Коммит 2e758b20 создал по автору Моисеенко Андрей Алексеевич's avatar Моисеенко Андрей Алексеевич
Просмотр файлов

~

владелец 818f638c
Скрыть пробелы
Построчно Рядом
CryptLib.vcxproj
Просмотр файла @ 2e758b20
......@@ -782,7 +782,24 @@
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release_opt|ARM64'">Create</PrecompiledHeader>
<PrecompiledHeader Condition="'$(Configuration)|$(Platform)'=='Release_xp|ARM64'">Create</PrecompiledHeader>
</ClCompile>
<ClCompile Include="util.cpp" />
<ClCompile Include="util.cpp">
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_xp|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_opt|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|Win32'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_xp|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_opt|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|ARM'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_xp|ARM'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_opt|ARM'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|ARM'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_xp|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release_opt|x64'">true</ExcludedFromBuild>
<ExcludedFromBuild Condition="'$(Configuration)|$(Platform)'=='Release|x64'">true</ExcludedFromBuild>
</ClCompile>
</ItemGroup>
<ItemGroup>
<ClInclude Include="AntiRobotCaptcha.h" />
......
Makefile
Просмотр файла @ 2e758b20
......@@ -12,7 +12,6 @@ SOURCES = stdafx.cpp \
RSA.cpp \
AntiRobotCaptcha.cpp \
ntlm.cpp \
util.cpp \
li_64.nasm \
li_32_64.nasm \
sha256/sha224-256.cpp \
......@@ -30,7 +29,6 @@ OBJECTS = stdafx.o \
RSA.o \
AntiRobotCaptcha.o \
ntlm.o \
util.o \
li_64.o \
li_32_64.o \
sha256/sha224-256.o \
......
ntlm.cpp
Просмотр файла @ 2e758b20
#include "stdafx.h"
#include "temp.h"
#include "util.h"
#include "ntlm.h"
#include "util.cpp"
//#include <openssl/rand.h>
//#include <cstring>
......@@ -9,7 +13,7 @@ CMaaString make_type1_msg(const CMaaString &domain_, const CMaaString &host_, in
CMaaString upper_domain = Utf8ToAnsi(domain_.ToUpper(e_utf8));
CMaaString upper_host = Utf8ToAnsi(host_.ToUpper(e_utf8));
int dom_len = upper_domain.Length();
int hst_len = upper_host.Length();
const int hst_len = upper_host.Length();
struct Type1Message msg1;
memset(&msg1, 0, MSG1_SIZE);
......@@ -41,24 +45,24 @@ CMaaString make_type1_msg(const CMaaString &domain_, const CMaaString &host_, in
msg1.hst_len = msg1.hst_max_len = to_little_endian((uint16_t) hst_len);
msg1.hst_off = to_little_endian((uint32_t)(MSG1_SIZE + dom_len));
size_t buff_size = MSG1_SIZE + dom_len + hst_len;
CMaaString strBuff(nullptr, buff_size);
const size_t buff_size = MSG1_SIZE + dom_len + hst_len;
CMaaString strBuff(nullptr, buff_size, CMaaString::eCryptoKey);
if (strBuff.Length() != (int)buff_size)
{
return CMaaStringZ;
}
char *buff = strBuff.GetBuffer();
memmove(buff, &msg1, MSG1_SIZE);
memcpy(buff, &msg1, MSG1_SIZE);
if (dom_len)
{
memmove(buff + MSG1_SIZE, ASCII_STR(upper_domain), dom_len);
memcpy(buff + MSG1_SIZE, ASCII_STR(upper_domain), dom_len);
}
if (hst_len)
{
memmove(buff + MSG1_SIZE + dom_len, ASCII_STR(upper_host), hst_len);
memcpy(buff + MSG1_SIZE + dom_len, ASCII_STR(upper_host), hst_len);
}
return strBuff.Base64Encode();
return strBuff.Base64Encode();
}
CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const CMaaString &host_, const CMaaString &msg2_b64_buff, int ntlm_resp_type)
......@@ -80,6 +84,15 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
s_password = Utf8ToUnicode(password_);
s_domain = Utf8ToUnicode(domain_);
s_host_ = Utf8ToUnicode(host_);
if (is_big_endian())
{
s_password.SetCryptoKeyBit();
s_username = UnicodeBigEndianToUnicode(s_username);
