lib/rex/proto/ntlm/constants.rb in librex-0.0.68 vs lib/rex/proto/ntlm/constants.rb in librex-0.0.70
- old
+ new
@@ -2,73 +2,73 @@
module Rex
module Proto
module NTLM
class Constants
- SSP_SIGN = "NTLMSSP\0"
- BLOB_SIGN = 0x00000101
- LM_MAGIC = "KGS!@\#$%"
- TIME_OFFSET = 11644473600
- MAX64 = 0xffffffffffffffff
-
- FLAGS = {
- :UNICODE => 0x00000001,
- :OEM => 0x00000002,
- :REQUEST_TARGET => 0x00000004,
- #:UNKNOWN => 0x00000008,
- :SIGN => 0x00000010,
- :SEAL => 0x00000020,
- #:UNKNOWN => 0x00000040,
- :NETWARE => 0x00000100,
- :NTLM => 0x00000200,
- #:UNKNOWN => 0x00000400,
- #:UNKNOWN => 0x00000800,
- :DOMAIN_SUPPLIED => 0x00001000,
- :WORKSTATION_SUPPLIED => 0x00002000,
- :LOCAL_CALL => 0x00004000,
- :ALWAYS_SIGN => 0x00008000,
- :TARGET_TYPE_DOMAIN => 0x00010000,
- :TARGET_INFO => 0x00800000,
- :NTLM2_KEY => 0x00080000,
- :KEY128 => 0x20000000,
- :KEY56 => 0x80000000
- }
-
- FLAG_KEYS = FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
+ SSP_SIGN = "NTLMSSP\0"
+ BLOB_SIGN = 0x00000101
+ LM_MAGIC = "KGS!@\#$%"
+ TIME_OFFSET = 11644473600
+ MAX64 = 0xffffffffffffffff
- DEFAULT_FLAGS = {
- :TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
- :TYPE2 => FLAGS[:UNICODE],
- :TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
- }
+ FLAGS = {
+ :UNICODE => 0x00000001,
+ :OEM => 0x00000002,
+ :REQUEST_TARGET => 0x00000004,
+ #:UNKNOWN => 0x00000008,
+ :SIGN => 0x00000010,
+ :SEAL => 0x00000020,
+ #:UNKNOWN => 0x00000040,
+ :NETWARE => 0x00000100,
+ :NTLM => 0x00000200,
+ #:UNKNOWN => 0x00000400,
+ #:UNKNOWN => 0x00000800,
+ :DOMAIN_SUPPLIED => 0x00001000,
+ :WORKSTATION_SUPPLIED => 0x00002000,
+ :LOCAL_CALL => 0x00004000,
+ :ALWAYS_SIGN => 0x00008000,
+ :TARGET_TYPE_DOMAIN => 0x00010000,
+ :TARGET_INFO => 0x00800000,
+ :NTLM2_KEY => 0x00080000,
+ :KEY128 => 0x20000000,
+ :KEY56 => 0x80000000
+ }
- # NTLM Response Type
- NTLM_V1_RESPONSE = 1
- NTLM_V2_RESPONSE = 2
- NTLM_2_SESSION_RESPONSE = 3
+ FLAG_KEYS = FLAGS.keys.sort{|a, b| FLAGS[a] <=> FLAGS[b] }
- #the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility
- # NTLMSSP Message Flags
- NEGOTIATE_UNICODE = 0x00000001 # Only set if Type 1 contains it - this or oem, not both
- NEGOTIATE_OEM = 0x00000002 # Only set if Type 1 contains it - this or unicode, not both
- REQUEST_TARGET = 0x00000004 # If set in Type 1, must return domain or server
- NEGOTIATE_SIGN = 0x00000010 # Session signature required
- NEGOTIATE_SEAL = 0x00000020 # Session seal required
- NEGOTIATE_LMKEY = 0x00000080 # LM Session Key should be used for signing and sealing
- NEGOTIATE_NTLM = 0x00000200 # NTLM auth is supported
- NEGOTIATE_ANONYMOUS = 0x00000800 # Anonymous context used
- NEGOTIATE_DOMAIN = 0x00001000 # Sent in Type1, client gives domain info
- NEGOTIATE_WORKSTATION = 0x00002000 # Sent in Type1, client gives workstation info
- NEGOTIATE_LOCAL_CALL = 0x00004000 # Server and client are on same machine
- NEGOTIATE_ALWAYS_SIGN = 0x00008000 # Add signatures to packets
- TARGET_TYPE_DOMAIN = 0x00010000 # If REQUEST_TARGET, we're adding the domain name
- TARGET_TYPE_SERVER = 0x00020000 # If REQUEST_TARGET, we're adding the server name
- TARGET_TYPE_SHARE = 0x00040000 # Supposed to denote "a share" but for a webserver?
