本文整理匯總了Python中impacket.ntlm.NTLMAuthChallenge方法的典型用法代碼示例。如果您正苦於以下問題:Python ntlm.NTLMAuthChallenge方法的具體用法?Python ntlm.NTLMAuthChallenge怎麽用?Python ntlm.NTLMAuthChallenge使用的例子?那麽, 這裏精選的方法代碼示例或許可以為您提供幫助。您也可以進一步了解該方法所在類impacket.ntlm的用法示例。
在下文中一共展示了ntlm.NTLMAuthChallenge方法的12個代碼示例,這些例子默認根據受歡迎程度排序。您可以為喜歡或者感覺有用的代碼點讚,您的評價將有助於係統推薦出更棒的Python代碼示例。
示例1: do_ntlm_negotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def do_ntlm_negotiate(self,client,token):
#Since the clients all support the same operations there is no target protocol specific code needed for now
if 'LDAP' in self.target[0]:
#Remove the message signing flag
#For LDAP this is required otherwise it triggers LDAP signing
negotiateMessage = ntlm.NTLMAuthNegotiate()
negotiateMessage.fromString(token)
#negotiateMessage['flags'] ^= ntlm.NTLMSSP_NEGOTIATE_SIGN
clientChallengeMessage = client.sendNegotiate(negotiateMessage.getData())
else:
clientChallengeMessage = client.sendNegotiate(token)
challengeMessage = ntlm.NTLMAuthChallenge()
challengeMessage.fromString(clientChallengeMessage)
return challengeMessage
#Do NTLM auth 示例2: do_ntlm_negotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def do_ntlm_negotiate(self,client,token):
#Since the clients all support the same operations there is no target protocol specific code needed for now
if 'LDAP' in self.target[0]:
#Remove the message signing flag
#For LDAP this is required otherwise it triggers LDAP signing
negotiateMessage = ntlm.NTLMAuthNegotiate()
negotiateMessage.fromString(token)
#negotiateMessage['flags'] ^= ntlm.NTLMSSP_NEGOTIATE_SIGN
clientChallengeMessage = client.sendNegotiate(negotiateMessage.getData())
else:
clientChallengeMessage = client.sendNegotiate(token)
challengeMessage = ntlm.NTLMAuthChallenge()
challengeMessage.fromString(clientChallengeMessage)
return challengeMessage
#Do NTLM auth 示例3: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self,negotiateMessage):
negotiate = base64.b64encode(negotiateMessage)
self.session.putcmd('AUTH NTLM')
code, resp = self.session.getreply()
if code != 334:
LOG.error('SMTP Client error, expected 334 NTLM supported, got %d %s ' % (code, resp))
return False
else:
self.session.putcmd(negotiate)
try:
code, serverChallengeBase64 = self.session.getreply()
serverChallenge = base64.b64decode(serverChallengeBase64)
challenge = NTLMAuthChallenge()
challenge.fromString(serverChallenge)
return challenge
except (IndexError, KeyError, AttributeError):
LOG.error('No NTLM challenge returned from SMTP server')
raise 示例4: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self,negotiateMessage):
negotiate = base64.b64encode(negotiateMessage)
self.session.send('%s AUTHENTICATE NTLM%s' % (self.authTag,imaplib.CRLF))
resp = self.session.readline().strip()
if resp != '+':
LOG.error('IMAP Client error, expected continuation (+), got %s ' % resp)
return False
else:
self.session.send(negotiate + imaplib.CRLF)
try:
serverChallengeBase64 = self.session.readline().strip()[2:] #first two chars are the continuation and space char
serverChallenge = base64.b64decode(serverChallengeBase64)
challenge = NTLMAuthChallenge()
challenge.fromString(serverChallenge)
return challenge
except (IndexError, KeyError, AttributeError):
LOG.error('No NTLM challenge returned from IMAP server')
raise 示例5: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self, negotiateMessage):
negotiate = NTLMAuthNegotiate()
negotiate.fromString(negotiateMessage)
#Remove the signing flag
negotiate['flags'] ^= NTLMSSP_NEGOTIATE_ALWAYS_SIGN
challenge = NTLMAuthChallenge()
if self.session.getDialect() == SMB_DIALECT:
challenge.fromString(self.sendNegotiatev1(negotiateMessage))
else:
challenge.fromString(self.sendNegotiatev2(negotiateMessage))
# Store the Challenge in our session data dict. It will be used by the SMB Proxy
self.sessionData['CHALLENGE_MESSAGE'] = challenge
return challenge 示例6: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self,negotiateMessage):
#Check if server wants auth
self.session.request('GET', self.path)
res = self.session.getresponse()
res.read()
if res.status != 401:
LOG.info('Status code returned: %d. Authentication does not seem required for URL' % res.status)
try:
if 'NTLM' not in res.getheader('WWW-Authenticate'):
LOG.error('NTLM Auth not offered by URL, offered protocols: %s' % res.getheader('WWW-Authenticate'))
return False
except (KeyError, TypeError):
LOG.error('No authentication requested by the server for url %s' % self.targetHost)
return False
#Negotiate auth
negotiate = base64.b64encode(negotiateMessage)
headers = {'Authorization':'NTLM %s' % negotiate}
self.session.request('GET', self.path ,headers=headers)
