Documentation
¶
Overview ¶
Copyright (c) 2016 Hiroshi Ioka. All rights reserved. Copyright (c) 2023 Jimmy Fjällid for derivative changes
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
MIT License ¶
Copyright (c) 2017 stacktitan ¶
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
MIT License ¶
Copyright (c) 2017 stacktitan Copyright (c) 2023 Jimmy Fjällid for contributions adding SMB 3.1.1 support
Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
Copyright (c) 2016 Hiroshi Ioka. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Copyright (c) 2016 Hiroshi Ioka. All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
- Redistributions of source code must retain the above copyright
notice, this list of conditions and the following disclaimer.
- Redistributions in binary form must reproduce the above
copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Index ¶
- Constants
- func ComputeResponseNTLMv2(nthash, lmhash, clientChallenge, serverChallenge, timestamp, avpairs []byte) []byte
- func ConvertToFileTime(t time.Time) uint64
- func Lmowfv2(pass, user, domain string) []byte
- func Ntowfv1(pass string) []byte
- func Ntowfv2(pass, user, domain string) []byte
- func Ntowfv2Hash(user, domain string, hash []byte) []byte
- type Authenticate
- type AvPair
- type AvPairSlice
- type Challenge
- type Client
- type Header
- type InfoMap
- type Negotiate
- type Session
- func (s *Session) CheckSum(sum, plaintext []byte, seqNum uint32) (bool, uint32)
- func (s *Session) Seal(dst, plaintext []byte, seqNum uint32) ([]byte, uint32)
- func (s *Session) SessionKey() []byte
- func (s *Session) Sum(plaintext []byte, seqNum uint32) ([]byte, uint32)
- func (s *Session) Unseal(dst, ciphertext []byte, seqNum uint32) ([]byte, uint32, error)
- func (s *Session) User() string
- type Version
Constants ¶
const ( WINDOWS_MAJOR_VERSION_5 = 0x05 WINDOWS_MAJOR_VERSION_6 = 0x06 WINDOWS_MAJOR_VERSION_10 = 0x0a WINDOWS_MINOR_VERSION_0 = 0x00 WINDOWS_MINOR_VERSION_1 = 0x01 WINDOWS_MINOR_VERSION_2 = 0x02 WINDOWS_MINOR_VERSION_3 = 0x03 )
const ( TypeNtLmNegotiate uint32 TypeNtLmChallenge TypeNtLmAuthenticate )
const ( FlgNegUnicode uint32 = 1 << iota //If set, requests Unicode character set encoding. NTLMSSP_NEGOTIATE_UNICODE FlgNegOEM //If set, requests OEM character set encoding. NTLM_NEGOTIATE_OEM FlgNegRequestTarget //If set, a TargetName field of the CHALLENGE_MESSAGE (section 2.2.1.2) MUST be supplied. NTLMSSP_REQUEST_TARGET. FlgNegReserved10 FlgNegSign //If set, requests session key negotiation for message signatures. NTLMSSP_NEGOTIATE_SIGN FlgNegSeal //If set, requests session key negotiation for message confidentiality. NTLMSSP_NEGOTIATE_SEAL FlgNegDatagram //If set, requests connectionless authentication FlgNegLmKey //If set, requests LAN Manager (LM) session key computation. FlgNegReserved9 FlgNegNtLm //If set, requests usage of the NTLM v1 session security protocol. FlgNegReserved8 FlgNegAnonymous //If set, the connection SHOULD be anonymous. FlgNegOEMDomainSupplied //If set, the domain name is provided. FlgNegOEMWorkstationSupplied //This flag indicates whether the Workstation field is present. FlgNegReserved7 FlgNegAlwaysSign //If set, a session key is generated regardless of the states of NTLMSSP_NEGOTIATE_SIGN and NTLMSSP_NEGOTIATE_SEAL FlgNegTargetTypeDomain //If set, TargetName MUST be a domain name. FlgNegTargetTypeServer //If set, TargetName MUST be a server name. FlgNegReserved6 FlgNegExtendedSessionSecurity //If set, requests usage of the NTLM v2 session security. FlgNegIdentify //If set, requests an identify level token. FlgNegReserved5 FlgNegRequestNonNtSessionKey //If set, requests the usage of the LMOWF. FlgNegTargetInfo //If set, indicates that the TargetInfo fields in the CHALLENGE_MESSAGE are populated. FlgNegReserved4 FlgNegVersion //If set, requests the protocol version number. The data corresponding to this flag is provided in the Version field. FlgNegReserved3 FlgNegReserved2 FlgNegReserved1 FlgNeg128 //If set, requests 128-bit session key negotiation. FlgNegKeyExch //If set, requests an explicit key exchange. This capability SHOULD be used because it improves security for message integrity or confidentiality. FlgNeg56 //If set, requests 56-bit encryption )
const ( MsvAvEOL uint16 = iota MsvAvNbComputerName MsvAvNbDomainName MsvAvDnsComputerName MsvAvDnsDomainName MsvAvDnsTreeName MsvAvFlags MsvAvTimestamp MsvAvSingleHost MsvAvTargetName MsvAvChannelBindings )
const NTLMSSP_REVISION_W2K3 = 0x0f
const Signature = "NTLMSSP\x00"
Variables ¶
This section is empty.
