1 |
|
2 |
|
3 |
|
4 |
|
5 |
|
6 |
|
7 |
|
8 |
|
9 | var crypto = require('crypto');
|
10 | var jsmd4 = require("js-md4");
|
11 | var desjs = require("des.js");
|
12 |
|
13 | var flags = {
|
14 | NTLM_NegotiateUnicode : 0x00000001,
|
15 | NTLM_NegotiateOEM : 0x00000002,
|
16 | NTLM_RequestTarget : 0x00000004,
|
17 | NTLM_Unknown9 : 0x00000008,
|
18 | NTLM_NegotiateSign : 0x00000010,
|
19 | NTLM_NegotiateSeal : 0x00000020,
|
20 | NTLM_NegotiateDatagram : 0x00000040,
|
21 | NTLM_NegotiateLanManagerKey : 0x00000080,
|
22 | NTLM_Unknown8 : 0x00000100,
|
23 | NTLM_NegotiateNTLM : 0x00000200,
|
24 | NTLM_NegotiateNTOnly : 0x00000400,
|
25 | NTLM_Anonymous : 0x00000800,
|
26 | NTLM_NegotiateOemDomainSupplied : 0x00001000,
|
27 | NTLM_NegotiateOemWorkstationSupplied : 0x00002000,
|
28 | NTLM_Unknown6 : 0x00004000,
|
29 | NTLM_NegotiateAlwaysSign : 0x00008000,
|
30 | NTLM_TargetTypeDomain : 0x00010000,
|
31 | NTLM_TargetTypeServer : 0x00020000,
|
32 | NTLM_TargetTypeShare : 0x00040000,
|
33 | NTLM_NegotiateExtendedSecurity : 0x00080000,
|
34 | NTLM_NegotiateIdentify : 0x00100000,
|
35 | NTLM_Unknown5 : 0x00200000,
|
36 | NTLM_RequestNonNTSessionKey : 0x00400000,
|
37 | NTLM_NegotiateTargetInfo : 0x00800000,
|
38 | NTLM_Unknown4 : 0x01000000,
|
39 | NTLM_NegotiateVersion : 0x02000000,
|
40 | NTLM_Unknown3 : 0x04000000,
|
41 | NTLM_Unknown2 : 0x08000000,
|
42 | NTLM_Unknown1 : 0x10000000,
|
43 | NTLM_Negotiate128 : 0x20000000,
|
44 | NTLM_NegotiateKeyExchange : 0x40000000,
|
45 | NTLM_Negotiate56 : 0x80000000
|
46 | };
|
47 | var typeflags = {
|
48 | NTLM_TYPE1_FLAGS : flags.NTLM_NegotiateUnicode
|
49 | + flags.NTLM_NegotiateOEM
|
50 | + flags.NTLM_RequestTarget
|
51 | + flags.NTLM_NegotiateNTLM
|
52 | + flags.NTLM_NegotiateOemDomainSupplied
|
53 | + flags.NTLM_NegotiateOemWorkstationSupplied
|
54 | + flags.NTLM_NegotiateAlwaysSign
|
55 | + flags.NTLM_NegotiateExtendedSecurity
|
56 | + flags.NTLM_NegotiateVersion
|
57 | + flags.NTLM_Negotiate128
|
58 | + flags.NTLM_Negotiate56,
|
59 |
|
60 | NTLM_TYPE2_FLAGS : flags.NTLM_NegotiateUnicode
|
61 | + flags.NTLM_RequestTarget
|
62 | + flags.NTLM_NegotiateNTLM
|
63 | + flags.NTLM_NegotiateAlwaysSign
|
64 | + flags.NTLM_NegotiateExtendedSecurity
|
65 | + flags.NTLM_NegotiateTargetInfo
|
66 | + flags.NTLM_NegotiateVersion
|
67 | + flags.NTLM_Negotiate128
|
68 | + flags.NTLM_Negotiate56
|
69 | };
|
70 |
|
71 | function createType1Message(options){
|
72 | if(!options.domain) options.domain = '';
|
73 | if(!options.workstation) options.workstation = '';
|
74 |
|
75 | var domain = escape(options.domain.toUpperCase());
|
76 | var workstation = escape(options.workstation.toUpperCase());
|
77 | var protocol = 'NTLMSSP\0';
|
78 |
|
79 | var BODY_LENGTH = 40;
|
80 |
|
81 | var type1flags = typeflags.NTLM_TYPE1_FLAGS;
|
82 | if(!domain || domain === '')
|
83 | type1flags = type1flags - flags.NTLM_NegotiateOemDomainSupplied;
|
84 |
|
85 | var pos = 0;
|
86 | var buf = Buffer.alloc(BODY_LENGTH + domain.length + workstation.length);
