void buildSmbNtlmAuthResponse(tSmbNtlmAuthChallenge *challenge, tSmbNtlmAuthResponse *response, char *user, char *password)
{
uint8 lmRespData[24];
uint8 ntRespData[24];
char *d = strdup(GetUnicodeString(challenge,uDomain));
char *domain = d;
char *u = strdup(user);
char *p = strchr(u,'@');
if (p)
{
domain = p+1;
*p = '\0';
}
SMBencrypt(password, challenge->challengeData, lmRespData);
SMBNTencrypt(password, challenge->challengeData, ntRespData);
response->bufIndex = 0;
memcpy(response->ident,"NTLMSSP\0\0\0",8);
SIVAL(&response->msgType,0,3);
AddBytes(response,lmResponse,lmRespData,24);
AddBytes(response,ntResponse,ntRespData,24);
AddUnicodeString(response,uDomain,domain);
AddUnicodeString(response,uUser,u);
AddUnicodeString(response,uWks,u);
AddString(response,sessionKey,NULL);
response->flags = challenge->flags;
free(d);
free(u);
}
static void
buildSmbNtlmAuthResponse_userlen (tSmbNtlmAuthChallenge * challenge,
tSmbNtlmAuthResponse * response,
const char *user, size_t user_len,
const char *domain, const char *password)
{
//uint8 lmRespData[8] = {0};
uint8 ntRespData[24] = {0};
uint8 romkey[8] = {0};
uint8 endKey[8] = {0};//0x86, 0x1B, 0xFE, 0x6A, 0xC4, 0xC2, 0x66, 0x49};
uint8 romKey[24] = {0};
//memcpy(romKey, ntlm_romKey, 8);
ntlm_create_romkey(romkey);
memcpy(romKey, romkey, 8);
ntlm_create_endkey(romkey ,challenge->challengeData, endKey);
ntlm_smb_nt_encrypt (password, endKey, ntRespData);
response->bufIndex = 0;
memcpy (response->ident, "NTLMSSP\0\0\0", 8);
response->msgType = UI32LE (3);
memcpy(response->buffer, "\x05\x02\xCE\x0E\x00\x00\x00\x0F", 8);
response->bufIndex += 8;
AddUnicodeString (response, uDomain, "");
AddUnicodeStringLen (response, uUser, user, user_len);
/* TODO just a dummy value for workstation */
AddUnicodeString(response, uWks, domain);
AddBytes (response, sessionKey, romKey, 24);
AddBytes (response, lmResponse, ntRespData, 24);
AddString (response, uRc4, NULL);
response->flags = UI32LE(0xA2888205);
}
void CChildView::OnAddAdd2048()
{
if (Selected[0].object->GetType() == nt_class)
AddBytes((CNodeClass*)Selected[0].object, 2048);
else
AddBytes((CNodeClass*)Selected[0].object->pParent, 2048);
Invalidate(FALSE);
}
void CChildView::OnAddAdd4( )
{
if (Selected[0].object->GetType() == nt_class)
{
AddBytes((CNodeClass*)Selected[0].object, 4);
}
else
{
AddBytes((CNodeClass*)Selected[0].object->pParent, 4);
}
Invalidate(FALSE);
}
int MGetBlobArrayCount(const void* pBlob)
{
i32 nBlobCount;
memcpy(&nBlobCount, AddBytes(pBlob, sizeof(int)),
sizeof(nBlobCount));
return nBlobCount;
}
const void* MGetBlobArrayElement(const void* pBlob, int i)
{
int nBlobCount = 0;
int nOneBlobSize = 0;
memcpy(&nOneBlobSize, pBlob, sizeof(nOneBlobSize));
memcpy(&nBlobCount, AddBytes(pBlob, sizeof(nOneBlobSize)), sizeof(nBlobCount));
// Check if the index is within bounds
if (i < 0 || i >= nBlobCount)
{
assert(false);
return nullptr;
}
return AddBytes(pBlob, sizeof(int) * 2 + nOneBlobSize * i);
}
int MGetBlobArraySize(const void* pBlob)
{
int nBlobCount, nOneBlobSize;
memcpy(&nOneBlobSize, pBlob, sizeof(nOneBlobSize));
memcpy(&nBlobCount, AddBytes(pBlob, sizeof(int)), sizeof(nBlobCount));
return nOneBlobSize * nBlobCount + sizeof(int) * 2;
}
static void
buildSmbNtlmAuthRequest_userlen (tSmbNtlmAuthRequest * request,
const char *user,
size_t user_len, const char *domain)
{
request->bufIndex = 0;
memcpy (request->ident, "NTLMSSP\0\0\0", 8);
request->msgType = UI32LE (1);
request->flags = UI32LE (0x0000b207); /* have to figure out what these mean */
memcpy(request->buffer, "\x05\x02\xCE\x0E\x00\x00\x00\x0F", 8);
/* FIXME this should be workstation, not username */
AddBytes (request, user, user, user_len);
AddString (request, domain, domain);
}
static void* AddBytes(void* ptr, int NumBytes) {
return const_cast<void*>(AddBytes(ptr, NumBytes));
}
const void* MGetBlobArrayPointer(const void* pBlob)
{
return AddBytes(pBlob, sizeof(int) * 2);
}
void AddBytes(const char* s, Args...args)
{
insert(end(), s, s + std::strlen(s));
AddBytes(args...);
}
void AddBytes(byte data, Args...args)
{
push_back(data);
AddBytes(args...);
}