Skip to content

Commit

Permalink
Add anonymous authentication support (#45)
Browse files Browse the repository at this point in the history
  • Loading branch information
zeroSteiner authored Jun 6, 2024
1 parent be2f821 commit cd73ea7
Show file tree
Hide file tree
Showing 4 changed files with 56 additions and 7 deletions.
19 changes: 14 additions & 5 deletions lib/net/ntlm/client/session.rb
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@ def initialize(client, challenge_message, channel_binding = nil)
def authenticate!
calculate_user_session_key!
type3_opts = {
:lm_response => lmv2_resp,
:ntlm_response => ntlmv2_resp,
:lm_response => is_anonymous? ? "\x00".b : lmv2_resp,
:ntlm_response => is_anonymous? ? '' : ntlmv2_resp,
:domain => domain,
:user => username,
:workstation => workstation,
Expand Down Expand Up @@ -80,6 +80,10 @@ def unseal_message(emessage)
server_cipher.encrypt(emessage)
end

def is_anonymous?
username == '' && password == ''
end

private


Expand Down Expand Up @@ -138,7 +142,8 @@ def timestamp
end

def use_oem_strings?
challenge_message.has_flag? :OEM
# @see https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-nlmp/99d90ff4-957f-4c8a-80e4-5bfe5a9a9832
!challenge_message.has_flag?(:UNICODE) && challenge_message.has_flag?(:OEM)
end

def negotiate_key_exchange?
Expand Down Expand Up @@ -174,7 +179,12 @@ def ntlmv2_hash
end

def calculate_user_session_key!
@user_session_key = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, nt_proof_str)
if is_anonymous?
# see MS-NLMP section 3.4
@user_session_key = "\x00".b * 16
else
@user_session_key = OpenSSL::HMAC.digest(OpenSSL::Digest::MD5.new, ntlmv2_hash, nt_proof_str)
end
end

def lmv2_resp
Expand Down Expand Up @@ -212,7 +222,6 @@ def target_info
end
end
end

end
end
end
4 changes: 2 additions & 2 deletions lib/net/ntlm/message.rb
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,6 @@ module NTLM
:TYPE3 => FLAGS[:UNICODE] | FLAGS[:REQUEST_TARGET] | FLAGS[:NTLM] | FLAGS[:ALWAYS_SIGN] | FLAGS[:NTLM2_KEY]
}


# @private false
class Message < FieldSet
class << Message
Expand Down Expand Up @@ -87,7 +86,7 @@ def dump_flags

def serialize
deflag
super + security_buffers.map{|n, f| f.value}.join
super + security_buffers.map{|n, f| f.value + (has_flag?(:UNICODE) ? "\x00".b * (f.value.length % 2) : '')}.join
end

def encode64
Expand Down Expand Up @@ -117,6 +116,7 @@ def deflag
security_buffers.inject(head_size){|cur, a|
a[1].offset = cur
cur += a[1].data_size
has_flag?(:UNICODE) ? cur + cur % 2 : cur
}
end

Expand Down
19 changes: 19 additions & 0 deletions spec/lib/net/ntlm/client/session_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -65,4 +65,23 @@
end
end

context 'when authenticating anonymously' do
let(:inst) { Net::NTLM::Client::Session.new(Net::NTLM::Client.new('', ''), t2_challenge) }

describe "#authenticate!" do
it "should set the response fields correctly" do
t3 = inst.authenticate!
expect(t3).to be_a(Net::NTLM::Message::Type3)
expect(t3.lm_response).to eq("\x00".b)
expect(t3.ntlm_response).to eq('')
end
end

describe "#is_anonymous?" do
it "should be true" do
expect(inst.is_anonymous?).to be_truthy
end
end
end

end
21 changes: 21 additions & 0 deletions spec/lib/net/ntlm/message/type3_spec.rb
Original file line number Diff line number Diff line change
Expand Up @@ -222,4 +222,25 @@

end

describe '.serialize' do
subject(:message) { described_class.create(opts) }
context 'with the UNICODE flag set' do
let(:opts) { {lm_response: "\x00".b, ntlm_response: '', domain: '', workstation: '', user: '', flag: Net::NTLM::DEFAULT_FLAGS[:TYPE3] | Net::NTLM::FLAGS[:UNICODE] } }

it 'should pad the domain field to a multiple of 2' do
message.serialize
expect(message[:domain][:offset].value % 2).to eq 0
end

it 'should pad the user field to a multiple of 2' do
message.serialize
expect(message[:user][:offset].value % 2).to eq 0
end

it 'should pad the workstation field to a multiple of 2' do
message.serialize
expect(message[:workstation][:offset].value % 2).to eq 0
end
end
end
end

0 comments on commit cd73ea7

Please sign in to comment.