|
87 |
|
88 |
|
89 | buf.write(protocol, pos, protocol.length); pos += protocol.length;
|
90 | buf.writeUInt32LE(1, pos); pos += 4;
|
91 | buf.writeUInt32LE(type1flags, pos); pos += 4;
|
92 |
|
93 | buf.writeUInt16LE(domain.length, pos); pos += 2;
|
94 | buf.writeUInt16LE(domain.length, pos); pos += 2;
|
95 | buf.writeUInt32LE(BODY_LENGTH + workstation.length, pos); pos += 4;
|
96 |
|
97 | buf.writeUInt16LE(workstation.length, pos); pos += 2;
|
98 | buf.writeUInt16LE(workstation.length, pos); pos += 2;
|
99 | buf.writeUInt32LE(BODY_LENGTH, pos); pos += 4;
|
100 |
|
101 | buf.writeUInt8(5, pos); pos += 1;
|
102 | buf.writeUInt8(1, pos); pos += 1;
|
103 | buf.writeUInt16LE(2600, pos); pos += 2;
|
104 |
|
105 | buf.writeUInt8(0 , pos); pos += 1;
|
106 | buf.writeUInt8(0 , pos); pos += 1;
|
107 | buf.writeUInt8(0 , pos); pos += 1;
|
108 | buf.writeUInt8(15, pos); pos += 1;
|
109 |
|
110 |
|
111 |
|
112 | if(workstation.length !=0) buf.write(workstation, pos, workstation.length, 'ascii'); pos += workstation.length;
|
113 | if(domain.length !=0) buf.write(domain , pos, domain.length , 'ascii'); pos += domain.length;
|
114 |
|
115 | return 'NTLM ' + buf.toString('base64');
|
116 | }
|
117 |
|
118 | function parseType2Message(rawmsg, callback){
|
119 | var match = rawmsg.match(/NTLM (.+)?/);
|
120 | if(!match || !match[1]) {
|
121 | callback(new Error("Couldn't find NTLM in the message type2 coming from the server"));
|
122 | return null;
|
123 | }
|
124 |
|
125 | var buf = Buffer.from(match[1], 'base64');
|
126 |
|
127 | var msg = {};
|
128 |
|
129 | msg.signature = buf.slice(0, 8);
|
130 | msg.type = buf.readInt16LE(8);
|
131 |
|
132 | if(msg.type != 2) {
|
133 | callback(new Error("Server didn't return a type 2 message"));
|
134 | return null;
|
135 | }
|
136 |
|
137 | msg.targetNameLen = buf.readInt16LE(12);
|
138 | msg.targetNameMaxLen = buf.readInt16LE(14);
|
139 | msg.targetNameOffset = buf.readInt32LE(16);
|
140 | msg.targetName = buf.slice(msg.targetNameOffset, msg.targetNameOffset + msg.targetNameMaxLen);
|
141 |
|
142 | msg.negotiateFlags = buf.readInt32LE(20);
|
143 | msg.serverChallenge = buf.slice(24, 32);
|
144 | msg.reserved = buf.slice(32, 40);
|
145 |
|
146 | if(msg.negotiateFlags & flags.NTLM_NegotiateTargetInfo){
|
147 | msg.targetInfoLen = buf.readInt16LE(40);
|
148 | msg.targetInfoMaxLen = buf.readInt16LE(42);
|
149 | msg.targetInfoOffset = buf.readInt32LE(44);
|
150 | msg.targetInfo = buf.slice(msg.targetInfoOffset, msg.targetInfoOffset + msg.targetInfoLen);
|
151 | }
|
152 | return msg;
|
153 | }
|
154 |
|
155 | function createType3Message(msg2, options){
|
156 | if(!options.domain) options.domain = '';
|
157 | if(!options.workstation) options.workstation = '';
|
158 | if(!options.username) options.username = '';
|
159 | if(!options.password) options.password = '';
|
160 |
|
161 | var nonce = msg2.serverChallenge;
|
162 | var username = options.username;
|
163 | var password = options.password;