s_password = UnicodeBigEndianToUnicode(s_password);
s_domain = UnicodeBigEndianToUnicode(s_domain);
s_host_ = UnicodeBigEndianToUnicode(s_host_);
}
}
else
{
......@@ -88,7 +101,8 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
s_domain = Utf8ToAnsi(domain_);
s_host_ = Utf8ToAnsi(host_);
}
s_password.SetCryptoKeyBit();
struct Type3Message msg3;
memset(&msg3, 0, MSG3_SIZE);
uint16_t lm_challenge_resp_len, nt_challenge_resp_len, dom_len, usr_name_len, hst_len;
......@@ -99,6 +113,8 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
uint8_t lm_resp[24];
uint8_t bf_ntlm_resp[24];
memset(lm_resp, 0, sizeof(lm_resp));;
memset(bf_ntlm_resp, 0, sizeof(bf_ntlm_resp));;
uint8_t* ntlm_resp = bf_ntlm_resp;
setup_security_buffer(lm_challenge_resp_len, lm_challenge_resp_off, msg3.lm_challenge_resp_len, msg3.lm_challenge_resp_max_len, msg3.lm_challenge_resp_off,
24,
......@@ -127,11 +143,11 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
{
msg3.flag = to_little_endian((uint32_t) NTLMV1_FLAG);
memset(lm_resp, 0, 24);
//memset(lm_resp, 0, 24);
calc_lmv1_resp(password_, msg2_handle.get_challenge(), lm_resp);
uint8_t *ntlmv1_resp = ntlm_resp;
memset(ntlmv1_resp, 0, 24);
//memset(ntlmv1_resp, 0, 24);
calc_ntlmv1_resp(password_, msg2_handle.get_challenge(), ntlmv1_resp);
}
......@@ -140,8 +156,8 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
msg3.flag = to_little_endian((uint32_t) NTLM2SESSION_FLAG);
uint8_t* ntlm2session_resp = ntlm_resp;
memset(lm_resp, 0, 24);
memset(ntlm2session_resp, 0, 24);
//memset(lm_resp, 0, 24);
//memset(ntlm2session_resp, 0, 24);
uint8_t client_nonce[8];
memset(client_nonce, 0, 8);
......@@ -153,14 +169,14 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
{
msg3.flag = to_little_endian((uint32_t) NTLM2SESSION_FLAG);
uint8_t* lmv2_resp = lm_resp;
memset(lmv2_resp, 0, 24);
//memset(lmv2_resp, 0, 24);
calc_lmv2_resp(username_, password_, domain_, msg2_handle.get_challenge(), lmv2_resp);
uint16_t target_info_len = 0;
const uint8_t* target_info = msg2_handle.get_target_info(target_info_len);
size_t blob_len = 28 + target_info_len; //the blob fixed len + target_info_len
size_t ntlmv2_resp_len = 16 + blob_len;// hmac + blob
str_ntlmv2_resp = CMaaString(nullptr, ntlmv2_resp_len /* * sizeof(uint8_t)*/);
const size_t blob_len = 28 + target_info_len; //the blob fixed len + target_info_len
const size_t ntlmv2_resp_len = 16 + blob_len;// hmac + blob
str_ntlmv2_resp = CMaaString(nullptr, ntlmv2_resp_len /* * sizeof(uint8_t)*/, CMaaString::eCryptoKey);
if (str_ntlmv2_resp.IsEmpty())
{
return CMaaStringZ;
......@@ -180,12 +196,12 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
return CMaaStringZ;
}
size_t msg3_buff_len = MSG3_SIZE + lm_challenge_resp_len + nt_challenge_resp_len + dom_len + usr_name_len + hst_len;
CMaaString str_msg3_buff(nullptr, msg3_buff_len);
const size_t msg3_buff_len = MSG3_SIZE + lm_challenge_resp_len + nt_challenge_resp_len + dom_len + usr_name_len + hst_len;
CMaaString str_msg3_buff(nullptr, msg3_buff_len, CMaaString::eCryptoKey);
char* msg3_buff = str_msg3_buff.GetBuffer();// new char[msg3_buff_len];
memmove(msg3_buff, &msg3, MSG3_SIZE);
memmove(msg3_buff + lm_challenge_resp_off, lm_resp, lm_challenge_resp_len);
memmove(msg3_buff + nt_challenge_resp_off, ntlm_resp, nt_challenge_resp_len);
memcpy(msg3_buff, &msg3, MSG3_SIZE);
memcpy(msg3_buff + lm_challenge_resp_off, lm_resp, lm_challenge_resp_len);
memcpy(msg3_buff + nt_challenge_resp_off, ntlm_resp, nt_challenge_resp_len);
/*
char* p_domain = (char*)(const char*)domain;
......@@ -206,9 +222,9 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
ascii_to_unicode(host, p_host);
}
*/
memmove(msg3_buff + dom_off, s_domain, dom_len);
