# Copyright (c) 2003-2006 CORE Security Technologies
#
# This software is provided under under a slightly modified version
# of the Apache Software License. See the accompanying LICENSE file
# for more information.
#
# $Id: ntlm.py,v 1.2 2006/05/23 21:19:25 gera Exp $
#
from impacket.structure import Structure
try:
from Crypto.Cipher import DES
from Crypto.Hash import MD4
POW = None
except Exception:
try:
import POW
except Exception:
pass
NTLM_AUTH_NONE = 1
NTLM_AUTH_CONNECT = 2
NTLM_AUTH_CALL = 3
NTLM_AUTH_PKT = 4
NTLM_AUTH_PKT_INTEGRITY = 5
NTLM_AUTH_PKT_PRIVACY = 6
NTLMSSP_KEY_56 = 0x80000000
NTLMSSP_KEY_EXCHANGE = 0x40000000
NTLMSSP_KEY_128 = 0x20000000
# NTLMSSP_ = 0x10000000
# NTLMSSP_ = 0x08000000
# NTLMSSP_ = 0x04000000
# NTLMSSP_ = 0x02000000
# NTLMSSP_ = 0x01000000
NTLMSSP_TARGET_INFO = 0x00800000
# NTLMSSP_ = 0x00400000
# NTLMSSP_ = 0x00200000
# NTLMSSP_ = 0x00100000
NTLMSSP_NTLM2_KEY = 0x00080000
NTLMSSP_CHALL_NOT_NT = 0x00040000
NTLMSSP_CHALL_ACCEPT = 0x00020000
NTLMSSP_CHALL_INIT = 0x00010000
NTLMSSP_ALWAYS_SIGN = 0x00008000 # forces the other end to sign packets
NTLMSSP_LOCAL_CALL = 0x00004000
NTLMSSP_WORKSTATION = 0x00002000
NTLMSSP_DOMAIN = 0x00001000
# NTLMSSP_ = 0x00000800
# NTLMSSP_ = 0x00000400
NTLMSSP_NTLM_KEY = 0x00000200
NTLMSSP_NETWARE = 0x00000100
NTLMSSP_LM_KEY = 0x00000080
NTLMSSP_DATAGRAM = 0x00000040
NTLMSSP_SEAL = 0x00000020
NTLMSSP_SIGN = 0x00000010 # means packet is signed, if verifier is wrong it fails
# NTLMSSP_ = 0x00000008
NTLMSSP_TARGET = 0x00000004
NTLMSSP_OEM = 0x00000002
NTLMSSP_UNICODE = 0x00000001
class NTLMAuthHeader(Structure):
commonHdr = (
('auth_type', 'B=10'),
('auth_level','B'),
('auth_pad_len','B=0'),
('auth_rsvrd','"\x00'),
('auth_ctx_id','<L=747920'),
)
structure = (
('data',':'),
)
class NTLMAuthNegotiate(NTLMAuthHeader):
structure = (
('','"NTLMSSP\x00'),
('message_type','<L=1'),
('flags','<L'),
('domain_len','<H-domain_name'),
('domain_max_len','<H-domain_name'),
('domain_offset','<L'),
('host_len','<H-host_name'),
('host_maxlen','<H-host_name'),
('host_offset','<L'),
('host_name',':'),
('domain_name',':'))
def __init__(self):
NTLMAuthHeader.__init__(self)
self['flags']= (
NTLMSSP_KEY_128 |
NTLMSSP_KEY_EXCHANGE|
# NTLMSSP_LM_KEY |
NTLMSSP_NTLM_KEY |
NTLMSSP_UNICODE |
# NTLMSSP_ALWAYS_SIGN |
NTLMSSP_SIGN |
NTLMSSP_SEAL |
# NTLMSSP_TARGET |
0)
self['host_name']=''
self['domain_name']=''
def __str__(self):
self['host_offset']=32
self['domain_offset']=32+len(self['host_name'])
return NTLMAuthHeader.__str__(self)
class NTLMAuthChallenge(NTLMAuthHeader):
structure = (
('','"NTLMSSP\x00'),
('message_type','<L=2'),
('domain_len','<H-domain_name'),
('domain_max_len','<H-domain_name'),
('domain_offset','<L'),
('flags','<L'),
('challenge','8s'),
('reserved','"\x00\x00\x00\x00\x00\x00\x00\x00'),
('domain_name',':'))
class NTLMAuthChallengeResponse(NTLMAuthHeader):
structure = (
('','"NTLMSSP\x00'),
('message_type','<L=3'),
('lanman_len','<H-lanman'),
('lanman_max_len','<H-lanman'),
('lanman_offset','<L'),
('ntlm_len','<H-ntlm'),
('ntlm_max_len','<H-ntlm'),
('ntlm_offset','<L'),
('domain_len','<H-domain_name'),
('domain_max_len','<H-domain_name'),
('domain_offset','<L'),
('user_len','<H-user_name'),
('user_max_len','<H-user_name'),
('user_offset','<L'),
('host_len','<H-host_name'),
('host_max_len','<H-host_name'),
('host_offset','<L'),
('session_key_len','<H-session_key'),
('session_key_max_len','<H-session_key'),
('session_key_offset','<L'),
('flags','<L'),
('domain_name',':'),
('user_name',':'),
('host_name',':'),
('lanman',':'),