|
164 | var lm_password = options.lm_password;
|
165 | var nt_password = options.nt_password;
|
166 | var negotiateFlags = msg2.negotiateFlags;
|
167 |
|
168 | var isUnicode = negotiateFlags & flags.NTLM_NegotiateUnicode;
|
169 | var isNegotiateExtendedSecurity = negotiateFlags & flags.NTLM_NegotiateExtendedSecurity;
|
170 |
|
171 | var BODY_LENGTH = 72;
|
172 |
|
173 | var domainName = escape(options.domain.toUpperCase());
|
174 | var workstation = escape(options.workstation.toUpperCase());
|
175 |
|
176 | var workstationBytes, domainNameBytes, usernameBytes, encryptedRandomSessionKeyBytes;
|
177 |
|
178 | var encryptedRandomSessionKey = "";
|
179 | if(isUnicode){
|
180 | workstationBytes = Buffer.from(workstation, 'utf16le');
|
181 | domainNameBytes = Buffer.from(domainName, 'utf16le');
|
182 | usernameBytes = Buffer.from(username, 'utf16le');
|
183 | encryptedRandomSessionKeyBytes = Buffer.from(encryptedRandomSessionKey, 'utf16le');
|
184 | }else{
|
185 | workstationBytes = Buffer.from(workstation, 'ascii');
|
186 | domainNameBytes = Buffer.from(domainName, 'ascii');
|
187 | usernameBytes = Buffer.from(username, 'ascii');
|
188 | encryptedRandomSessionKeyBytes = Buffer.from(encryptedRandomSessionKey, 'ascii');
|
189 | }
|
190 |
|
191 | var lmChallengeResponse = calc_resp((lm_password!=null)?lm_password:create_LM_hashed_password_v1(password), nonce);
|
192 | var ntChallengeResponse = calc_resp((nt_password!=null)?nt_password:create_NT_hashed_password_v1(password), nonce);
|
193 |
|
194 | if(isNegotiateExtendedSecurity){
|
195 | |
196 |
|
197 |
|
198 |
|
199 |
|
200 |
|
201 |
|
202 |
|
203 |
|
204 | var pwhash = (nt_password!=null)?nt_password:create_NT_hashed_password_v1(password);
|
205 | var clientChallenge = "";
|
206 | for(var i=0; i < 8; i++){
|
207 | clientChallenge += String.fromCharCode( Math.floor(Math.random()*256) );
|
208 | }
|
209 | var clientChallengeBytes = Buffer.from(clientChallenge, 'ascii');
|
210 | var challenges = msg2.targetInfo
|
211 | ? calc_ntlmv2_resp(pwhash, username, domainName, msg2.targetInfo, nonce, clientChallengeBytes)
|
212 | : ntlm2sr_calc_resp(pwhash, nonce, clientChallengeBytes);
|
213 | lmChallengeResponse = challenges.lmChallengeResponse;
|
214 | ntChallengeResponse = challenges.ntChallengeResponse;
|
215 | }
|
216 |
|
217 | var signature = 'NTLMSSP\0';
|
218 |
|
219 | var pos = 0;
|
220 | var buf = Buffer.alloc(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length + ntChallengeResponse.length + encryptedRandomSessionKeyBytes.length);
|
221 |
|
222 | buf.write(signature, pos, signature.length); pos += signature.length;
|
223 | buf.writeUInt32LE(3, pos); pos += 4;
|
224 |
|
225 | buf.writeUInt16LE(lmChallengeResponse.length, pos); pos += 2;
|
226 | buf.writeUInt16LE(lmChallengeResponse.length, pos); pos += 2;
|
227 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length, pos); pos += 4;
|
228 |
|
229 | buf.writeUInt16LE(ntChallengeResponse.length, pos); pos += 2;
|