memmove(msg3_buff + usr_name_off, s_username, usr_name_len);
memmove(msg3_buff + hst_off, s_host_, hst_len);
memcpy(msg3_buff + dom_off, s_domain, dom_len);
memcpy(msg3_buff + usr_name_off, s_username, usr_name_len);
memcpy(msg3_buff + hst_off, s_host_, hst_len);
/*
if (support_unicode)
......@@ -236,14 +252,15 @@ CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &passwor
}
void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* lm_resp)
static void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* lm_resp)
{
CMaaString upper_pwd = Utf8ToAnsi(password_.ToUpper(e_utf8));
size_t upper_pwd_len = upper_pwd.Length();
CMaaString upper_pwd = Utf8ToAnsi(password_.ToUpper(e_utf8).SetCryptoKeyBitEx());
upper_pwd.SetCryptoKeyBit();
const size_t upper_pwd_len = upper_pwd.Length();
uint8_t pwd[14];
memset(pwd, 0, 14);
size_t mv_len = upper_pwd_len < 14 ? upper_pwd_len : 14;
memmove(pwd, upper_pwd, mv_len);
const size_t mv_len = upper_pwd_len < 14 ? upper_pwd_len : 14;
memcpy(pwd, upper_pwd, mv_len);
uint8_t* pwd_l = pwd;// low 7 bytes
uint8_t* pwd_h = pwd + 7;// high 7 bytes
......@@ -253,7 +270,7 @@ void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8
uint8_t* lm_hash_l = lm_hash_padded;// low 8 bytes
uint8_t* lm_hash_h = lm_hash_padded + 8; // high 8 bytes
uint8_t* lm_hash_p = lm_hash_padded + 16; // the padded 5 bytes
DES_cblock magic = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; //KGS!@$%
DES_cblock magic = { 0x4B, 0x47, 0x53, 0x21, 0x40, 0x23, 0x24, 0x25 }; // "KGS!@#$%"
//key data result
des_enc(pwd_l, &magic, (DES_cblock*)lm_hash_l);
......@@ -273,9 +290,11 @@ void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8
des_enc(lm_hash_padded2, (DES_cblock*) challenge, (DES_cblock*) lm_resp2);
des_enc(lm_hash_padded3, (DES_cblock*) challenge, (DES_cblock*) lm_resp3);
memset(pwd, 0, 14);
memset(lm_hash_padded, 0, 21);
}
void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* ntlmv1_resp)
static void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* ntlmv1_resp)
{
uint8_t ntlmv1_hash_padded[21];
memset(ntlmv1_hash_padded, 0, 21);
......@@ -286,7 +305,7 @@ void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uin
calc_ntlmv1_hash(password_, ntlmv1_hash);
memset(ntlmv1_hash_padded, 0, 21);
memmove(ntlmv1_hash_padded, ntlmv1_hash, MD4_DIGEST_LENGTH);
memcpy(ntlmv1_hash_padded, ntlmv1_hash, MD4_DIGEST_LENGTH);
uint8_t* ntlmv1_resp1 = ntlmv1_resp;
uint8_t* ntlmv1_resp2 = ntlmv1_resp + 8;
......@@ -299,13 +318,12 @@ void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uin
des_enc(ntlmv1_hash_padded1, (DES_cblock*) challenge, (DES_cblock*) ntlmv1_resp1);
des_enc(ntlmv1_hash_padded2, (DES_cblock*) challenge, (DES_cblock*) ntlmv1_resp2);
des_enc(ntlmv1_hash_padded3, (DES_cblock*) challenge, (DES_cblock*) ntlmv1_resp3);
}
void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* client_nonce, uint8_t* lm_resp, uint8_t* ntlm2session_resp)
static void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* client_nonce, uint8_t* lm_resp, uint8_t* ntlm2session_resp)
{
memset(lm_resp, 0, 24);
memmove(lm_resp, client_nonce, 8);
memcpy(lm_resp, client_nonce, 8);
uint8_t session_nonce[16];
memset(session_nonce, 0, 16);
......@@ -324,7 +342,7 @@ void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challeng
calc_ntlmv1_hash(password_, ntlmv1_hash);
memset(ntlmv1_hash_padded, 0, 21);
memmove(ntlmv1_hash_padded, ntlmv1_hash, MD4_DIGEST_LENGTH);
memcpy(ntlmv1_hash_padded, ntlmv1_hash, MD4_DIGEST_LENGTH);
uint8_t* ntlm2session_resp1 = ntlm2session_resp;
uint8_t* ntlm2session_resp2 = ntlm2session_resp + 8;
......@@ -337,11 +355,15 @@ void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challeng
