void ntlm_output_restriction_encoding(NTLM_CONTEXT* context) { PStream s; AV_PAIR* restrictions = &context->av_pairs->Restrictions; BYTE machineID[32] = "\x3A\x15\x8E\xA6\x75\x82\xD8\xF7\x3E\x06\xFA\x7A\xB4\xDF\xFD\x43" "\x84\x6C\x02\x3A\xFD\x5A\x94\xFE\xCF\x97\x0F\x3D\x19\x2C\x38\x20"; restrictions->value = malloc(48); restrictions->length = 48; s = PStreamAllocAttach(restrictions->value, restrictions->length); StreamWrite_UINT32(s, 48); /* Size */ StreamZero(s, 4); /* Z4 (set to zero) */ /* IntegrityLevel (bit 31 set to 1) */ StreamWrite_UINT8(s, 1); StreamZero(s, 3); StreamWrite_UINT32(s, 0x00002000); /* SubjectIntegrityLevel */ StreamWrite(s, machineID, 32); /* MachineID */ PStreamFreeDetach(s); }
void ntlm_output_channel_bindings(NTLM_CONTEXT* context) { PStream s; AV_PAIR* ChannelBindings = &context->av_pairs->ChannelBindings; ChannelBindings->value = (BYTE*) malloc(48); ChannelBindings->length = 16; s = PStreamAllocAttach(ChannelBindings->value, ChannelBindings->length); StreamZero(s, 16); /* an all-zero value of the hash is used to indicate absence of channel bindings */ PStreamFreeDetach(s); }
void ntlm_output_target_name(NTLM_CONTEXT* context) { PStream s; AV_PAIR* TargetName = &context->av_pairs->TargetName; /* * TODO: No idea what should be set here (observed MsvAvTargetName = MsvAvDnsComputerName or * MsvAvTargetName should be the name of the service be accessed after authentication) * here used: "TERMSRV/192.168.0.123" in unicode (Dmitrij Jasnov) */ BYTE name[42] = "\x54\x00\x45\x00\x52\x00\x4d\x00\x53\x00\x52\x00\x56\x00\x2f\x00\x31\x00\x39\x00\x32" "\x00\x2e\x00\x31\x00\x36\x00\x38\x00\x2e\x00\x30\x00\x2e\x00\x31\x00\x32\x00\x33\x00"; TargetName->length = 42; TargetName->value = (BYTE*) malloc(TargetName->length); s = PStreamAllocAttach(TargetName->value, TargetName->length); StreamWrite(s, name, TargetName->length); PStreamFreeDetach(s); }
void ntlm_output_av_pairs(NTLM_CONTEXT* context, PSecBuffer buffer) { PStream s; AV_PAIRS* av_pairs = context->av_pairs; s = PStreamAllocAttach(buffer->pvBuffer, buffer->cbBuffer); if (av_pairs->NbDomainName.length > 0) { StreamWrite_UINT16(s, MsvAvNbDomainName); /* AvId */ StreamWrite_UINT16(s, av_pairs->NbDomainName.length); /* AvLen */ StreamWrite(s, av_pairs->NbDomainName.value, av_pairs->NbDomainName.length); /* Value */ } if (av_pairs->NbComputerName.length > 0) { StreamWrite_UINT16(s, MsvAvNbComputerName); /* AvId */ StreamWrite_UINT16(s, av_pairs->NbComputerName.length); /* AvLen */ StreamWrite(s, av_pairs->NbComputerName.value, av_pairs->NbComputerName.length); /* Value */ } if (av_pairs->DnsDomainName.length > 0) { StreamWrite_UINT16(s, MsvAvDnsDomainName); /* AvId */ StreamWrite_UINT16(s, av_pairs->DnsDomainName.length); /* AvLen */ StreamWrite(s, av_pairs->DnsDomainName.value, av_pairs->DnsDomainName.length); /* Value */ } if (av_pairs->DnsComputerName.length > 0) { StreamWrite_UINT16(s, MsvAvDnsComputerName); /* AvId */ StreamWrite_UINT16(s, av_pairs->DnsComputerName.length); /* AvLen */ StreamWrite(s, av_pairs->DnsComputerName.value, av_pairs->DnsComputerName.length); /* Value */ } if (av_pairs->DnsTreeName.length > 0) { StreamWrite_UINT16(s, MsvAvDnsTreeName); /* AvId */ StreamWrite_UINT16(s, av_pairs->DnsTreeName.length); /* AvLen */ StreamWrite(s, av_pairs->DnsTreeName.value, av_pairs->DnsTreeName.length); /* Value */ } if (av_pairs->Timestamp.length > 0) { StreamWrite_UINT16(s, MsvAvTimestamp); /* AvId */ StreamWrite_UINT16(s, av_pairs->Timestamp.length); /* AvLen */ StreamWrite(s, av_pairs->Timestamp.value, av_pairs->Timestamp.length); /* Value */ } if (av_pairs->Flags > 0) { StreamWrite_UINT16(s, MsvAvFlags); /* AvId */ StreamWrite_UINT16(s, 4); /* AvLen */ StreamWrite_UINT32(s, av_pairs->Flags); /* Value */ } if (av_pairs->Restrictions.length > 0) { StreamWrite_UINT16(s, MsvAvRestrictions); /* AvId */ StreamWrite_UINT16(s, av_pairs->Restrictions.length); /* AvLen */ StreamWrite(s, av_pairs->Restrictions.value, av_pairs->Restrictions.length); /* Value */ } if (av_pairs->ChannelBindings.length > 0) { StreamWrite_UINT16(s, MsvChannelBindings); /* AvId */ StreamWrite_UINT16(s, av_pairs->ChannelBindings.length); /* AvLen */ StreamWrite(s, av_pairs->ChannelBindings.value, av_pairs->ChannelBindings.length); /* Value */ } if (av_pairs->TargetName.length > 0) { StreamWrite_UINT16(s, MsvAvTargetName); /* AvId */ StreamWrite_UINT16(s, av_pairs->TargetName.length); /* AvLen */ StreamWrite(s, av_pairs->TargetName.value, av_pairs->TargetName.length); /* Value */ } /* This indicates the end of the AV_PAIR array */ StreamWrite_UINT16(s, MsvAvEOL); /* AvId */ StreamWrite_UINT16(s, 0); /* AvLen */ if (context->ntlm_v2) { StreamZero(s, 8); } free(s); }