230 | buf.writeUInt16LE(ntChallengeResponse.length, pos); pos += 2;
|
231 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length, pos); pos += 4;
|
232 |
|
233 | buf.writeUInt16LE(domainNameBytes.length, pos); pos += 2;
|
234 | buf.writeUInt16LE(domainNameBytes.length, pos); pos += 2;
|
235 | buf.writeUInt32LE(BODY_LENGTH, pos); pos += 4;
|
236 |
|
237 | buf.writeUInt16LE(usernameBytes.length, pos); pos += 2;
|
238 | buf.writeUInt16LE(usernameBytes.length, pos); pos += 2;
|
239 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length, pos); pos += 4;
|
240 |
|
241 | buf.writeUInt16LE(workstationBytes.length, pos); pos += 2;
|
242 | buf.writeUInt16LE(workstationBytes.length, pos); pos += 2;
|
243 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length, pos); pos += 4;
|
244 |
|
245 | buf.writeUInt16LE(encryptedRandomSessionKeyBytes.length, pos); pos += 2;
|
246 | buf.writeUInt16LE(encryptedRandomSessionKeyBytes.length, pos); pos += 2;
|
247 | buf.writeUInt32LE(BODY_LENGTH + domainNameBytes.length + usernameBytes.length + workstationBytes.length + lmChallengeResponse.length + ntChallengeResponse.length, pos); pos += 4;
|
248 |
|
249 |
|
250 | var flagsToWrite = isUnicode
|
251 | ? typeflags.NTLM_TYPE2_FLAGS
|
252 | : typeflags.NTLM_TYPE2_FLAGS - flags.NTLM_NegotiateUnicode;
|
253 | buf.writeUInt32LE(flagsToWrite , pos); pos += 4;
|
254 |
|
255 | buf.writeUInt8(5, pos); pos++;
|
256 | buf.writeUInt8(1, pos); pos++;
|
257 | buf.writeUInt16LE(2600, pos); pos += 2;
|
258 | buf.writeUInt8(0, pos); pos++;
|
259 | buf.writeUInt8(0, pos); pos++;
|
260 | buf.writeUInt8(0, pos); pos++;
|
261 | buf.writeUInt8(15, pos); pos++;
|
262 |
|
263 | domainNameBytes.copy(buf, pos); pos += domainNameBytes.length;
|
264 | usernameBytes.copy(buf, pos); pos += usernameBytes.length;
|
265 | workstationBytes.copy(buf, pos); pos += workstationBytes.length;
|
266 | lmChallengeResponse.copy(buf, pos); pos += lmChallengeResponse.length;
|
267 | ntChallengeResponse.copy(buf, pos); pos += ntChallengeResponse.length;
|
268 | encryptedRandomSessionKeyBytes.copy(buf, pos); pos += encryptedRandomSessionKeyBytes.length;
|
269 |
|
270 | return 'NTLM ' + buf.toString('base64');
|
271 | }
|
272 |
|
273 | function create_LM_hashed_password_v1(password){
|
274 |
|
275 | password = password.toUpperCase();
|
276 | var passwordBytes = Buffer.from(password, 'ascii');
|
277 |
|
278 | var passwordBytesPadded = Buffer.alloc(14);
|
279 | passwordBytesPadded.fill("\0");
|
280 | var sourceEnd = 14;
|
281 | if(passwordBytes.length < 14) sourceEnd = passwordBytes.length;
|
282 | passwordBytes.copy(passwordBytesPadded, 0, 0, sourceEnd);
|
283 |
|
284 |
|
285 | var firstPart = passwordBytesPadded.slice(0,7);
|
286 | var secondPart = passwordBytesPadded.slice(7);
|
287 |
|
288 | function encrypt(buf){
|
289 | var key = insertZerosEvery7Bits(buf);
|
290 | var des = desjs.DES.create({type: 'encrypt', key: key});
|
291 | var magicKey = Buffer.from('KGS!@#$%', 'ascii');
|
292 | var encrypted = des.update(magicKey);