res = self.session.getresponse()
res.read()
try:
serverChallengeBase64 = re.search('NTLM ([a-zA-Z0-9+/]+={0,2})', res.getheader('WWW-Authenticate')).group(1)
serverChallenge = base64.b64decode(serverChallengeBase64)
challenge = NTLMAuthChallenge()
challenge.fromString(serverChallenge)
return challenge
except (IndexError, KeyError, AttributeError):
LOG.error('No NTLM challenge returned from server') 示例7: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self, negotiateMessage):
negoMessage = NTLMAuthNegotiate()
negoMessage.fromString(negotiateMessage)
# When exploiting CVE-2019-1040, remove flags
if self.serverConfig.remove_mic:
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_SIGN == NTLMSSP_NEGOTIATE_SIGN:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_SIGN
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_ALWAYS_SIGN == NTLMSSP_NEGOTIATE_ALWAYS_SIGN:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_ALWAYS_SIGN
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_KEY_EXCH == NTLMSSP_NEGOTIATE_KEY_EXCH:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_KEY_EXCH
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_VERSION == NTLMSSP_NEGOTIATE_VERSION:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_VERSION
negotiateMessage = negoMessage.getData()
challenge = NTLMAuthChallenge()
if self.session.getDialect() == SMB_DIALECT:
challenge.fromString(self.sendNegotiatev1(negotiateMessage))
else:
challenge.fromString(self.sendNegotiatev2(negotiateMessage))
self.negotiateMessage = negotiateMessage
self.challengeMessage = challenge.getData()
# Store the Challenge in our session data dict. It will be used by the SMB Proxy
self.sessionData['CHALLENGE_MESSAGE'] = challenge
self.serverChallenge = challenge['challenge']
return challenge 示例8: do_ntlm_negotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def do_ntlm_negotiate(self,client,token):
#Since the clients all support the same operations there is no target protocol specific code needed for now
clientChallengeMessage = client.sendNegotiate(token)
challengeMessage = ntlm.NTLMAuthChallenge()
challengeMessage.fromString(clientChallengeMessage)
return challengeMessage
#Do NTLM auth 示例9: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self,negotiateMessage):
#Also partly copied from tds.py
login = TDS_LOGIN()
login['HostName'] = (''.join([random.choice(string.letters) for _ in range(8)])).encode('utf-16le')
login['AppName'] = (''.join([random.choice(string.letters) for _ in range(8)])).encode('utf-16le')
login['ServerName'] = self.server.encode('utf-16le')
login['CltIntName'] = login['AppName']
login['ClientPID'] = random.randint(0,1024)
login['PacketSize'] = self.packetSize
login['OptionFlags2'] = TDS_INIT_LANG_FATAL | TDS_ODBC_ON | TDS_INTEGRATED_SECURITY_ON
# NTLMSSP Negotiate
login['SSPI'] = str(negotiateMessage)
login['Length'] = len(str(login))
# Send the NTLMSSP Negotiate
self.sendTDS(TDS_LOGIN7, str(login))
# According to the specs, if encryption is not required, we must encrypt just
# the first Login packet :-o
if self.resp['Encryption'] == TDS_ENCRYPT_OFF:
self.tlsSocket = None
tds = self.recvTDS()
self.sessionData['NTLM_CHALLENGE'] = tds
challenge = NTLMAuthChallenge()
challenge.fromString(tds['Data'][3:])
#challenge.dump()
return challenge 示例10: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self, negotiateMessage):
#Remove the message signing flag
#For LDAP this is required otherwise it triggers LDAP signing
negoMessage = NTLMAuthNegotiate()
negoMessage.fromString(negotiateMessage)
#negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_SIGN
self.negotiateMessage = str(negoMessage)
with self.session.connection_lock:
if not self.session.sasl_in_progress:
self.session.sasl_in_progress = True
request = bind.bind_operation(self.session.version, 'SICILY_PACKAGE_DISCOVERY')
response = self.session.post_send_single_response(self.session.send('bindRequest', request, None))
result = response[0]
try:
sicily_packages = result['server_creds'].decode('ascii').split(';')
except KeyError:
raise LDAPRelayClientException('Could not discover authentication methods, server replied: %s' % result)
if 'NTLM' in sicily_packages: # NTLM available on server
request = bind.bind_operation(self.session.version, 'SICILY_NEGOTIATE_NTLM', self)
response = self.session.post_send_single_response(self.session.send('bindRequest', request, None))
result = response[0]
if result['result'] == RESULT_SUCCESS:
challenge = NTLMAuthChallenge()
challenge.fromString(result['server_creds'])
return challenge
else:
raise LDAPRelayClientException('Server did not offer NTLM authentication!')