des_enc(ntlmv1_hash_padded1, (DES_cblock*) ntlm2session_hash, (DES_cblock*) ntlm2session_resp1);
des_enc(ntlmv1_hash_padded2, (DES_cblock*) ntlm2session_hash, (DES_cblock*) ntlm2session_resp2);
des_enc(ntlmv1_hash_padded3, (DES_cblock*) ntlm2session_hash, (DES_cblock*) ntlm2session_resp3);
memset(session_nonce, 0, 16);
memset(ntlm2session_hash, 0, 8);
memset(ntlmv1_hash_padded, 0, 21);
memset(ntlmv1_hash, 0, MD4_DIGEST_LENGTH);
}
void calc_lmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, uint8_t* lmv2_resp)
static void calc_lmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, uint8_t* lmv2_resp)
{
uint8_t client_nonce[8];
memset(client_nonce, 0, 8);
create_client_nonce(client_nonce, 8);
......@@ -359,12 +381,17 @@ void calc_lmv2_resp(const CMaaString &username_, const CMaaString &password_, co
hmac_md5_enc((void*)ntlmv2_hash, 16, data, 16, hmac, 16);
concat(hmac, 16, client_nonce, 8, lmv2_resp);
memset(client_nonce, 0, 8);
memset(data, 0, 16);
memset(ntlmv2_hash, 0, 16);
memset(hmac, 0, 16);
}
void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, const uint8_t* target_info, uint16_t target_info_len, uint8_t* ntlmv2_resp)
static void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, const uint8_t* target_info, uint16_t target_info_len, uint8_t* ntlmv2_resp)
{
size_t blob_len = 28 + target_info_len; //the blob fixed len + target_info_len
CMaaString str_blob(nullptr, blob_len);
const size_t blob_len = 28 + target_info_len; //the blob fixed len + target_info_len
CMaaString str_blob(nullptr, blob_len, CMaaString::eCryptoKey);
if (str_blob.IsEmpty())
{
return;
......@@ -376,7 +403,7 @@ void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_,
size_t challenge_len = 8;
size_t data_len = challenge_len + blob_len;
CMaaString str_data(nullptr, data_len, CMaaString::eNotInitMem);
CMaaString str_data(nullptr, data_len, CMaaString::eNotInitMemKey);
if (str_data.IsEmpty())
{
return;
......@@ -391,19 +418,28 @@ void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_,
uint8_t hmac[16];
memset(hmac, 0, 16);
hmac_md5_enc((void*)ntlmv2_hash, 16, data, data_len, hmac, 16);
hmac_md5_enc((void*)ntlmv2_hash, 16, data, (int)data_len, hmac, 16);
concat(hmac, 16, blob, blob_len, ntlmv2_resp);
//delete [] blob;
memset(ntlmv2_hash, 0, 16);
memset(hmac, 0, 16);
}
void calc_ntlmv1_hash(const CMaaString &password_, uint8_t* ntlmv1_hash)
static void calc_ntlmv1_hash(const CMaaString &password_, uint8_t* ntlmv1_hash)
{
memset(ntlmv1_hash, 0, MD4_DIGEST_LENGTH);
//size_t unicode_pwd_len = password.Length() * 2;
//char* unicode_pwd = new char[unicode_pwd_len];
CMaaString unicode_pwd = Utf8ToUnicode(password_);
unicode_pwd.SetCryptoKeyBit();
if (is_big_endian())
{
unicode_pwd = UnicodeBigEndianToUnicode(unicode_pwd);
unicode_pwd.SetCryptoKeyBit();
}
//ascii_to_unicode(password, unicode_pwd);
md4_enc((uint8_t*)(const char *)unicode_pwd, unicode_pwd.Length() /*unicode_pwd_len*/, ntlmv1_hash);
......@@ -413,19 +449,20 @@ void calc_ntlmv1_hash(const CMaaString &password_, uint8_t* ntlmv1_hash)
//16-uint8_t session_nonce
//8-uint8_t session_hash
void calc_ntlm2session_hash(uint8_t* session_nonce, uint8_t* session_hash)
static void calc_ntlm2session_hash(uint8_t* session_nonce, uint8_t* session_hash) noexcept
{
//session_nonce is 16-uint8_t
//session_hash is 8 uint8_t
memset(session_hash, 0, 8);
uint8_t md5_nonce[16];
md5_enc(session_nonce, 16, md5_nonce);
memmove(session_hash, md5_nonce, 8);
memcpy(session_hash, md5_nonce, 8);
memset(md5_nonce, 0, 16);
}
void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, uint8_t* ntlmv2_hash)
static void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, uint8_t* ntlmv2_hash)
{
memset(ntlmv2_hash, 0, 16);
uint8_t ntlmv1_hash[MD4_DIGEST_LENGTH];
