/* * Dump to text one entry of a ll_ldapAccountInfo linked list * Format : L0phCrack */ BOOL NTDS_NTLM_DumpLc(s_ldapAccountInfo *ldapAccountEntry,LPSTR szOut) { TCHAR szLM[256],szNT[256]; UINT i; if(ldapAccountEntry->NTLM_hash.hash_type == NT_NO_HASH) wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,SAM_EMPTY_LM,SAM_EMPTY_NT); else { BytesToHex(ldapAccountEntry->NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT); if(ldapAccountEntry->NTLM_hash.hash_type == LM_HASH) { BytesToHex(ldapAccountEntry->NTLM_hash.LM_hash,WIN_NTLM_HASH_SIZE,szLM); wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,szLM,szNT); } else if(ldapAccountEntry->NTLM_hash.hash_type == NT_HASH) wsprintf(szOut,"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,SAM_EMPTY_LM,szNT); } if(ldapAccountEntry->nbHistoryEntries) { for(i=0;i<ldapAccountEntry->nbHistoryEntries;i++) { BytesToHex(ldapAccountEntry->NTLM_hash_history[i].NT_hash,WIN_NTLM_HASH_SIZE,szNT); BytesToHex(ldapAccountEntry->NTLM_hash_history[i].LM_hash,WIN_NTLM_HASH_SIZE,szLM); wsprintf(szOut+lstrlen(szOut),"%ls:\"\":\"\":%s:%s\r\n",ldapAccountEntry->szSAMAccountName,szLM,szNT); } } return TRUE; }
/** * Gets a user's platform specific authentication token to verify their identity * * @param LocalUserNum the controller number of the associated user * * @return String representing the authentication token */ FString FOnlineIdentitySteam::GetAuthToken(int32 LocalUserNum) const { FString ResultToken; if (LocalUserNum < MAX_LOCAL_PLAYERS) { // Double check they are properly logged in if (SteamUserPtr != NULL && SteamUserPtr->BLoggedOn()) { uint8 AuthToken[1024]; uint32 AuthTokenSize = 0; if (SteamUserPtr->GetAuthSessionTicket(AuthToken, ARRAY_COUNT(AuthToken), &AuthTokenSize) != k_HAuthTicketInvalid && AuthTokenSize > 0) { ResultToken = BytesToHex(AuthToken, AuthTokenSize); UE_LOG_ONLINE(Log, TEXT("Obtained steam authticket")); // In release builds our code checks the authTicket faster than Steam's login server can save it // Added a small amount of sleep here so the ResultToken is valid by the time this call returns FPlatformProcess::Sleep(0.1f); } else { UE_LOG_ONLINE(Warning, TEXT("Failed to acquire Steam auth session ticket for %d"), LocalUserNum); } } } return ResultToken; }
UnicodeString TConfiguration::BannerHash(const UnicodeString & Banner) const { RawByteString Result; Result.SetLength(16); md5checksum( reinterpret_cast<const char *>(Banner.c_str()), static_cast<int>(Banner.Length() * sizeof(wchar_t)), reinterpret_cast<uint8_t *>(const_cast<char *>(Result.c_str()))); return BytesToHex(Result); }
//--------------------------------------------------------------------------- UnicodeString __fastcall TConfiguration::BannerHash(const UnicodeString & Banner) { RawByteString Result; Result.SetLength(16); md5checksum( reinterpret_cast<const char*>(Banner.c_str()), Banner.Length() * sizeof(wchar_t), (unsigned char*)Result.c_str()); return BytesToHex(Result); }
