/*
* Dump to text one entry of a ll_ldapAccountInfo linked list
* Format : L0phCrack
*/
BOOL NTDS_NTLM_DumpLc(s_ldapAccountInfo *ldapAccountEntry,LPSTR szOut) {
TCHAR szLM[256],szNT[256];
UINT i;
if(ldapAccountEntry->NTLM_hash.hash_type == NT_NO_HASH)
wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,SAM_EMPTY_LM,SAM_EMPTY_NT);
else {
BytesToHex(ldapAccountEntry->NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT);
if(ldapAccountEntry->NTLM_hash.hash_type == LM_HASH) {
BytesToHex(ldapAccountEntry->NTLM_hash.LM_hash,WIN_NTLM_HASH_SIZE,szLM);
wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,szLM,szNT);
}
else if(ldapAccountEntry->NTLM_hash.hash_type == NT_HASH)
wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,SAM_EMPTY_LM,szNT);
}
if(ldapAccountEntry->nbHistoryEntries) {
for(i=0;i<ldapAccountEntry->nbHistoryEntries;i++) {
BytesToHex(ldapAccountEntry->NTLM_hash_history[i].NT_hash,WIN_NTLM_HASH_SIZE,szNT);
BytesToHex(ldapAccountEntry->NTLM_hash_history[i].LM_hash,WIN_NTLM_HASH_SIZE,szLM);
wsprintf(szOut+lstrlen(szOut),"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,szLM,szNT);
}
}
return TRUE;
}
/**
* Gets a user's platform specific authentication token to verify their identity
*
* @param LocalUserNum the controller number of the associated user
*
* @return String representing the authentication token
*/
FString FOnlineIdentitySteam::GetAuthToken(int32 LocalUserNum) const
{
FString ResultToken;
if (LocalUserNum < MAX_LOCAL_PLAYERS)
{
// Double check they are properly logged in
if (SteamUserPtr != NULL &&
SteamUserPtr->BLoggedOn())
{
uint8 AuthToken[1024];
uint32 AuthTokenSize = 0;
if (SteamUserPtr->GetAuthSessionTicket(AuthToken, ARRAY_COUNT(AuthToken), &AuthTokenSize) != k_HAuthTicketInvalid &&
AuthTokenSize > 0)
{
ResultToken = BytesToHex(AuthToken, AuthTokenSize);
UE_LOG_ONLINE(Log, TEXT("Obtained steam authticket"));
// In release builds our code checks the authTicket faster than Steam's login server can save it
// Added a small amount of sleep here so the ResultToken is valid by the time this call returns
FPlatformProcess::Sleep(0.1f);
}
else
{
UE_LOG_ONLINE(Warning, TEXT("Failed to acquire Steam auth session ticket for %d"),
LocalUserNum);
}
}
}
return ResultToken;
}
UnicodeString TConfiguration::BannerHash(const UnicodeString & Banner) const
{
RawByteString Result;
Result.SetLength(16);
md5checksum(
reinterpret_cast<const char *>(Banner.c_str()), static_cast<int>(Banner.Length() * sizeof(wchar_t)),
reinterpret_cast<uint8_t *>(const_cast<char *>(Result.c_str())));
return BytesToHex(Result);
}
//---------------------------------------------------------------------------
UnicodeString __fastcall TConfiguration::BannerHash(const UnicodeString & Banner)
{
RawByteString Result;
Result.SetLength(16);
md5checksum(
reinterpret_cast<const char*>(Banner.c_str()), Banner.Length() * sizeof(wchar_t),
(unsigned char*)Result.c_str());
return BytesToHex(Result);
}
/*
* Dump to text one entry of a ll_localAccountInfo linked list
* Format : L0phCrack
*/
void SAM_NTLM_DumpLc(s_localAccountInfo *localAccountEntry,LPSTR szOut) {