......@@ -434,6 +471,11 @@ void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_,
CMaaString username = Utf8ToUnicode(username_.ToUpper(e_utf8));
CMaaString domain = Utf8ToUnicode(domain_);
if (is_big_endian())
{
username = UnicodeBigEndianToUnicode(username);
domain = UnicodeBigEndianToUnicode(domain);
}
CMaaString unicode_name_dom = username + domain;
if (unicode_name_dom.Length() == username.Length() + domain.Length())
......@@ -449,21 +491,28 @@ void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_,
//hmac_md5_enc((void*)ntlmv1_hash, MD4_DIGEST_LENGTH, (uint8_t*)unicode_name_dom, unicode_name_dom_len, ntlmv2_hash, 16);
//delete [] unicode_name_dom;
memset(ntlmv1_hash, 0, MD4_DIGEST_LENGTH);
}
void create_client_nonce(uint8_t* nonce, size_t len)
static void create_client_nonce(uint8_t* nonce, size_t len) noexcept
{
memset(nonce, 0, len);
if(8 != len)
if (len != 8)
{
return;
}
//int ret = RAND_bytes(nonce, 8);
GetRnd(nonce, 8);
int ret = 1;
try
{
GetRnd(nonce, 8);
}
catch (...)
{
ret = 0;
}
//if fail, set 0xffffffff0102034
if(ret != 1)
if (ret != 1)
{
for(int i = 0; i < 4; ++i)
{
......@@ -474,11 +523,10 @@ void create_client_nonce(uint8_t* nonce, size_t len)
{
nonce[j] = j;
}
}
}
void create_blob(const uint8_t* target_info, uint16_t target_info_len, uint8_t* blob, size_t blob_len)
static void create_blob(const uint8_t* target_info, uint16_t target_info_len, uint8_t* blob, size_t blob_len) noexcept
{
/*
* Description Content
......@@ -505,12 +553,14 @@ void create_blob(const uint8_t* target_info, uint16_t target_info_len, uint8_t*
memset(blob, 0, blob_len);
blob[0] = 0x1;
blob[1] = 0x1;
memmove(blob + 8, &timestamp, 8);
memmove(blob + 16, client_nonce, 8);
memmove(blob + 28, target_info, target_info_len);
memcpy(blob + 8, &timestamp, 8);
memcpy(blob + 16, client_nonce, 8);
memcpy(blob + 28, target_info, target_info_len); // or memmove
memset(client_nonce, 0, 8);
}
void setup_security_buffer(uint16_t &temp_len,uint32_t &temp_off, uint16_t &msg_len, uint16_t &msg_max_len, uint32_t &msg_off, uint16_t len_val, uint32_t off_val)
static void setup_security_buffer(uint16_t &temp_len,uint32_t &temp_off, uint16_t &msg_len, uint16_t &msg_max_len, uint32_t &msg_off, uint16_t len_val, uint32_t off_val) noexcept
{
temp_len = len_val;
temp_off = off_val;
......@@ -526,8 +576,9 @@ Message2Handle::Message2Handle(const CMaaString & msg2_b64_buff)
//size_t msg2_buff_len = BASE64_DECODE_LENGTH(msg2_b64_buff.Length());
//msg2_buff = new uint8_t[msg2_buff_len];
m_buff = msg2_b64_buff.Base64Decode();
m_buff.SetCryptoKeyBit();
//base64_decode(msg2_b64_buff.c_str(), msg2_buff);
memmove(&msg2, m_buff, m_buff.Length() >= (int)MSG2_SIZE ? MSG2_SIZE : m_buff.Length());
memcpy(&msg2, m_buff, m_buff.Length() >= (int)MSG2_SIZE ? MSG2_SIZE : m_buff.Length());
/*
* following is a tricky part
* the memmove directly may cause:
......@@ -545,7 +596,6 @@ Message2Handle::Message2Handle(const CMaaString & msg2_b64_buff)
msg2.target_info_max_len = to_little_endian(msg2.target_info_max_len);
msg2.target_info_off = to_little_endian(msg2.target_info_off);
}
}
Message2Handle::~Message2Handle()
{
......@@ -555,25 +605,25 @@ Message2Handle::~Message2Handle()
//}
}
const uint8_t* Message2Handle::get_challenge()
const uint8_t* Message2Handle::get_challenge() noexcept
{
return msg2.challenge;
}
uint32_t Message2Handle::get_flag()
uint32_t Message2Handle::get_flag() const noexcept
{
return msg2.flag;
}
bool Message2Handle::support_unicode()
bool Message2Handle::support_unicode() const noexcept
{
return msg2.flag & 0x1;
}
const uint8_t* Message2Handle::get_target_info(uint16_t& target_info_len)
const uint8_t* Message2Handle::get_target_info(uint16_t& target_info_len) noexcept
{