- NEGOTIATE_NTLM2_KEY = 0x00080000 # NTLMv2 Signature and Key exchanges
- NEGOTIATE_TARGET_INFO = 0x00800000 # Server set when sending Target Information Block
- NEGOTIATE_128 = 0x20000000 # 128-bit encryption supported
- NEGOTIATE_KEY_EXCH = 0x40000000 # Client will supply encrypted master key in Session Key field of Type3 msg
- NEGOTIATE_56 = 0x80000000 # 56-bit encryption supported
+ DEFAULT_FLAGS = {
+ :TYPE1 => FLAGS[:UNICODE] | FLAGS[:OEM] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY],
+ :TYPE2 => FLAGS[:UNICODE],
+ :TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
+ }
+
+ # NTLM Response Type
+ NTLM_V1_RESPONSE = 1
+ NTLM_V2_RESPONSE = 2
+ NTLM_2_SESSION_RESPONSE = 3
+
+ #the same flags but merged from lib/rex/proto/smb/constants and keeped for compatibility
+ # NTLMSSP Message Flags
+ NEGOTIATE_UNICODE = 0x00000001 # Only set if Type 1 contains it - this or oem, not both
+ NEGOTIATE_OEM = 0x00000002 # Only set if Type 1 contains it - this or unicode, not both
+ REQUEST_TARGET = 0x00000004 # If set in Type 1, must return domain or server
+ NEGOTIATE_SIGN = 0x00000010 # Session signature required
+ NEGOTIATE_SEAL = 0x00000020 # Session seal required
+ NEGOTIATE_LMKEY = 0x00000080 # LM Session Key should be used for signing and sealing
+ NEGOTIATE_NTLM = 0x00000200 # NTLM auth is supported
+ NEGOTIATE_ANONYMOUS = 0x00000800 # Anonymous context used
+ NEGOTIATE_DOMAIN = 0x00001000 # Sent in Type1, client gives domain info
+ NEGOTIATE_WORKSTATION = 0x00002000 # Sent in Type1, client gives workstation info
+ NEGOTIATE_LOCAL_CALL = 0x00004000 # Server and client are on same machine
+ NEGOTIATE_ALWAYS_SIGN = 0x00008000 # Add signatures to packets
+ TARGET_TYPE_DOMAIN = 0x00010000 # If REQUEST_TARGET, we're adding the domain name
+ TARGET_TYPE_SERVER = 0x00020000 # If REQUEST_TARGET, we're adding the server name
+ TARGET_TYPE_SHARE = 0x00040000 # Supposed to denote "a share" but for a webserver?
+ NEGOTIATE_NTLM2_KEY = 0x00080000 # NTLMv2 Signature and Key exchanges
+ NEGOTIATE_TARGET_INFO = 0x00800000 # Server set when sending Target Information Block
+ NEGOTIATE_128 = 0x20000000 # 128-bit encryption supported
+ NEGOTIATE_KEY_EXCH = 0x40000000 # Client will supply encrypted master key in Session Key field of Type3 msg
+ NEGOTIATE_56 = 0x80000000 # 56-bit encryption supported
end
end
end
end