Functions ¶
func ComputeResponseNTLMv2 ¶
func Ntowfv2Hash ¶
Types ¶
type Authenticate ¶
type Authenticate struct {
Header
LmChallengeResponseLen uint16 `smb:"len:LmChallengeResponse"`
LmChallengeResponseMaxLen uint16 `smb:"len:LmChallengeResponse"`
LmChallengeResponseBufferOffset uint32 `smb:"offset:LmChallengeResponse"`
NtChallengeResponseLen uint16 `smb:"len:NtChallengeResponse"`
NtChallengeResponseMaxLen uint16 `smb:"len:NtChallengeResponse"`
NtChallengResponseBufferOffset uint32 `smb:"offset:NtChallengeResponse"`
DomainNameLen uint16 `smb:"len:DomainName"`
DomainNameMaxLen uint16 `smb:"len:DomainName"`
DomainNameBufferOffset uint32 `smb:"offset:DomainName"`
UserNameLen uint16 `smb:"len:UserName"`
UserNameMaxLen uint16 `smb:"len:UserName"`
UserNameBufferOffset uint32 `smb:"offset:UserName"`
WorkstationLen uint16 `smb:"len:Workstation"`
WorkstationMaxLen uint16 `smb:"len:Workstation"`
WorkstationBufferOffset uint32 `smb:"offset:Workstation"`
EncryptedRandomSessionKeyLen uint16 `smb:"len:EncryptedRandomSessionKey"`
EncryptedRandomSessionKeyMaxLen uint16 `smb:"len:EncryptedRandomSessionKey"`
EncryptedRandomSessionKeyBufferOffset uint32 `smb:"offset:EncryptedRandomSessionKey"`
NegotiateFlags uint32
Version uint64 //`smb:"omitempty:0"` // Added for SMB 3.1.1
MIC []byte `smb:"fixed:16"` // Added for SMB 3.1.1
DomainName []byte `smb:"unicode"`
UserName []byte `smb:"unicode"`
Workstation []byte `smb:"unicode"`
LmChallengeResponse []byte
NtChallengeResponse []byte
EncryptedRandomSessionKey []byte
}
func (*Authenticate) MarshalBinary ¶
func (self *Authenticate) MarshalBinary(meta *encoder.Metadata) ([]byte, error)
func (*Authenticate) UnmarshalBinary ¶
func (self *Authenticate) UnmarshalBinary(buf []byte, meta *encoder.Metadata) error
type AvPairSlice ¶
type AvPairSlice []AvPair
func (*AvPairSlice) MarshalBinary ¶
func (s *AvPairSlice) MarshalBinary(meta *encoder.Metadata) ([]byte, error)
func (*AvPairSlice) UnmarshalBinary ¶
func (s *AvPairSlice) UnmarshalBinary(buf []byte, meta *encoder.Metadata) error
type Challenge ¶
type Challenge struct {
Header
TargetNameLen uint16 `smb:"len:TargetName"`
TargetNameMaxLen uint16 `smb:"len:TargetName"`
TargetNameBufferOffset uint32 `smb:"offset:TargetName"`
NegotiateFlags uint32
ServerChallenge uint64
Reserved uint64
TargetInfoLen uint16 `smb:"len:TargetInfo"`
TargetInfoMaxLen uint16 `smb:"len:TargetInfo"`
TargetInfoBufferOffset uint32 `smb:"offset:TargetInfo"`
Version uint64
TargetName []byte
TargetInfo *AvPairSlice
}
func NewChallenge ¶
func NewChallenge() Challenge
type Client ¶
type Client struct {
User string
Password string
Hash []byte // Password Hash
NTHash []byte // Output from Ntowfv2
LMHash []byte // Output from Lmowfv2
LocalUser bool // Don't use domain name from server
Domain string
Workstation string
NullSession bool
SigningDisabled bool
EncryptionDisabled bool
TargetSPN string
// contains filtered or unexported fields
}
type Negotiate ¶
type Negotiate struct {
Header
NegotiateFlags uint32
DomainNameLen uint16 `smb:"len:DomainName"`
DomainNameMaxLen uint16 `smb:"len:DomainName"`
DomainNameBufferOffset uint32 `smb:"offset:DomainName"`
WorkstationLen uint16 `smb:"len:Workstation"`
WorkstationMaxLen uint16 `smb:"len:Workstation"`
WorkstationBufferOffset uint32 `smb:"offset:Workstation"`
Version uint64
DomainName []byte
Workstation []byte
}
Source Files