target_info_len = msg2.target_info_len;
const uint8_t* target_info = (const uint8_t*)(msg2.target_info_off + (const char *)m_buff);
return target_info;
}
\ Нет новой строки в конце файла
}
ntlm.h
Просмотр файла @ 2e758b20
......@@ -3,8 +3,8 @@
// [1][MS-NLMP]
// [2][http://davenport.sourceforge.net/ntlm.html]
#include <stdint.h>
#include <string>
//#include <stdint.h>
//#include <string>
// The negotiate message
struct Type1Message
......@@ -109,10 +109,10 @@ public:
Message2Handle(const CMaaString &msg2_b64_buff);
~Message2Handle();
const uint8_t* get_challenge();
uint32_t get_flag();
bool support_unicode();
const uint8_t* get_target_info(uint16_t& target_info_len);
const uint8_t* get_challenge() noexcept;
uint32_t get_flag() const noexcept;
bool support_unicode() const noexcept;
const uint8_t* get_target_info(uint16_t& target_info_len) noexcept;
private:
Type2Message msg2;
CMaaString m_buff;
......@@ -150,15 +150,15 @@ CMaaString make_type1_msg(const CMaaString &domain_, const CMaaString &host_, in
CMaaString make_type3_msg(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const CMaaString &host_, const CMaaString &msg2_b64_buff, int ntlm_resp_type);
//internal use
void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* lm_resp);
void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* ntlmv1_resp);
void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* client_nonce, uint8_t* lm_resp, uint8_t* ntlm2session_resp);
void calc_lmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, uint8_t* lmv2_resp);
void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, const uint8_t* target_info, uint16_t target_info_len, uint8_t* ntlmv2_resp);
void calc_ntlmv1_hash(const CMaaString &password_, uint8_t* ntlmv1_hash);
void calc_ntlm2session_hash(uint8_t* session_nonce, uint8_t* session_hash);
void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, uint8_t* ntlmv2_hash);
void create_client_nonce(uint8_t* nonce, size_t len);
void create_blob(const uint8_t* target_info, uint16_t target_info_len, uint8_t* blob, size_t blob_len);
void setup_security_buffer(uint16_t &temp_len,uint32_t &temp_off, uint16_t &msg_len, uint16_t &msg_max_len, uint32_t &msg_off, uint16_t len_val, uint32_t off_val);
static void calc_lmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* lm_resp);
static void calc_ntlmv1_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* ntlmv1_resp);
static void calc_ntlm2session_resp(const CMaaString &password_, const uint8_t* challenge, uint8_t* client_nonce, uint8_t* lm_resp, uint8_t* ntlm2session_resp);
static void calc_lmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, uint8_t* lmv2_resp);
static void calc_ntlmv2_resp(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, const uint8_t* challenge, const uint8_t* target_info, uint16_t target_info_len, uint8_t* ntlmv2_resp);
static void calc_ntlmv1_hash(const CMaaString &password_, uint8_t* ntlmv1_hash);
static void calc_ntlm2session_hash(uint8_t* session_nonce, uint8_t* session_hash) noexcept;
static void calc_ntlmv2_hash(const CMaaString &username_, const CMaaString &password_, const CMaaString &domain_, uint8_t* ntlmv2_hash);
static void create_client_nonce(uint8_t* nonce, size_t len) noexcept;
static void create_blob(const uint8_t* target_info, uint16_t target_info_len, uint8_t* blob, size_t blob_len) noexcept;
static void setup_security_buffer(uint16_t &temp_len,uint32_t &temp_off, uint16_t &msg_len, uint16_t &msg_max_len, uint32_t &msg_off, uint16_t len_val, uint32_t off_val) noexcept;
temp.h
Просмотр файла @ 2e758b20
......@@ -168,8 +168,13 @@ void GenRnd(LongInt2 &p, int R = 0);
#include "sha256/sha.h"
#include "sha256/sha_iface.h"
#include "ntlm.h"
