CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

CoCalc provides the best real-time collaborative environment for Jupyter Notebooks, LaTeX documents, and SageMath, scalable from individual users to large groups and classes!

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/msf/core/exploit/ntlm.rb
Views: 1904
1
# -*- coding: binary -*-

2


3
module Msf

4


5
###

6
#

7
# This mixins will only provide the options name and description when a protocol want to use ntlm features from lib/rex/proto/ntlm .

8
# Unfortunately other mixin's still have to make direct call from lib/rex/proto/ntlm

9
# cause some protocol like SMB are implemented in lib/rex/proto/ while others like mssql are implemented in lib/msf/core/exploit

10
#

11
###

12


13
module Exploit::NTLM

14


15
  module Client

16
    def initialize(info = {})

17
      super

18
      register_advanced_options(

19
      [

20
      #

21
      # UseNTLMv2 forces NTLMv2 instead of NTLM2_session behavior when the 'Negotiate NTLM2' flag is set

22
      #

23
      OptBool.new('NTLM::UseNTLMv2', [ true, "Use NTLMv2 instead of NTLM2_session when \'Negotiate NTLM2\' key is true", true]),

24
      #

25
      # UseNTLM2_session forces the use of NTLMV2 session keys instead of NTLMv1, emulating the default of Windows 2000+

26
      #

27
      OptBool.new('NTLM::UseNTLM2_session', [ true, 'Activate the \'Negotiate NTLM2 key\' flag, forcing the use of a NTLMv2_session', true]),

28
      #

29
      # SendLM has no effect when NTLM_UseNTLM2_session = true, NTLM_UseNTLMv2 = false or NTLM_SendNTLM = false

30
      #

31
      OptBool.new('NTLM::SendLM', [ true, "Always send the LANMAN response (except when NTLMv2_session is specified)", true]),

32
      #

33
      # UseLMKey is valid when NTLM_SendLM = true, NTLM_SendNTLM = true, or NTLM_UseNTLM2_session = false

34
      #

35
      OptBool.new('NTLM::UseLMKey', [ true, "Activate the \'Negotiate Lan Manager Key\' flag, using the LM key when the LM response is sent", false]),

36
      #

37
      # SendNTLM allows the NTLM response to be excluded, emulating Win9x behavior (don't change unless you are testing)

38
      #

39
      OptBool.new('NTLM::SendNTLM', [ true, 'Activate the \'Negotiate NTLM key\' flag, indicating the use of NTLM responses', true]),

40
      #

41
      # SendSPN will send an avp of type 9/SPN in the ntlmv2 client blob, this is mandatory on windows seven / 2008 r2 if

42
      # Microsoft network server : Server SPN target name validation level is set to <Required from client> or we get an STATUS_ACCESS_DENIED

43
      #

44
      OptBool.new('NTLM::SendSPN', [ true, 'Send an avp of type SPN in the ntlmv2 client blob, this allows authentication on Windows 7+/Server 2008 R2+ when SPN is required', true]),

45
      ], Msf::Exploit::NTLM::Client)

46
    end

47
  end

48


49
=begin

50
  module Server

51
    def initialize(info = {})

52
      super

53
      register_options(

54
      [

55


56
      ], Msf::Exploit::NTLM::Server)

57
    end

58
  end

59
=end

60


61
end

62


63
end

64


65


66