CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutSign UpSign In
rapid7

Real-time collaboration for Jupyter Notebooks, Linux Terminals, LaTeX, VS Code, R IDE, and more,
all in one place.

GitHub Repository: rapid7/metasploit-framework
 Path: blob/master/lib/rex/proto/ldap/auth_adapter/rex_ntlm.rb
Views: 11766
1
# frozen_string_literal: true

2


3
require 'net/ldap/auth_adapter'

4
require 'net/ldap/auth_adapter/sasl'

5
require 'rubyntlm'

6


7
module Rex::Proto::LDAP::AuthAdapter

8
  class RexNTLM < Net::LDAP::AuthAdapter

9
    def bind(auth)

10
      flags = 0 |

11
          RubySMB::NTLM::NEGOTIATE_FLAGS[:UNICODE] |

12
          RubySMB::NTLM::NEGOTIATE_FLAGS[:REQUEST_TARGET] |

13
          RubySMB::NTLM::NEGOTIATE_FLAGS[:NTLM] |

14
          RubySMB::NTLM::NEGOTIATE_FLAGS[:ALWAYS_SIGN] |

15
          RubySMB::NTLM::NEGOTIATE_FLAGS[:EXTENDED_SECURITY] |

16
          RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY_EXCHANGE] |

17
          RubySMB::NTLM::NEGOTIATE_FLAGS[:TARGET_INFO] |

18
          RubySMB::NTLM::NEGOTIATE_FLAGS[:VERSION_INFO]

19


20
      if auth[:sign_and_seal]

21
        flags = flags |

22
            RubySMB::NTLM::NEGOTIATE_FLAGS[:SIGN] |

23
            RubySMB::NTLM::NEGOTIATE_FLAGS[:SEAL] |

24
            RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY128] |

25
            RubySMB::NTLM::NEGOTIATE_FLAGS[:KEY56]

26
      end

27


28
      ntlm_client = RubySMB::NTLM::Client.new(

29
        (auth[:username].nil? ? '' : auth[:username]),

30
        (auth[:password].nil? ? '' : auth[:password]),

31
        workstation: 'WORKSTATION',

32
        domain: auth[:domain].blank? ? '.' : auth[:domain],

33
        flags: flags

34
      )

35


36
      challenge_response = proc do |challenge|

37
        challenge.force_encoding(Encoding::BINARY)

38
        type2_message = Net::NTLM::Message.parse(challenge)

39
        channel_binding = nil

40
        if @connection.socket.respond_to?(:peer_cert)

41
          channel_binding = Rex::Proto::Gss::ChannelBinding.from_tls_cert(@connection.socket.peer_cert)

42
        end

43


44
        type3_message = ntlm_client.init_context(type2_message.encode64, channel_binding)

45
        type3_message.serialize

46
      end

47


48
      result = Net::LDAP::AuthAdapter::Sasl.new(@connection).bind(

49
        method: :sasl,

50
        mechanism: 'GSS-SPNEGO',

51
        initial_credential: ntlm_client.init_context.serialize,

52
        challenge_response: challenge_response

53
      )

54


55
      if auth[:sign_and_seal]

56
        encryptor = Encryptor.new(ntlm_client)

57
        encryptor.setup(@connection)

58
      end

59


60
      result

61
    end

62
  end

63
end

64


65
Net::LDAP::AuthAdapter.register(:rex_ntlm, Rex::Proto::LDAP::AuthAdapter::RexNTLM)

66


67