-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathntlm.go
115 lines (111 loc) · 4.13 KB
/
ntlm.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
package ntlm
import (
"bufio"
"context"
"encoding/base64"
"errors"
"fmt"
"io/ioutil"
"net"
"net/http"
"net/url"
"strings"
ntlmssp "github.com/Azure/go-ntlmssp"
)
// DialContext is the DialContext function that should be wrapped with a
// NTLM Authentication.
//
// Example for DialContext:
//
// dialContext := (&net.Dialer{KeepAlive: 30*time.Second, Timeout: 30*time.Second}).DialContext
type DialContext func(ctx context.Context, network, addr string) (net.Conn, error)
// WrapDialContext wraps a DialContext with an NTLM Authentication to a proxy.
func WrapDialContext(dialContext DialContext, proxyAddress, proxyUsername, proxyPassword, proxyDomain string) DialContext {
return func(ctx context.Context, network, addr string) (net.Conn, error) {
conn, err := dialContext(ctx, network, proxyAddress)
if err != nil {
debugf("ntlm> Could not call dial context with proxy: %s", err)
return conn, err
}
// NTLM Step 1: Send Negotiate Message
negotiateMessage, err := ntlmssp.NewNegotiateMessage(proxyDomain, "")
if err != nil {
debugf("ntlm> Could not negotiate domain '%s': %s", proxyDomain, err)
return conn, err
}
debugf("ntlm> NTLM negotiate message: '%s'", base64.StdEncoding.EncodeToString(negotiateMessage))
header := make(http.Header)
header.Set("Proxy-Authorization", fmt.Sprintf("NTLM %s", base64.StdEncoding.EncodeToString(negotiateMessage)))
header.Set("Proxy-Connection", "Keep-Alive")
connect := &http.Request{
Method: "CONNECT",
URL: &url.URL{Opaque: addr},
Host: addr,
Header: header,
}
if err := connect.Write(conn); err != nil {
debugf("ntlm> Could not write negotiate message to proxy: %s", err)
return conn, err
}
debugf("ntlm> Successfully sent negotiate message to proxy")
// NTLM Step 2: Receive Challenge Message
br := bufio.NewReader(conn)
resp, err := http.ReadResponse(br, connect)
if err != nil {
debugf("ntlm> Could not read response from proxy: %s", err)
return conn, err
}
_, err = ioutil.ReadAll(resp.Body)
if err != nil {
debugf("ntlm> Could not read response body from proxy: %s", err)
return conn, err
}
resp.Body.Close()
if resp.StatusCode != http.StatusProxyAuthRequired {
debugf("ntlm> Expected %d as return status, got: %d", http.StatusProxyAuthRequired, resp.StatusCode)
return conn, errors.New(http.StatusText(resp.StatusCode))
}
challenge := strings.Split(resp.Header.Get("Proxy-Authenticate"), " ")
if len(challenge) < 2 {
debugf("ntlm> The proxy did not return an NTLM challenge, got: '%s'", resp.Header.Get("Proxy-Authenticate"))
return conn, errors.New("no NTLM challenge received")
}
debugf("ntlm> NTLM challenge: '%s'", challenge[1])
challengeMessage, err := base64.StdEncoding.DecodeString(challenge[1])
if err != nil {
debugf("ntlm> Could not base64 decode the NTLM challenge: %s", err)
return conn, err
}
// NTLM Step 3: Send Authorization Message
debugf("ntlm> Processing NTLM challenge with username '%s' and password with length %d", proxyUsername, len(proxyPassword))
authenticateMessage, err := ntlmssp.ProcessChallenge(challengeMessage, proxyUsername, proxyPassword)
if err != nil {
debugf("ntlm> Could not process the NTLM challenge: %s", err)
return conn, err
}
debugf("ntlm> NTLM authorization: '%s'", base64.StdEncoding.EncodeToString(authenticateMessage))
header.Set("Proxy-Authorization", fmt.Sprintf("NTLM %s", base64.StdEncoding.EncodeToString(authenticateMessage)))
connect = &http.Request{
Method: "CONNECT",
URL: &url.URL{Opaque: addr},
Host: addr,
Header: header,
}
if err := connect.Write(conn); err != nil {
debugf("ntlm> Could not write authorization to proxy: %s", err)
return conn, err
}
resp, err = http.ReadResponse(br, connect)
if err != nil {
debugf("ntlm> Could not read response from proxy: %s", err)
return conn, err
}
if resp.StatusCode != http.StatusOK {
debugf("ntlm> Expected %d as return status, got: %d", http.StatusOK, resp.StatusCode)
return conn, errors.New(http.StatusText(resp.StatusCode))
}
// Succussfully authorized with NTLM
debugf("ntlm> Successfully injected NTLM to connection")
return conn, nil
}
}