#include "util.h"
#define USE_NTLMV1 1
#define USE_NTLM2SESSION 2
#define USE_NTLMV2 3
CMaaString make_type1_msg(const CMaaString& domain_, const CMaaString& host_, int ntlm_resp_type);
CMaaString make_type3_msg(const CMaaString& username_, const CMaaString& password_, const CMaaString& domain_, const CMaaString& host_, const CMaaString& msg2_b64_buff, int ntlm_resp_type);
//#include "ntlm.h"
//#include "util.h"
#include "ntlm_proxy_auth.h"
#endif //__CRYPTLIB_TEMP_H
util.cpp
Просмотр файла @ 2e758b20
#include "stdafx.h"
#include "temp.h"
//#include "stdafx.h"
//#include "temp.h"
/*
std::string to_uppercase(const std::string& s)
......@@ -17,14 +17,14 @@ std::string to_uppercase(const std::string& s)
}
*/
bool is_big_endian()
static bool is_big_endian() noexcept
{
uint32_t data = 0x11223344;
uint8_t* pdata = (uint8_t*)&data;
return pdata[0] == 0x11;
}
uint16_t to_little_endian(uint16_t i_data)
static uint16_t to_little_endian(uint16_t i_data) noexcept
{
if(!is_big_endian())
{
......@@ -39,7 +39,7 @@ uint16_t to_little_endian(uint16_t i_data)
return o_data;
}
uint32_t to_little_endian(uint32_t i_data)
static uint32_t to_little_endian(uint32_t i_data) noexcept
{
if(!is_big_endian())
{
......@@ -56,7 +56,7 @@ uint32_t to_little_endian(uint32_t i_data)
return o_data;
}
uint64_t to_little_endian(uint64_t i_data)
static uint64_t to_little_endian(uint64_t i_data) noexcept
{
if(!is_big_endian())
{
......@@ -75,7 +75,8 @@ uint64_t to_little_endian(uint64_t i_data)
return o_data;
}
void setup_des_key(unsigned char key_56[], DES_key_schedule &ks) {
static void setup_des_key(unsigned char key_56[], DES_key_schedule &ks) noexcept
{
DES_cblock key;
key[0] = key_56[0];
......@@ -91,14 +92,14 @@ void setup_des_key(unsigned char key_56[], DES_key_schedule &ks) {
DES_set_key(&key, ks);
}
void des_enc(uint8_t* key, DES_cblock* data, DES_cblock* result)
static void des_enc(uint8_t* key, DES_cblock* data, DES_cblock* result) noexcept
{
DES_key_schedule ks;
setup_des_key(key, ks);
DES_ecb_encrypt(data, result, ks, DES_ENCRYPT);
}
void md4_enc(uint8_t* data, size_t data_len, uint8_t* result)
static void md4_enc(uint8_t* data, size_t data_len, uint8_t* result) noexcept
{
//MD4(data, data_len, result);
CMD4Cacl c;
......@@ -106,7 +107,7 @@ void md4_enc(uint8_t* data, size_t data_len, uint8_t* result)
c.GetHash(result);
}
void md5_enc(uint8_t* data, size_t data_len, uint8_t* result)
static void md5_enc(uint8_t* data, size_t data_len, uint8_t* result) noexcept
{
//MD5(data, data_len, result);
CMD5Cacl c;
......@@ -114,57 +115,59 @@ void md5_enc(uint8_t* data, size_t data_len, uint8_t* result)
c.GetHash(result);
}
void hmac_md5_enc(void* key, int key_len, uint8_t* data, int data_len, uint8_t* digest, unsigned int digest_len)
static void hmac_md5_enc(void* key, int key_len, uint8_t* data, int data_len, uint8_t* digest, unsigned int digest_len) noexcept
{
// digest_len == 16
#if 0
CMD5Cacl c;
c.SetKey(key, key_len); // not worked
c.Update(data, data_len);
c.GetHash(digest);
/*
HMAC_CTX ctx;
HMAC_CTX * hmac_ctx = HMAC_CTX_new(&ctx);
HMAC_Init_ex(hmac_ctx, key, key_len, EVP_md5(), NULL);
HMAC_Update(hmac_ctx, data, data_len);
HMAC_Final(hmac_ctx, digest, &digest_len);
HMAC_CTX_free(hmac_ctx);
*/
#else
//constexpr int block_size = 64;
constexpr int block_size = 16;
/*
static CMaaFile f("c:\\maa\\log.txt", "WC|SrSw", false);
f.fprintf("%m%d %d\r\n\r\n", key, key_len, data_len, digest_len);
f.Flush();
*/
//may be addon like: // https://github.com/NewYaroslav/hmac-cpp.git for 256 and 512 bits shaxxx
char TruncKey[block_size];
if (key_len > block_size)
char* key_ = (char*)key;
char TruncKey[16];
if (key_len > 16)
{
memset(TruncKey, 0, block_size);
CMD5Cacl md5__;
md5__.Update(key, key_len);