TCHAR szLM[256],szNT[256];
UINT i;
BytesToHex(localAccountEntry->NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT);
if(localAccountEntry->NTLM_hash.hash_type == LM_HASH) {
BytesToHex(localAccountEntry->NTLM_hash.LM_hash,WIN_NTLM_HASH_SIZE,szLM);
wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,szLM,szNT);
}
else if(localAccountEntry->NTLM_hash.hash_type == NT_HASH)
wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,SAM_EMPTY_LM,szNT);
else if(localAccountEntry->NTLM_hash.hash_type == NT_NO_HASH)
wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,SAM_EMPTY_LM,SAM_EMPTY_NT);
if(localAccountEntry->NTLM_hash_history) {
for(i=0;i<localAccountEntry->nbHistoryEntries;i++) {
BytesToHex(localAccountEntry->NTLM_hash_history[i].NT_hash,WIN_NTLM_HASH_SIZE,szNT);
BytesToHex(localAccountEntry->NTLM_hash_history[i].LM_hash,WIN_NTLM_HASH_SIZE,szLM);
wsprintf(szOut+lstrlen(szOut),"%s_hist%d:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,i,szLM,szNT);
}
}
}
/*
* Dump to text a ll_cachedAccountInfo linked list
* (SAMAccoutnName,deciphered NT)
*/
BOOL SAM_NTLM_Cached_DumpAll(ll_cachedAccountInfo cachedAccountInfo,NT_DUMP_TYPE dump_type,BOOL isStdout,LPSTR outFileName) {
ll_cachedAccountInfo currentAccount = cachedAccountInfo;
TCHAR szHashLine[1024],szNT[128];
DWORD dwNbWritten,count=0;
HANDLE hFile;
if(!isStdout) {
if((hFile=CreateFile(outFileName,GENERIC_WRITE,FILE_SHARE_WRITE,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL))==INVALID_HANDLE_VALUE)
return FALSE;
}
else
puts(SZ_DUMP_BEGIN);
do{
if(!currentAccount->info.isEmpty) {
BytesToHex(currentAccount->info.NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT);
sprintf_s(szHashLine,1024,"Cached Entry\r\n\tUsername: %ls\r\n\tDomain: %ls\r\n\tFull Domain: %ls\r\n\tNT hash: %s\r\n",
currentAccount->info.szSAMAccountName,
currentAccount->info.szDomain,
currentAccount->info.szFullDomain,
szNT);
count++;
if(isStdout)
puts(szHashLine);
else
WriteFile(hFile,szHashLine,lstrlen(szHashLine),&dwNbWritten,NULL);
}
currentAccount = currentAccount->next;
}while(currentAccount);
if(!isStdout)
CloseHandle(hFile);
else
puts(SZ_DUMP_END);
if(isStdout)
printf("\n%d dumped accounts\n\n",count);
else
printf("\n%d dumped accounts to %s\n\n",count,outFileName);
return TRUE;
}
int main(void){
char cipher[] = "ICE";
size_t loc = 0;
while (string[++loc]!='\0');
unsigned char shifted[loc];
char hex[2*loc+1];
for (size_t idx=0; idx != loc; ++idx){
shifted[idx]=string[idx]^cipher[idx%3];
}
BytesToHex(shifted,2*loc,hex);
printf("%s %d \n",hex,strcmp(result,hex));
}
/*
* Raw dump a PEK struct
*/
void PEK_Dump(s_NTLM_pek *pek) {
TCHAR szPEK[256];
BytesToHex(pek->decipher_key2,sizeof(pek->decipher_key2),szPEK);
printf("PEK = %s\n",szPEK);
}
/*
* Raw dump a ciphered PEK struct
*/
void PEK_cipheredDump(s_NTLM_pek_ciphered *pek_ciphered) {
TCHAR szPEKCiphered[256];
BytesToHex(pek_ciphered,sizeof(s_NTLM_pek_ciphered),szPEKCiphered);
printf("Ciphered PEK = %s\n",szPEKCiphered);
}
FString FSHAHashData::ToString() const
{
return BytesToHex(Hash, FSHA1::DigestSize);
}