('ntlm',':'),
('session_key',':'))
def __init__(self, username, password, challenge):
NTLMAuthHeader.__init__(self)
self['session_key']=''
self['user_name']=username.encode('utf-16le')
self['domain_name']='' #"CLON".encode('utf-16le')
self['host_name']='' #"BETS".encode('utf-16le')
self['flags'] = ( #authResp['flags']
# we think (beto & gera) that his flags force a memory conten leakage when a windows 2000 answers using uninitializaed verifiers
NTLMSSP_KEY_128 |
NTLMSSP_KEY_EXCHANGE|
# NTLMSSP_LM_KEY |
NTLMSSP_NTLM_KEY |
NTLMSSP_UNICODE |
# NTLMSSP_ALWAYS_SIGN |
NTLMSSP_SIGN |
NTLMSSP_SEAL |
# NTLMSSP_TARGET |
0)
# Here we do the stuff
if username and password:
lmhash = compute_lmhash(password)
nthash = compute_nthash(password)
self['lanman']=get_ntlmv1_response(lmhash, challenge)
self['ntlm']=get_ntlmv1_response(nthash, challenge) # This is not used for LM_KEY nor NTLM_KEY
else:
self['lanman'] = ''
self['ntlm'] = ''
if not self['host_name']:
self['host_name'] = 'NULL'.encode('utf-16le') # for NULL session there must be a hostname
def __str__(self):
self['domain_offset']=64
self['user_offset']=64+len(self['domain_name'])
self['host_offset']=self['user_offset']+len(self['user_name'])
self['lanman_offset']=self['host_offset']+len(self['host_name'])
self['ntlm_offset']=self['lanman_offset']+len(self['lanman'])
self['session_key_offset']=self['ntlm_offset']+len(self['ntlm'])
return NTLMAuthHeader.__str__(self)
class ImpacketStructure(Structure):
def set_parent(self, other):
self.parent = other
def get_packet(self):
return str(self)
def get_size(self):
return len(self)
class NTLMAuthVerifier(NTLMAuthHeader):
structure = (
('version','<L=1'),
('data','12s'),
# ('_zero','<L=0'),
# ('crc','<L=0'),
# ('sequence','<L=0'),
)
KNOWN_DES_INPUT = "KGS!@#$%"
def __expand_DES_key( key):
# Expand the key from a 7-byte password key into a 8-byte DES key
key = key[:7]
key += '\x00'*(7-len(key))
s = chr(((ord(key[0]) >> 1) & 0x7f) << 1)
s = s + chr(((ord(key[0]) & 0x01) << 6 | ((ord(key[1]) >> 2) & 0x3f)) << 1)
s = s + chr(((ord(key[1]) & 0x03) << 5 | ((ord(key[2]) >> 3) & 0x1f)) << 1)
s = s + chr(((ord(key[2]) & 0x07) << 4 | ((ord(key[3]) >> 4) & 0x0f)) << 1)
s = s + chr(((ord(key[3]) & 0x0f) << 3 | ((ord(key[4]) >> 5) & 0x07)) << 1)
s = s + chr(((ord(key[4]) & 0x1f) << 2 | ((ord(key[5]) >> 6) & 0x03)) << 1)
s = s + chr(((ord(key[5]) & 0x3f) << 1 | ((ord(key[6]) >> 7) & 0x01)) << 1)
s = s + chr((ord(key[6]) & 0x7f) << 1)
return s
def __DES_block(key, msg):
if POW:
cipher = POW.Symmetric(POW.DES_ECB)
cipher.encryptInit(__expand_DES_key(key))
return cipher.update(msg)
else:
cipher = DES.new(__expand_DES_key(key),DES.MODE_ECB)
return cipher.encrypt(msg)
def ntlmssp_DES_encrypt(key, challenge):
answer = __DES_block(key[:7], challenge)
answer += __DES_block(key[7:14], challenge)
answer += __DES_block(key[14:], challenge)
return answer
def compute_lmhash(password):
# This is done according to Samba's encryption specification (docs/html/ENCRYPTION.html)
password = password.upper()
lmhash = __DES_block(password[:7], KNOWN_DES_INPUT)
lmhash += __DES_block(password[7:14], KNOWN_DES_INPUT)
return lmhash
def compute_nthash(password):
# This is done according to Samba's encryption specification (docs/html/ENCRYPTION.html)
password = unicode(password).encode('utf_16le')
if POW:
hash = POW.Digest(POW.MD4_DIGEST)
else:
hash = MD4.new()
hash.update(password)
return hash.digest()
def get_ntlmv1_response(key, challenge):
return ntlmssp_DES_encrypt(key, challenge)
syntax highlighted by Code2HTML, v. 0.9.1