md5__.GetHash(TruncKey);
key = TruncKey;
key_len = block_size;
memset(TruncKey, 0, 16);
CMD5Cacl md5_1;
md5_1.Update(key, key_len);
md5_1.GetHash(TruncKey);
key_ = TruncKey;
key_len = 16;
}
CMaaString ipad(nullptr, block_size, CMaaString::eNotInitMem);
CMaaString opad(nullptr, block_size, CMaaString::eNotInitMem);
ipad.Fill(0x36);
opad.Fill(0x5c);
char* key_ = (char*)key;
char ipad[64], opad[64];
memset(ipad, 0x36, sizeof(ipad));
memset(opad, 0x5c, sizeof(opad));
for (int i = 0; i < key_len; i++)
{
ipad[i] = ipad[i] ^ key_[i];
opad[i] = opad[i] ^ key_[i];
ipad[i] ^= key_[i];
opad[i] ^= key_[i];
}
CMaaString content = ipad + CMaaString(data, data_len);
CMD5Cacl md5;
md5.Update(content, (warning_int)content.Length());
CMaaString data2 = md5.GetHash();
content = opad + data2;
CMD5Cacl md5_;
md5_.Update(content, (warning_int)content.Length());
//return md5_.GetHash();
md5_.GetHash(digest);
char data2[16];
memset(data2, 0, sizeof(data2));
CMD5Cacl md5_2;
md5_2.Update(ipad, 64);
md5_2.Update(data, data_len);
md5_2.GetHash(data2);
CMD5Cacl md5_3;
md5_3.Update(opad, 64);
md5_3.Update(data2, 16);
md5_3.GetHash(digest);
memset(data2, 0, sizeof(data2));
memset(opad, 0, sizeof(opad));
memset(ipad, 0, sizeof(ipad));
memset(TruncKey, 0, sizeof(TruncKey));
#endif
}
......@@ -179,13 +182,13 @@ void ascii_to_unicode(CMaaString ascii_str, char* unicode_str)
}
*/
void concat(const uint8_t* data1, size_t data1_len, const uint8_t* data2, size_t data2_len, uint8_t* result)
static void concat(const uint8_t* data1, size_t data1_len, const uint8_t* data2, size_t data2_len, uint8_t* result) noexcept
{
memmove(result, data1, data1_len);
memmove(result + data1_len, data2, data2_len);
memcpy(result, data1, data1_len);
memcpy(result + data1_len, data2, data2_len);
}
uint64_t create_timestamp()
static uint64_t create_timestamp() noexcept
{
/*
* calc Timestamp
......
util.h
Просмотр файла @ 2e758b20
......@@ -30,20 +30,20 @@ extern "C" {
//std::string to_uppercase(const string& s);
bool is_big_endian();
uint16_t to_little_endian(uint16_t i_data);
uint32_t to_little_endian(uint32_t i_data);
uint64_t to_little_endian(uint64_t i_data);
static bool is_big_endian() noexcept;
static uint16_t to_little_endian(uint16_t i_data) noexcept;
static uint32_t to_little_endian(uint32_t i_data) noexcept;
static uint64_t to_little_endian(uint64_t i_data) noexcept;
void des_enc(uint8_t* key, DES_cblock* data, DES_cblock* result);
void md4_enc(uint8_t* data, size_t data_len, uint8_t* result);
void md5_enc(uint8_t* data, size_t data_len, uint8_t* result);
void hmac_md5_enc(void* key, int key_len, uint8_t* data, int data_len, uint8_t* digest, unsigned int digest_len);
static void des_enc(uint8_t* key, DES_cblock* data, DES_cblock* result) noexcept;
static void md4_enc(uint8_t* data, size_t data_len, uint8_t* result) noexcept;
static void md5_enc(uint8_t* data, size_t data_len, uint8_t* result) noexcept;
static void hmac_md5_enc(void* key, int key_len, uint8_t* data, int data_len, uint8_t* digest, unsigned int digest_len) noexcept;
//void ascii_to_unicode(CMaaString ascii_str, char *unicode_str);
void concat(const uint8_t* data1, size_t data1_len, const uint8_t* data2, size_t data2_len, uint8_t* result);
uint64_t create_timestamp();
static void concat(const uint8_t* data1, size_t data1_len, const uint8_t* data2, size_t data2_len, uint8_t* result) noexcept;
static uint64_t create_timestamp() noexcept;
//void base64_encode(const char *src, char *dst, size_t length);
......
Поддерживает Markdown
0% или .
You are about to add 0 people to the discussion. Proceed with caution.
Сначала завершите редактирование этого сообщения!
Пожалуйста, зарегистрируйтесь или чтобы прокомментировать