/* * Dump to text one entry of a ll_localAccountInfo linked list * Format : L0phCrack */ void SAM_NTLM_DumpLc(s_localAccountInfo *localAccountEntry,LPSTR szOut) { TCHAR szLM[256],szNT[256]; UINT i; BytesToHex(localAccountEntry->NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT); if(localAccountEntry->NTLM_hash.hash_type == LM_HASH) { BytesToHex(localAccountEntry->NTLM_hash.LM_hash,WIN_NTLM_HASH_SIZE,szLM); wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,szLM,szNT); } else if(localAccountEntry->NTLM_hash.hash_type == NT_HASH) wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,SAM_EMPTY_LM,szNT); else if(localAccountEntry->NTLM_hash.hash_type == NT_NO_HASH) wsprintf(szOut,"%s:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,SAM_EMPTY_LM,SAM_EMPTY_NT); if(localAccountEntry->NTLM_hash_history) { for(i=0;i<localAccountEntry->nbHistoryEntries;i++) { BytesToHex(localAccountEntry->NTLM_hash_history[i].NT_hash,WIN_NTLM_HASH_SIZE,szNT); BytesToHex(localAccountEntry->NTLM_hash_history[i].LM_hash,WIN_NTLM_HASH_SIZE,szLM); wsprintf(szOut+lstrlen(szOut),"%s_hist%d:\"\":\"\":%s:%s\r\n",localAccountEntry->szSAMAccountName,i,szLM,szNT); } } }
/* * Dump to text a ll_cachedAccountInfo linked list * (SAMAccoutnName,deciphered NT) */ BOOL SAM_NTLM_Cached_DumpAll(ll_cachedAccountInfo cachedAccountInfo,NT_DUMP_TYPE dump_type,BOOL isStdout,LPSTR outFileName) { ll_cachedAccountInfo currentAccount = cachedAccountInfo; TCHAR szHashLine[1024],szNT[128]; DWORD dwNbWritten,count=0; HANDLE hFile; if(!isStdout) { if((hFile=CreateFile(outFileName,GENERIC_WRITE,FILE_SHARE_WRITE,NULL,CREATE_ALWAYS,FILE_ATTRIBUTE_NORMAL,NULL))==INVALID_HANDLE_VALUE) return FALSE; } else puts(SZ_DUMP_BEGIN); do{ if(!currentAccount->info.isEmpty) { BytesToHex(currentAccount->info.NTLM_hash.NT_hash,WIN_NTLM_HASH_SIZE,szNT); sprintf_s(szHashLine,1024,"Cached Entry\r\n\tUsername: %ls\r\n\tDomain: %ls\r\n\tFull Domain: %ls\r\n\tNT hash: %s\r\n", currentAccount->info.szSAMAccountName, currentAccount->info.szDomain, currentAccount->info.szFullDomain, szNT); count++; if(isStdout) puts(szHashLine); else WriteFile(hFile,szHashLine,lstrlen(szHashLine),&dwNbWritten,NULL); } currentAccount = currentAccount->next; }while(currentAccount); if(!isStdout) CloseHandle(hFile); else puts(SZ_DUMP_END); if(isStdout) printf("\n%d dumped accounts\n\n",count); else printf("\n%d dumped accounts to %s\n\n",count,outFileName); return TRUE; }
int main(void){ char cipher[] = "ICE"; size_t loc = 0; while (string[++loc]!='\0'); unsigned char shifted[loc]; char hex[2*loc+1]; for (size_t idx=0; idx != loc; ++idx){ shifted[idx]=string[idx]^cipher[idx%3]; } BytesToHex(shifted,2*loc,hex); printf("%s %d \n",hex,strcmp(result,hex)); }
/* * Raw dump a PEK struct */ void PEK_Dump(s_NTLM_pek *pek) { TCHAR szPEK[256]; BytesToHex(pek->decipher_key2,sizeof(pek->decipher_key2),szPEK); printf("PEK = %s\n",szPEK); }
/* * Raw dump a ciphered PEK struct */ void PEK_cipheredDump(s_NTLM_pek_ciphered *pek_ciphered) { TCHAR szPEKCiphered[256]; BytesToHex(pek_ciphered,sizeof(s_NTLM_pek_ciphered),szPEKCiphered); printf("Ciphered PEK = %s\n",szPEKCiphered); }
FString FSHAHashData::ToString() const { return BytesToHex(Hash, FSHA1::DigestSize); }