ntlm.rb', line 99 def pack_int64le(val) [val & 0x00000000ffffffff, val >> 32].pack("V2") end |
.split7(str) ⇒ Object
This method is part of a private API. You should avoid using this method if possible, as it may be removed or be changed in the future.
Builds an array of strings that are 7 characters long
106 107 108 109 110 111 112 |
# File 'lib/net/ntlm.rb', line 106 def split7(str) s = str.dup until s.empty? (ret ||= []).push s.slice!(0, 7) end ret end |