|
293 | return Buffer.from(encrypted);
|
294 | }
|
295 |
|
296 | var firstPartEncrypted = encrypt(firstPart);
|
297 | var secondPartEncrypted = encrypt(secondPart);
|
298 |
|
299 | return Buffer.concat([firstPartEncrypted, secondPartEncrypted]);
|
300 | }
|
301 |
|
302 | function insertZerosEvery7Bits(buf){
|
303 | var binaryArray = bytes2binaryArray(buf);
|
304 | var newBinaryArray = [];
|
305 | for(var i=0; i<binaryArray.length; i++){
|
306 | newBinaryArray.push(binaryArray[i]);
|
307 |
|
308 | if((i+1)%7 === 0){
|
309 | newBinaryArray.push(0);
|
310 | }
|
311 | }
|
312 | return binaryArray2bytes(newBinaryArray);
|
313 | }
|
314 |
|
315 | function bytes2binaryArray(buf){
|
316 | var hex2binary = {
|
317 | 0: [0,0,0,0],
|
318 | 1: [0,0,0,1],
|
319 | 2: [0,0,1,0],
|
320 | 3: [0,0,1,1],
|
321 | 4: [0,1,0,0],
|
322 | 5: [0,1,0,1],
|
323 | 6: [0,1,1,0],
|
324 | 7: [0,1,1,1],
|
325 | 8: [1,0,0,0],
|
326 | 9: [1,0,0,1],
|
327 | A: [1,0,1,0],
|
328 | B: [1,0,1,1],
|
329 | C: [1,1,0,0],
|
330 | D: [1,1,0,1],
|
331 | E: [1,1,1,0],
|
332 | F: [1,1,1,1]
|
333 | };
|
334 |
|
335 | var hexString = buf.toString('hex').toUpperCase();
|
336 | var array = [];
|
337 | for(var i=0; i<hexString.length; i++){
|
338 | var hexchar = hexString.charAt(i);
|
339 | array = array.concat(hex2binary[hexchar]);
|
340 | }
|
341 | return array;
|
342 | }
|
343 |
|
344 | function binaryArray2bytes(array){
|
345 | var binary2hex = {
|
346 | '0000': 0,
|
347 | '0001': 1,
|
348 | '0010': 2,
|
349 | '0011': 3,
|
350 | '0100': 4,
|
351 | '0101': 5,
|
352 | '0110': 6,
|
353 | '0111': 7,
|
354 | '1000': 8,
|
355 | '1001': 9,
|
356 | '1010': 'A',
|
357 | '1011': 'B',
|
358 | '1100': 'C',
|
359 | '1101': 'D',
|
360 | '1110': 'E',
|
361 | '1111': 'F'
|
362 | };
|
363 |
|
364 | var bufArray = [];
|
365 |
|
366 | for(var i=0; i<array.length; i +=8 ){
|
367 | if((i+7) > array.length)
|
368 | break;
|
369 |
|
370 | var binString1 = '' + array[i] + '' + array[i+1] + '' + array[i+2] + '' + array[i+3];
|
371 | var binString2 = '' + array[i+4] + '' + array[i+5] + '' + array[i+6] + '' + array[i+7];
|
372 | var hexchar1 = binary2hex[binString1];
|
373 | var hexchar2 = binary2hex[binString2];
|
374 |
|
375 | var buf = Buffer.from(hexchar1 + '' + hexchar2, 'hex');
|
376 | bufArray.push(buf);
|
377 | }
|
378 |
|
379 | return Buffer.concat(bufArray);
|
380 | }
|
381 |
|
382 | function create_NT_hashed_password_v1(password){
|
383 | var buf = Buffer.from(password, 'utf16le');
|
384 | var md4 = jsmd4.create();
|
385 | md4.update(buf);
|
386 | return Buffer.from(md4.digest());
|
387 | }
|
388 |
|
389 | function calc_resp(password_hash, server_challenge){
|
390 |
|
391 | var passHashPadded = Buffer.alloc(21);
|
392 | passHashPadded.fill("\0");
|
393 | password_hash.copy(passHashPadded, 0, 0, password_hash.length);
|
394 |
|
395 | var resArray = [];
|
396 |
|
397 | var des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(0,7))});
|
398 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) );
