Merge #166 into dev-1.2.x
Michael Teo
3 years ago
8 | 8 | from nmb.base import NMBSession |
9 | 9 | from .utils import convertFILETIMEtoEpoch |
10 | 10 | from . import ntlm, securityblob |
11 | from six import b | |
12 | import random | |
13 | import string | |
14 | from Crypto.Cipher import ARC4 | |
11 | 15 | |
12 | 16 | try: |
13 | 17 | import hashlib |
370 | 374 | self.log.info('Performing NTLMv1 authentication (on SMB2) with server challenge "%s"', binascii.hexlify(server_challenge)) |
371 | 375 | nt_challenge_response, lm_challenge_response, session_key = ntlm.generateChallengeResponseV1(self.password, server_challenge, True) |
372 | 376 | |
377 | session_base_key = session_key | |
378 | session_sign_key = b("".join([random.choice(string.digits+string.ascii_letters) for _ in range(16)])) | |
379 | cipher = ARC4.new(session_key) | |
380 | cipher_encrypt = cipher.encrypt | |
381 | session_encrypted_key = cipher_encrypt(session_sign_key) | |
382 | self.log.info("SMB keys = %s:%s:%s", session_encrypted_key.hex(), session_base_key.hex(), session_sign_key.hex()) | |
373 | 383 | ntlm_data = ntlm.generateAuthenticateMessage(server_flags, |
374 | 384 | nt_challenge_response, |
375 | 385 | lm_challenge_response, |
376 | session_key, | |
386 | session_encrypted_key, | |
377 | 387 | self.username, |
378 | 388 | self.domain, |
379 | 389 | self.my_name) |
396 | 406 | |
397 | 407 | if self.is_signing_active: |
398 | 408 | self.log.info("SMB signing activated. All SMB messages will be signed.") |
399 | self.signing_session_key = (session_key + b'\0'*16)[:16] | |
409 | self.signing_session_key = session_sign_key | |
410 | self.log.info("SMB signing key = %s", self.signing_session_key.hex()) | |
400 | 411 | if self.capabilities & CAP_EXTENDED_SECURITY: |
401 | 412 | self.signing_challenge_response = None |
402 | 413 | else: |