supplemental_cred.go
2.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
package pac
import (
"bytes"
"encoding/binary"
"errors"
"fmt"
"gopkg.in/jcmturner/rpc.v1/mstypes"
"gopkg.in/jcmturner/rpc.v1/ndr"
)
const (
// NTLMSupCredLMOWF indicates that the LM OWF member is present and valid.
NTLMSupCredLMOWF uint32 = 31
// NTLMSupCredNTOWF indicates that the NT OWF member is present and valid.
NTLMSupCredNTOWF uint32 = 30
)
// NTLMSupplementalCred implements https://msdn.microsoft.com/en-us/library/cc237949.aspx
type NTLMSupplementalCred struct {
Version uint32 // A 32-bit unsigned integer that defines the credential version.This field MUST be 0x00000000.
Flags uint32
LMPassword []byte // A 16-element array of unsigned 8-bit integers that define the LM OWF. The LMPassword member MUST be ignored if the L flag is not set in the Flags member.
NTPassword []byte // A 16-element array of unsigned 8-bit integers that define the NT OWF. The NTPassword member MUST be ignored if the N flag is not set in the Flags member.
}
// Unmarshal converts the bytes provided into a NTLMSupplementalCred.
func (c *NTLMSupplementalCred) Unmarshal(b []byte) (err error) {
r := mstypes.NewReader(bytes.NewReader(b))
c.Version, err = r.Uint32()
if err != nil {
return
}
if c.Version != 0 {
err = errors.New("NTLMSupplementalCred version is not zero")
return
}
c.Flags, err = r.Uint32()
if err != nil {
return
}
if isFlagSet(c.Flags, NTLMSupCredLMOWF) {
c.LMPassword, err = r.ReadBytes(16)
if err != nil {
return
}
}
if isFlagSet(c.Flags, NTLMSupCredNTOWF) {
c.NTPassword, err = r.ReadBytes(16)
if err != nil {
return
}
}
return
}
// isFlagSet tests if a flag is set in the uint32 little endian flag
func isFlagSet(f uint32, i uint32) bool {
//Which byte?
b := int(i / 8)
//Which bit in byte
p := uint(7 - (int(i) - 8*b))
fb := make([]byte, 4)
binary.LittleEndian.PutUint32(fb, f)
if fb[b]&(1<<p) != 0 {
return true
}
return false
}
// SECPKGSupplementalCred implements https://msdn.microsoft.com/en-us/library/cc237956.aspx
// The SECPKG_SUPPLEMENTAL_CRED structure defines the name of the security package that requires
// supplemental credentials and the credential buffer for that package.
// The SECPKG_SUPPLEMENTAL_CRED structure is marshaled by RPC.
type SECPKGSupplementalCred struct {
PackageName mstypes.RPCUnicodeString
CredentialSize uint32
Credentials []uint8 `ndr:"pointer,conformant"` // Is a ptr. Size is the value of CredentialSize
}
// Unmarshal converts the bytes provided into a SECPKGSupplementalCred.
func (c *SECPKGSupplementalCred) Unmarshal(b []byte) (err error) {
dec := ndr.NewDecoder(bytes.NewReader(b))
err = dec.Decode(c)
if err != nil {
err = fmt.Errorf("error unmarshaling SECPKGSupplementalCred: %v", err)
}
return
}