#This is a fake function for ldap3 which wants an NTLM client with specific methods 示例11: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self,negotiateMessage):
#Also partly copied from tds.py
login = TDS_LOGIN()
login['HostName'] = (''.join([random.choice(string.ascii_letters) for _ in range(8)])).encode('utf-16le')
login['AppName'] = (''.join([random.choice(string.ascii_letters) for _ in range(8)])).encode('utf-16le')
login['ServerName'] = self.server.encode('utf-16le')
login['CltIntName'] = login['AppName']
login['ClientPID'] = random.randint(0,1024)
login['PacketSize'] = self.packetSize
login['OptionFlags2'] = TDS_INIT_LANG_FATAL | TDS_ODBC_ON | TDS_INTEGRATED_SECURITY_ON
# NTLMSSP Negotiate
login['SSPI'] = negotiateMessage
login['Length'] = len(login.getData())
# Send the NTLMSSP Negotiate
self.sendTDS(TDS_LOGIN7, login.getData())
# According to the specs, if encryption is not required, we must encrypt just
# the first Login packet :-o
if self.resp['Encryption'] == TDS_ENCRYPT_OFF:
self.tlsSocket = None
tds = self.recvTDS()
self.sessionData['NTLM_CHALLENGE'] = tds
challenge = NTLMAuthChallenge()
challenge.fromString(tds['Data'][3:])
#challenge.dump()
return challenge 示例12: sendNegotiate
# 需要導入模塊: from impacket import ntlm [as 別名]
# 或者: from impacket.ntlm import NTLMAuthChallenge [as 別名]
def sendNegotiate(self, negotiateMessage):
# Remove the message signing flag
# For SMB->LDAP this is required otherwise it triggers LDAP signing
# Note that this code is commented out because changing flags breaks the signature
# unless the client uses a non-standard implementation of NTLM
negoMessage = NTLMAuthNegotiate()
negoMessage.fromString(negotiateMessage)
# When exploiting CVE-2019-1040, remove flags
if self.serverConfig.remove_mic:
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_SIGN == NTLMSSP_NEGOTIATE_SIGN:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_SIGN
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_ALWAYS_SIGN == NTLMSSP_NEGOTIATE_ALWAYS_SIGN:
negoMessage['flags'] ^= NTLMSSP_NEGOTIATE_ALWAYS_SIGN
self.negotiateMessage = negoMessage.getData()
# Warn if the relayed target requests signing, which will break our attack
if negoMessage['flags'] & NTLMSSP_NEGOTIATE_SIGN == NTLMSSP_NEGOTIATE_SIGN:
LOG.warning('The client requested signing. Relaying to LDAP will not work! (This usually happens when relaying from SMB to LDAP)')
with self.session.connection_lock:
if not self.session.sasl_in_progress:
self.session.sasl_in_progress = True
request = bind.bind_operation(self.session.version, 'SICILY_PACKAGE_DISCOVERY')
response = self.session.post_send_single_response(self.session.send('bindRequest', request, None))
result = response[0]
try:
sicily_packages = result['server_creds'].decode('ascii').split(';')
except KeyError:
raise LDAPRelayClientException('Could not discover authentication methods, server replied: %s' % result)
if 'NTLM' in sicily_packages: # NTLM available on server
request = bind.bind_operation(self.session.version, 'SICILY_NEGOTIATE_NTLM', self)
response = self.session.post_send_single_response(self.session.send('bindRequest', request, None))
result = response[0]
if result['result'] == RESULT_SUCCESS:
challenge = NTLMAuthChallenge()
challenge.fromString(result['server_creds'])
return challenge
else:
raise LDAPRelayClientException('Server did not offer NTLM authentication!')
#This is a fake function for ldap3 which wants an NTLM client with specific methods