|
399 |
|
400 | des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(7,14))});
|
401 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) );
|
402 |
|
403 | des = desjs.DES.create({type: 'encrypt', key: insertZerosEvery7Bits(passHashPadded.slice(14,21))});
|
404 | resArray.push( Buffer.from(des.update(server_challenge.slice(0,8))) );
|
405 |
|
406 | return Buffer.concat(resArray);
|
407 | }
|
408 |
|
409 | function hmac_md5(key, data){
|
410 | var hmac = crypto.createHmac('md5', key);
|
411 | hmac.update(data);
|
412 | return hmac.digest();
|
413 | }
|
414 |
|
415 | function ntlm2sr_calc_resp(responseKeyNT, serverChallenge, clientChallenge){
|
416 |
|
417 | var lmChallengeResponse = Buffer.alloc(clientChallenge.length + 16);
|
418 | lmChallengeResponse.fill("\0");
|
419 | clientChallenge.copy(lmChallengeResponse, 0, 0, clientChallenge.length);
|
420 |
|
421 | var buf = Buffer.concat([serverChallenge, clientChallenge]);
|
422 | var md5 = crypto.createHash('md5');
|
423 | md5.update(buf);
|
424 | var sess = md5.digest();
|
425 | var ntChallengeResponse = calc_resp(responseKeyNT, sess.slice(0,8));
|
426 |
|
427 | return {
|
428 | lmChallengeResponse: lmChallengeResponse,
|
429 | ntChallengeResponse: ntChallengeResponse
|
430 | };
|
431 | }
|
432 |
|
433 | function calc_ntlmv2_resp(pwhash, username, domain, targetInfo, serverChallenge, clientChallenge){
|
434 | var responseKeyNTLM = NTOWFv2(pwhash, username, domain);
|
435 |
|
436 | var lmV2ChallengeResponse = Buffer.concat([
|
437 | hmac_md5(responseKeyNTLM, Buffer.concat([serverChallenge, clientChallenge])),
|
438 | clientChallenge
|
439 | ]);
|
440 |
|
441 |
|
442 | var now = Date.now();
|
443 | var timestamp = ((BigInt(now) + BigInt(11644473600000)) * BigInt(10000));
|
444 | var timestampBuffer = Buffer.alloc(8);
|
445 | timestampBuffer.writeBigUInt64LE(timestamp);
|
446 |
|
447 | var zero32Bit = Buffer.alloc(4, 0)
|
448 | var temp = Buffer.concat([
|
449 |
|
450 | Buffer.from([0x01, 0x01, 0x00, 0x00]),
|
451 | zero32Bit,
|
452 | timestampBuffer,
|
453 | clientChallenge,
|
454 | zero32Bit,
|
455 | targetInfo,
|
456 | zero32Bit
|
457 | ]);
|
458 | var proofString = hmac_md5(responseKeyNTLM, Buffer.concat([serverChallenge, temp]));
|
459 | var ntV2ChallengeResponse = Buffer.concat([proofString, temp]);
|
460 |
|
461 | return {
|
462 | lmChallengeResponse: lmV2ChallengeResponse,
|
463 | ntChallengeResponse: ntV2ChallengeResponse
|
464 | };
|
465 | }
|
466 |
|
467 | function NTOWFv2(pwhash, user, domain){
|
468 | return hmac_md5(pwhash, Buffer.from(user.toUpperCase() + domain, 'utf16le'));
|
469 | }
|
470 |
|
471 | exports.createType1Message = createType1Message;
|
472 | exports.parseType2Message = parseType2Message;
|
473 | exports.createType3Message = createType3Message;
|
474 | exports.create_NT_hashed_password = create_NT_hashed_password_v1;
|
475 | exports.create_LM_hashed_password = create_LM_hashed_password_v1;
|
476 |
|
477 |
|
478 |
|
479 |
|