Merge #166 into dev-1.2.x
Michael Teo
3 years ago
| 8 | 8 | from nmb.base import NMBSession |
| 9 | 9 | from .utils import convertFILETIMEtoEpoch |
| 10 | 10 | from . import ntlm, securityblob |
| 11 | from six import b | |
| 12 | import random | |
| 13 | import string | |
| 14 | from Crypto.Cipher import ARC4 | |
| 11 | 15 | |
| 12 | 16 | try: |
| 13 | 17 | import hashlib |
| 370 | 374 | self.log.info('Performing NTLMv1 authentication (on SMB2) with server challenge "%s"', binascii.hexlify(server_challenge)) |
| 371 | 375 | nt_challenge_response, lm_challenge_response, session_key = ntlm.generateChallengeResponseV1(self.password, server_challenge, True) |
| 372 | 376 | |
| 377 | session_base_key = session_key | |
| 378 | session_sign_key = b("".join([random.choice(string.digits+string.ascii_letters) for _ in range(16)])) | |
| 379 | cipher = ARC4.new(session_key) | |
| 380 | cipher_encrypt = cipher.encrypt | |
| 381 | session_encrypted_key = cipher_encrypt(session_sign_key) | |
| 382 | self.log.info("SMB keys = %s:%s:%s", session_encrypted_key.hex(), session_base_key.hex(), session_sign_key.hex()) | |
| 373 | 383 | ntlm_data = ntlm.generateAuthenticateMessage(server_flags, |
| 374 | 384 | nt_challenge_response, |
| 375 | 385 | lm_challenge_response, |
| 376 | session_key, | |
| 386 | session_encrypted_key, | |
| 377 | 387 | self.username, |
| 378 | 388 | self.domain, |
| 379 | 389 | self.my_name) |
| 396 | 406 | |
| 397 | 407 | if self.is_signing_active: |
| 398 | 408 | self.log.info("SMB signing activated. All SMB messages will be signed.") |
| 399 | self.signing_session_key = (session_key + b'\0'*16)[:16] | |
| 409 | self.signing_session_key = session_sign_key | |
| 410 | self.log.info("SMB signing key = %s", self.signing_session_key.hex()) | |
| 400 | 411 | if self.capabilities & CAP_EXTENDED_SECURITY: |
| 401 | 412 | self.signing_challenge_response = None |
| 402 | 413 | else: |